article.xml revision 146640
1<articleinfo> 2 <title>&os;/&arch; &release.current; Release Notes</title> 3 4 <corpauthor>The &os; Project</corpauthor> 5 6 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/relnotes/article.sgml 146640 2005-05-26 10:48:35Z brueffer $</pubdate> 7 8 <copyright> 9 <year>2000</year> 10 <year>2001</year> 11 <year>2002</year> 12 <year>2003</year> 13 <year>2004</year> 14 <year>2005</year> 15 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder> 16 </copyright> 17 18 <legalnotice id="trademarks" role="trademarks"> 19 &tm-attrib.freebsd; 20 &tm-attrib.ibm; 21 &tm-attrib.ieee; 22 &tm-attrib.intel; 23 &tm-attrib.sparc; 24 &tm-attrib.general; 25 </legalnotice> 26 27 <abstract> 28 <para>The release notes for &os; &release.current; contain a summary 29 of the changes made to the &os; base system since &release.branch; is created. 30 This document lists applicable security advisories that were issued since 31 the last release, as well as significant changes to the &os; 32 kernel and userland. 33 Some brief remarks on upgrading are also presented.</para> 34 </abstract> 35</articleinfo> 36 37<sect1 id="intro"> 38 <title>Introduction</title> 39 40 <para>This document contains the release notes for &os; 41 &release.current; on the &arch.print; hardware platform. It 42 describes recently added, changed, or deleted features of &os;. 43 It also provides some notes on upgrading 44 from previous versions of &os;.</para> 45 46<![ %release.type.current [ 47 48 <para>The &release.type; distribution to which these release notes 49 apply represents the latest point along the &release.branch; development 50 branch since &release.branch; was created. Information regarding pre-built, binary 51 &release.type; distributions along this branch 52 can be found at <ulink url="&release.url;"></ulink>.</para> 53 54]]> 55 56<![ %release.type.snapshot [ 57 58 <para>The &release.type; distribution to which these release notes 59 apply represents a point along the &release.branch; development 60 branch between &release.prev; and the future &release.next;. 61 Information regarding 62 pre-built, binary &release.type; distributions along this branch 63 can be found at <ulink url="&release.url;"></ulink>.</para> 64 65]]> 66 67<![ %release.type.release [ 68 69 <para>This distribution of &os; &release.current; is a 70 &release.type; distribution. It can be found at <ulink 71 url="&release.url;"></ulink> or any of its mirrors. More 72 information on obtaining this (or other) &release.type; 73 distributions of &os; can be found in the <ulink 74 url="&url.books.handbook;/mirrors.html"><quote>Obtaining 75 &os;</quote> appendix</ulink> to the <ulink 76 url="&url.books.handbook;/">&os; 77 Handbook</ulink>.</para> 78 79]]> 80 81 <para>All users are encouraged to consult the release errata before 82 installing &os;. The errata document is updated with 83 <quote>late-breaking</quote> information discovered late in the 84 release cycle or after the release. Typically, it contains 85 information on known bugs, security advisories, and corrections to 86 documentation. An up-to-date copy of the errata for &os; 87 &release.current; can be found on the &os; Web site.</para> 88 89</sect1> 90 91<sect1 id="new"> 92 <title>What's New</title> 93 94 <para>This section describes 95 the most user-visible new or changed features in &os; 96 since &release.prev;. 97 In general, changes described here are unique to the &release.branch; 98 branch unless specifically marked as &merged; features. 99 </para> 100 101 <para>Typical release note items 102 document recent security advisories issued after 103 &release.prev.historic;, 104 new drivers or hardware support, new commands or options, 105 major bug fixes, or contributed software upgrades. They may also 106 list changes to major ports/packages or release engineering 107 practices. Clearly the release notes cannot list every single 108 change made to &os; between releases; this document focuses 109 primarily on security advisories, user-visible changes, and major 110 architectural improvements.</para> 111 112 <sect2 id="security"> 113 <title>Security Advisories</title> 114 115 <para>A bug in the &man.fetch.1; utility, which allows 116 a malicious HTTP server to cause arbitrary portions of the client's 117 memory to be overwritten, has been fixed. 118 For more information, see security advisory 119 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:16.fetch.asc">FreeBSD-SA-04:16.fetch</ulink>. 120 &merged;</para> 121 122 <para>A bug in &man.procfs.5; and &man.linprocfs.5; 123 which could allow a malicious local user to read parts of kernel 124 memory or perform a local 125 denial of service attack by causing a system panic, 126 has been fixed. 127 For more information, see security advisory 128 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc">FreeBSD-SA-04:17.procfs</ulink>. 129 &merged;</para> 130 131 <para>Two buffer overflows in the TELNET client program have been 132 corrected. They could have allowed a malicious TELNET server or 133 an active network attacker to cause &man.telnet.1; to execute 134 arbitrary code with the privileges of the user running it. 135 More information can be found in security advisory 136 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc">FreeBSD-SA-05:01.telnet</ulink>. 137 &merged;</para> 138 139 <para>A information disclosure vulnerability in the 140 &man.sendfile.2; system call, which could permit it to transmit 141 random parts of kernel memory, has been fixed. More details are 142 in security advisory 143 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:02.sendfile.asc">FreeBSD-SA-05:02.sendfile</ulink>. 144 &merged;</para> 145 146 <para arch="amd64">A possible privilege escalation vulnerability on &os;/amd64 147 has been fixed. This allows unprivileged users to gain direct 148 access to some hardware which cannot be accessed 149 without the elevated privilege level. More details are in security advisory 150 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc">FreeBSD-SA-05:03.amd64</ulink>. 151 &merged;</para> 152 153 <para>An information leak vulnerability in the 154 <literal>SIOCGIFCONF</literal> &man.ioctl.2;, which leaked 12 155 bytes of kernel memory, has been fixed. More details are in security advisory 156 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:04.ifconf.asc">FreeBSD-SA-05:04.ifconf</ulink>. 157 &merged;</para> 158 159 <para>Several programming errors in &man.cvs.1;, which could 160 potentially cause arbitrary code to be executed on CVS servers, 161 have been corrected. Further information can be found in 162 security advisory 163 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:05.cvs.asc">FreeBSD-SA-05:05.cvs</ulink>. 164 &merged;</para> 165 166 <para>An error in the default permissions on the <filename 167 class="devicefile">/dev/iir</filename> device node, which 168 allowed unprivileged local users can send commands to the 169 hardware supported by the &man.iir.4; driver, has been fixed. 170 For more information, see security advisory 171 <ulink url="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:06.iir.asc">FreeBSD-SA-05:06.iir</ulink>. 172 &merged;</para> 173 174 <para>A bug in the validation of &man.i386.get.ldt.2; system call 175 input arguments, which may allow kernel memory may be disclosed 176 to the user process, has been fixed. For more information, see 177 security advisory 178 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:07.ldt.asc">FreeBSD-SA-05:07.ldt</ulink>. 