article.xml revision 169427
1<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [ 2<!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN"> 3%articles.ent; 4 5<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN"> 6%release; 7 8<!-- Text constants which probably don't need to be changed.--> 9 10<!-- The marker for MFCs. --> 11<!ENTITY merged "[MERGED]"> 12 13<!-- Architecture names --> 14<!ENTITY arch.amd64 "amd64"> 15<!ENTITY arch.arm "arm"> 16<!ENTITY arch.i386 "i386"> 17<!ENTITY arch.ia64 "ia64"> 18<!ENTITY arch.pc98 "pc98"> 19<!ENTITY arch.powerpc "powerpc"> 20<!ENTITY arch.sparc64 "sparc64"> 21<!ENTITY arch.sun4v "sun4v"> 22 23<!ENTITY % include.historic "IGNORE"> 24<!ENTITY % no.include.historic "IGNORE"> 25]> 26 27<article> 28<articleinfo> 29 <title>&os; &release.current; Release Notes</title> 30 31 <corpauthor>The &os; Project</corpauthor> 32 33 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/relnotes/article.sgml 169427 2007-05-09 20:22:10Z brueffer $</pubdate> 34 35 <copyright> 36 <year>2000</year> 37 <year>2001</year> 38 <year>2002</year> 39 <year>2003</year> 40 <year>2004</year> 41 <year>2005</year> 42 <year>2006</year> 43 <year>2007</year> 44 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder> 45 </copyright> 46 47 <legalnotice id="trademarks" role="trademarks"> 48 &tm-attrib.freebsd; 49 &tm-attrib.ibm; 50 &tm-attrib.ieee; 51 &tm-attrib.intel; 52 &tm-attrib.sparc; 53 &tm-attrib.general; 54 </legalnotice> 55 56 <abstract> 57 <para>The release notes for &os; &release.current; contain a summary 58 of the changes made to the &os; base system on the 59 &release.branch; development line. 60 This document lists applicable security advisories that were issued since 61 the last release, as well as significant changes to the &os; 62 kernel and userland. 63 Some brief remarks on upgrading are also presented.</para> 64 </abstract> 65</articleinfo> 66 67<sect1 id="intro"> 68 <title>Introduction</title> 69 70 <para>This document contains the release notes for &os; 71 &release.current;. It 72 describes recently added, changed, or deleted features of &os;. 73 It also provides some notes on upgrading 74 from previous versions of &os;.</para> 75 76<![ %release.type.current [ 77 78 <para>The &release.type; distribution to which these release notes 79 apply represents the latest point along the &release.branch; development 80 branch since &release.branch; was created. Information regarding pre-built, binary 81 &release.type; distributions along this branch 82 can be found at <ulink url="&release.url;"></ulink>.</para> 83 84]]> 85 86<![ %release.type.snapshot [ 87 88 <para>The &release.type; distribution to which these release notes 89 apply represents a point along the &release.branch; development 90 branch between &release.prev; and the future &release.next;. 91 Information regarding 92 pre-built, binary &release.type; distributions along this branch 93 can be found at <ulink url="&release.url;"></ulink>.</para> 94 95]]> 96 97<![ %release.type.release [ 98 99 <para>This distribution of &os; &release.current; is a 100 &release.type; distribution. It can be found at <ulink 101 url="&release.url;"></ulink> or any of its mirrors. More 102 information on obtaining this (or other) &release.type; 103 distributions of &os; can be found in the <ulink 104 url="&url.books.handbook;/mirrors.html"><quote>Obtaining 105 &os;</quote> appendix</ulink> to the <ulink 106 url="&url.books.handbook;/">&os; 107 Handbook</ulink>.</para> 108 109]]> 110 111 <para>All users are encouraged to consult the release errata before 112 installing &os;. The errata document is updated with 113 <quote>late-breaking</quote> information discovered late in the 114 release cycle or after the release. Typically, it contains 115 information on known bugs, security advisories, and corrections to 116 documentation. An up-to-date copy of the errata for &os; 117 &release.current; can be found on the &os; Web site.</para> 118 119</sect1> 120 121<sect1 id="new"> 122 <title>What's New</title> 123 124 <para>This section describes 125 the most user-visible new or changed features in &os; 126 since &release.prev;. 127 In general, changes described here are unique to the &release.branch; 128 branch unless specifically marked as &merged; features. 129 </para> 130 131 <para>Typical release note items 132 document recent security advisories issued after 133 &release.prev;, 134 new drivers or hardware support, new commands or options, 135 major bug fixes, or contributed software upgrades. They may also 136 list changes to major ports/packages or release engineering 137 practices. Clearly the release notes cannot list every single 138 change made to &os; between releases; this document focuses 139 primarily on security advisories, user-visible changes, and major 140 architectural improvements.