mikas blog

Alright, Debian GNU/Linux 5.0 AKA as Lenny has been released. Time for a Debian unstable unfreeze party! 8-)

What does the new stable release bring for system administrators? I’ll give an overview what news you might expect when upgrading from Debian GNU/Linux 4.0, codename Etch (released on 8th April 2007) to the current version Debian GNU/Linux 5.0, codename Lenny (released on 14th February 2009). I try to avoid duplicated information so make sure to read the release announcement and the official release notes for Lenny beforehand.

Noteworthy Changes

• initrd-tools got replaced by initramfs-tools
• netkit-inetd got replaced by openbsd-inetd
• the default syslog daemon sysklogd got replaced by rsyslog
• new defaults when creating ext2/ext3 file systems: dir_index and resize_inode feature enabled by default and use blocksize = 4096, inode_size = 256 and inode_ratio = 16384 (see /etc/mke2fs.conf)
• improved IPv6 support
• init.d-scripts for dependency-based init systems
• Debian-Volatile (hosting packages providing data that needs to be regularly updated over time, such as timezones definitions, anti-virus signature files,…) is an official service
• EVMS (Enterprise Volume Management System) was removed
• compatibility with the FHS v2.3
• software developed for version 3.2 of the LSB
• official Debian Lenny live systems for the amd64 and i386 architectures
• several new d-i features

Virtualisation

• kvm: works out-of-the-box with Lenny
• OpenVZ: deploying OpenVZ systems works out-of-the-box now thanks to new OpenVZ kernel image flavors (no need for any further, external repositories)
• vserver: the according kernel images are available
• Xen: works (dom0 as well as domU support), see Xen @ Debian-Wiki

Virtualisation related new tools:

• ganeti: Cluster-based virtualization management software
• libvirt-bin: Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The library aims at providing a long term stable C API for different virtualization mechanisms.
• virtinst: Programs to create and clone virtual machines
• virt-manager: desktop application for managing virtual machines
• xen-shell: Console based Xen administration utility
• xenstore-utils: Xenstore utilities for Xen
• xenwatch: Virtualization utilities, mostly for Xen

Desktop oriented packages like virtualbox and qemu are available as well of course.

Noteworthy Updates

This is a (selective) list of some noteworthy updates:

