A Better Software Management System
Speaking more broadly, sites upgrading to SLES 11 from SLES 10 should be pleasantly surprised at the software management system that graces the new version--it performs much better than the framework that shipped with Version 10. The newer system is still based on RPM, but now includes the back-end tool zypper, which, across a few years of OpenSUSE releases, had the opportunity to mature into a very effective software management tool. (See my recent OpenSUSE 11.1 review here.) Another system management feature that caught my eye during my tests of SLES 11 was the system's PolicyKit system rights management framework, which restricts various activities on SLES 11, including mounting and unmounting removable media, as well as restarting the system. When running SLES 11 in graphical mode as a limited rights user, PolicyKit prompted me for an administrative password before carrying out these operations. Alternatively, I could dole out rights to myself or another user from a PolicyKit configuration tool.SLES 11 is available in versions for the x86, x86_64, Itanium and IBM PowerPC and zSeries processor architectures. I tested the 32-bit version of SLES from a virtual machine with 1GB of RAM hosted by Sun's VirtualBox desktop virtualization application. I tested the x86_64 version of SLES 11 on a dual-core AMD Athlon64 server with 4GB of RAM, as well as on a paravirtualized virtual machine hosted under SLES 11's Xen hypervisor. SLES 11 is sold by subscription, with pricing that differs based on support level and processor architecture. For x86 and x86_64 architectures, subscriptions range from basic plans that include 30 days of telephone and e-mail-based support and cost $349 per system to priority subscriptions that cost $1,499 per system and include 24/7 telephone and e-mail support over the full support term. All subscriptions include access to product updates and allow for an unlimited number of hosted virtual machines. For more on SLES 11 pricing, see www.novell.com/products/server/howtobuy.html.
Novell's use of PolicyKit is a step in the right direction, but I'd like to see the framework extended to cover the operations included in SUSE's suite of system management tools, Yast. For now, Yast modules prompt for a password but lack the rights management controls that PolicyKit makes available.