1Updating Information for FreeBSD stable/11 users. 2 3This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>. 4See end of file for further details. For commonly done items, please see the 5COMMON ITEMS: section later in the file. These instructions assume that you 6basically know what you are doing. If not, then please consult the FreeBSD 7handbook: 8 9 https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html 10 11Items affecting the ports and packages system can be found in 12/usr/ports/UPDATING. Please read that file before running portupgrade. 13 14NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping 15from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to 16the tip of head, and then rebuild without this option. The bootstrap process 17from older version of current across the gcc/clang cutover is a bit fragile. 18 1920200912: 20 The make.conf(5) MALLOC_PRODUCTION variable, used for disabling and 21 enabling assertions and statistics gathering in malloc(3), has been 22 migrated to a src.conf(5) WITH/WITHOUT_MALLOC_PRODUCTION option. 23 24 On stable branches, WITH_MALLOC_PRODUCTION is set by default, which 25 means that malloc(3) has assertions and statistics gathering disabled, 26 for improved performance. 27 28 For backwards compatibility, the make.conf(5) MALLOC_PRODUCTION is still 29 honored, but it is now deprecated and undocumented. 30 3120200723: 32 Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have 33 been upgraded to 10.0.1. Please see the 20141231 entry below for 34 information about prerequisites and upgrading, if you are not already 35 using clang 3.5.0 or higher. 36 3720200507: 38 Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have 39 been upgraded to 10.0.0. Please see the 20141231 entry below for 40 information about prerequisites and upgrading, if you are not already 41 using clang 3.5.0 or higher. 42 4320200430: 44 The root certificates of the Mozilla CA Certificate Store have been 45 imported into the base system and can be managed with the certctl(8) 46 utility. If you have installed the security/ca_root_nss port or package 47 with the ETCSYMLINK option (the default), be advised that there may be 48 differences between those included in the port and those included in 49 base due to differences in nss branch used as well as general update 50 frequency. Note also that certctl(8) cannot manage certs in the 51 format used by the security/ca_root_nss port. 52 5320190913: 54 ntpd no longer by default locks its pages in memory, allowing them 55 to be paged out by the kernel. Use rlimit memlock to restore 56 historic BSD behaviour. For example, add "rlimit memlock 32" 57 to ntp.conf to lock up to 32 MB of ntpd address space in memory. 58 5920190723: 60 Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have 61 been upgraded to 8.0.1. Please see the 20141231 entry below for 62 information about prerequisites and upgrading, if you are not already 63 using clang 3.5.0 or higher. 64 6520190426: 66 CARP now sets DSCP value CS7(Network Traffic) in the flowlabel field 67 of packets by default instead of only setting TOS_LOWDELAY in IPv4, 68 which was deprecated in 1998. Original behavior can be restored by 69 setting sysctl net.inet.carp.dscp=4. 70 7120190416: 72 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to 73 8.0.0. Please see the 20141231 entry below for information about 74 prerequisites and upgrading, if you are not already using clang 3.5.0 75 or higher. 76 7720190226: 78 geom_uzip(4) depends on the new module xz. If geom_uzip is statically 79 compiled into your custom kernel, add 'device xz' statement to the 80 kernel config. 81 8220190220: 83 Co-existance for Forth and Lua interpreters in bootloaders has now been 84 merged to ease testing of lualoader. LOADER_DEFAULT_INTERP, documented 85 in build(7), may be used to control which interpreter flavor is used in 86 the default loader to be installed. For systems where Lua and Forth 87 coexist, this switch can also be made on a running system by creating a 88 link from /boot/loader{,.efi} to /boot/loader_${flavor}{,.efi} rather 89 than requiring a rebuild. 90 91 The default flavor in this branch will remain Forth. As indicated in 92 the 20190216 UPDATING entry, booting is a complex environment; it would 93 be prudent to assume that lualoader may not work for your setup and make 94 provisions for backup boot methods. 95 9620190220: 97 zfsloader's functionality has now been folded into loader. 98 zfsloader is no longer necesasary once you've updated your 99 boot blocks. For a transition period, we will install a 100 hardlink for zfsloader to loader to allow a smooth transition 101 until the boot blocks can be updated (hard link because old 102 zfs boot blocks don't understand symlinks). 103 10420190216: 105 Lualoader has been merged to facilitate testing on this branch. It's 106 purely opt-in for now by building WITH_LOADER_LUA and WITHOUT_FORTH in 107 /etc/src.conf, but co-existance will come shortly. Booting is a complex 108 environment and test coverage for Lua-enabled loaders has been thin, so 109 it would be prudent to assume it might not work and make provisions for 110 backup boot methods. 111 11220190216: 113 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to 114 7.0.1. Please see the 20141231 entry below for information about 115 prerequisites and upgrading, if you are not already using clang 3.5.0 116 or higher. 117 11820181228: 119 r342562 modifies the NFSv4 server so that it obeys vfs.nfsd.nfs_privport 120 in the same as it is applied to NFSv2 and 3. This implies that NFSv4 121 servers that have vfs.nfsd.nfs_privport set will only allow mounts 122 from clients using a reserved port#. Since both the FreeBSD and Linux 123 NFSv4 clients use reserved port#s by default, this should not affect 124 most NFSv4 mounts. 125 12620181107: 127 The '%I' format in the kern.corefile sysctl limits the number of 128 core files that a process can generate to the number stored in the 129 debug.ncores sysctl. The '%I' format is replaced by the single digit 130 index. Previously, if all indexes were taken the kernel would overwrite 131 only a core file with the highest index in a filename. 132 Currently the system will create a new core file if there is a free 133 index or if all slots are taken it will overwrite the oldest one. 134 13520180818: 136 WITH_OFED option now only enables the build for the OFED libraries 137 and some fundamental client utilities. OpenSM and rest of the 138 debugging tools are enabled by WITH_OFED_EXTRA build switch. 139 WITH_OFED is turned on by default on amd64. 140 14120180714: 142 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to 143 6.0.1. Please see the 20141231 entry below for information about 144 prerequisites and upgrading, if you are not already using clang 3.5.0 145 or higher. 146 14720180601: 148 The releng/11.2 branch has been created from stable/11@r334458. 149 15020180504: 151 The tz database (tzdb) has been updated to 2018e. This version more 152 correctly models time stamps in time zones with negative DST such as 153 Europe/Dublin (from 1971 on), Europe/Prague (1946/7), and 154 Africa/Windhoek (1994/2017). This does not affect the UT offsets, only 155 time zone abbreviations and the tm_isdst flag. 156 15720180409: 158 The use of RSS hash from the network card aka flowid has been 159 disabled by default for lagg(4) as it's currently incompatible with 160 the lacp and loadbalance protocols. 161 162 This can be re-enabled by setting the following in loader.conf: 163 net.link.lagg.default_use_flowid="1" 164 16520180331: 166 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to 167 6.0.0. Please see the 20141231 entry below for information about 168 prerequisites and upgrading, if you are not already using clang 3.5.0 169 or higher. 170 17120180211: 172 The LOADER_FIREWIRE_SUPPORT build variable as been renamed to 173 WITH/OUT_LOADER_FIREWIRE. LOADER_{NO_,}GELI_SUPPORT has been renamed 174 to WITH/OUT_LOADER_GELI. 175 17620180210: 177 The geli password typed at boot is now hidden. To restore the previous 178 behavior, see geli(8) for configuration options. 179 180 The SW_WATCHDOG option is no longer necessary to enable the 181 hardclock-based software watchdog if no hardware watchdog is 182 configured. As before, SW_WATCHDOG will cause the software 183 watchdog to be enabled even if a hardware watchdog is configured. 184 18520180108: 186 lint(1) binaries and library are no longer built by default. To 187 enable building them, define WITH_LINT in src.conf. If you are using 188 a FreeBSD 12 or later system to build 11-stable, you may need to 189 install a lint(1) binary to use WITH_LINT. 190 19120171003: 192 When building multiple kernels using KERNCONF, non-existent KERNCONF 193 files will produce an error and buildkernel will fail. Previously 194 missing KERNCONF files silently failed giving no indication as to 195 why, only to subsequently discover during installkernel that the 196 desired kernel was never built in the first place. 197 19820170926: 199 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 5.0.0. 200 Please see the 20141231 entry below for information about prerequisites 201 and upgrading, if you are not already using clang 3.5.0 or higher. 202 20320170822: 204 Since the switch to GPT disk labels, fsck for UFS/FFS has been 205 unable to automatically find alternate superblocks. As of r322806, 206 the information needed to find alternate superblocks has been 207 moved to the end of the area reserved for the boot block. 208 Filesystems created with a newfs of this vintage or later 209 will create the recovery information. If you have a filesystem 210 created prior to this change and wish to have a recovery block 211 created for your filesystem, you can do so by running fsck in 212 forground mode (i.e., do not use the -p or -y options). As it 213 starts, fsck will ask ``SAVE DATA TO FIND ALTERNATE SUPERBLOCKS'' 214 to which you should answer yes. 215 21620170629: 217 The releng/11.1 branch has been created from stable/11@r320475. 218 21920170518: 220 arm64 builds now use the base system LLD 4.0.0 linker by default, 221 instead of requiring that the aarch64-binutils port or package be 222 installed. To continue using aarch64-binutils, set 223 CROSS_BINUTILS_PREFIX=/usr/local/aarch64-freebsd/bin . 224 22520170529: 226 The ctl.ko module no longer implements the iSCSI target frontend: 227 cfiscsi.ko does instead. 228 229 If building cfiscsi.ko as a kernel module, the module can be loaded 230 via one of the following methods: 231 - `cfiscsi_load="YES"` in loader.conf(5). 232 - Add `cfiscsi` to `$kld_list` in rc.conf(5). 