• apache2: upgrade from 2.2.3-4+etch6 to 2.2.9-10+lenny2
• apt: upgrade from version 0.6.46.4-0.1 to 0.7.20.1, bringing ‘apt-get autoremove’
• aptitude: upgrade from version 0.4.4-4 to 0.4.11.11-1~lenny1, bringing ‘aptitude safe-upgrade’ which replaces ‘aptitude upgrade’ and ‘aptitude full-upgrade’ replacing ‘aptitude dist-upgrade’
• bash: upgrade from 3.1dfsg-8 to 3.2-4
• bind: upgrade from 1:8.4.7-1 / 1:9.3.4-2etch4 to 1:9.5.0.dfsg.P2-5.1
• cfengine: upgrade from 2.1.20-1 to 2.2.8-1
• courier: upgrade from 0.53.3-5 to 0.60.0-2
• dpkg: upgrade from 1.13.26 to 1.14.24, bringing dpkg triggers
• drbd: upgrade from 0.7.21-4 to 2:8.0.14-2
• dstat: upgrade from 0.6.3-2 to 0.6.7-1, the new version for example provides the topcpu and topmem modules so you can run ‘dstat -c -M topcpu -dng -M topmem’ to identify cpu and memory intensive jobs
• fai: upgrade from 3.1.8 to version 3.2.16, see NEWS
• gcc/g++: upgrade from 4:4.1.1-15 to 4.3.2-1.1
• git: upgrade from 1:1.4.4.4-4+etch1 to 1:1.5.6.5-2
• initramfs-tools: upgrade from 0.85i to 0.92o, see new Lenny features
• iproute: upgrade from 20061002-3 to 20080725-2
• iptables: upgrade from 1.3.6.0debian1-5 to 1.4.2-5
• gnu libc: upgrade from 2.3.6.ds1-13etch9+b1 to 2.7-18
• lighttpd: upgrade from 1.4.13-4etch11 to 1.4.19-5
• linux-kernel: upgrade from kernel 2.6.18 to 2.6.26, see wiki.debian.org/KernelFAQ#new-features-in-lenny
• lvm2: upgrade from 2.02.06-4etch1 to 2.02.39-6
• mdadm: upgrade from 2.5.6-9 to 2.6.7.1-1, see README.upgrading-2.5.3
• mercurial: upgrade from 0.9.1-1+etch1 to 1.0.1-5.1
• mount: upgrade from 2.12r-19etch1 to 2.13.1.1-1, bringing read-only binds, –make-shared, –make-slave, –make-private, –make-unbindable
• mysql: upgrade from 5.0.32-7etch8 to 5.0.51a-23
• nagios: upgrade from 2.6-2+etch1 to 3.0.6-3, see Upgrading From Nagios 2.x and What’s New in Nagios 3 for details
• openldap: upgrade from 2.3.30-5+etch2 to 2.4.11-1
• openssh: upgrade from 1:4.3p2-9etch3 to 1:5.1p1-5
• postgresql: upgrade from 7.5.22 / 8.1.15-0etch1 to 8.3.5-1
• perl: upgrade from 5.8.8-7etch6 to 5.10.0-19
• php: upgrade from 5.2.0-8+etch13 to 5.2.6.dfsg.1-1+lenny2
• postfix: upgrade from 2.3.8-2+etch1 to 2.5.5-1.1
• puppet: upgrade from 0.20.1-1 to 0.24.5-3
• python: upgrade from 2.4.4-2 to 2.5.2-3
• ruby: upgrade from 1.8.5-4etch4 to 1.8.7.72-3
• samba: upgrade from 3.0.24-6etch10 to 2:3.2.5-4
• subversion: upgrade from 1.4.2dfsg1-2 to 1.5.1dfsg1-2
• tcl/tk: upgrade from 8.4.12-1etch2 to 8.5.3-4
• utilx-linux: upgrade from 2.12r-19etch1 to 2.13.1.1-1, brings new utilities like:
  • chrt: manipulate real-time attributes of a process
  • ionice: get/set program io scheduling class and priority
  • rename.ul: rename the specified files by replacing the first occurrence of from in their name by to
  • taskset: retrieve or set a process’s CPU affinity
• zsh: upgrade from 4.3.2-25 to 4.3.6-6

New packages

Lenny ships over 7000 new packages. Lists of new/removed/replaced packages are available online. I’ll name 238 sysadmin related packages that might be worth a look. (Note: I don’t list addon stuff like optional server-modules, docs-only and kernel-source related packages. I plan to present some of the following packages in more detail in separate blog entries.)