</para> 141 142 <sect2 id="security"> 143 <title>Security Advisories</title> 144 145 <para>A temporary file vulnerability in &man.texindex.1;, which 146 could allow a local attacker to overwrite files in the context 147 of a user running the &man.texindex.1; utility, has been fixed. 148 For more details see security advisory <ulink 149 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:01.texindex.asc">FreeBSD-SA-06:01.texindex</ulink>. &merged;</para> 150 151 <para>A temporary file vulnerability in the &man.ee.1; text 152 editor, which could allow a local attacker to overwrite files in 153 the context of a user running &man.ee.1;, has been fixed. For 154 more details see security advisory <ulink 155 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:02.ee.asc">FreeBSD-SA-06:02.ee</ulink>. &merged;</para> 156 157 <para>Several vulnerabilities in the &man.cpio.1; utility have 158 been corrected. For more 159 details see security advisory <ulink 160 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:03.cpio.asc">FreeBSD-SA-06:03.cpio</ulink>. &merged;</para> 161 162 <para>An error in &man.ipfw.4; IP fragment handling, which could 163 cause a crash, has been fixed. For more 164 details see security advisory <ulink 165 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:04.ipfw.asc">FreeBSD-SA-06:04.ipfw</ulink>. &merged;</para> 166 167 <para>A potential buffer overflow in the IEEE 802.11 scanning code 168 has been corrected. For more 169 details see security advisory <ulink 170 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:05.80211.asc">FreeBSD-SA-06:05.80211</ulink>. &merged;</para> 171 172 <para>Two instances in which portions of kernel memory could be 173 disclosed to users have been fixed. For more details see 174 security advisory <ulink 175 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:06.kmem.asc">FreeBSD-SA-06:06.kmem</ulink>. &merged;</para> 176 177 <para>A logic bug in the IP fragment handling in &man.pf.4;, which 178 could cause a crash under certain circumstances, has been fixed. 179 For more details see security advisory <ulink 180 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:07.pf.asc">FreeBSD-SA-06:07.pf</ulink>. &merged;</para> 181 182 <para>A logic bug in the NFS server code, which could cause a crash when 183 the server received a message with a zero-length payload, has been fixed. 184 For more details see security advisory <ulink 185 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:10.nfs.asc">FreeBSD-SA-06:10.nfs</ulink>. &merged;</para> 186 187 <para>A programming error in the &man.fast.ipsec.4; implementation 188 results in the sequence number associated with a Security 189 Association not being updated, allowing packets to unconditionally 190 pass sequence number verification checks, has been fixed. 191 For more details see security advisory <ulink 192 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:11.ipsec.asc">FreeBSD-SA-06:11.ipsec</ulink>. &merged;</para> 193 194 <para>A logic bug that could cause &man.opiepasswd.1; to allow an unprivileged 195 user to configure OPIE authentication for the root user under certain 196 circumstances, has been fixed. 197 For more details see security advisory <ulink 198 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:12.opie.asc">FreeBSD-SA-06:12.opie</ulink>. &merged;</para> 199 200 <para>An asynchronous signal handling vulnerability in &man.sendmail.8;, 201 which could allow a remote attacker to execute arbitrary code with the 202 privileges of the user running sendmail, typically root, has been fixed. 203 For more details see security advisory <ulink 204 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:13.sendmail.asc">FreeBSD-SA-06:13.sendmail</ulink>. &merged;</para> 205 206 <para>[&arch.amd64;, &arch.i386;] An information disclosure issue found in the 207 &os; kernel running on 7th- and 8th-generation AMD processors 208 has been fixed. For more details see security advisory <ulink 209 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:14.fpu.asc">FreeBSD-SA-06:14.fpu</ulink>. &merged;</para> 210 211 <para>A bug in &man.ypserv.8;, which effectively disabled the 212 <filename>/var/yp/securenets</filename> access control mechanism, 213 has been corrected. More details are available in security 214 advisory 215 