179 &merged;</para> 180 181 <para>Several information disclosure vulnerabilities in various 182 parts of the kernel have been fixed. For more information, see 183 security advisory 184 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:08.kmem.asc">FreeBSD-SA-05:08.kmem</ulink>. 185 &merged;</para> 186 187 <para arch="i386,amd64">Because of an information disclosure vulnerability on 188 processors using Hyper-Threading Technology (HTT), the 189 <varname>machdep.hyperthreading_allowed</varname> sysctl 190 variable has been added. It defaults to <literal>1</literal> 191 (HTT enabled) on &os; CURRENT, and <literal>0</literal> (HTT 192 disabled) on the 4-STABLE and 5-STABLE development branches and 193 supported security fix branches. More information can be found 194 in security advisory 195 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:09.htt.asc">FreeBSD-SA-05:09.htt</ulink>. 196 &merged;</para> 197 198 <para> 199 200 </sect2> 201 202 <sect2 id="kernel"> 203 <title>Kernel Changes</title> 204 205 <para arch="i386">Support for 80386 processors (the 206 <literal>I386_CPU</literal> kernel configuration option) has 207 been removed. Users running this class of CPU should use &os; 208 5.<replaceable>X</replaceable> or earlier.</para> 209 210 <para>The kernel debugger &man.ddb.4; now supports a 211 <command>show alllocks</command> command, which dumps a list of processes 212 and threads currently holding sleep mutexes (and spin mutexes for 213 the current thread). &merged;</para> 214 215 <para>The &man.jail.8; feature now supports a new sysctl 216 <varname>security.jail.chflags_allowed</varname>, which controls the 217 behavior of &man.chflags.1; within a jail. 218 If set to <literal>0</literal> (the default), then a jailed <username>root</username> user is 219 treated as an unprivileged user; if set to <literal>1</literal>, then 220 a jailed root user is treated the same as an unjailed <username>root</username> user. &merged;</para> 221 222 <para arch="alpha,amd64,i386,sparc64">The loader tunable <varname>debug.mpsafevm</varname> 223 has been enabled by default. &merged;</para> 224 225 <para>&man.memguard.9;, a kernel memory allocator designed to help detect 226 <quote>tamper-after-free</quote> scenarios, has been added. 227 This must be explicitly enabled via <literal>options 228 DEBUG_MEMGUARD</literal>, plus small kernel modifications. It 229 is generally intended for use by kernel developers.</para> 230 231 <para>A number of bugs have been fixed in the ULE 232 scheduler. &merged;</para> 233 234 <para>Fine-grained locking to allow much of the VFS stack to run 235 without the Giant lock has been added. This is enabled by default 236 on the alpha, amd64, and i386 architectures, and can be disabled 237 by setting the loader tunable (and sysctl variable) 238 <varname>debug.mpsafevfs</varname> to 239 <literal>0</literal>.</para> 240 241 <para arch="i386">A bug in Inter-Processor Interrupt (IPI) 242 handling, which could cause SMP systems to crash under heavy 243 load, has been fixed. More details are contained in errata note 244 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/ERRATA/notices/FreeBSD-EN-05:03.ipi.asc">FreeBSD-EN-05:03.ipi</ulink>. 245 &merged;</para> 246 247 <para>System V IPC objects (message queues, semaphores, and shared 248 memory) now have support for Mandatory Access Control policies, 249 notably &man.mac.biba.4;, &man.mac.mls.4;, &man.mac.stub.4;, and 250 &man.mac.test.4;.</para> 251 252 <para arch="i386">Memory allocation for legacy PCI bridges has 253 been limited to the top 32MB of RAM. Many older, legacy bridges 254 only allow allocation from this range. This change only applies 255 to devices which do not have their memory assigned by the BIOS. 256 This change fixes the <quote>bad Vcc</quote> error of CardBus 257 bridges (&man.pccbb.4;). &merged;</para> 258 259 <para>The &man.sysctl.3; MIBs beginning with <quote>debug</quote> 260 now require the kernel option <literal>options SYSCTL_DEBUG</literal>. 261 This option is disabled by default.</para> 262 263 <para>The generic &man.tty.4; driver interface has been added 264 and many device drivers including 265 &man.cx.4; (<literal>{tty,cua}x</literal>), 266 &man.cy.4; (<literal>{tty,cua}c</literal>), 267 &man.digi.4; (<literal>{tty,cua}D</literal>), 268 &man.rc.4; (<literal>{tty,cua}m</literal>), 269 &man.rp.4; (<literal>{tty,cua}R</literal>), 270 &man.sab.4; (<literal>{tty,cua}z</literal>), 271 &man.si.4; (<literal>{tty,cua}A</literal>), 272 &man.sio.4; (<literal>{tty,cua}d</literal>), 273 sx (<literal>{tty,cua}G</literal>), 274 &man.uart.4; (<literal>{tty,cua}u</literal>), 275 &man.ubser.4; (<literal>{tty,cua}y</literal>), 276 &man.ucom.4; (<literal>{tty,cua}U</literal>), and 277 &man.ucycom.4; (<literal>{tty,cua}y</literal>) 278 have been rewritten to use it. Note that <filename>/etc/remote</filename> 279 and <filename>/etc/ttys</filename> have been updated as well.</para> 280 281 <para>The &man.vkbd.4; driver has been added. This driver 282 provides a software loopback mechanism that can implement 283 a virtual AT keyboard similar to what the &man.pty.4; driver 284 does for terminals.</para> 285 286 <!-- Above this line, sort kernel changes by manpage/keyword--> 287 288 <para arch="i386,amd64,ia64">The default <varname>HZ</varname> 289 parameter (which controls various kernel timers) has been 290 increased from <literal>100</literal> to <literal>1000</literal> 291 on the i386 and ia64. It has been reduced from 292 <literal>1024</literal> to <literal>1000</literal> on the amd64 293 to reduce synchronization effects with other system 294 clocks.</para> 295 296 <para>The maximum length of shell commands has changed from 128 297 bytes to <varname>PAGE_SIZE</varname>. By default, this value 298 is either 4KB (i386, pc98, amd64, and powerpc) or 8KB (sparc64 299 and ia64). As a result, compatibility modules need to be 300 rebuilt to stay synchronized with data structure changes in the 301 kernel.</para> 302 303 <sect3 id="boot"> 304 <title>Boot Loader Changes</title> 305 306 <para arch="i386">A serial console-capable version of 307 <filename>boot0</filename> has been added. It can be written 308 to a disk using &man.boot0cfg.8; and specifying 309 <filename>/boot/boot0sio</filename> as the argument to the 310 <option>-b</option> option.</para> 311 312 <para arch="i386"><filename>cdboot</filename> now works around a 313 BIOS problem observed on some systems when booting from USB 314 CDROM drives.</para> 315 316 <para>The <command>autoboot</command> loader command 317 now supports the prompt parameter.</para> 318 319 <para>A loader menu option to set <varname>hint.atkbd.0.flags=0x1</varname> 320 has been added. This setting allows USB keyboards to work 321 if no PS/2 keyboard is attached.</para> 322 323 <para>The beastie boot menu has been disabled by default.</para> 324 325 <!-- Above this line, order boot loader changes by keyword--> 326 327 </sect3> 328 329 <sect3 id="proc"> 330 <title>Hardware Support</title> 331 332 <para arch="i386,amd64">The &man.acpi.4; driver now turns 333 the ACPI and PCI devices off or to a lower power state 334 when suspending, and back on again when resuming. 335 This behavior can be disabled by 336 setting the <varname>debug.acpi.do_powerstate</varname> and 337 <varname>hw.pci.do_powerstate</varname> sysctls to <literal>0</literal>.</para> 338 339 <para arch="i386,amd64">The &man.acpi.ibm.4; driver for IBM laptops 340 has been added.</para> 341 342 <para arch="i386,amd64">The &man.acpi.fujitsu.4; driver for handling 343 &man.acpi.4;-controlled buttons Fujitsu laptops has been added.