• ack-grep: A grep-like program specifically for large source trees
• acpitail: Show ACPI information in a tail-like style
• adns-tools: Asynchronous-capable DNS client library and utilities
• aggregate: ipv4 cidr prefix aggregator
• aosd-cat: an on screen display tool which uses libaosd
• apt-cacher-ng: Caching proxy for distribution of software packages
• apt-cross: retrieve, build and install libraries for cross-compiling
• aptfs: FUSE filesystem for APT source repositories
• apt-p2p: apt helper for peer-to-peer downloads of Debian packages
• apt-transport-https: APT https transport, use ‘deb https://foo distro main’ lines in the sources.list
• arp-scan: arp scanning and fingerprinting tool
• array-info: command line tool reporting RAID status for several RAID types
• balance: Load balancing solution and generic tcp proxy
• bash-completion: programmable completion for the bash shell
• blktrace: utilities for block layer IO tracing
• daemonlogger: simple network packet logger and soft tap daemon
• daemontools: a collection of tools for managing UNIX services
• dbndns: Debian fork of djbdns, a collection of Domain Name System tools
• dcfldd: enhanced version of dd for forensics and security
• dctrl2xml: Debian control data to XML converter
• debomatic: automatic build machine for Debian source packages
• desproxy: tunnel TCP traffic through a HTTP proxy
• detox: utility to replace problematic characters in filenames
• di-netboot-assistant: Debian-Installer netboot assistant
• dish: the diligence/distributed shell for parallel sysadmin
• djbdns: a collection of Domain Name System tools
• dns2tcp: TCP over DNS tunnel client and server
• dnscache-run: djbdns dnscache service
• dnshistory: Translating and storing of IP addresses from log files
• dnsproxy: proxy for DNS queries
• dsyslog: advanced modular syslog daemon
• etckeeper: store /etc in git, mercurial, or bzr
• ext3grep: Tool to help recover deleted files on ext3 filesystems
• fair: high availability load balancer for TCP connections
• fatresize: FAT16/FAT32 filesystem resizer
• flog: dump STDIN to file and reopen on SIGHUP
• freeradius-utils: FreeRadius client utilities
• ganeti: Cluster-based virtualization management software
• gfs2-tools: Red Hat cluster suite – global file system 2 tools
• gitosis: git repository hosting application
• gptsync: GPT and MBR partition tables synchronisation tool
• grokevt: scripts for reading Microsoft Windows event log files
• grub2: GRand Unified Bootloader, version 2
• gt5: shell program to display visual disk usage with navigation
• haproxy: fast and reliable load balancing reverse proxy
• havp: HTTP Anti Virus Proxy
• heirloom-mailx: feature-rich BSD mail(1)
• hfsprogs: mkfs and fsck for HFS and HFS+ file systems
• hinfo: Check address ownership and DNSBL listings for spam reporting
• hlbr: IPS that runs over layer 2 (no TCP/IP stack required)
• hobbit: monitoring system for systems, networks and applications – server
• hotwire: Extensible graphical command execution shell
• hunchentoot: the Common Lisp web server formerly known as TBNL
• ifupdown-extra: Network scripts for ifupdown
• ike: Shrew Soft VPN client – Daemon and libraries
• incron: cron-like daemon which handles filesystem events
• inoticoming: trigger actions when files hit an incoming directory
• iodine: tool for tunneling IPv4 data through a DNS server
• iotop: simple top-like I/O monitor
• ipplan: web-based IP address manager and tracker
• ips: Intelligent process status
• iscsitarget: iSCSI Enterprise Target userland tools
• isns: Internet Storage Naming Service
• itop: simple top-like interrupt load monitor
• iwatch: realtime filesystem monitoring program using inotify
• jetring: gpg keyring mantainance using changesets
• john: active password cracking tool
• kanif: cluster management and administration swiss army knife
• keepassx: Cross Platform Password Manager
• keysafe: A safe to put your passwords in
• killer: Background job killer
• kpartx: create device mappings for partitions
• kvm: Full virtualization on x86 hardware
• latencytop: A tool for developers to visualize system latencies
• lbcd: Return system load via UDP for remote load balancers
• ldb-tools: LDAP-like embedded database – tools
• ldnsutils: ldns library for DNS programming
• lfhex: large file hex editor
• live-helper: Debian Live build scripts
• live-magic: GUI frontend to create Debian LiveCDs, netboot images, etc.
• logapp: supervise execution of applications producing heavy output
• lsat: Security auditor tool