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:15.ypserv.asc">FreeBSD-SA-06:15.ypserv</ulink>. &merged;</para> 216 217 <para>A bug in the smbfs file system, which could allow an 218 attacker to escape out of &man.chroot.2 environments on an smbfs 219 mounted file system, has been fixed. For more details, see 220 security advisory 221 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:16.smbfs.asc">FreeBSD-SA-06:16.smbfs</ulink>. &merged;</para> 222 223 <para>A potential denial of service problem in &man.sendmail.8; 224 caused by excessive recursion which leads to stack 225 exhaustion when attempting delivery of a malformed 226 MIME message, has been fixed. For more details, 227 see security advisory <ulink 228 url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:17.sendmail.asc">FreeBSD-SA-06:17.sendmail</ulink>. &merged;</para> 229 230 <para>A potential buffer overflow condition in &man.sppp.4; has 231 been corrected. For more details, see security advisory 232 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc">FreeBSD-SA-06:18.ppp</ulink>. &merged;</para> 233 234 <para>An OpenSSL bug related to validation of PKCS#1 v1.5 235 signatures has been fixed. For more details, see security 236 advisory 237 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:19.openssl.asc">FreeBSD-SA-06:19.openssl</ulink>. &merged;</para> 238 239 <para>A potential denial of service attack against &man.named.8; 240 has been fixed. For more details, see security advisory 241 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:20.bind.asc">FreeBSD-SA-06:20.bind</ulink>. &merged;</para> 242 243 <para>Several programming errors have been fixed in &man.gzip.1;. 244 They could have the effect of causing a crash or an infinite 245 loop when decompressing files. More information can be found in 246 security advisory 247 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:21.gzip.asc">FreeBSD-SA-06:21.gzip</ulink>. &merged;</para> 248 249 <para>Several vulnerabilities have been fixed in OpenSSH. More 250 details can be found in security advisory 251 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:22.openssh.asc">FreeBSD-SA-06:22.openssh</ulink>. &merged;</para> 252 253 <para>Multiple errors in the OpenSSL &man.crypto.3; library have 254 been fixed. Potential effects are varied, and are documented in 255 more detail in security advisory 256 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:23.openssl.asc">FreeBSD-SA-06:23.openssl</ulink>. &merged;</para> 257 258 <para>A bug that could permit corrupt archives to cause an 259 infinite loop in &man.libarchive.3; and &man.tar.1; has been 260 fixed. More details are available in 261 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:24.libarchive.asc">FreeBSD-SA-06:24.libarchive</ulink>. &merged;</para> 262 263 <para>A bug that could allow users in 264 the <groupname>operator</groupname> group to read parts of kernel 265 memory has been corrected. For more details, consult security 266 advisory 267 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-06:25.kmem.asc">FreeBSD-SA-06:25.kmem</ulink>. &merged;</para> 268 269 <para>A bug in the <filename>jail</filename> startup script that 270 could permit privilege escalation via a symlink attack has been 271 fixed. More information is available in 272 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-07:01.jail.asc">FreeBSD-SA-07:01.jail</ulink>. &merged;</para> 273 274 <para>Two remote denials of service in BIND (one involving DNSSEC and 275 one involving recursive DNS queries) have been fixed. For more 276 information, see security advisory 277 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-07:02.bind.asc">FreeBSD-SA-07:02.bind</ulink>. &merged;</para> 278 279 <para>Processing of IPv6 type 0 Routing Headers is now 280 controlled by the <varname>net.inet6.ip6.rthdr0_allowed</varname> 281 sysctl variable, which defaults to <literal>0</literal> (off). 282 For more information, see security advisory 283 <ulink url="http://security.FreeBSD.org/advisories/FreeBSD-SA-07:03.ipv6.asc">FreeBSD-SA-07:03.ipv6</ulink>. &merged;</para> 284 </sect2> 285 286 <sect2 id="kernel"> 287 <title>Kernel Changes</title> 288 289 <para>&man.acpi.4; now has support for the HPET time counter. &merged;</para> 290 291 <para>The &man.acpi.ibm.4; driver now supports setting the fan control 292 mode to manual or automatic, and adjusting the fan speed if the 293 fan control mode is manual. To enable manual control of the fan speed, 294 the sysctl variable <varname>dev.acpi_ibm.