</para> 344 345 <para arch="i386,amd64">The acpi_sony driver, 346 which supports the Sony Notebook Controller on various 347 Sony laptops has been added.</para> 348 349 <para arch="sparc64">The &man.auxio.4; driver has been to drive 350 some auxiliary I/O functions found on various SBus/EBus 351 &ultrasparc; models. &merged;</para> 352 353 <para arch="sparc64">The clkbrd driver has been added to support 354 the <literal>clock-board</literal> device frequently found on 355 Sun E<replaceable>xx</replaceable>00 servers.</para> 356 357 <para>A framework for flexible processor speed control has been 358 added. It provides methods for various drivers to control CPU 359 power utilization by adjusting the processor speed. More 360 details can be found in the &man.cpufreq.4; manual page. &merged; 361 Currently supported drivers include ichss (Intel SpeedStep for ICH), 362 acpi_perf (ACPI CPU performance states), and acpi_throttle 363 (ACPI CPU throttling). The latter two drivers are contained 364 in the &man.acpi.4; driver. These can individually be disabled by setting device 365 hints such as <varname>hint.<replaceable>ichss</replaceable>.0.disabled="1"</varname>.</para> 366 367 <para arch="amd64,i386">The &man.hwpmc.4; hardware performance 368 monitoring counter driver has been added. 369 This driver virtualizes the hardware performance monitoring 370 facilities in modern CPUs and provides support for using 371 these facilities from user level processes. For more details, 372 see manual pages of &man.hwpmc.4;, associated libraries, 373 and associated userland utilities.</para> 374 375 <para arch="i386">Support for the OLDCARD subsystem has 376 been removed. The NEWCARD system is now used for all PCCARD 377 device support.</para> 378 379 <para>The pcii driver has been added to support GPIB-PCIIA IEEE-488 380 cards. &merged;</para> 381 382 <para>The &man.atkbd.4; driver now supports a <literal>0x8</literal> 383 (bit 3) flag to disable testing the keyboard port during 384 the device probe as this can cause hangs on some machines, 385 specifically Compaq R3000Z series amd64 laptops.</para> 386 387 <para arch="i386">The &man.pbio.4; driver, 388 which supports direct access to 389 the Intel 8255A programmable peripheral interface (PPI) 390 chip running in mode 0 (simple I/O) has been added.</para> 391 392 <para>The &man.psm.4; driver now has improved support for 393 Synaptics Touchpad users. It now has better tracking of 394 slow-speed movement and support for various extra 395 buttons and dials. These features can be tuned with the 396 <varname>hw.psm.synaptics.<replaceable>*</replaceable></varname> 397 hierarchy of sysctl variables.</para> 398 399 <para arch="sparc64">The rtc driver has been added to support 400 the MC146818-compatible clock found on some &ultrasparc; II 401 and III models. &merged;</para> 402 403 <para arch="sparc64">The &man.uart.4; driver is now enabled in 404 the <filename>GENERIC</filename> kernel, and is now the 405 default driver for serial ports. The ofw_console and 406 &man.sab.4; drivers are now disabled in the 407 <filename>GENERIC</filename> kernel. &merged;</para> 408 409 <para>The &man.uftdi.4; driver now supports the FTDI FT2232C 410 chip.</para> 411 412 <para>The &man.uplcom.4; driver now supports handling of the 413 <literal>CTS</literal> signal.</para> 414 415 <para>The &man.ehci.4; driver has been improved.</para> 416 417 <para arch="sparc64">The zs driver has been removed 418 in favor of the &man.uart.4; driver.</para> 419 420 <sect4 id="mm"> 421 <title>Multimedia Support</title> 422 423 <para arch="sparc64">The &man.snd.audiocs.4; driver has been 424 added to support the Crystal Semiconductor CS4231 audio 425 controller found on &ultrasparc; 426 workstations. &merged;</para> 427 428 <para>The &man.uaudio.4; driver now has some added 429 functionality, including volume control on more inputs and 430 recording capability on some devices. &merged;</para> 431 432 </sect4> 433 434 <sect4 id="net-if"> 435 <title>Network Interface Support</title> 436 437 <para>The &man.ath.4; driver has been updated to split the 438 transmit rate control algorithm into a separate module. 439 One of <literal>device ath_rate_onoe</literal>, 440 <literal>device ath_rate_amrr</literal>, or 441 <literal>device ath_rate_sample</literal> must be included in 442 the kernel configuration when using the &man.ath.4; 443 driver.</para> 444 445 <para>The &man.bge.4; driver now supports the &man.altq.4; 446 framework, as well as the BCM5714, 5721, 5750, 5751, 5751M and 5789 447 chips. &merged;</para> 448 449 <para>The &man.cdce.4; USB Communication Device Class Ethernet 450 driver has been added. &merged;</para> 451 452 <para>The &man.cp.4; driver is now MPSAFE. &merged;</para> 453 454 <para>The &man.ctau.4; driver is now MPSAFE. &merged;</para> 455 456 <para>The &man.cx.4; driver is now MPSAFE. &merged;</para> 457 458 <para>The &man.dc.4; driver now supports the &man.altq.4; 459 framework. &merged;</para> 460 461 <para>The &man.ed.4; driver now supports the &man.altq.4; 462 framework. &merged;</para> 463 464 <para>In the &man.em.4; driver, hardware support for VLAN 465 tagging is now disabled by default due to some interactions 466 between this feature and promiscuous mode. &merged;</para> 467 468 <para>Ethernet flow control is now disabled by default in the 469 &man.fxp.4; driver, to prevent problems with a system panics 470 or is left in the kernel debugger. &merged;</para> 471 472 <para>The gx(4) driver has been removed because 473 it is no longer maintained actively and 474 the &man.em.4; driver supports all of the supported hardware.</para> 475 476 <para>The &man.hme.4; driver is now MPSAFE. &merged;</para> 477 478 <para>The &man.ipw.4; (for Intel PRO/Wireless 2100), 479 &man.iwi.4; (for Intel PRO/Wireless 2200BG/2225BG/2915ABG), 480 &man.ral.4; (for Ralink Technology RT2500), 481 and &man.ural.4; (for Ralink Technology RT2500USB) 482 drivers have been added.</para> 483 484 <para>The &man.ixgb.4; driver is now MPSAFE. &merged;</para> 485 486 <para>The musycc driver, for the LanMedia LMC1504 T1/E1 487 network interface card, has been removed due to 488 disuse.</para> 489 490 <para arch="i386,amd64">Drivers using the &man.ndis.4; device 491 driver wrapper mechanism are now built and loaded 492 differently. The &man.ndis.4; driver can now be pre-built 493 as module or statically compiled into a kernel. Individual 494 drivers can now be built with the &man.ndisgen.8; utility; 495 the result is a kernel module that can be loaded into a 496 running kernel using &man.kldload.8;. &merged;</para> 497 498 <para arch="amd64">The &man.ndis.4; device driver wrapper now 499 supports &windows;/x86-64 binaries on amd64 500 systems. &merged;</para> 501 502 <para arch="i386,amd64">The &man.nve.4; driver, which supports the 503 nVidia nForce MCP Networking Adapter, has been added.</para> 504 505 <para>The &man.re.4; driver now supports the &man.altq.4; 506 framework. &merged;</para> 507 508 <para>The &man.sf.4; driver now has support for device polling 509 and &man.altq.4;. &merged;</para> 510 511 <para>Several programming errors in the &man.sk.4; driver have 512 been corrected. These bugs were particular to SMP systems, and 513 could cause panics, page faults, aborted SSH connections, or 514 corrupted file transfers. More details can be found in 515 errata note 516 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/ERRATA/notices/FreeBSD-EN-05:02.sk.asc">FreeBSD-EN-05:02.sk</ulink>. 