233 - ctladm(8)/ctld(8), when compiled with iSCSI support 234 (`WITH_ISCSI=yes` in src.conf(5)) 235 236 Please see cfiscsi(4) for more details. 237 23820170511: 239 The mmcsd.ko module now additionally depends on geom_flashmap.ko. 240 Also, mmc.ko and mmcsd.ko need to be a matching pair built from the 241 same source (previously, the dependency of mmcsd.ko on mmc.ko was 242 missing, but mmcsd.ko now will refuse to load if it is incompatible 243 with mmc.ko). 244 24520170414: 246 Binds and sends to the loopback addresses, IPv6 and IPv4, will now 247 use any explicitly assigned loopback address available in the jail 248 instead of using the first assigned address of the jail. 249 25020170413: 251 As of r316810 for ipfilter, keep frags is no longer assumed when 252 keep state is specified in a rule. r316810 aligns ipfilter with 253 documentation in man pages separating keep frags from keep state. 254 This allows keep state to specified without forcing keep frags 255 and allows keep frags to be specified independently of keep state. 256 To maintain previous behaviour, also specify keep frags with 257 keep state (as documented in ipf.conf.5). 258 25920170402: 260 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 4.0.0. 261 Please see the 20141231 entry below for information about prerequisites 262 and upgrading, if you are not already using clang 3.5.0 or higher. 263 26420170323: 265 The code that provides support for ZFS .zfs/ directory functionality 266 has been reimplemented. It's not possible now to create a snapshot 267 by mkdir under .zfs/snapshot/. That should be the only user visible 268 change. 269 27020170319: 271 Many changes in the IPsec code have been merged from the FreeBSD-CURRENT 272 branch. The IPSEC_FILTERTUNNEL kernel option is removed in favour of 273 corresponding sysctl. The IPSEC_NAT_T kernel option is also removed, 274 and now NAT-T is supported by default. Security associations now use 275 the single namespace for SPI allocation, so if you use several manually 276 configured security associations with the same SPI, this configuration 277 needs modification. 278 27920161217: 280 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.1. 281 Please see the 20141231 entry below for information about prerequisites 282 and upgrading, if you are not already using clang 3.5.0 or higher. 283 28420161124: 285 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.0. 286 Please see the 20141231 entry below for information about prerequisites 287 and upgrading, if you are not already using clang 3.5.0 or higher. 288 28920161119: 290 The layout of the pmap structure has changed for powerpc to put the pmap 291 statistics at the front for all CPU variations. libkvm(3) and all tools 292 that link against it need to be recompiled. 293 29420161030: 295 isl(4) and cyapa(4) drivers now require a new driver, 296 chromebook_platform(4), to work properly on Chromebook-class hardware. 297 On other types of hardware the drivers may need to be configured using 298 device hints. Please see the corresponding manual pages for details. 299 30020161210: 301 Relocatable object files with the extension of .So have been renamed 302 to use an extension of .pico instead. The purpose of this change is 303 to avoid a name clash with shared libraries on case-insensitive file 304 systems. On those file systems, foo.So is the same file as foo.so. 305 30620160811: 307 The releng/11.0 branch has been created from stable/11@r303970. 308 30920160708: 310 The stable/11 branch has been created from head@r302406. 311 31220160622: 313 The libc stub for the pipe(2) system call has been replaced with 314 a wrapper that calls the pipe2(2) system call and the pipe(2) 315 system call is now only implemented by the kernels that include 316 "options COMPAT_FREEBSD10" in their config file (this is the 317 default). Users should ensure that this option is enabled in 318 their kernel or upgrade userspace to r302092 before upgrading their 319 kernel. 320 32120160527: 322 CAM will now strip leading spaces from SCSI disks' serial numbers. 323 This will effect users who create UFS filesystems on SCSI disks using 324 those disk's diskid device nodes. For example, if /etc/fstab 325 previously contained a line like 326 "/dev/diskid/DISK-%20%20%20%20%20%20%20ABCDEFG0123456", you should 327 change it to "/dev/diskid/DISK-ABCDEFG0123456". Users of geom 328 transforms like gmirror may also be affected. ZFS users should 329 generally be fine. 330 33120160523: 332 The bitstring(3) API has been updated with new functionality and 333 improved performance. But it is binary-incompatible with the old API. 334 Objects built with the new headers may not be linked against objects 335 built with the old headers. 336 33720160520: 338 The brk and sbrk functions have been removed from libc on arm64. 339 Binutils from ports has been updated to not link to these 340 functions and should be updated to the latest version before 341 installing a new libc. 342 34320160517: 344 The armv6 port now defaults to hard float ABI. Limited support 345 for running both hardfloat and soft float on the same system 346 is available using the libraries installed with -DWITH_LIBSOFT. 347 This has only been tested as an upgrade path for installworld 348 and packages may fail or need manual intervention to run. New 349 packages will be needed. 350 351 To update an existing self-hosted armv6hf system, you must add 352 TARGET_ARCH=armv6 on the make command line for both the build 353 and the install steps. 354 35520160510: 356 Kernel modules compiled outside of a kernel build now default to 357 installing to /boot/modules instead of /boot/kernel. Many kernel 358 modules built this way (such as those in ports) already overrode 359 KMODDIR explicitly to install into /boot/modules. However, 360 manually building and installing a module from /sys/modules will 361 now install to /boot/modules instead of /boot/kernel. 362 36320160414: 364 The CAM I/O scheduler has been committed to the kernel. There should be 365 no user visible impact. This does enable NCQ Trim on ada SSDs. While the 366 list of known rogues that claim support for this but actually corrupt 367 data is believed to be complete, be on the lookout for data 368 corruption. The known rogue list is believed to be complete: 369 370 o Crucial MX100, M550 drives with MU01 firmware. 371 o Micron M510 and M550 drives with MU01 firmware. 372 o Micron M500 prior to MU07 firmware 373 o Samsung 830, 840, and 850 all firmwares 374 o FCCT M500 all firmwares 375 376 Crucial has firmware http://www.crucial.com/usa/en/support-ssd-firmware 377 with working NCQ TRIM. For Micron branded drives, see your sales rep for 378 updated firmware. Black listed drives will work correctly because these 379 drives work correctly so long as no NCQ TRIMs are sent to them. Given 380 this list is the same as found in Linux, it's believed there are no 381 other rogues in the market place. All other models from the above 382 vendors work. 383 384 To be safe, if you are at all concerned, you can quirk each of your 385 drives to prevent NCQ from being sent by setting: 386 kern.cam.ada.X.quirks="0x2" 387 in loader.conf. If the drive requires the 4k sector quirk, set the 388 quirks entry to 0x3. 389 39020160330: 391 The FAST_DEPEND build option has been removed and its functionality is 392 now the one true way. The old mkdep(1) style of 'make depend' has 393 been removed. See 20160311 for further details. 394 39520160317: 396 Resource range types have grown from unsigned long to uintmax_t. All 397 drivers, and anything using libdevinfo, need to be recompiled. 398 39920160311: 400 WITH_FAST_DEPEND is now enabled by default for in-tree and out-of-tree 401 builds. It no longer runs mkdep(1) during 'make depend', and the 402 'make depend' stage can safely be skipped now as it is auto ran 403 when building 'make all' and will generate all SRCS and DPSRCS before 404 building anything else. Dependencies are gathered at compile time with 405 -MF flags kept in separate .depend files per object file. Users should 406 run 'make cleandepend' once if using -DNO_CLEAN to clean out older 407 stale .depend files. 408 40920160306: 410 On amd64, clang 3.8.0 can now insert sections of type AMD64_UNWIND into 411 kernel modules. Therefore, if you load any kernel modules at boot time, 412 please install the boot loaders after you install the kernel, but before 413 rebooting, e.g.: 414 415 make buildworld 416 make kernel KERNCONF=YOUR_KERNEL_HERE 417 make -C sys/boot install 418 <reboot in single user> 419 420 Then follow the usual steps, described in the General Notes section, 421 below. 422 42320160305: 424 Clang, llvm, lldb and compiler-rt have been upgraded to 3.8.0. Please 425 see the 20141231 entry below for information about prerequisites and 426 upgrading, if you are not already using clang 3.5.0 or higher. 427 42820160301: 429 The AIO subsystem is now a standard part of the kernel. The 430 VFS_AIO kernel option and aio.ko kernel module have been removed. 431 Due to stability concerns, asynchronous I/O requests are only 432 permitted on sockets and raw disks by default. To enable 433 asynchronous I/O requests on all file types, set the 434 vfs.aio.enable_unsafe sysctl to a non-zero value. 435 43620160226: 437 The ELF object manipulation tool objcopy is now provided by the 438 ELF Tool Chain project rather than by GNU binutils. It should be a 439 drop-in replacement, with the addition of arm64 support. The 440 (temporary) src.conf knob WITHOUT_ELFCOPY_AS_OBJCOPY knob may be set 441 to obtain the GNU version if necessary. 442 44320160129: 444 Building ZFS pools on top of zvols is prohibited by default. That 445 feature has never worked safely; it's always been prone to deadlocks. 446 Using a zvol as the backing store for a VM guest's virtual disk will 447 still work, even if the guest is using ZFS. Legacy behavior can be 448 restored by setting vfs.zfs.vol.recursive=1. 449 45020160119: 451 The NONE and HPN patches has been removed from OpenSSH. They are 452 still available in the security/openssh-portable port. 453 45420160113: 455 With the addition of ypldap(8), a new _ypldap user is now required 456 during installworld. "mergemaster -p" can be used to add the user 457 prior to installworld, as documented in the handbook. 458 45920151216: 460 The tftp loader (pxeboot) now uses the option root-path directive. As a 461 consequence it no longer looks for a pxeboot.4th file on the tftp 462 server. Instead it uses the regular /boot infrastructure as with the 463 other loaders. 