<replaceable>0</replaceable>.fan</varname> 295 needs to be set to zero (manual). This should only be used with 296 extreme precaution, as disabling automatic fan control might 297 overheat the hardware and lead to permanent damage.</para> 298 299 <para>The &man.apm.4; suspend/resume support has been improved.</para> 300 301 <para>Security event auditing is now supported in the &os; kernel, 302 and is enabled by the <literal>AUDIT</literal> kernel 303 configuration option. More information can be found in the 304 &man.audit.4; manual page.</para> 305 306 <para>The <literal>options COMPAT_43</literal> kernel 307 configuration option has been deemed unnecessary and has been 308 removed from <filename>GENERIC</filename> and related kernel 309 configurations. This change may result in a small performance 310 increase for some workloads.</para> 311 312 <para>The &man.ddb.4; debugger now provides the <literal>show lock</literal> 313 command. If the argument has a valid lock class, 314 this displays various information about the lock and calls a 315 new function pointer in lock_class (lc_ddb_show) to dump class-specific 316 information about the lock as well (such as the owner of a mutex or 317 xlock'ed sx lock). &merged;</para> 318 319 <para>The &man.ddb.4; debugger now provides the <literal>show sleepq</literal> 320 command. This takes a wait channel as an argument and looks 321 for a sleep queue associated with that wait channel.</para> 322 323 <para><filename>DEFAULTS</filename> kernel configuration files 324 for each platform have been added. These files contain 325 directives that are implicitly included in all kernel 326 configurations, and generally include basic, mandatory 327 functionality for each platform. &merged;</para> 328 329 <para>A bug in file descriptor handling such that a simple 330 <literal>close(0); dup(fd)</literal> sequence does not return 331 descriptor <literal>0</literal> in some cases, has been fixed.</para> 332 333 <para>The &man.firmware.9; subsystem has been added. This 334 subsystem provides a mechanism 335 to load binary data into the kernel via a specially crafted module. 336 &merged;</para> 337 338 <para>The &man.gdb.1; remote debugging interface now supports 339 copying console messages to a remote debugger instance. 340 To enable this, set <literal>debug.gdbcons="1"</literal> 341 in <filename>loader.conf</filename>, enter <literal>boot -d; 342 gdb; step</literal> from the loader prompt, 343 then attach &man.gdb.1; from a remote machine. 344 The sysctl variable <varname>debug.gdbcons</varname> can be 345 used to turn on/off this functionality.</para> 346 347 <para>&man.hwpmc.4; and &man.pmcstat.8; now support profiling 348 of dynamically loaded kernel modules and 349 shared objects loaded with &man.dlopen.3;.</para> 350 351 <para>A new <varname>kern.hostuuid</varname> sysctl variable 352 has been added to hold a host's Universally Unique Identifier 353 (UUID). This UUID is computed or generated by a new 354 <filename>rc.d/hostid</filename> startup script and, where 355 possible, is saved to disk to be persistent across reboots.</para> 356 357 <para>Support for Kernel Scheduled Entities (KSE) is now a kernel 358 option (previously it was a mandatory feature in the kernel). 359 It is enabled in the GENERIC kernel (thus there is no change in 360 functionality) for all platforms except &arch.sun4v;.</para> 361 362 <para>The Linux ABI support was enhanced to support emulation of 363 Linux 2.6.16. This is not enabled by default. To turn it on 364 the <varname>compat.linux.osrelease</varname> sysctl variable 365 has to be set to <literal>2.6.16</literal>. Note that this 366 support is still experimental.</para> 367 368 <para>Support for Message Signaled Interrupts (MSI) and Extended 369 Message Signaled Interrupts (MSI-X) has been added to the kernel's 370 PCI support code. &merged;</para> 371 372 <para>The &man.priv.9; kernel interface has been added. Its purpose 373 is checking the availability of privilege for threads and credentials. 374 Unlike the existing &man.suser.9; interface, &man.priv.9; exposes a 375 named privilege identifier to the privilege checking code, allowing 376 more complex policies regarding the granting of privilege to be 377 expressed.</para> 378 379 <para>The &man.random.4; entropy device driver is now MPSAFE. 380 &merged;</para> 381 382 <para>&os; now supports concurrent &man.read.2;/&man.readv.2; 383 access to a file.</para> 384 385 <para>The kernel's &man.sx.9; locks have been optimized to use 386 simple atomic operations for the common cases of obtaining and 387 releasing shared and exclusive locks. While this change is not 388 generally user-visible, it is the basis for some substantial 389 performance improvements.