517 &merged;</para> 518 519 <para>The &man.sk.4; driver now has support for &man.altq.4;. 520 This driver also now supports jumbo frames on Yukon-based 521 interfaces. &merged;</para> 522 523 <para>The &man.vge.4; driver now has support for device polling 524 (&man.polling.4;).</para> 525 526 <para>Support for 802.11 devices in the &man.wlan.4; framework has been 527 greatly overhauled. In addition to architectural changes, 528 it includes completed 802.11g, WPA, 802.11i, 802.1x, 529 WME/WMM, AP-side power-saving, and plugin frameworks for 530 cryptography modules, authenticators, and access control. 531 Note in particular that WEP now requires the 532 <filename>wlan_wep</filename> module to be loaded (or 533 compiled) into the kernel.</para> 534 535 <para>The &man.xl.4; driver now supports 536 &man.polling.4;. &merged;</para> 537 538 </sect4> 539 </sect3> 540 541 <sect3 id="net-proto"> 542 <title>Network Protocols</title> 543 544 <para>The MTU feedback in IPv6 has been disabled when the sender writes 545 data that must be fragmented. &merged;</para> 546 547 <para>The Common Address Redundancy Protocol (CARP) has 548 been implemented. CARP comes from OpenBSD and allows 549 multiple hosts to share an IP address, providing 550 high availability and load balancing. 551 For more information, see the &man.carp.4; manual page. &merged;</para> 552 553 <para>The &man.ipfw.4; <literal>IPDIVERT</literal> option is now 554 available as a kernel loadable module. 555 If this module is not loaded, &man.ipfw.4; will refuse to 556 install <literal>divert</literal> rules and &man.natd.8; 557 will return the error message <quote>protocol not supported</quote>.</para> 558 559 <para>The &man.ipfw.4; system can work with 560 <varname>debug.mpsafenet</varname>=<literal>1</literal> 561 (this tunable is <literal>1</literal> by default) 562 when the <literal>gid</literal>, <literal>jail</literal>, 563 and/or <literal>uid</literal> rule options are used. &merged;</para> 564 565 <para>The &man.ipfw.4; and &man.dummynet.4; systems now 566 support IPv6.</para> 567 568 <para>&man.ipfw.8; now supports classification and tagging 569 of &man.altq.4; packets via a divert socket, 570 as well as the TCP data length.</para> 571 572 <para>The &man.ipfw.8; <literal>ipfw fwd</literal> rule now supports 573 the full packet destination manipulation when the kernel option 574 <literal>options IPFIREWALL_FORWARD_EXTENDED</literal> is specified 575 in addition to <literal>options IPFIRWALL_FORWARD</literal>. 576 This kernel option disables all restrictions to ensure proper 577 behavior for locally generated packets and allows redirection of 578 packets destined to locally configured IP addresses. 579 Note that &man.ipfw.8; rules have to be carefully crafted to 580 make sure that things like PMTU discovery do not break. &merged;</para> 581 582 <para>&man.ipnat.8; now allows redirect rules to 583 work for non-TCP/UDP packets. &merged;</para> 584 585 <para>Ongoing work is reducing the use of the Giant lock by the 586 network protocol stack and improving the locking 587 strategies.</para> 588 589 <para>The <filename>libalias</filename> library can now be built 590 as a kernel module.</para> 591 592 <para>A new &man.ng.ipfw.4; NetGraph node provides 593 a simple interface between the &man.ipfw.4; and &man.netgraph.4; 594 facilities.</para> 595 596 <para>A new &man.ng.nat.4; NetGraph node has been added to 597 perform NAT functions.</para> 598 599 <para>A new &man.ng.netflow.4; NetGraph node allows a router 600 running &os; to do NetFlow version 5 exports. &merged;</para> 601 602 <para>&man.sed.1; now supports a <option>-l</option> option to 603 make its output line-buffered.</para> 604 605 <para>The &man.sppp.4; driver now includes Frame Relay 606 support. &merged;</para> 607 608 <para>The &man.sppp.4; driver is now MPSAFE.</para> 609 610 <para>The new sysctl <varname>net.link.tap.user_open</varname> 611 has been implemented. This allows unprivileged access to 612 &man.tap.4; device nodes based on file system permissions.</para> 613 614 <para>A bug in TCP that sometimes caused RST packets to 615 be ignored if the receive window was zero bytes has been 616 fixed. &merged;</para> 617 618 <para>The <literal>RST</literal> 619 handling of the &os; TCP stack has been improved 620 to make reset attacks as difficult as possible while 621 maintaining compatibility with the widest range of TCP stacks. 622 The algorithm is as follows: For connections in the 623 <literal>ESTABLISHED</literal> 624 state, only resets with sequence numbers exactly matching 625 <varname>last_ack_sent</varname> will cause a reset; 626 all other segments will 627 be silently dropped. For connections in all other states, 628 a reset anywhere in the window will cause the connection 629 to be reset. All other segments will be silently dropped. 630 Note that this behavior technically violates the RFC 793 specification; 631 the conventional (but less secure) behavior can be restored 632 by setting a new sysctl <varname>net.inet.tcp.insecure_rst</varname> 633 to <literal>1</literal>. &merged;</para> 634 635 <para>Several bugs in the TCP SACK implementation have been 636 fixed. &merged;</para> 637 638 <para>RFC 1644 T/TCP support has been removed. This is because 639 the design is based on a weak security model that can easily 640 permit denial-of-service attacks. This TCP 641 extension has been considered a defective one in 642 a recent Internet Draft.</para> 643 644 <para>The KAME IPv4 IPsec implementation integrated 645 in &os; now supports TCP-MD5. &merged;</para> 646 647 <para>Random ephemeral port number allocation has led to some 648 problems with port reuse at high connection rates. This 649 feature is now disabled during periods of high connection 650 rates; whenever new connections are created faster than 651 <varname>net.inet.ip.portrange.randomcps</varname> per second, 652 port number randomization is disabled for the next 653 <varname>net.inet.ip.portrange.randomtime</varname> 654 seconds. The default values for these two sysctl variables 655 are <literal>10</literal> and <literal>45</literal>, 656 respectively. &merged;</para> 657 658 <para>Fine-grained locking has been applied to many of the data 659 structures in the IPX/SPX protocol stack. While not fully 660 MPSAFE at this point, it is generally safe to use IPX/SPX 661 without the Giant lock (in other words, the 662 <varname>debug.mpsafenet</varname> sysctl variable may be set 663 to <literal>1</literal>).</para> 664 665 <para>Unix domain sockets now support the 666 <literal>LOCAL_CREDS</literal> and 667 <literal>LOCAL_CONNWAIT</literal> options. 668 The <literal>LOCAL_CREDS</literal> option provides 669 a mechanism for the receiver to receive the credentials 670 of the process as a &man.recvmsg.2; control message. 671 The <literal>LOCAL_CONNWAIT</literal> 672 option causes the &man.connect.2; function to block 673 until &man.accept.2; has been called on the listening socket. 674 For more details, see the &man.unix.4; manual page.</para> 675 </sect3> 676 677 <sect3 id="disks"> 678 <title>Disks and Storage</title> 679 680 <para>The &man.amr.4; driver is now safe for use on systems 681 using &man.pae.4;. &merged;</para> 682 683 <para arch="i386,ia64">The &man.arcmsr.4; driver has been added. 