• lustre-utils: Userspace utilities for the Lustre filesystem
• lwat: LDAP Web-based Administration Tool
• maatkit: Command-line utilities for MySQL
• mantis: web-based bug tracking system
• memdump: memory dumper
• memlockd: daemon to lock files into RAM
• metainit: Generates init scripts
• mirmon: monitor the state of mirrors
• mkelfimage: utility to create ELF boot images from Linux kernel images
• mongrel: A small fast HTTP library and server for Ruby
• monkey: fast, efficient, small and easy to configure web server
• monkeytail: tail variant designed for web developers monitoring logfiles
• mpy-svn-stats: Simple and easy to use svn statistics generator
• mr: a Multiple Repository management tool
• msr-tools: Utilities for modifying MSRs from userspace
• mtd-utils: Memory Technology Device Utilities
• munge: authentication service to create and validate credentials
• mxallowd: Anti-Spam-Daemon using nolisting/iptables
• mylvmbackup: quickly creating backups of MySQL server’s data files
• myrescue: rescue data from damaged harddisks
• mysql-proxy: high availability, load balancing and query modification for mysql
• mysqltuner: high-performance MySQL tuning script
• nagvis: Visualization addon for Nagios
• ncdu: ncurses disk usage viewer
• netrw: netcat like tool with nice features to transport files over network
• netsend: a speedy filetransfer and network diagnostic program
• network-config: Simple network configuration tool
• nfdump: netflow capture daemon
• ngetty: getty replacement – one single daemon for all consoles
• nilfs2-tools: Continuous Snapshotting Log-structured Filesystem
• ninja: Privilege escalation detection system for GNU\Linux
• noip2: client for dynamic DNS service
• nsd3: authoritative domain name server (3.x series)
• ntfs-3g: read-write NTFS driver for FUSE
• nulog: Graphical firewall log analysis interface
• nuttcp: network performance measurement tool
• ocsinventory-server: Hardware and software inventory tool (Communication Server)
• odt2txt: simple converter from OpenDocument Text to plain text
• olsrd: optimized link-state routing daemon (unik-olsrd)
• onesixtyone: fast and simple SNMP scanner
• openais: Standards-based cluster framework (daemon and modules)
• opencryptoki: PKCS#11 implementation for Linux (daemon)
• openvas-client: Remote network security auditor, the client
• ophcrack: Microsoft Windows password cracker using rainbow tables
• op: sudo like controlled privilege escalation
• otpw-bin: OTPW programs for generating OTPW lists
• packeth: Ethernet packet generator
• paperkey: extract just the secret information out ouf OpenPGP secret key
• paris-traceroute: New version of well known tool traceroute
• password-gorilla: a cross-platform password manager
• pathfinderd: Daemon for X.509 Path Discovery and Validation
• pathfinder-utils: Utilities to use with the Pathfinder Daemon
• pcaputils: specialized libpcap utilities
• pcp: System level performance monitoring and performance management
• perlconsole: small program that lets you evaluate Perl code interactively
• pgloader: loads flat data files into PostgreSQL
• pgpool2: connection pool server and replication proxy for PostgreSQL
• pgsnap: PostgreSQL report tool
• pmailq: postfix mail queue manager
• pnputils: Plug and Play BIOS utilities
• policykit: framework for managing administrative policies and privileges
• postfwd: Postfix policyd to combine complex restrictions in a ruleset
• postpone: schedules commands to be executed later
• powertop: Linux tool to find out what is using power on a laptop
• prayer: standalone IMAP-based webmail server
• prelude-correlator: Hybrid Intrusion Detection System [ Correlator ]
• privbind: Allow unprivileged apps to bind to a privileged port
• pssh: Parallel versions of SSH-based tools
• ptop: PostgreSQL performance monitoring tool akin to top
• pyftpd: ftp daemon with advanced features
• rancid-core: rancid — Really Awesome New Cisco confIg Differ
• rancid-util: Utilities for rancid
• rdnssd: IPv6 recursive DNS server discovery daemon
• rdup: utility to create a file list suitable for making backups
• reglookup: utility to read and query Windows NT/2000/XP registry
• rgmanager: Red Hat cluster suite – clustered resource group manager
• rinse: RPM installation environment
• rofs: Read-Only Filesystem for FUSE
• rsyslog: enhanced multi-threaded syslogd
• safe-rm: wrapper around the rm command to prevent accidental deletions
• samba-tools: tools provided by the Samba suite
• samdump2: Dump Windows 2k/NT/XP password hashes