</para> 390 391 <para>The ULE process scheduler has been revised to improve its 392 behavior, in particular interactivity under load. This 393 implementation can commonly be referred to as <quote>ULE 394 2.0</quote>.</para> 395 396 <para>The experimental CORE process scheduler has been added, 397 enabled with the <literal>options SCHED_CORE</literal> kernel 398 configuration option. It is forked from the &man.sched.ule.4; 399 scheduler, but 400 with a different algorithm for detecting an interactive process. 401 More information can be found in the &man.sched.core.4; manual 402 page.</para> 403 404 <para>The <literal>SIGCHLD</literal> signal queuing has been 405 added. For each child process whose status has been changed, 406 a <literal>SIGCHLD</literal> instance is queued. If the signal is still pending, 407 and the process changed status several times, the signal information 408 is updated to reflect the latest process status. 409 There is a loader tunable <varname>kern.sigqueue.queue_sigchild</varname> 410 which can control the behavior, setting it to zero disables the 411 <literal>SIGCHLD</literal> queuing feature.</para> 412 413 <para>[&arch.amd64;, &arch.i386;] Instead of including all of physical 414 memory in a kernel crash dump, the kernel now defaults to dumping only pages that are 415 actively mapped into kernel virtual memory. A new 416 <varname>debug.minidump</varname> sysctl variable 417 can be used to turn off this behavior when set to zero. &merged;</para> 418 419 <para>A new sysctl variable <varname>kern.malloc_stats</varname> 420 has been added. This allows exporting of kernel malloc 421 statistics via a binary structure stream.</para> 422 423 <para>A new sysctl variable <varname>kern.forcesigexit</varname> 424 has been added. This forces a process 425 to sigexit if a trap signal is being held by the current thread or 426 ignored by the current process. It is enabled by default.</para> 427 428 <para>The pcvt(4) driver, an alternative to &man.syscons.4;, 429 has been removed, as it had fallen out of sync with the rest 430 of the kernel.</para> 431 432 <para>RedZone, a buffer corruption protection for the kernel &man.malloc.9; 433 facility has been implemented. This detects both buffer underflows and 434 overflows at runtime on &man.free.9; and &man.realloc.9;, 435 and prints backtraces from where memory was allocated and from where 436 it was freed. For more details, see the &man.redzone.9; manual page.</para> 437 438 <para>A new sysctl variable <varname>security.mac.biba.interfaces_equal</varname> 439 which makes all network interfaces be created with the label 440 <literal>biba/equal(equal-equal)</literal>, has been added. 441 This is useful where programs such as &man.dhclient.8; and &man.ppp.8;. 442 which initialize network interfaces do not have any labeling support. 443 This variable is set as <literal>0</literal> (disabled) by default. 444 &merged;</para> 445 446 <para>A new sysctl variable <varname>vm.zone_stats</varname> 447 has been added. This allows to export &man.uma.9; allocator 448 statistics via a binary structure stream.</para> 449 450 <para>The sysctl variable <varname>hw.pci.do_powerstate</varname> 451 has been split into two sysctl variables 452 <varname>hw.pci.do_powerstate_nodriver</varname> 453 and <varname>hw.pci.do_powerstate_resume</varname>. 454 Also, these variables have been changed from a boolean to a range. 455 <literal>0</literal> means no power management, 456 <literal>1</literal> means conservative power management which 457 any device class that has caused problems is added to the watch list, 458 <literal>2</literal> means aggressive power management where 459 any device class that is not fundamental to the system is added to the list, 460 and <literal>3</literal> means power them all down unconditionally. 461 The default values are <literal>0</literal> for 462 <varname>hw.pci.do_powerstate_nodriver</varname> and 463 <literal>1</literal> for <varname>hw.pci.do_powerstate_resume</varname>.</para> 464 465 <para>[&arch.ia64;] The <filename>GENERIC</filename> kernel now enables 466 SMP support by default.</para> 467 468 <para>Sample kernel configuration files 469 <filename>src/sys/<replaceable>arch</replaceable>/conf/MAC</filename> 470 for the Mandatory Access Control framework have been added.</para> 471 472 <para><varname>POSIX_TIMERS</varname> support has been updated to 200112L.</para> 473 474 <para>An experimental support for POSIX message queue has been 475 implemented.