684 It supports the Areca ARC-11<replaceable>xx</replaceable> and 685 ARC-12<replaceable>xx</replaceable> series of SATA RAID 686 controllers. &merged;</para> 687 688 <para>The &man.ata.4; family of drivers has been overhauled and 689 updated. It has been split into modules that can be loaded 690 and unloaded independently (the <filename>atapci</filename> 691 and <filename>ata</filename> modules are prerequesites for the 692 device subdrivers, which are <filename>atadisk</filename>, 693 <filename>atapicd</filename>, <filename>atapifd</filename>, 694 <filename>atapist</filename>, and 695 <filename>ataraid</filename>). On supported SATA controllers, 696 devices can be hot inserted/removed. ATA RAID support has 697 been rewritten and supports a number of new metadata formats. 698 The <filename>atapicd</filename> driver no longer supports CD 699 changers. This update has been referred to as <quote>ATA 700 mkIII</quote>.</para> 701 702 <para>The SHSEC GEOM class has been added. It provides for the 703 sharing of a secret between multiple GEOM providers. All of 704 these providers must be present in order to reveal the 705 secret. This feature is controlled by the &man.gshsec.8; 706 utility. &merged;</para> 707 708 <para>The &man.hptmv.4; driver, which supports the HighPoint 709 RocketRAID 182x series, has been added. &merged;</para> 710 711 <para>The &man.ips.4; driver now support kernel crash dumps 712 on some modern ServeRAID models. &merged;</para> 713 714 <para>The &man.matcd.4; driver has been removed. &merged;</para> 715 716 <para>The default SCSI boot-time probe delay in the 717 <filename>GENERIC</filename> kernel has been reduced from 718 fifteen seconds to five seconds.</para> 719 720 <para>The old vinum(4) subsystem has been removed 721 in favor of the new &man.geom.4;-based version.</para> 722 723 <para>The &man.twa.4; driver has been updated to 724 the 9.2 release (for &os; 5.2.1) distributed from 725 the 3ware website.</para> 726 727 <para arch="pc98">The &man.wd.4; driver has been removed. The 728 &man.ata.4; driver has been found to work well enough on the 729 pc98 platform that there is no need for the older &man.wd.4; 730 driver.</para> 731 732 <para>Information about newly-mounted cd9660 file systems (such 733 as the presence of RockRidge extensions) is now only printed 734 if the kernel was booted in verbose mode. This change was 735 made to reduce the amount of (generally unnecessary) kernel 736 log messages. &merged;</para> 737 738 </sect3> 739 740 <sect3 id="fs"> 741 <title>File Systems</title> 742 743 <para>Recomputing the summary information for 744 <quote>dirty</quote> UFS and UFS2 file systems is no longer 745 done at mount time, but is now done by background 746 &man.fsck.8;. This change improves the startup speed when 747 mounting large file systems after a crash. The prior behavior 748 can be restored by setting the 749 <varname>vfs.ffs.compute_summary_at_mount</varname> sysctl 750 variable to a non-zero value. &merged;</para> 751 752 <para>A kernel panic in the NFS server has been fixed. More 753 details can be found in errata note 754 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/ERRATA/notices/FreeBSD-EN-05:01.nfs.asc">FreeBSD-EN-05:01.nfs</ulink>. 755 &merged;</para> 756 757 <para arch="i386">Read-only support for ReiserFS version 3 has been 758 added. See &man.mount.reiserfs.8; for details.</para> 759 760 </sect3> 761 762 <sect3> 763 <title>Contributed Software</title> 764 765 <para><application>ACPI-CA</application> has been updated from 766 20040527 to 20041119. &merged;</para> 767 768 </sect3> 769 </sect2> 770 771 <sect2 id="userland"> 772 <title>Userland Changes</title> 773 774 <para>The &man.burncd.8; utility now allows commands (such as 775 <command>eject</command>) to take place after fixating a 776 disk.</para> 777 778 <para arch="amd64">Machine-specific optimized versions of 779 &man.bcmp.3;, &man.bcopy.3;, &man.bzero.3;, &man.memcmp.3;, 780 &man.memcpy.3;, &man.memmove.3;, &man.memset.3;, &man.strcat.3; 781 and &man.strcpy.3; have been implemented.</para> 782 783 <para>The &man.chflags.1; utility now supports the 784 <option>-h</option> flag, which supports changing flags on 785 symbolic links.</para> 786 787 <para>The &man.ftpd.8; program now uses the <literal>212</literal> 788 and <literal>213</literal> status codes for directory 789 and file status correctly (<literal>211</literal> was used in 790 the previous versions). This behavior is described in RFC 959. 791 &merged;</para> 792 793 <para>The <literal>create</literal> command of the &man.gpt.8; 794 utility now supports a <option>-f</option> command-line flag to 795 force creation of a GPT even when there is an MBR record on a 796 disk. &merged;</para> 797 798 <para>The &man.getaddrinfo.3; function now queries <literal>A</literal> 799 DNS resource records before <literal>AAAA</literal> records 800 when <literal>AF_UNSPEC</literal> is specified. 801 Some broken DNS servers return <literal>NXDOMAIN</literal> 802 against non-existent <literal>AAAA</literal> queries, 803 even when it should return <literal>NOERROR</literal> 804 with empty return records. This is a problem for an IPv4/IPv6 dual 805 stack node because the <literal>NXDOMAIN</literal> returned 806 by the first query of an <literal>AAAA</literal> record makes 807 the querying server stop attempting to resolve the <literal>A</literal> 808 record if any. Also, this behavior has been recognized as a potential 809 denial-of-service attack (see <ulink url="http://www.kb.cert.org/vuls/id/714121"></ulink> 810 for more details). 811 Note that although the query order has been changed, 812 the returned result still includes 813 <literal>AF_INET6</literal> records before 814 <literal>AF_INET</literal> records. &merged;</para> 815 816 <para>The &man.gethostbyname.3;, &man.gethostbyname2.3;, and 817 &man.gethostbyaddr.3; functions are now thread-safe. &merged;</para> 818 819 <para>The &man.getnetent.3;, &man.getnetbyname.3;, and 820 &man.getnetbyaddr.3; functions are now thread-safe. &merged;</para> 821 822 <para>The &man.getprotoent.3;, &man.getprotobyname.3;, and 823 &man.getprotobynumber.3; functions are now thread-safe. &merged;</para> 824 825 <para>The &man.getservent.3;, &man.getservbyname.3;, and 826 &man.getservbyport.3; functions are now thread-safe. &merged;</para> 827 828 <para>The gvinum(8) utility now supports 829 <command>checkparity</command>, 830 <command>rebuildparity</command>, and 831 <command>setstate</command> 832 subcommands. &merged;</para> 833 834 <para>The &man.ifconfig.8; utility has been restructured. It is 835 now more modular and flexible with respect to supporting 836 interface-specific functionality. The 802.11 support has been 837 updated to support recent changes to the 802.11 subsystem and 838 drivers.</para> 839 840 <para>Support for abbreviated forms of a number of &man.ipfw.8; 841 options has been deprecated. Warnings are printed to stderr 842 indicating the correct full form when one of these abbreviations 843 is detected.</para> 844 845 <para>The &man.kldstat.8; utility now supports a 846 <option>-m</option> option to return the status of a specific 847 kernel module. &merged;</para> 848 849 <para>The on-disk format of <literal>LC_CTYPE</literal> files has 850 been changed to be machine-independent.</para> 851 852 <para>The &man.mixer.8; utility now supports the <option>-S</option> 853 option. This is the same as the <option>-s</option> option 854 but does not output mixing field separators.</para> 855 856 <para>A bug in the <filename>libalias</filename> library 857 which causes a core dump when the <option>-reverse</option> 858 option is specified in &man.natd.8; has been fixed.