464 46520151211: 466 The code to start recording plug and play data into the modules has 467 been committed. While the old tools will properly build a new kernel, 468 a number of warnings about "unknown metadata record 4" will be produced 469 for an older kldxref. To avoid such warnings, make sure to rebuild 470 the kernel toolchain (or world). Make sure that you have r292078 or 471 later when trying to build 292077 or later before rebuilding. 472 47320151207: 474 Debug data files are now built by default with 'make buildworld' and 475 installed with 'make installworld'. This facilitates debugging but 476 requires more disk space both during the build and for the installed 477 world. Debug files may be disabled by setting WITHOUT_DEBUG_FILES=yes 478 in src.conf(5). 479 48020151130: 481 r291527 changed the internal interface between the nfsd.ko and 482 nfscommon.ko modules. As such, they must both be upgraded to-gether. 483 __FreeBSD_version has been bumped because of this. 484 48520151108: 486 Add support for unicode collation strings leads to a change of 487 order of files listed by ls(1) for example. To get back to the old 488 behaviour, set LC_COLLATE environment variable to "C". 489 490 Databases administrators will need to reindex their databases given 491 collation results will be different. 492 493 Due to a bug in install(1) it is recommended to remove the ancient 494 locales before running make installworld. 495 496 rm -rf /usr/share/locale/* 497 49820151030: 499 The OpenSSL has been upgraded to 1.0.2d. Any binaries requiring 500 libcrypto.so.7 or libssl.so.7 must be recompiled. 501 50220151020: 503 Qlogic 24xx/25xx firmware images were updated from 5.5.0 to 7.3.0. 504 Kernel modules isp_2400_multi and isp_2500_multi were removed and 505 should be replaced with isp_2400 and isp_2500 modules respectively. 506 50720151017: 508 The build previously allowed using 'make -n' to not recurse into 509 sub-directories while showing what commands would be executed, and 510 'make -n -n' to recursively show commands. Now 'make -n' will recurse 511 and 'make -N' will not. 512 51320151012: 514 If you specify SENDMAIL_MC or SENDMAIL_CF in make.conf, mergemaster 515 and etcupdate will now use this file. A custom sendmail.cf is now 516 updated via this mechanism rather than via installworld. If you had 517 excluded sendmail.cf in mergemaster.rc or etcupdate.conf, you may 518 want to remove the exclusion or change it to "always install". 519 /etc/mail/sendmail.cf is now managed the same way regardless of 520 whether SENDMAIL_MC/SENDMAIL_CF is used. If you are not using 521 SENDMAIL_MC/SENDMAIL_CF there should be no change in behavior. 522 52320151011: 524 Compatibility shims for legacy ATA device names have been removed. 525 It includes ATA_STATIC_ID kernel option, kern.cam.ada.legacy_aliases 526 and kern.geom.raid.legacy_aliases loader tunables, kern.devalias.* 527 environment variables, /dev/ad* and /dev/ar* symbolic links. 528 52920151006: 530 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.7.0. 531 Please see the 20141231 entry below for information about prerequisites 532 and upgrading, if you are not already using clang 3.5.0 or higher. 533 53420150924: 535 Kernel debug files have been moved to /usr/lib/debug/boot/kernel/, 536 and renamed from .symbols to .debug. This reduces the size requirements 537 on the boot partition or file system and provides consistency with 538 userland debug files. 539 540 When using the supported kernel installation method the 541 /usr/lib/debug/boot/kernel directory will be renamed (to kernel.old) 542 as is done with /boot/kernel. 543 544 Developers wishing to maintain the historical behavior of installing 545 debug files in /boot/kernel/ can set KERN_DEBUGDIR="" in src.conf(5). 546 54720150827: 548 The wireless drivers had undergone changes that remove the 'parent 549 interface' from the ifconfig -l output. The rc.d network scripts 550 used to check presence of a parent interface in the list, so old 551 scripts would fail to start wireless networking. Thus, etcupdate(3) 552 or mergemaster(8) run is required after kernel update, to update your 553 rc.d scripts in /etc. 554 55520150827: 556 pf no longer supports 'scrub fragment crop' or 'scrub fragment drop-ovl' 557 These configurations are now automatically interpreted as 558 'scrub fragment reassemble'. 559 56020150817: 561 Kernel-loadable modules for the random(4) device are back. To use 562 them, the kernel must have 563 564 device random 565 options RANDOM_LOADABLE 566 567 kldload(8) can then be used to load random_fortuna.ko 568 or random_yarrow.ko. Please note that due to the indirect 569 function calls that the loadable modules need to provide, 570 the build-in variants will be slightly more efficient. 571 572 The random(4) kernel option RANDOM_DUMMY has been retired due to 573 unpopularity. It was not all that useful anyway. 574 57520150813: 576 The WITHOUT_ELFTOOLCHAIN_TOOLS src.conf(5) knob has been retired. 577 Control over building the ELF Tool Chain tools is now provided by 578 the WITHOUT_TOOLCHAIN knob. 579 58020150810: 581 The polarity of Pulse Per Second (PPS) capture events with the 582 uart(4) driver has been corrected. Prior to this change the PPS 583 "assert" event corresponded to the trailing edge of a positive PPS 584 pulse and the "clear" event was the leading edge of the next pulse. 585 586 As the width of a PPS pulse in a typical GPS receiver is on the 587 order of 1 millisecond, most users will not notice any significant 588 difference with this change. 589 590 Anyone who has compensated for the historical polarity reversal by 591 configuring a negative offset equal to the pulse width will need to 592 remove that workaround. 593 59420150809: 595 The default group assigned to /dev/dri entries has been changed 596 from 'wheel' to 'video' with the id of '44'. If you want to have 597 access to the dri devices please add yourself to the video group 598 with: 599 600 # pw groupmod video -m $USER 601 60220150806: 603 The menu.rc and loader.rc files will now be replaced during 604 upgrades. Please migrate local changes to menu.rc.local and 605 loader.rc.local instead. 606 60720150805: 608 GNU Binutils versions of addr2line, c++filt, nm, readelf, size, 609 strings and strip have been removed. The src.conf(5) knob 610 WITHOUT_ELFTOOLCHAIN_TOOLS no longer provides the binutils tools. 611 61220150728: 613 As ZFS requires more kernel stack pages than is the default on some 614 architectures e.g. i386, it now warns if KSTACK_PAGES is less than 615 ZFS_MIN_KSTACK_PAGES (which is 4 at the time of writing). 616 617 Please consider using 'options KSTACK_PAGES=X' where X is greater 618 than or equal to ZFS_MIN_KSTACK_PAGES i.e. 4 in such configurations. 619 62020150706: 621 sendmail has been updated to 8.15.2. Starting with FreeBSD 11.0 622 and sendmail 8.15, sendmail uses uncompressed IPv6 addresses by 623 default, i.e., they will not contain "::". For example, instead 624 of ::1, it will be 0:0:0:0:0:0:0:1. This permits a zero subnet 625 to have a more specific match, such as different map entries for 626 IPv6:0:0 vs IPv6:0. This change requires that configuration 627 data (including maps, files, classes, custom ruleset, etc.) must 628 use the same format, so make certain such configuration data is 629 upgrading. As a very simple check search for patterns like 630 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. To return to the old 631 behavior, set the m4 option confUSE_COMPRESSED_IPV6_ADDRESSES or 632 the cf option UseCompressedIPv6Addresses. 633 63420150630: 635 The default kernel entropy-processing algorithm is now 636 Fortuna, replacing Yarrow. 637 638 Assuming you have 'device random' in your kernel config 639 file, the configurations allow a kernel option to override 640 this default. You may choose *ONE* of: 641 642 options RANDOM_YARROW # Legacy /dev/random algorithm. 643 options RANDOM_DUMMY # Blocking-only driver. 644 645 If you have neither, you get Fortuna. For most people, 646 read no further, Fortuna will give a /dev/random that works 647 like it always used to, and the difference will be irrelevant. 648 649 If you remove 'device random', you get *NO* kernel-processed 650 entropy at all. This may be acceptable to folks building 651 embedded systems, but has complications. Carry on reading, 652 and it is assumed you know what you need. 653 654 *PLEASE* read random(4) and random(9) if you are in the 655 habit of tweaking kernel configs, and/or if you are a member 656 of the embedded community, wanting specific and not-usual 657 behaviour from your security subsystems. 658 659 NOTE!! If you use RANDOM_DUMMY and/or have no 'device 660 random', you will NOT have a functioning /dev/random, and 661 many cryptographic features will not work, including SSH. 662 You may also find strange behaviour from the random(3) set 663 of library functions, in particular sranddev(3), srandomdev(3) 664 and arc4random(3). The reason for this is that the KERN_ARND 665 sysctl only returns entropy if it thinks it has some to 666 share, and with RANDOM_DUMMY or no 'device random' this 667 will never happen. 668 66920150623: 670 An additional fix for the issue described in the 20150614 sendmail 671 entry below has been been committed in revision 284717. 672 67320150616: 674 FreeBSD's old make (fmake) has been removed from the system. It is 675 available as the devel/fmake port or via pkg install fmake. 676 67720150615: 678 The fix for the issue described in the 20150614 sendmail entry 679 below has been been committed in revision 284436. The work 680 around described in that entry is no longer needed unless the 681 default setting is overridden by a confDH_PARAMETERS configuration 682 setting of '5' or pointing to a 512 bit DH parameter file. 683 68420150614: 685 ALLOW_DEPRECATED_ATF_TOOLS/ATFFILE support has been removed from 686 atf.test.mk (included from bsd.test.mk). Please upgrade devel/atf 687 and devel/kyua to version 0.20+ and adjust any calling code to work 688 with Kyuafile and kyua. 689 69020150614: 691 The import of openssl to address the FreeBSD-SA-15:10.openssl 692 security advisory includes a change which rejects handshakes 693 with DH parameters below 768 bits. sendmail releases prior 694 to 8.15.2 (not yet released), defaulted to a 512 bit 695 DH parameter setting for client connections. To work around 696 this interoperability, sendmail can be configured to use a 697 2048 bit DH parameter by: 698 699 1. Edit /etc/mail/`hostname`.mc 700 2. If a setting for confDH_PARAMETERS does not exist or 701 exists and is set to a string beginning with '5', 702 replace it with '2'. 