</para> 476 477 <para>&os; now runs on the Xbox, whose architecture is nearly identical 478 to the i386. For details of the latest development, see 479 <ulink url="http://www.FreeBSD.org/platforms/xbox.html"></ulink>. 480 &merged; </para> 481 482 <para>The locking strategy for UNIX domain sockets has been 483 revised to improve concurrency; this change has yielded 484 substantial performance improvements on various SMP workloads 485 (in particular, MySQL on 8-way &arch.amd64; systems) with little 486 or no measured overhead on UP systems.</para> 487 488 <para>Several minor but widespread changes to the Newbus API have 489 been made In order to support some on-going work with interrupt 490 filtering. Because this change also breaks the kernel ABI, all 491 third-party device drivers will need to be modified and 492 recompiled.</para> 493 494 <sect3 id="boot"> 495 <title>Boot Loader Changes</title> 496 497 <para>A new option <option>-S</option>, 498 which allows setting the <filename>boot2</filename> 499 serial console speed in the <filename>/boot.config</filename> 500 file or on the <prompt>boot:</prompt> prompt line, 501 has been added.</para> 502 503 <para>[&arch.amd64;, &arch.i386;] A new loader tunable 504 <varname>comconsole_speed</varname> to change 505 the serial console speed has been added. 506 If the previous stage boot loader requested a serial console, 507 then the default speed is determined from the current serial port 508 speed. Otherwise it is set to 9600 or the value of 509 the <literal>BOOT_COMCONSOLE_SPEED</literal> kernel option. 510 &merged;</para> 511 512 <!-- Above this line, order boot loader changes by keyword--> 513 514 <para>[&arch.pc98;] A bootable CDROM loader has been implemented 515 for the pc98 platform. &merged;</para> 516 517 <para>[&arch.pc98;] The <application>IPLware</application> support 518 in boot0.5 has been enhanced to support version 3.33.</para> 519 520 <para>[&arch.i386;] A bug in the i386 boot loader, which could 521 cause file system corruption if 522 a <filename>nextboot.conf</filename> file was used and landed 523 after cylinder 1023, has been fixed. &merged;</para> 524 525 </sect3> 526 527 <sect3 id="proc"> 528 <title>Hardware Support</title> 529 530 <para>The &man.amdsmb.4; driver has been added. It provides 531 support for the AMD-8111 SMBus 2.0 controller. &merged;</para> 532 533 <para>The &man.cardbus.4;, &man.pccard.4;, 534 &man.pccbb.4;, and &man.exca.4; drivers are now buildable 535 as kernel modules.</para> 536 537 <para>An &man.acpi.dock.4; driver has been added to provide 538 support for controlling laptop docking station functions via 539 ACPI. &merged;</para> 540 541 <para>The &man.acpi.thermal.4; driver now supports 542 passive cooling. &merged;</para> 543 544 <para>The &man.acpi.thermal.4; driver now supports overriding 545 the <literal>_PSV</literal>, <literal>_HOT</literal>, and 546 <literal>_CRT</literal> temperature values.</para> 547 548 <para>Support for the alpha architecture has been removed. Alpha 549 support will remain on the RELENG_5 and RELENG_6 codelines.</para> 550 551 <para>The &man.cardbus.4; driver now supports 552 <filename>/dev/cardbus<replaceable>%d</replaceable>.cis</filename>.</para> 553 554 <para>[&arch.i386;, &arch.pc98;] The &man.ce.4; driver, 555 which supports Cronyx Tau-PCI/32 adapters, has been added. 556 &merged;</para> 557 558 <para>The <literal>est</literal> &man.cpufreq.4; driver now supports 559 frequency control for the VIA C7-M family of processors.</para> 560 561 <para>Support for the PadLock Security Co-processor in VIA C3, 562 Eden, and C7 563 processors has been added to the &man.crypto.9; subsystem. 564 More information can be found in the &man.padlock.4; manual 565 page. 566 &merged;</para> 567 568 <para>icee(4), a generic I2C EEPROM driver, has been added.</para> 569 570 <para>A bug which prevented the &man.ichsmb.4; kernel module 571 from unloading has been fixed.</para> 572 573 <para>[&arch.amd64;, &arch.i386;] Dual-core processors (such as the Intel 574 Core Duo) now have both cores available for use by 575 default in SMP-enabled kernels. &merged;</para> 576 577 <para>[&arch.amd64;, &arch.i386;] &man.ipmi.4;, an OpenIPMI compatible driver, 578 has been added. 579 OpenIPMI (Intelligent Platform Management Interface) is an open 580 standard designed to enable remote monitoring and control of server, 581 networking and telecommunication platforms. &merged;</para> 582 583 <para>The &man.kbdmux.4; driver has been integrated into &man.syscons.4; and 584 the <devicename>kbd</devicename> device driver. 