</para> 859 860 <para>The <filename>libarchive</filename> library (as well as the 861 &man.tar.1; command that uses it) now has support for reading ISO 862 images (with optional RockRidge extensions) and ZIP archives 863 (with <literal>deflate</literal> and <literal>none</literal> 864 compression). &merged;</para> 865 866 <para>The <filename>libarchive</filename> library now supports 867 handling a ZIP archive entry with more than 4GB compressed size (ZIP64 868 extension) and Unix extension.</para> 869 870 <para>The <filename>libgpib</filename> library has been added to 871 give userland access to GPIB devices (using the the pcii driver) 872 via the 873 <function>ib<replaceable>foo</replaceable></function> 874 API. &merged;</para> 875 876 <para>The default stack sizes in <filename>libpthread</filename>, 877 <filename>libthr</filename>, 878 and <filename>libc_r</filename> have been increased. On 32-bit 879 platforms, the main thread receives a 2MB stack size by default, 880 with other threads receiving a 1MB stack size by default. On 881 64-bit platforms, the default stack sizes are 4MB and 2MB 882 respectively. &merged;</para> 883 884 <para>The <filename>libxpg4</filename> library has been removed 885 because all of its functionality was long ago merged into 886 <filename>libc</filename>. 887 All binaries linked with <filename>libxpg4</filename> 888 must be recompiled or use &man.libmap.conf.5;. 889 Note that the &os; base system has no such binaries.</para> 890 891 <para>The &man.lpd.8; program now checks to make sure the data 892 file has been completely transfered before starting to 893 print it when a data file received from some other host. 894 Some implementations of &man.lpr.1; send the control file 895 for a print job before sending the matching data files, 896 which can cause problems if the receiving host is 897 a busy print-server. &merged;</para> 898 899 <para>A number of new functions have been implemented in the 900 &man.math.3; library. These include &man.ceill.3;, 901 &man.floorl.3;, &man.ilogbl.3;, &man.fma.3; and variants, 902 &man.lrint.3; and variants, and &man.lround.3; and 903 variants. &merged;</para> 904 905 <para>The &man.mknod.8; utility is now deprecated. 906 Device nodes have been managed by the &man.devfs.5; device file 907 system since &os; 5.0.</para> 908 909 <para arch="i386">The &man.mkuzip.8; utility, which 910 compresses file system images for use with 911 <literal>GEOM_UZIP</literal> &man.geom.4; module, 912 has been added. &merged;</para> 913 914 <para>The &man.moused.8; daemon now supports <quote>virtual 915 scrolling</quote>, in which mouse motions made while holding 916 down the middle mouse button are interpreted as scrolling. This 917 feature is enabled with the <option>-V</option> 918 flag. &merged;</para> 919 920 <para>A separate directory has been added for &man.named.8; 921 dynamic zones which is owned by the <username>bind</username> user 922 (for creation of the zone journal file). 923 For more detail, see an example dynamic zone in the sample 924 &man.named.conf.5;. &merged;</para> 925 926 <para>The &man.ncal.1; utility now supports a <option>-m</option> 927 flag to generate a calendar for a specified month in the current 928 year. &merged;</para> 929 930 <para>The &man.newfs.8; utility now supports a <option>-n</option> 931 flag to suppress the creation of a <filename>.snap</filename> 932 directory on new file systems. This feature is intended for use 933 on memory or vnode file systems that will not require snapshot 934 support. &merged;</para> 935 936 <para>The &man.newfs.8; utility now emits a warning when creating 937 a UFS or UFS2 file system that cannot support snapshots. This 938 situation can occur in the case of very large file systems with 939 small block sizes. &merged;</para> 940 941 <para>The &man.newsyslog.8; utility now supports 942 a <option>-d</option> option to specify an alternate root for log files 943 similar to <varname>DESTDIR</varname> in the BSD make process. 944 This only affects log file paths, not configuration file (<option>-f</option>) 945 or archive directory (<option>-a</option>) paths.</para> 946 947 <para>The &man.newsyslog.8; utility now supports a 948 <option>-N</option> that causes it not to rotate any files.</para> 949 950 <para>The <literal>NO_NIS</literal> compile-time knob for userland 951 has been added. As its name implies, enabling this 952 <filename>Makefile</filename> variable will cause NIS support to 953 be excluded from various programs and will cause the NIS 954 utilities to not be built. &merged;</para> 955 956 <para>For years, &os; has used <filename>Makefile</filename> 957 variables of the form 958 <varname>NO<replaceable>FOO</replaceable></varname> and 959 <varname>NO_<replaceable>FOO</replaceable></varname>. For 960 consistency, those variables using the former naming convention 961 have been converted to the 962 <varname>NO_<replaceable>FOO</replaceable></varname> form. The 963 file <filename>/usr/share/mk/bsd.compat.mk</filename> has a 964 complete list of these variables; it also implements some 965 temporary backward compatibility for the old names.</para> 966 967 <para>The &man.periodic.8; security output now supports the display of 968 information about blocked packet counts from &man.pf.4;. &merged;</para> 969 970 <para>The &man.pgrep.1; now supports an <option>-S</option> option 971 which allows to match system processes (kernel threads).</para> 972 973 <para>The &man.pgrep.1; and &man.pkill.1; now support an 974 <option>-F</option> option which allows to use file where PID is stored 975 for matching.</para> 976 977 <para>The &man.pgrep.1; and &man.pkill.1; now support an 978 <option>-i</option> option to ignore case in the process match.</para> 979 980 <para>The &man.pgrep.1; and &man.pkill.1; now support an 981 <option>-j</option> option which allows to match processes 982 based on its &man.jail.2; ID.</para> 983 984 <para>The &man.pgrep.1; and &man.pkill.1; now support an 985 <option>-o</option> option which allows to match oldest 986 (least recently started) of the matching processes.</para> 987 988 <para>The &man.powerd.8; program for managing power consumption has been 989 added.</para> 990 991 <para>The &man.ppp.8; program now implements an 992 <option>echo</option> parameter, which allows LCP ECHOs to be 993 enabled independently of LQR reports. Older versions of 994 &man.ppp.8; would revert to LCP ECHO mode on negotiation 995 failure. It is now necessary to specify <command>enable 996 echo</command> to get this behavior. &merged;</para> 997 998 <para>The <option>disable NAS-IP-Address</option> and 999 <option>disable NAS-Identifier</option> options, 1000 which support pre-RFC 2865 RADIUS servers 1001 have been added to the &man.ppp.8; program.</para> 1002 1003 <para>Two bugs in the &man.pppd.8; program have been fixed. 1004 They may result in an incorrect CBCP response, 1005 which violates the Microsoft PPP Callback Control Protocol 1006 section 3.2. &merged;</para> 1007 1008 <para>The &man.ps.1; now supports a <literal>jid</literal> 1009 keyword in the <option>-o</option> option. It displays 1010 &man.jail.2; ID of each process.</para> 1011 1012 <para>The &man.pstat.8; now supports a <option>-h</option> option 1013 to print swap sizes with SI prefixes such as K, M, and G, 1014 which are used to form binary multiples.</para> 1015 1016 <para>The &man.rescue.8; utilities in the <filename>/rescue</filename> 1017 directory now include &man.bsdtar.1; instead of GNU tar.