703 3. If a setting for confDH_PARAMETERS exists and is set to 704 a file path, create a new file with: 705 openssl dhparam -out /path/to/file 2048 706 4. Rebuild the .cf file: 707 cd /etc/mail/; make; make install 708 5. Restart sendmail: 709 cd /etc/mail/; make restart 710 711 A sendmail patch is coming, at which time this file will be 712 updated. 713 71420150604: 715 Generation of legacy formatted entries have been disabled by default 716 in pwd_mkdb(8), as all base system consumers of the legacy formatted 717 entries were converted to use the new format by default when the new, 718 machine independent format have been added and supported since FreeBSD 719 5.x. 720 721 Please see the pwd_mkdb(8) manual page for further details. 722 72320150525: 724 Clang and llvm have been upgraded to 3.6.1 release. Please see the 725 20141231 entry below for information about prerequisites and upgrading, 726 if you are not already using 3.5.0 or higher. 727 72820150521: 729 TI platform code switched to using vendor DTS files and this update 730 may break existing systems running on Beaglebone, Beaglebone Black, 731 and Pandaboard: 732 733 - dtb files should be regenerated/reinstalled. Filenames are the 734 same but content is different now 735 - GPIO addressing was changed, now each GPIO bank (32 pins per bank) 736 has its own /dev/gpiocX device, e.g. pin 121 on /dev/gpioc0 in old 737 addressing scheme is now pin 25 on /dev/gpioc3. 738 - Pandaboard: /etc/ttys should be updated, serial console device is 739 now /dev/ttyu2, not /dev/ttyu0 740 74120150501: 742 soelim(1) from gnu/usr.bin/groff has been replaced by usr.bin/soelim. 743 If you need the GNU extension from groff soelim(1), install groff 744 from package: pkg install groff, or via ports: textproc/groff. 745 74620150423: 747 chmod, chflags, chown and chgrp now affect symlinks in -R mode as 748 defined in symlink(7); previously symlinks were silently ignored. 749 75020150415: 751 The const qualifier has been removed from iconv(3) to comply with 752 POSIX. The ports tree is aware of this from r384038 onwards. 753 75420150416: 755 Libraries specified by LIBADD in Makefiles must have a corresponding 756 DPADD_<lib> variable to ensure correct dependencies. This is now 757 enforced in src.libnames.mk. 758 75920150324: 760 From legacy ata(4) driver was removed support for SATA controllers 761 supported by more functional drivers ahci(4), siis(4) and mvs(4). 762 Kernel modules ataahci and ataadaptec were removed completely, 763 replaced by ahci and mvs modules respectively. 764 76520150315: 766 Clang, llvm and lldb have been upgraded to 3.6.0 release. Please see 767 the 20141231 entry below for information about prerequisites and 768 upgrading, if you are not already using 3.5.0 or higher. 769 77020150307: 771 The 32-bit PowerPC kernel has been changed to a position-independent 772 executable. This can only be booted with a version of loader(8) 773 newer than January 31, 2015, so make sure to update both world and 774 kernel before rebooting. 775 77620150217: 777 If you are running a -CURRENT kernel since r273872 (Oct 30th, 2014), 778 but before r278950, the RNG was not seeded properly. Immediately 779 upgrade the kernel to r278950 or later and regenerate any keys (e.g. 780 ssh keys or openssl keys) that were generated w/ a kernel from that 781 range. This does not affect programs that directly used /dev/random 782 or /dev/urandom. All userland uses of arc4random(3) are affected. 783 78420150210: 785 The autofs(4) ABI was changed in order to restore binary compatibility 786 with 10.1-RELEASE. The automountd(8) daemon needs to be rebuilt to work 787 with the new kernel. 788 78920150131: 790 The powerpc64 kernel has been changed to a position-independent 791 executable. This can only be booted with a new version of loader(8), 792 so make sure to update both world and kernel before rebooting. 793 79420150118: 795 Clang and llvm have been upgraded to 3.5.1 release. This is a bugfix 796 only release, no new features have been added. Please see the 20141231 797 entry below for information about prerequisites and upgrading, if you 798 are not already using 3.5.0. 799 80020150107: 801 ELF tools addr2line, elfcopy (strip), nm, size, and strings are now 802 taken from the ELF Tool Chain project rather than GNU binutils. They 803 should be drop-in replacements, with the addition of arm64 support. 804 The WITHOUT_ELFTOOLCHAIN_TOOLS= knob may be used to obtain the 805 binutils tools, if necessary. See 20150805 for updated information. 806 80720150105: 808 The default Unbound configuration now enables remote control 809 using a local socket. Users who have already enabled the 810 local_unbound service should regenerate their configuration 811 by running "service local_unbound setup" as root. 812 81320150102: 814 The GNU texinfo and GNU info pages have been removed. 815 To be able to view GNU info pages please install texinfo from ports. 816 81720141231: 818 Clang, llvm and lldb have been upgraded to 3.5.0 release. 819 820 As of this release, a prerequisite for building clang, llvm and lldb is 821 a C++11 capable compiler and C++11 standard library. This means that to 822 be able to successfully build the cross-tools stage of buildworld, with 823 clang as the bootstrap compiler, your system compiler or cross compiler 824 should either be clang 3.3 or later, or gcc 4.8 or later, and your 825 system C++ library should be libc++, or libdstdc++ from gcc 4.8 or 826 later. 827 828 On any standard FreeBSD 10.x or 11.x installation, where clang and 829 libc++ are on by default (that is, on x86 or arm), this should work out 830 of the box. 831 832 On 9.x installations where clang is enabled by default, e.g. on x86 and 833 powerpc, libc++ will not be enabled by default, so libc++ should be 834 built (with clang) and installed first. If both clang and libc++ are 835 missing, build clang first, then use it to build libc++. 836 837 On 8.x and earlier installations, upgrade to 9.x first, and then follow 838 the instructions for 9.x above. 839 840 Sparc64 and mips users are unaffected, as they still use gcc 4.2.1 by 841 default, and do not build clang. 842 843 Many embedded systems are resource constrained, and will not be able to 844 build clang in a reasonable time, or in some cases at all. In those 845 cases, cross building bootable systems on amd64 is a workaround. 846 847 This new version of clang introduces a number of new warnings, of which 848 the following are most likely to appear: 849 850 -Wabsolute-value 851 852 This warns in two cases, for both C and C++: 853 * When the code is trying to take the absolute value of an unsigned 854 quantity, which is effectively a no-op, and almost never what was 855 intended. The code should be fixed, if at all possible. If you are 856 sure that the unsigned quantity can be safely cast to signed, without 857 loss of information or undefined behavior, you can add an explicit 858 cast, or disable the warning. 859 860 * When the code is trying to take an absolute value, but the called 861 abs() variant is for the wrong type, which can lead to truncation. 862 If you want to disable the warning instead of fixing the code, please 863 make sure that truncation will not occur, or it might lead to unwanted 864 side-effects. 865 866 -Wtautological-undefined-compare and 867 -Wundefined-bool-conversion 868 869 These warn when C++ code is trying to compare 'this' against NULL, while 870 'this' should never be NULL in well-defined C++ code. However, there is 871 some legacy (pre C++11) code out there, which actively abuses this 872 feature, which was less strictly defined in previous C++ versions. 873 874 Squid and openjdk do this, for example. The warning can be turned off 875 for C++98 and earlier, but compiling the code in C++11 mode might result 876 in unexpected behavior; for example, the parts of the program that are 877 unreachable could be optimized away. 878 87920141222: 880 The old NFS client and server (kernel options NFSCLIENT, NFSSERVER) 881 kernel sources have been removed. The .h files remain, since some 882 utilities include them. This will need to be fixed later. 883 If "mount -t oldnfs ..." is attempted, it will fail. 884 If the "-o" option on mountd(8), nfsd(8) or nfsstat(1) is used, 885 the utilities will report errors. 886 88720141121: 888 The handling of LOCAL_LIB_DIRS has been altered to skip addition of 889 directories to top level SUBDIR variable when their parent 890 directory is included in LOCAL_DIRS. Users with build systems with 891 such hierarchies and without SUBDIR entries in the parent 892 directory Makefiles should add them or add the directories to 893 LOCAL_DIRS. 894 89520141109: 896 faith(4) and faithd(8) have been removed from the base system. Faith 897 has been obsolete for a very long time. 898 89920141104: 900 vt(4), the new console driver, is enabled by default. It brings 901 support for Unicode and double-width characters, as well as 902 support for UEFI and integration with the KMS kernel video 903 drivers. 904 905 You may need to update your console settings in /etc/rc.conf, 906 most probably the keymap. During boot, /etc/rc.d/syscons will 907 indicate what you need to do. 908 909 vt(4) still has issues and lacks some features compared to 910 syscons(4). See the wiki for up-to-date information: 911 https://wiki.freebsd.org/Newcons 912 913 If you want to keep using syscons(4), you can do so by adding 914 the following line to /boot/loader.conf: 915 kern.vty=sc 916 91720141102: 918 pjdfstest has been integrated into kyua as an opt-in test suite. 919 Please see share/doc/pjdfstest/README for more details on how to 920 execute it. 921 92220141009: 923 gperf has been removed from the base system for architectures 924 that use clang. Ports that require gperf will obtain it from the 925 devel/gperf port. 926 92720140923: 928 pjdfstest has been moved from tools/regression/pjdfstest to 929 contrib/pjdfstest . 930 93120140922: 932 At svn r271982, The default linux compat kernel ABI has been adjusted 933 to 2.6.18 in support of the linux-c6 compat ports infrastructure 934 update. If you wish to continue using the linux-f10 compat ports, 935 add compat.linux.osrelease=2.6.16 to your local sysctl.conf. Users are 936 encouraged to update their linux-compat packages to linux-c6 during 937 their next update cycle. 938 93920140729: 940 The ofwfb driver, used to provide a graphics console on PowerPC when 941 using vt(4), no longer allows mmap() of all physical memory. This 942 will prevent Xorg on PowerPC with some ATI graphics cards from 943 initializing properly unless x11-servers/xorg-server is updated to 944 1.12.4_8 or newer. 