• scalpel: A Frugal, High Performance File Carver
• scamper: advanced traceroute and network measurement utility
• scanmem: Locate and modify a variable in a running process
• schedtool: Queries/alters process’ scheduling policy and CPU affinity
• screenie: a small and lightweight GNU screen(1) wrapper
• scrounge-ntfs: Data recovery program for NTFS filesystems
• ser: Sip Express Router, very fast and configurable SIP proxy
• serverstats: a simple tool for creating graphs using rrdtool
• shutdown-at-night: System to shut down clients at night, and wake them in the morning
• sipcrack: SIP login dumper/cracker
• sks: Synchronizing OpenPGP Key Server
• slack: configuration management program for lazy admin
• sma: Sendmail log analyser
• smbind: PHP-based tool for managing DNS zones for BIND
• smbnetfs: User-space filesystem for SMB/NMB (Windows) network servers and shares
• softflowd: Flow-based network traffic analyser
• speedometer: measure and display the rate of data across a network connection
• spf-milter-python: RFC 4408 compliant Python SPF Milter for Sendmail and Postfix
• spf-tools-perl: SPF tools (spfquery, spfd) based on the Mail::SPF Perl module
• spf-tools-python: sender policy framework (SPF) tools for Python
• sqlgrey: Postfix Greylisting Policy Server
• ssdeep: Recursive piecewise hashing tool
• sshfp: DNS SSHFP records generator
• sshm: A command-line tool to manage your ssh servers
• sshproxy: ssh gateway to apply ACLs on ssh connections
• sslscan: Fast SSL scanner
• strace64: A system call tracer for 64bit binaries
• sucrack: multithreaded su bruteforcer
• supercat: program that colorizes text for terminals and HTML
• superiotool: Super I/O detection tool
• system-config-lvm: A utility for graphically configuring Logical Volumes
• system-config-printer: graphical interface to configure the printing system
• tack: terminfo action checker
• taktuk: efficient, large scale, parallel remote execution of commands
• tcpwatch-httpproxy: TCP monitoring and logging tool with support for HTTP 1.1
• terminator: Multiple GNOME terminals in one window
• timelimit: Simple utility to limit a process’s absolute execution time
• tipcutils: TIPC utilities
• tor: anonymizing overlay network for TCP
• tpm-tools: Management tools for the TPM hardware (tools)
• tracker-utils: metadata database, indexer and search tool – commandline tools
• tumgreyspf: external policy checker for the postfix mail server
• ucspi-tcp: command-line tools for building TCP client-server applications
• unbound: validating, recursive, caching DNS resolver
• unhide: Forensic tool to find hidden processes and ports
• uniutils: Tools for finding out what is in a Unicode file
• unsort: reorders lines in a file in semirandom ways
• uphpmvault: upload recovery images to HP MediaVault2 via Ethernet
• usermode: Graphical tools for certain user account management tasks
• utf8-migration-tool: Debian UTF-8 migration wizard
• uuid-runtime: universally unique id library
• vblade-persist: create/manage supervised AoE exports
• vde2: Virtual Distributed Ethernet
• vdmfec: recover lost blocks using Forward Error Correction
• virtinst: Programs to create and clone virtual machines
• virt-manager: desktop application for managing virtual machines
• virtualbox-ose: x86 virtualization solution – binaries
• virt-viewer: Displaying the graphical console of a virtual machine
• watchupstream: Look for newer upstream releases
• whirlpool: Implementation of the whirlpool hash algorithm
• win32-loader: Debian-Installer loader for win32
• xavante: Lua HTTP 1.1 Web server
• xdelta3: A diff utility which works with binary files
• xen-shell: Console based Xen administration utility
• xenstore-utils: Xenstore utilities for Xen
• xenwatch: Virtualization utilities, mostly for Xen
• xfingerd: BSD-like finger daemon with qmail support
• xl2tpd: a layer 2 tunneling protocol implementation
• xrdp: Remote Desktop Protocol (RDP) server
• yersinia: Network vulnerabilities check software
• zerofree: zero free blocks from ext2/3 file-systems
• zipcmp: compare contents of zip archives
• zipmerge: merge zip archives
• ziproxy: compressing HTTP proxy server

Further Ressources

• Debian GNU/Linux 5.0 released – Release Announcement
• Debian GNU/Linux 5.0 – Release Notes
• Etch2Lenny Upgrade @ Debian-Wiki
• New in Lenny @ Debian-Wiki

This entry was posted by mika on Sunday, February 15th, 2009 at 18:26 and is filed under Computer, Debian, English. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.