</para> 1018 1019 <para>The &man.restore.8; utility has regained the ability to read 1020 &os; version 1 dump tapes. &merged;</para> 1021 1022 <para>A bug of the &man.rexecd.8; utility which results in 1023 it behaving as if the <option>-i</option> option is always 1024 specified has been fixed. &merged;</para> 1025 1026 <para>The &man.rm.1; utility now supports an <option>-I</option> 1027 option that asks for confirmation (once) if recursively 1028 removing directories or if more than 3 files are listed in the 1029 command line. &merged;</para> 1030 1031 <para>The &man.rm.1; utility now suppresses diagnostic messages 1032 when it attempts to remove a non-existent directory 1033 with the <option>-r</option> and <option>-f</option> options 1034 specified. This behavior is required by 1035 Version 3 of the Single UNIX Specification (SUSv3).</para> 1036 1037 <para>The following ISO/IEC 9899:1999 standard functions 1038 have been implemented: <function>roundl()</function>, 1039 <function>lroundl()</function>, <function>llroundl()</function>, 1040 <function>truncl()</function>, and <function>floorl()</function>.</para> 1041 1042 <para>An &man.rpmatch.3; library function has been added to check 1043 a string for being an affirmative or negative response in the 1044 current locale.</para> 1045 1046 <para>The &man.rtld.1; dynamic linker now supports specifying 1047 library replacements via the <varname>LD_LIBMAP</varname> 1048 environment variable. This variable will override the entries 1049 in &man.libmap.conf.5;. &merged;</para> 1050 1051 <para>The rune(3) non-standard multibyte and wide character support 1052 interface has been removed.</para> 1053 1054 <para>The &man.strftime.3; function now supports some GNU extensions 1055 such as <literal>-</literal> (no padding), 1056 <literal>_</literal> (use space as padding), 1057 and <literal>0</literal> (zero padding). &merged;</para> 1058 1059 <para>The &man.syslog.3; function is now thread-safe. &merged;</para> 1060 1061 <para>The &man.syslogd.8; utility now opens an additional domain 1062 socket (<filename>/var/run/logpriv</filename> by default), 1063 with <literal>0600</literal> permissions to be used 1064 by privileged programs. This prevents privileged 1065 programs from locking when the domain sockets 1066 run out of buffer space due to a 1067 local denial-of-service attack. &merged;</para> 1068 1069 <para>The &man.syslogd.8; now supports the <option>-S</option> option, 1070 which allows to change the pathname of the privileged 1071 socket. This is useful for preventing the daemon 1072 from receiving any messages from the local sockets 1073 (<filename>/var/run/log</filename> and 1074 <filename>/var/run/logpriv</filename> are used by default). 1075 &merged;</para> 1076 1077 <para>The &man.syslogd.8; utility now allows 1078 <literal>:</literal> and <literal>%</literal> 1079 characters in the hostname specifications. 1080 These characters are used in IPv6 addresses and scope IDs. &merged;</para> 1081 1082 <para>The &man.systat.1; <option>-netstat</option> display is now 1083 IPv6-aware. &merged;</para> 1084 1085 <para>The <option>-f</option> option of &man.tail.1; utility 1086 now supports more than one file at a time. &merged;</para> 1087 1088 <para>The &man.telnet.1; and &man.telnetd.8; programs now support 1089 the <option>-S</option> option for specifying a numeric TOS 1090 byte.</para> 1091 1092 <para>Prepending a <literal>+</literal> character to port numbers 1093 passed to &man.telnet.1; program will now disable option 1094 negotiation and allow the transfer of characters with the high 1095 bit set. This feature is intended to support the fairly common 1096 use of &man.telnet.1; as a protocol tester.</para> 1097 1098 <para>The &man.tcpdrop.8; command, which closes a selected TCP 1099 connection, has been added. It was obtained from 1100 OpenBSD. &merged;</para> 1101 1102 <para>&man.what.1; now support a <option>-q</option> flag, which 1103 causes it to print matching text, but not format it.</para> 1104 1105 <para>&man.whois.1; now supports 1106 a <option>-k</option> flag 1107 for querying <hostid role="fqdn">whois.krnic.net</hostid> 1108 (the National Internet Development Agency of Korea), 1109 which holds details of IP address allocations within 1110 Korea. &merged;</para> 1111 1112 <para>The <option>-I</option> option of the &man.xargs.1; command 1113 has been changed to conform to IEEE Std 1003.1-2004. 1114 The standard requires that the constructed 1115 arguments cannot grow larger than 255 bytes.</para> 1116 1117 <para>A bug, which caused the last line of configuration files such as &man.hosts.5;, 1118 &man.services.5;, and so on to be ignored if it did not end in a newline character, 1119 has been fixed. &merged;</para> 1120 1121 <sect3 id="rc-scripts"> 1122 <title><filename>/etc/rc.d</filename> Scripts</title> 1123 1124 <para>The <filename>rc.d/bsnmpd</filename> startup script 1125 for &man.bsnmpd.1; has been added.</para> 1126 1127 <para>&man.rc.conf.5; now supports changes of network interface names 1128 at boot time. &merged; For example:</para> 1129 1130 <programlisting>ifconfig_fxp0_name="net0" 1131ifconfig_net0="inet 10.0.0.1/16"</programlisting> 1132 1133 <para>The <filename>rc.d/moused</filename> script now 1134 starts/stops/checks a specific device when 1135 the device name is given as the second argument to the script:</para> 1136 1137 <screen>&prompt.root; /etc/rc.d/moused start ums0</screen> 1138 1139 <para>To use different &man.rc.conf.5; knobs with different 1140 mice, use the device name as part of the knob. 1141 For example, if the mouse device is <filename>/dev/ums0</filename> 1142 the following lines can be used:</para> 1143 1144 <programlisting>moused_ums0_enable=yes 1145moused_ums0_flags="-z 4" 1146moused_ums0_port="/dev/ums0"</programlisting> 1147 1148 <para>&man.rc.conf.5; now supports the <varname>tmpmfs_flags</varname> 1149 and <varname>varmfs_flags</varname> variables. 1150 These can be used to pass extra options to the &man.mdmfs.8; utility, 1151 to customize the finer details of the &man.md.4; file system creation, 1152 such as to turn on/off softupdates, to specify a default owner 1153 for the file system, and so on. &merged;</para> 1154 1155 </sect3> 1156 </sect2> 1157 1158 <sect2 id="contrib"> 1159 <title>Contributed Software</title> 1160 1161 <para><application>awk</application> has been updated from the 7 1162 February 2004 release to the 24 April 2005 release.</para> 1163 1164 <para><application>BIND</application> has been updated from version 1165 9.3.0 to version 9.3.1. &merged;</para> 1166 1167 <para><application>bsnmp</application> has been updated from 1.7 1168 to 1.9.</para> 1169 1170 <para><application>bzip2</application> has been updated from 1.0.2 1171 to 1.0.3.</para> 1172 1173 <para><application>FILE</application> has been updated from 4.10 1174 to 4.12.</para> 1175 1176 <para>A number of bug fixes and performance enhancements have been 1177 added to <application>GNU grep</application> in the form of 1178 patches from Fedora's grep-2.5.1-48 source RPM.</para> 1179 1180 <para><application>GNU readline</application> has been updated from 1181 version 4.3 to version 5.0.</para> 1182 1183 <para><application>IPFilter</application> has been updated from 1184 3.4.35 to 4.1.18.</para> 1185 1186 <para><application>Heimdal</application> has been updated from 1187 0.6.1 to 0.6.3. &merged;</para> 1188 1189 <para><application>libregex</application> has been updated from a 1190 snapshot from <application>GNU grep</application> 2.5.1 to a 1191 snapshot from the <literal>fedora-glibc-2_3_4-21</literal> tag 1192 in the <application>glibc</application> CVS repository.