945 94620140723: 947 The xdev targets have been converted to using TARGET and 948 TARGET_ARCH instead of XDEV and XDEV_ARCH. 949 95020140719: 951 The default unbound configuration has been modified to address 952 issues with reverse lookups on networks that use private 953 address ranges. If you use the local_unbound service, run 954 "service local_unbound setup" as root to regenerate your 955 configuration, then "service local_unbound reload" to load the 956 new configuration. 957 95820140709: 959 The GNU texinfo and GNU info pages are not built and installed 960 anymore, WITH_INFO knob has been added to allow to built and install 961 them again. 962 UPDATE: see 20150102 entry on texinfo's removal 963 96420140708: 965 The GNU readline library is now an INTERNALLIB - that is, it is 966 statically linked into consumers (GDB and variants) in the base 967 system, and the shared library is no longer installed. The 968 devel/readline port is available for third party software that 969 requires readline. 970 97120140702: 972 The Itanium architecture (ia64) has been removed from the list of 973 known architectures. This is the first step in the removal of the 974 architecture. 975 97620140701: 977 Commit r268115 has added NFSv4.1 server support, merged from 978 projects/nfsv4.1-server. Since this includes changes to the 979 internal interfaces between the NFS related modules, a full 980 build of the kernel and modules will be necessary. 981 __FreeBSD_version has been bumped. 982 98320140629: 984 The WITHOUT_VT_SUPPORT kernel config knob has been renamed 985 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning 986 which differs from the behaviour controlled by this knob.) 987 98820140619: 989 Maximal length of the serial number in CTL was increased from 16 to 990 64 chars, that breaks ABI. All CTL-related tools, such as ctladm 991 and ctld, need to be rebuilt to work with a new kernel. 992 99320140606: 994 The libatf-c and libatf-c++ major versions were downgraded to 0 and 995 1 respectively to match the upstream numbers. They were out of 996 sync because, when they were originally added to FreeBSD, the 997 upstream versions were not respected. These libraries are private 998 and not yet built by default, so renumbering them should be a 999 non-issue. However, unclean source trees will yield broken test 1000 programs once the operator executes "make delete-old-libs" after a 1001 "make installworld". 1002 1003 Additionally, the atf-sh binary was made private by moving it into 1004 /usr/libexec/. Already-built shell test programs will keep the 1005 path to the old binary so they will break after "make delete-old" 1006 is run. 1007 1008 If you are using WITH_TESTS=yes (not the default), wipe the object 1009 tree and rebuild from scratch to prevent spurious test failures. 1010 This is only needed once: the misnumbered libraries and misplaced 1011 binaries have been added to OptionalObsoleteFiles.inc so they will 1012 be removed during a clean upgrade. 1013 101420140512: 1015 Clang and llvm have been upgraded to 3.4.1 release. 1016 101720140508: 1018 We bogusly installed src.opts.mk in /usr/share/mk. This file should 1019 be removed to avoid issues in the future (and has been added to 1020 ObsoleteFiles.inc). 1021 102220140505: 1023 /etc/src.conf now affects only builds of the FreeBSD src tree. In the 1024 past, it affected all builds that used the bsd.*.mk files. The old 1025 behavior was a bug, but people may have relied upon it. To get this 1026 behavior back, you can .include /etc/src.conf from /etc/make.conf 1027 (which is still global and isn't changed). This also changes the 1028 behavior of incremental builds inside the tree of individual 1029 directories. Set MAKESYSPATH to ".../share/mk" to do that. 1030 Although this has survived make universe and some upgrade scenarios, 1031 other upgrade scenarios may have broken. At least one form of 1032 temporary breakage was fixed with MAKESYSPATH settings for buildworld 1033 as well... In cases where MAKESYSPATH isn't working with this 1034 setting, you'll need to set it to the full path to your tree. 1035 1036 One side effect of all this cleaning up is that bsd.compiler.mk 1037 is no longer implicitly included by bsd.own.mk. If you wish to 1038 use COMPILER_TYPE, you must now explicitly include bsd.compiler.mk 1039 as well. 1040 104120140430: 1042 The lindev device has been removed since /dev/full has been made a 1043 standard device. __FreeBSD_version has been bumped. 1044 104520140424: 1046 The knob WITHOUT_VI was added to the base system, which controls 1047 building ex(1), vi(1), etc. Older releases of FreeBSD required ex(1) 1048 in order to reorder files share/termcap and didn't build ex(1) as a 1049 build tool, so building/installing with WITH_VI is highly advised for 1050 build hosts for older releases. 1051 1052 This issue has been fixed in stable/9 and stable/10 in r277022 and 1053 r276991, respectively. 1054 105520140418: 1056 The YES_HESIOD knob has been removed. It has been obsolete for 1057 a decade. Please move to using WITH_HESIOD instead or your builds 1058 will silently lack HESIOD. 1059 106020140405: 1061 The uart(4) driver has been changed with respect to its handling 1062 of the low-level console. Previously the uart(4) driver prevented 1063 any process from changing the baudrate or the CLOCAL and HUPCL 1064 control flags. By removing the restrictions, operators can make 1065 changes to the serial console port without having to reboot. 1066 However, when getty(8) is started on the serial device that is 1067 associated with the low-level console, a misconfigured terminal 1068 line in /etc/ttys will now have a real impact. 1069 Before upgrading the kernel, make sure that /etc/ttys has the 1070 serial console device configured as 3wire without baudrate to 1071 preserve the previous behaviour. E.g: 1072 ttyu0 "/usr/libexec/getty 3wire" vt100 on secure 1073 107420140306: 1075 Support for libwrap (TCP wrappers) in rpcbind was disabled by default 1076 to improve performance. To re-enable it, if needed, run rpcbind 1077 with command line option -W. 1078 107920140226: 1080 Switched back to the GPL dtc compiler due to updates in the upstream 1081 dts files not being supported by the BSDL dtc compiler. You will need 1082 to rebuild your kernel toolchain to pick up the new compiler. Core dumps 1083 may result while building dtb files during a kernel build if you fail 1084 to do so. Set WITHOUT_GPL_DTC if you require the BSDL compiler. 1085 108620140216: 1087 Clang and llvm have been upgraded to 3.4 release. 1088 108920140216: 1090 The nve(4) driver has been removed. Please use the nfe(4) driver 1091 for NVIDIA nForce MCP Ethernet adapters instead. 1092 109320140212: 1094 An ABI incompatibility crept into the libc++ 3.4 import in r261283. 1095 This could cause certain C++ applications using shared libraries built 1096 against the previous version of libc++ to crash. The incompatibility 1097 has now been fixed, but any C++ applications or shared libraries built 1098 between r261283 and r261801 should be recompiled. 1099 110020140204: 1101 OpenSSH will now ignore errors caused by kernel lacking of Capsicum 1102 capability mode support. Please note that enabling the feature in 1103 kernel is still highly recommended. 1104 110520140131: 1106 OpenSSH is now built with sandbox support, and will use sandbox as 1107 the default privilege separation method. This requires Capsicum 1108 capability mode support in kernel. 1109 111020140128: 1111 The libelf and libdwarf libraries have been updated to newer 1112 versions from upstream. Shared library version numbers for 1113 these two libraries were bumped. Any ports or binaries 1114 requiring these two libraries should be recompiled. 1115 __FreeBSD_version is bumped to 1100006. 1116 111720140110: 1118 If a Makefile in a tests/ directory was auto-generating a Kyuafile 1119 instead of providing an explicit one, this would prevent such 1120 Makefile from providing its own Kyuafile in the future during 1121 NO_CLEAN builds. This has been fixed in the Makefiles but manual 1122 intervention is needed to clean an objdir if you use NO_CLEAN: 1123 # find /usr/obj -name Kyuafile | xargs rm -f 1124 112520131213: 1126 The behavior of gss_pseudo_random() for the krb5 mechanism 1127 has changed, for applications requesting a longer random string 1128 than produced by the underlying enctype's pseudo-random() function. 1129 In particular, the random string produced from a session key of 1130 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will 1131 be different at the 17th octet and later, after this change. 1132 The counter used in the PRF+ construction is now encoded as a 1133 big-endian integer in accordance with RFC 4402. 1134 __FreeBSD_version is bumped to 1100004. 1135 113620131108: 1137 The WITHOUT_ATF build knob has been removed and its functionality 1138 has been subsumed into the more generic WITHOUT_TESTS. If you were 1139 using the former to disable the build of the ATF libraries, you 1140 should change your settings to use the latter. 1141 114220131025: 1143 The default version of mtree is nmtree which is obtained from 1144 NetBSD. The output is generally the same, but may vary 1145 slightly. If you found you need identical output adding 1146 "-F freebsd9" to the command line should do the trick. For the 1147 time being, the old mtree is available as fmtree. 1148 114920131014: 1150 libbsdyml has been renamed to libyaml and moved to /usr/lib/private. 1151 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg 1152 1.1.4_8 and verify bsdyml not linked in, before running "make 1153 delete-old-libs": 1154 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean 1155 or 1156 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml 1157 115820131010: 1159 The stable/10 branch has been created in subversion from head 1160 revision r256279. 1161 116220131010: 1163 The rc.d/jail script has been updated to support jail(8) 1164 configuration file. The "jail_<jname>_*" rc.conf(5) variables 1165 for per-jail configuration are automatically converted to 1166 /var/run/jail.<jname>.conf before the jail(8) utility is invoked. 1167 This is transparently backward compatible. See below about some 1168 incompatibilities and rc.conf(5) manual page for more details. 1169 1170 These variables are now deprecated in favor of jail(8) configuration 1171 file. One can use "rc.d/jail config <jname>" command to generate 1172 a jail(8) configuration file in /var/run/jail.<jname>.conf without 1173 running the jail(8) utility. The default pathname of the 1174 configuration file is /etc/jail.conf and can be specified by 1175 using $jail_conf or $jail_<jname>_conf variables. 