585 By default &man.syscons.4; will look for the &man.kbdmux.4; 586 keyboard first, and then, if not found, look for any keyboard. 587 Switching to &man.kbdmux.4; can be done at boot time by loading 588 the <literal>kbdmux</literal> kernel module via &man.loader.8;, 589 or at runtime via &man.kldload.8; and releasing the active 590 keyboard. &merged;</para> 591 592 <para>[&arch.amd64;, &arch.i386;] The &man.kbdmux.4; driver is now included in the 593 <filename>GENERIC</filename> kernel by default. 594 Also, the <quote>Boot FreeBSD with USB keyboard</quote> 595 menu item in the boot loader menu has been removed 596 since this fixes USB keyboard probing problems. 597 &merged;</para> 598 599 <para>The &man.nfsmb.4; driver, which supports the NVIDIA nForce 600 2/3/4 SMBus 2.0 controller, has been added. &merged;</para> 601 602 <para>[&arch.ia64;, &arch.powerpc;] The loader tunable <varname>debug.mpsafevfs</varname> 603 is set to <literal>1</literal> by default.</para> 604 605 <para>The &man.sab.4; driver has been removed (it has been 606 superceded by the &man.scc.4; driver).</para> 607 608 <para>The &man.scc.4; driver has been added. 609 This provides generic support for serial communications 610 controllers and delegates the control over each channel 611 and mode to a subordinate driver such as &man.uart.4;.</para> 612 613 <para>[&arch.amd64;] The smbios(4) driver support for amd64 has been 614 added.</para> 615 616 <para>[&arch.sun4v;] &os; now has preliminary support for the Sun Microsystems 617 UltraSPARC-T1 architecture. &os;/sun4v has been demonstrated 618 to run on the Sun Fire T1000 and Sun Fire T2000 servers. 619 More information can be found on the 620 <ulink url="http://www.FreeBSD.org/platforms/sun4v.html">sun4v 621 Project</ulink> 622 page.</para> 623 624 <para>The tnt4882(4) driver, which supports the National Instruments 625 PCI-GPIB card, has been added.</para> 626 627 <para>[&arch.amd64;, &arch.i386;, &arch.ia64;, &arch.sparc64;] The &man.uart.4; driver has been included in the 628 <filename>GENERIC</filename> kernel by default. 629 When both &man.sio.4; and &man.uart.4; can handle a given serial port, 630 &man.sio.4; will claim it.</para> 631 632 <para>The &man.uart.4; driver now supports LOM (Lights Out Management) 633 and RSC (Remote System Control) devices as consoles.</para> 634 635 <para>The zs driver has been removed. Its functionality 636 has been superceded by that of the &man.uart.4; driver.</para> 637 638 <para>[&arch.i386;] A new loader tunable 639 <varname>hw.apic.enable_extint</varname> has been added. 640 This tunable can be used to disable masking of the ExtINT pin on the first 641 I/O APIC. At least one chipset for the Intel Pentium III seems 642 to need this, even though all of the pins in the 8259As are masked. 643 The default is still to mask the ExtINT pin.</para> 644 645 <para>[&arch.i386;] Support has been improved for 646 so-called <quote>legacy-free</quote> hardware, in particular, 647 i386 systems without AT-style keyboard controllers such as the 648 Macbook Pro. &merged;</para> 649 650 <sect4 id="mm"> 651 <title>Multimedia Support</title> 652 653 <para>The &man.agp.4; driver now supports ATI AGP chipsets. 654 &merged;</para> 655 656 <para>The new midi(4) driver which is based on NetBSD's one 657 has been added. This supports &man.snd.cmi.4; and 658 &man.snd.emu10k1.4; drivers.</para> 659 660 <para>The &man.sound.4; driver now supports 661 wider range sampling rate, multiple precisions choice, 662 and 24/32 bit PCM format conversion. &merged;</para> 663 664 <para>The &man.snd.als4000.4; driver is now MPSAFE. &merged;</para> 665 666 <para>The &man.snd.atiixp.4; driver has been added. 667 This supports ATI IXP 200/300/400 series audio controllers. &merged;</para> 668 669 <para>The &man.snd.atiixp.4; driver now supports 670 suspend and resume features.</para> 671 672 <para>The &man.snd.cmi.4; driver is now MPSAFE.</para> 673 674 <para>The &man.snd.emu10kx.4; driver has been added. It 675 supports Creative SoundBlaster Live! and Audigy series sound 676 cards with optional pseudo-multichannel playback.</para> 677 678 <para>The &man.snd.envy24.4; driver has been added to support 679 the Envy24 series of audio chips.</para> 680 681 <para>The &man.snd.envy24ht.4; driver has been added to support 682 the VIA Envy24HT series of audio chips.</para> 683 684 <para>The &man.snd.es137x.4; driver is now MPSAFE. &merged;</para> 685 686 <para>The &man.snd.ich.4; driver is now MPSAFE. &merged;</para> 687 688 <para>The &man.snd.hda.4; driver has been added. It supports 689 devices that conform to revision 1.0 of the Intel High Definition 690 Audio specification.