</para> 1193 1194 <para><application>libz</application> has been updated from 1.2.1 1195 to 1.2.2.</para> 1196 1197 <para><application>lukemftp</application> has been updated from a 1198 26 April 2004 snapshot from OpenBSD's sources to a snapshot as 1199 of 16 May 2005.</para> 1200 1201 <para>A snapshot of <application>netcat</application> from OpenBSD 1202 as of 4 February 2005 has been added. More information can be 1203 found in the &man.nc.1; manual page. &merged;</para> 1204 1205 <para><application>OpenPAM</application> has been updated from the 1206 Eelgrass release to the Feterita release.</para> 1207 1208 <para><application>OpenSSH</application> has been updated from 3.8p1 1209 to 3.9p1.</para> 1210 1211 <para><application>OpenSSL</application> has been updated from 1212 0.9.7d to 0.9.7e. &merged;</para> 1213 1214 <para><application>pf</application> has been updated from the 1215 version included with <application>OpenBSD</application> 3.5 to 1216 the version included with <application>OpenBSD</application> 1217 3.7.</para> 1218 1219 <para><application>sendmail</application> has been updated from 1220 version 8.13.1 to version 8.13.3. &merged;</para> 1221 1222 <para><application>tcsh</application> has been updated from 1223 6.13.00 to 6.14.00.</para> 1224 1225 <para>The timezone database has been updated from the 1226 <application>tzdata2004e</application> release to the 1227 <application>tzdata2004g</application> release. &merged;</para> 1228 1229 </sect2> 1230 1231 <sect2 id="ports"> 1232 <title>Ports/Packages Collection Infrastructure</title> 1233 1234 <para>The &man.pkg.version.1; utility now supports a 1235 <option>-q</option> flag to suppress the output of the port 1236 version comparison characters <literal><</literal>, 1237 <literal>=</literal>, and <literal>></literal>.</para> 1238 1239 <para>The 1240 <filename>ports/INDEX<replaceable>*</replaceable></filename> 1241 files, which kept an index of all of the entries in the ports 1242 collection, have been removed from the CVS repository. &merged; 1243 These files were generated only infrequently, and therefore were 1244 usually out-of-date and inaccurate. Users requiring an index 1245 file (such as for use by programs such as &man.portupgrade.1;) 1246 have two alternatives for obtaining a copy:</para> 1247 1248 <itemizedlist> 1249 <listitem> 1250 <para>Build an index file based on the current ports tree by 1251 running <command>make index</command> from the top of the 1252 <filename>ports/</filename> tree.</para> 1253 </listitem> 1254 1255 <listitem> 1256 <para>Fetch an index file over the network by running 1257 <command>make fetchindex</command> from the top of the 1258 <filename>ports/</filename> tree. This index file will 1259 (typically) be accurate to within a day.</para> 1260 </listitem> 1261 </itemizedlist> 1262 1263 </sect2> 1264 1265 <sect2 id="releng"> 1266 <title>Release Engineering and Integration</title> 1267 1268 <para>In prior &os; releases, the <filename>disc1</filename> 1269 CD-ROM (or ISO image) was a bootable installation disk 1270 containing the base system, ports tree, and common packages. 1271 The <filename>disc2</filename> CD-ROM (or ISO image) was a 1272 bootable <quote>fix it</quote> disk with a live filesystem, to 1273 be used for making emergency repairs. This layout has now 1274 changed. For all architectures except ia64, the 1275 <filename>disc1</filename> image now contains the base system 1276 distribution files, ports tree, and the live filesystem, making 1277 it suitable for both an initial installation and repair 1278 purposes. (On the ia64, the live filesystem is on a separate 1279 disk due to its size.) Packages appear on separate 1280 disks; in particular, the <filename>disc2</filename> image 1281 contains commonly packages such as desktop environments. 1282 Documents from the &os; Documentation Project also appear on 1283 <filename>disc2</filename>. &merged;</para> 1284 1285 <para>The supported version of the 1286 <application>GNOME</application> desktop environment has been 1287 updated from 2.6.2 to 2.10. More information about 1288 running <application>GNOME</application> on &os; can be found on 1289 the <ulink url="&url.base;/gnome/">FreeBSD GNOME Project</ulink> 1290 Web page. &merged; 1291 1292 <note> 1293 <para>Users of older versions of the 1294 <application>GNOME</application> desktop 1295 (<filename role="package">x11/gnome2</filename>) 1296 must take particular care in upgrading. Simply upgrading it 1297 from the &os; Ports Collection with &man.portupgrade.1; 1298 (<filename role="package">sysutils/portupgrade</filename>) 1299 will cause serious problems. 1300 <application>GNOME</application> desktop users should read 1301 the instructions carefully at 1302 <ulink url="&url.base;/gnome/docs/faq210.html"></ulink> 1303 and use the 1304 <ulink url="&url.base;/gnome/gnome_upgrade.sh"><filename>gnome_upgrade.sh</filename></ulink> 1305 script to properly upgrade to 1306 <application>GNOME</application> 2.10.</para> 1307 </note> 1308 </para> 1309 1310 <para>The supported version of the <application>KDE</application> 1311 desktop environment has been updated from 3.3.0 to 1312 3.4.0. More information regarding running 1313 <application>KDE</application> on &os; can be found on the 1314 <ulink url="http://freebsd.kde.org/">KDE on FreeBSD</ulink> Web 1315 page. &merged; 1316 1317 <note> 1318 <para>Users of older versions of 1319 <application>KDE</application> should follow the upgrading 1320 procedure documented on the 1321 <ulink url="http://freebsd.kde.org/">KDE on FreeBSD</ulink> Web 1322 page or in <filename>ports/UPDATING</filename>.</para> 1323 </note> 1324 </para> 1325 1326 <para>The supported version of <application>Xorg</application> has 1327 been updated from 6.7.0 to 6.8.2. &merged;</para> 1328 1329 </sect2> 1330 1331 <sect2 id="doc"> 1332 <title>Documentation</title> 1333 1334 <para>Documentation of existing functionality has been improved by 1335 the addition of the following manual pages: &man.ataraid.4;, 1336 &man.sched.4bsd.4;, &man.sched.ule.4;, &man.snd.fm801.4;, 1337 &man.snd.neomagic.4;, &man.snd.via8233.4;, &man.snd.via82c686.4;, 1338 and &man.snd.vibes.4;.</para> 1339 1340 <para>Manual pages in the base system have received a number of 1341 cleanups, both for content and presentation. Cross-references 1342 are more correct and consistent, standard section headings are 1343 now used throughout, and markup has been cleaned up.</para> 1344 1345 <para>The following manual pages, which were derived from RFCs 1346 and possibly violate the IETF's copyrights, have been replaced: 1347 &man.gai.strerror.3;, 1348 &man.getaddrinfo.3;, 1349 &man.getnameinfo.3;, 1350 &man.inet6.opt.init.3;, 1351 &man.inet6.option.space.3;, 1352 &man.inet6.rth.space.3;, 1353 &man.inet6.rthdr.space.3;, 1354 &man.icmp6.4;, and 1355 &man.ip6.4;. &merged;</para> 1356 1357 </sect2> 1358</sect1> 1359 1360<sect1 id="upgrade"> 1361 <title>Upgrading from previous releases of &os;</title> 1362 1363 <para>Source upgrades to &os; &release.current; are only supported 1364 from &os; 5.3-RELEASE or later. Users of older systems wanting to 1365 upgrade &release.current; will need to update to &os; 5.3 or newer 1366 first, then to &os; &release.current;.</para> 1367 1368 <important> 1369 <para>Upgrading &os; should, of course, only be attempted after 1370 backing up <emphasis>all</emphasis> data and configuration 1371 files.</para> 1372 </important> 1373</sect1> 1374