1176 1177 Please note that jail_devfs_ruleset accepts an integer at 1178 this moment. Please consider to rewrite the ruleset name 1179 with an integer. 1180 118120130930: 1182 BIND has been removed from the base system. If all you need 1183 is a local resolver, simply enable and start the local_unbound 1184 service instead. Otherwise, several versions of BIND are 1185 available in the ports tree. The dns/bind99 port is one example. 1186 1187 With this change, nslookup(1) and dig(1) are no longer in the base 1188 system. Users should instead use host(1) and drill(1) which are 1189 in the base system. Alternatively, nslookup and dig can 1190 be obtained by installing the dns/bind-tools port. 1191 119220130916: 1193 With the addition of unbound(8), a new unbound user is now 1194 required during installworld. "mergemaster -p" can be used to 1195 add the user prior to installworld, as documented in the handbook. 1196 119720130911: 1198 OpenSSH is now built with DNSSEC support, and will by default 1199 silently trust signed SSHFP records. This can be controlled with 1200 the VerifyHostKeyDNS client configuration setting. DNSSEC support 1201 can be disabled entirely with the WITHOUT_LDNS option in src.conf. 1202 120320130906: 1204 The GNU Compiler Collection and C++ standard library (libstdc++) 1205 are no longer built by default on platforms where clang is the system 1206 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX 1207 options in src.conf. 1208 120920130905: 1210 The PROCDESC kernel option is now part of the GENERIC kernel 1211 configuration and is required for the rwhod(8) to work. 1212 If you are using custom kernel configuration, you should include 1213 'options PROCDESC'. 1214 121520130905: 1216 The API and ABI related to the Capsicum framework was modified 1217 in backward incompatible way. The userland libraries and programs 1218 have to be recompiled to work with the new kernel. This includes the 1219 following libraries and programs, but the whole buildworld is 1220 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl, 1221 kdump, procstat, rwho, rwhod, uniq. 1222 122320130903: 1224 AES-NI intrinsic support has been added to gcc. The AES-NI module 1225 has been updated to use this support. A new gcc is required to build 1226 the aesni module on both i386 and amd64. 1227 122820130821: 1229 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices. 1230 Thus "device padlock_rng" and "device rdrand_rng" should be 1231 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG". 1232 123320130813: 1234 WITH_ICONV has been split into two feature sets. WITH_ICONV now 1235 enables just the iconv* functionality and is now on by default. 1236 WITH_LIBICONV_COMPAT enables the libiconv api and link time 1237 compatibility. Set WITHOUT_ICONV to build the old way. 1238 If you have been using WITH_ICONV before, you will very likely 1239 need to turn on WITH_LIBICONV_COMPAT. 1240 124120130806: 1242 INVARIANTS option now enables DEBUG for code with OpenSolaris and 1243 Illumos origin, including ZFS. If you have INVARIANTS in your 1244 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG 1245 explicitly. 1246 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS) 1247 locks if WITNESS option was set. Because that generated a lot of 1248 witness(9) reports and all of them were believed to be false 1249 positives, this is no longer done. New option OPENSOLARIS_WITNESS 1250 can be used to achieve the previous behavior. 1251 125220130806: 1253 Timer values in IPv6 data structures now use time_uptime instead 1254 of time_second. Although this is not a user-visible functional 1255 change, userland utilities which directly use them---ndp(8), 1256 rtadvd(8), and rtsold(8) in the base system---need to be updated 1257 to r253970 or later. 1258 125920130802: 1260 find -delete can now delete the pathnames given as arguments, 1261 instead of only files found below them or if the pathname did 1262 not contain any slashes. Formerly, the following error message 1263 would result: 1264 1265 find: -delete: <path>: relative path potentially not safe 1266 1267 Deleting the pathnames given as arguments can be prevented 1268 without error messages using -mindepth 1 or by changing 1269 directory and passing "." as argument to find. This works in the 1270 old as well as the new version of find. 1271 127220130726: 1273 Behavior of devfs rules path matching has been changed. 1274 Pattern is now always matched against fully qualified devfs 1275 path and slash characters must be explicitly matched by 1276 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs 1277 subdirectories must be reviewed. 1278 127920130716: 1280 The default ARM ABI has changed to the ARM EABI. The old ABI is 1281 incompatible with the ARM EABI and all programs and modules will 1282 need to be rebuilt to work with a new kernel. 1283 1284 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set. 1285 1286 NOTE: Support for the old ABI will be removed in the future and 1287 users are advised to upgrade. 1288 128920130709: 1290 pkg_install has been disconnected from the build if you really need it 1291 you should add WITH_PKGTOOLS in your src.conf(5). 1292 129320130709: 1294 Most of network statistics structures were changed to be able 1295 keep 64-bits counters. Thus all tools, that work with networking 1296 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.) 1297 129820130618: 1299 Fix a bug that allowed a tracing process (e.g. gdb) to write 1300 to a memory-mapped file in the traced process's address space 1301 even if neither the traced process nor the tracing process had 1302 write access to that file. 1303 130420130615: 1305 CVS has been removed from the base system. An exact copy 1306 of the code is available from the devel/cvs port. 1307 130820130613: 1309 Some people report the following error after the switch to bmake: 1310 1311 make: illegal option -- J 1312 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable] 1313 ... 1314 *** [buildworld] Error code 2 1315 1316 this likely due to an old instance of make in 1317 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE}) 1318 which src/Makefile will use that blindly, if it exists, so if 1319 you see the above error: 1320 1321 rm -rf `make -V MAKEPATH` 1322 1323 should resolve it. 1324 132520130516: 1326 Use bmake by default. 1327 Whereas before one could choose to build with bmake via 1328 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old 1329 make. The goal is to remove these knobs for 10-RELEASE. 1330 1331 It is worth noting that bmake (like gmake) treats the command 1332 line as the unit of failure, rather than statements within the 1333 command line. Thus '(cd some/where && dosomething)' is safer 1334 than 'cd some/where; dosomething'. The '()' allows consistent 1335 behavior in parallel build. 1336 133720130429: 1338 Fix a bug that allows NFS clients to issue READDIR on files. 1339 134020130426: 1341 The WITHOUT_IDEA option has been removed because 1342 the IDEA patent expired. 1343 134420130426: 1345 The sysctl which controls TRIM support under ZFS has been renamed 1346 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been 1347 enabled by default. 1348 134920130425: 1350 The mergemaster command now uses the default MAKEOBJDIRPREFIX 1351 rather than creating it's own in the temporary directory in 1352 order allow access to bootstrapped versions of tools such as 1353 install and mtree. When upgrading from version of FreeBSD where 1354 the install command does not support -l, you will need to 1355 install a new mergemaster command if mergemaster -p is required. 1356 This can be accomplished with the command (cd src/usr.sbin/mergemaster 1357 && make install). 1358 135920130404: 1360 Legacy ATA stack, disabled and replaced by new CAM-based one since 1361 FreeBSD 9.0, completely removed from the sources. Kernel modules 1362 atadisk and atapi*, user-level tools atacontrol and burncd are 1363 removed. Kernel option `options ATA_CAM` is now permanently enabled 1364 and removed. 1365 136620130319: 1367 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2) 1368 and socketpair(2). Software, in particular Kerberos, may 1369 automatically detect and use these during building. The resulting 1370 binaries will not work on older kernels. 1371 137220130308: 1373 CTL_DISABLE has also been added to the sparc64 GENERIC (for further 1374 information, see the respective 20130304 entry). 1375 137620130304: 1377 Recent commits to callout(9) changed the size of struct callout, 1378 so the KBI is probably heavily disturbed. Also, some functions 1379 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced 1380 by macros. Every kernel module using it won't load, so rebuild 1381 is requested. 1382 1383 The ctl device has been re-enabled in GENERIC for i386 and amd64, 1384 but does not initialize by default (because of the new CTL_DISABLE 1385 option) to save memory. To re-enable it, remove the CTL_DISABLE 1386 option from the kernel config file or set kern.cam.ctl.disable=0 1387 in /boot/loader.conf. 1388 138920130301: 1390 The ctl device has been disabled in GENERIC for i386 and amd64. 1391 This was done due to the extra memory being allocated at system 1392 initialisation time by the ctl driver which was only used if 1393 a CAM target device was created. This makes a FreeBSD system 1394 unusable on 128MB or less of RAM. 1395 139620130208: 1397 A new compression method (lz4) has been merged to -HEAD. Please 1398 refer to zpool-features(7) for more information. 1399 1400 Please refer to the "ZFS notes" section of this file for information 1401 on upgrading boot ZFS pools. 1402 140320130129: 1404 A BSD-licensed patch(1) variant has been added and is installed 1405 as bsdpatch, being the GNU version the default patch. 1406 To inverse the logic and use the BSD-licensed one as default, 1407 while having the GNU version installed as gnupatch, rebuild 1408 and install world with the WITH_BSD_PATCH knob set. 1409 141020130121: 1411 Due to the use of the new -l option to install(1) during build 1412 and install, you must take care not to directly set the INSTALL 1413 make variable in your /etc/make.conf, /etc/src.conf, or on the 1414 command line. If you wish to use the -C flag for all installs 1415 you may be able to add INSTALL+=-C to /etc/make.conf or 1416 /etc/src.conf. 1417 141820130118: 1419 The install(1) option -M has changed meaning and now takes an 1420 argument that is a file or path to append logs to. In the 1421 unlikely event that -M was the last option on the command line 1422 and the command line contained at least two files and a target 1423 directory the first file will have logs appended to it. The -M 1424 option served little practical purpose in the last decade so its 1425 use is expected to be extremely rare. 1426 142720121223: 1428 After switching to Clang as the default compiler some users of ZFS 1429 on i386 systems started to experience stack overflow kernel panics. 1430 Please consider using 'options KSTACK_PAGES=4' in such configurations. 1431 143220121222: 1433 GEOM_LABEL now mangles label names read from file system metadata. 1434 Mangling affect labels containing spaces, non-printable characters, 1435 '%' or '"'. Device names in /etc/fstab and other places may need to 1436 be updated. 1437 143820121217: 1439 By default, only the 10 most recent kernel dumps will be saved. To 1440 restore the previous behaviour (no limit on the number of kernel dumps 1441 stored in the dump directory) add the following line to /etc/rc.conf: 1442 1443 savecore_flags="" 1444 144520121201: 1446 With the addition of auditdistd(8), a new auditdistd user is now 1447 required during installworld. "mergemaster -p" can be used to 1448 add the user prior to installworld, as documented in the handbook. 1449 145020121117: 1451 The sin6_scope_id member variable in struct sockaddr_in6 is now 1452 filled by the kernel before passing the structure to the userland via 1453 sysctl or routing socket. This means the KAME-specific embedded scope 1454 id in sin6_addr.s6_addr[2] is always cleared in userland application. 1455 This behavior can be controlled by net.inet6.ip6.deembed_scopeid. 1456 __FreeBSD_version is bumped to 1000025. 1457 145820121105: 1459 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default. 1460 This means that the world and kernel will be compiled with clang 1461 and that clang will be installed as /usr/bin/cc, /usr/bin/c++, 1462 and /usr/bin/cpp. To disable this behavior and revert to building 1463 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions 1464 of current may need to bootstrap WITHOUT_CLANG first if the clang 1465 build fails (its compatibility window doesn't extend to the 9 stable 1466 branch point). 1467 146820121102: 1469 The IPFIREWALL_FORWARD kernel option has been removed. Its 1470 functionality now turned on by default. 1471 147220121023: 1473 The ZERO_COPY_SOCKET kernel option has been removed and 1474 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP. 1475 NB: SOCKET_SEND_COW uses the VM page based copy-on-write 1476 mechanism which is not safe and may result in kernel crashes. 1477 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current 1478 driver supports disposeable external page sized mbuf storage. 1479 Proper replacements for both zero-copy mechanisms are under 1480 consideration and will eventually lead to complete removal 1481 of the two kernel options. 1482 148320121023: 1484 The IPv4 network stack has been converted to network byte 1485 order. The following modules need to be recompiled together 1486 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4), 1487 pf(4), ipfw(4), ng_ipfw(4), stf(4). 1488 148920121022: 1490 Support for non-MPSAFE filesystems was removed from VFS. The 1491 VFS_VERSION was bumped, all filesystem modules shall be 1492 recompiled. 1493 149420121018: 1495 All the non-MPSAFE filesystems have been disconnected from 1496 the build. The full list includes: codafs, hpfs, ntfs, nwfs, 1497 portalfs, smbfs, xfs. 1498 149920121016: 1500 The interface cloning API and ABI has changed. The following 1501 modules need to be recompiled together with kernel: 1502 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4), 1503 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4), 1504 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4). 1505 150620121015: 1507 The sdhci driver was split in two parts: sdhci (generic SD Host 1508 Controller logic) and sdhci_pci (actual hardware driver). 1509 No kernel config modifications are required, but if you 1510 load sdhc as a module you must switch to sdhci_pci instead. 1511 151220121014: 1513 Import the FUSE kernel and userland support into base system. 1514 151520121013: 1516 The GNU sort(1) program has been removed since the BSD-licensed 1517 sort(1) has been the default for quite some time and no serious 1518 problems have been reported. The corresponding WITH_GNU_SORT 1519 knob has also gone. 1520 152120121006: 1522 The pfil(9) API/ABI for AF_INET family has been changed. Packet 1523 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled 1524 with new kernel. 1525 152620121001: 1527 The net80211(4) ABI has been changed to allow for improved driver 1528 PS-POLL and power-save support. All wireless drivers need to be 1529 recompiled to work with the new kernel. 1530 153120120913: 1532 The random(4) support for the VIA hardware random number 1533 generator (`PADLOCK') is no longer enabled unconditionally. 1534 Add the padlock_rng device in the custom kernel config if 1535 needed. The GENERIC kernels on i386 and amd64 do include the 1536 device, so the change only affects the custom kernel 1537 configurations. 1538 153920120908: 1540 The pf(4) packet filter ABI has been changed. pfctl(8) and 1541 snmp_pf module need to be recompiled to work with new kernel. 1542 154320120828: 1544 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged 1545 to -HEAD. Pools that have empty_bpobj in active state can not be 1546 imported read-write with ZFS implementations that do not support 1547 this feature. For more information read the zpool-features(5) 1548 manual page. 1549 155020120727: 1551 The sparc64 ZFS loader has been changed to no longer try to auto- 1552 detect ZFS providers based on diskN aliases but now requires these 1553 to be explicitly listed in the OFW boot-device environment variable. 1554 155520120712: 1556 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring 1557 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are 1558 configuration changes. Make sure to merge /etc/ssl/openssl.cnf. 1559 156020120712: 1561 The following sysctls and tunables have been renamed for consistency 1562 with other variables: 1563 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered 1564 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered 1565 156620120628: 1567 The sort utility has been replaced with BSD sort. For now, GNU sort 1568 is also available as "gnusort" or the default can be set back to 1569 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be 1570 installed as "bsdsort". 1571 157220120611: 1573 A new version of ZFS (pool version 5000) has been merged to -HEAD. 1574 Starting with this version the old system of ZFS pool versioning 1575 is superseded by "feature flags". This concept enables forward 1576 compatibility against certain future changes in functionality of ZFS 1577 pools. The first read-only compatible "feature flag" for ZFS pools 1578 is named "com.delphix:async_destroy". For more information 1579 read the new zpool-features(5) manual page. 1580 Please refer to the "ZFS notes" section of this file for information 1581 on upgrading boot ZFS pools. 1582 158320120417: 1584 The malloc(3) implementation embedded in libc now uses sources imported 1585 as contrib/jemalloc. The most disruptive API change is to 1586 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf, 1587 delete it prior to installworld, and optionally re-create it using the 1588 new format after rebooting. See malloc.conf(5) for details 1589 (specifically the TUNING section and the "opt.*" entries in the MALLCTL 1590 NAMESPACE section). 1591 159220120328: 1593 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb 1594 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is 1595 now spelled mips. This is to aid compatibility with third-party 1596 software that expects this naming scheme in uname(3). Little-endian 1597 settings are unchanged. If you are updating a big-endian mips64 machine 1598 from before this change, you may need to set MACHINE_ARCH=mips64 in 1599 your environment before the new build system will recognize your machine. 1600 160120120306: 1602 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported 1603 platforms. 1604 160520120229: 1606 Now unix domain sockets behave "as expected" on nullfs(5). Previously 1607 nullfs(5) did not pass through all behaviours to the underlying layer, 1608 as a result if we bound to a socket on the lower layer we could connect 1609 only to the lower path; if we bound to the upper layer we could connect 1610 only to the upper path. The new behavior is one can connect to both the 1611 lower and the upper paths regardless what layer path one binds to. 1612 161320120211: 1614 The getifaddrs upgrade path broken with 20111215 has been restored. 1615 If you have upgraded in between 20111215 and 20120209 you need to 1616 recompile libc again with your kernel. You still need to recompile 1617 world to be able to configure CARP but this restriction already 1618 comes from 20111215. 1619 162020120114: 1621 The set_rcvar() function has been removed from /etc/rc.subr. All 1622 base and ports rc.d scripts have been updated, so if you have a 1623 port installed with a script in /usr/local/etc/rc.d you can either 1624 hand-edit the rcvar= line, or reinstall the port. 1625 1626 An easy way to handle the mass-update of /etc/rc.d: 1627 rm /etc/rc.d/* && mergemaster -i 1628 162920120109: 1630 panic(9) now stops other CPUs in the SMP systems, disables interrupts 1631 on the current CPU and prevents other threads from running. 1632 This behavior can be reverted using the kern.stop_scheduler_on_panic 1633 tunable/sysctl. 1634 The new behavior can be incompatible with kern.sync_on_panic. 1635 163620111215: 1637 The carp(4) facility has been changed significantly. Configuration 1638 of the CARP protocol via ifconfig(8) has changed, as well as format 1639 of CARP events submitted to devd(8) has changed. See manual pages 1640 for more information. The arpbalance feature of carp(4) is currently 1641 not supported anymore. 1642 1643 Size of struct in_aliasreq, struct in6_aliasreq has changed. User 1644 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8), 1645 need to be recompiled. 1646 164720111122: 1648 The acpi_wmi(4) status device /dev/wmistat has been renamed to 1649 /dev/wmistat0. 1650 165120111108: 1652 The option VFS_ALLOW_NONMPSAFE option has been added in order to 1653 explicitely support non-MPSAFE filesystems. 1654 It is on by default for all supported platform at this present 1655 time. 1656 165720111101: 1658 The broken amd(4) driver has been replaced with esp(4) in the amd64, 1659 i386 and pc98 GENERIC kernel configuration files. 1660 166120110930: 1662 sysinstall has been removed 1663 166420110923: 1665 The stable/9 branch created in subversion. This corresponds to the 1666 RELENG_9 branch in CVS. 1667 1668COMMON ITEMS: 1669 1670 General Notes 1671 ------------- 1672 Avoid using make -j when upgrading. While generally safe, there are 1673 sometimes problems using -j to upgrade. If your upgrade fails with 1674 -j, please try again without -j. From time to time in the past there 1675 have been problems using -j with buildworld and/or installworld. This 1676 is especially true when upgrading between "distant" versions (eg one 1677 that cross a major release boundary or several minor releases, or when 1678 several months have passed on the -current branch). 1679 1680 Sometimes, obscure build problems are the result of environment 1681 poisoning. This can happen because the make utility reads its 1682 environment when searching for values for global variables. To run 1683 your build attempts in an "environmental clean room", prefix all make 1684 commands with 'env -i '. See the env(1) manual page for more details. 1685 1686 When upgrading from one major version to another it is generally best 1687 to upgrade to the latest code in the currently installed branch first, 1688 then do an upgrade to the new branch. This is the best-tested upgrade 1689 path, and has the highest probability of being successful. Please try 1690 this approach before reporting problems with a major version upgrade. 1691 1692 When upgrading a live system, having a root shell around before 1693 installing anything can help undo problems. Not having a root shell 1694 around can lead to problems if pam has changed too much from your 1695 starting point to allow continued authentication after the upgrade. 1696 1697 This file should be read as a log of events. When a later event changes 1698 information of a prior event, the prior event should not be deleted. 1699 Instead, a pointer to the entry with the new information should be 1700 placed in the old entry. Readers of this file should also sanity check 1701 older entries before relying on them blindly. Authors of new entries 1702 should write them with this in mind. 1703 1704 ZFS notes 1705 --------- 1706 When upgrading the boot ZFS pool to a new version, always follow 1707 these two steps: 1708 1709 1.) recompile and reinstall the ZFS boot loader and boot block 1710 (this is part of "make buildworld" and "make installworld") 1711 1712 2.) update the ZFS boot block on your boot drive 1713 1714 The following example updates the ZFS boot block on the first 1715 partition (freebsd-boot) of a GPT partitioned drive ada0: 1716 "gpart bootcode -p /boot/gptzfsboot -i 1 ada0" 1717 1718 Non-boot pools do not need these updates. 1719 1720 To build a kernel 1721 ----------------- 1722 If you are updating from a prior version of FreeBSD (even one just 1723 a few days old), you should follow this procedure. It is the most 1724 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld, 1725 1726 make kernel-toolchain 1727 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE 1728 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE 1729 1730 To test a kernel once 1731 --------------------- 1732 If you just want to boot a kernel once (because you are not sure 1733 if it works, or if you want to boot a known bad kernel to provide 1734 debugging information) run 1735 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel 1736 nextboot -k testkernel 1737 1738 To just build a kernel when you know that it won't mess you up 1739 -------------------------------------------------------------- 1740 This assumes you are already running a CURRENT system. Replace 1741 ${arch} with the architecture of your machine (e.g. "i386", 1742 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc). 1743 1744 cd src/sys/${arch}/conf 1745 config KERNEL_NAME_HERE 1746 cd ../compile/KERNEL_NAME_HERE 1747 make depend 1748 make 1749 make install 1750 1751 If this fails, go to the "To build a kernel" section. 1752 1753 To rebuild everything and install it on the current system. 1754 ----------------------------------------------------------- 1755 # Note: sometimes if you are running current you gotta do more than 1756 # is listed here if you are upgrading from a really old current. 1757 1758 <make sure you have good level 0 dumps> 1759 make buildworld 1760 make kernel KERNCONF=YOUR_KERNEL_HERE 1761 [1] 1762 <reboot in single user> [3] 1763 mergemaster -Fp [5] 1764 make installworld 1765 mergemaster -Fi [4] 1766 make delete-old [6] 1767 <reboot> 1768 1769 To cross-install current onto a separate partition 1770 -------------------------------------------------- 1771 # In this approach we use a separate partition to hold 1772 # current's root, 'usr', and 'var' directories. A partition 1773 # holding "/", "/usr" and "/var" should be about 2GB in 1774 # size. 1775 1776 <make sure you have good level 0 dumps> 1777 <boot into -stable> 1778 make buildworld 1779 make buildkernel KERNCONF=YOUR_KERNEL_HERE 1780 <maybe newfs current's root partition> 1781 <mount current's root partition on directory ${CURRENT_ROOT}> 1782 make installworld DESTDIR=${CURRENT_ROOT} -DDB_FROM_SRC 1783 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd 1784 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT} 1785 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd 1786 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition> 1787 <reboot into current> 1788 <do a "native" rebuild/install as described in the previous section> 1789 <maybe install compatibility libraries from ports/misc/compat*> 1790 <reboot> 1791 1792 1793 To upgrade in-place from stable to current 1794 ---------------------------------------------- 1795 <make sure you have good level 0 dumps> 1796 make buildworld [9] 1797 make kernel KERNCONF=YOUR_KERNEL_HERE [8] 1798 [1] 1799 <reboot in single user> [3] 1800 mergemaster -Fp [5] 1801 make installworld 1802 mergemaster -Fi [4] 1803 make delete-old [6] 1804 <reboot> 1805 1806 Make sure that you've read the UPDATING file to understand the 1807 tweaks to various things you need. At this point in the life 1808 cycle of current, things change often and you are on your own 1809 to cope. The defaults can also change, so please read ALL of 1810 the UPDATING entries. 1811 1812 Also, if you are tracking -current, you must be subscribed to 1813 freebsd-current@freebsd.org. Make sure that before you update 1814 your sources that you have read and understood all the recent 1815 messages there. If in doubt, please track -stable which has 1816 much fewer pitfalls. 1817 1818 [1] If you have third party modules, such as vmware, you 1819 should disable them at this point so they don't crash your 1820 system on reboot. 1821 1822 [3] From the bootblocks, boot -s, and then do 1823 fsck -p 1824 mount -u / 1825 mount -a 1826 cd src 1827 adjkerntz -i # if CMOS is wall time 1828 Also, when doing a major release upgrade, it is required that 1829 you boot into single user mode to do the installworld. 1830 1831 [4] Note: This step is non-optional. Failure to do this step 1832 can result in a significant reduction in the functionality of the 1833 system. Attempting to do it by hand is not recommended and those 1834 that pursue this avenue should read this file carefully, as well 1835 as the archives of freebsd-current and freebsd-hackers mailing lists 1836 for potential gotchas. The -U option is also useful to consider. 1837 See mergemaster(8) for more information. 1838 1839 [5] Usually this step is a noop. However, from time to time 1840 you may need to do this if you get unknown user in the following 1841 step. It never hurts to do it all the time. You may need to 1842 install a new mergemaster (cd src/usr.sbin/mergemaster && make 1843 install) after the buildworld before this step if you last updated 1844 from current before 20130425 or from -stable before 20130430. 1845 1846 [6] This only deletes old files and directories. Old libraries 1847 can be deleted by "make delete-old-libs", but you have to make 1848 sure that no program is using those libraries anymore. 1849 1850 [8] The new kernel must be able to run existing binaries used by 1851 an installworld. When upgrading across major versions, the new 1852 kernel's configuration must include the correct COMPAT_FREEBSD<n> 1853 option for existing binaries (e.g. COMPAT_FREEBSD11 to run 11.x 1854 binaries). Failure to do so may leave you with a system that is 1855 hard to boot to recover. A GENERIC kernel will include suitable 1856 compatibility options to run binaries from older branches. 1857 1858 Make sure that you merge any new devices from GENERIC since the 1859 last time you updated your kernel config file. 1860 1861 [9] When checking out sources, you must include the -P flag to have 1862 cvs prune empty directories. 1863 1864 If CPUTYPE is defined in your /etc/make.conf, make sure to use the 1865 "?=" instead of the "=" assignment operator, so that buildworld can 1866 override the CPUTYPE if it needs to. 1867 1868 MAKEOBJDIRPREFIX must be defined in an environment variable, and 1869 not on the command line, or in /etc/make.conf. buildworld will 1870 warn if it is improperly defined. 1871FORMAT: 1872 1873This file contains a list, in reverse chronological order, of major 1874breakages in tracking -current. It is not guaranteed to be a complete 1875list of such breakages, and only contains entries since September 23, 2011. 1876If you need to see UPDATING entries from before that date, you will need 1877to fetch an UPDATING file from an older FreeBSD release. 1878 1879Copyright information: 1880 1881Copyright 1998-2009 M. Warner Losh. All Rights Reserved. 1882 1883Redistribution, publication, translation and use, with or without 1884modification, in full or in part, in any form or format of this 1885document are permitted without further permission from the author. 1886 1887THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR 1888IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 1889WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 1890DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT, 1891INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 1892(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 1893SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 1894HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 1895STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 1896IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 1897POSSIBILITY OF SUCH DAMAGE. 1898 1899Contact Warner Losh if you have any questions about your use of 1900this document. 1901 1902$FreeBSD: stable/11/UPDATING 365671 2020-09-12 19:40:04Z dim $ 1903