</para> 691 692 <para>The &man.snd.solo.4; driver is now MPSAFE. &merged;</para> 693 694 <para>The &man.snd.spicds.4; driver has been added to support 695 I2S SPI audio codec chips.</para> 696 697 <para>The &man.snd.via8233.4; driver is now MPSAFE. &merged;</para> 698 699 <para>The &man.snd.via82c686.4; driver is now MPSAFE. &merged;</para> 700 701 <para>[&arch.amd64;] The &man.speaker.4; driver now supports &os;/amd64. &merged;</para> 702 703 <para>The &man.uaudio.4; driver now supports 24/32 bit audio 704 formats and conversion.</para> 705 </sect4> 706 707 <sect4 id="net-if"> 708 <title>Network Interface Support</title> 709 710 <para>The &man.ath.4; driver has been updated to 711 HAL version 0.9.20.3. &merged;</para> 712 713 <para>[&arch.amd64;, &arch.i386;, &arch.pc98;, &arch.sparc64;] 714 The &man.ath.4;, &man.ath.hal.4;, and 715 <literal>ath_rate_sample</literal> drivers have been 716 included in the <filename>GENERIC</filename> kernel by 717 default. &merged;</para> 718 719 <para>[&arch.amd64;, &arch.i386;] The &man.bce.4; driver, which supports Broadcom 720 NetXtreme II (BCM5706/BCM5708) PCI/PCIe Gigabit Ethernet controllers, 721 has been added. For more details, see &man.bce.4;. &merged;</para> 722 723 <para>A bug which prevents the &man.bfe.4; driver from working 724 on a system with over 1GB RAM has been fixed. &merged;</para> 725 726 <para>The &man.bge.4; driver's Jumbo frame support is now MPSAFE.</para> 727 728 <para>The &man.bge.4; driver now supports big-endian 729 architectures such as sparc64.</para> 730 731 <para>The &man.bge.4; driver now supports &man.polling.4; mode. 732 &merged;</para> 733 734 <para>The &man.cm.4; driver is now MPSAFE.</para> 735 736 <para>The &man.cxgb.4; driver has been added. It provides support for 737 10 Gigabit Ethernet adapters based on the Chelsio T3 and T3B chipsets. 738 </para> 739 740 <para>The &man.dc.4; driver is now MPSAFE. &merged;</para> 741 742 <para>The &man.de.4; driver has been converted to the &man.bus.dma.9; 743 API and is now MPSAFE.</para> 744 745 <para>The &man.ed.4; driver is now MPSAFE.</para> 746 747 <para>The &man.edsc.4; driver, which provides Ethernet discard network 748 interfaces, has been added. &merged;</para> 749 750 <para>The &man.el.4; driver has been removed due to lack of use.</para> 751 752 <para>The &man.em.4; driver now supports big-endian 753 architectures such as sparc64. &merged;</para> 754 755 <para>The &man.em.4; driver has been updated to 756 version 6.5.0 from Intel. Among other changes, it now supports 757 80003, 82571, 82571EB, 82572 and 82575 based adapters, as well as 758 onboard-NICs on ICH8-based motherboards. &merged;</para> 759 760 <para>The &man.em.4; driver now includes 761 initial support for suspend and resume features.</para> 762 763 <para>The performance of the &man.em.4; driver has been improved 764 by using a fast interrupt handler and taskqueue 765 instead of ithread handler. This change can be disabled 766 by defining <literal>NO_EM_FASTINTR</literal> kernel option 767 for debugging purpose.</para> 768 769 <para>The firmware images needed by the &man.ipw.4; driver are now 770 part of the &os; base system. For the loaded firmware to work the 771 license at <filename>/usr/share/doc/legal/intel_ipw/LICENSE</filename> 772 must be agreed to and <literal>legal.intel_ipw.license_ack=1</literal> 773 has to be added to <filename>/boot/loader.conf</filename>. 774 Prior versions of the driver used the firmware image in the 775 <filename role="package">net/ipw-firmware-kmod</filename> 776 port/package or the 777 <filename role="package">net/ipw-firmware</filename> 778 port/package. &merged;</para> 779 780 <para>The &man.iwi.4; driver now supports big-endian 781 architectures such as sparc64.</para> 782 783 <para>A number of improvements and bugfixes have been made to the 784 functionality of the &man.iwi.4; driver. &merged;</para> 785 786 <para>The firmware images needed by the &man.iwi.4; driver are now 787 part of the &os; base system. For the loaded firmware to work the 788 license at <filename>/usr/share/doc/legal/intel_iwi/LICENSE</filename> 789 must be agreed to and <literal>legal.intel_iwi.license_ack=1</literal> 790 has to be added to <filename>/boot/loader.conf</filename>. 791 Prior versions of the driver used the firmware image in the 792 <filename role="package">net/iwi-firmware-kmod</filename> 793 port/package or the 794 <filename role="package">net/iwi-firmware</filename> 795 port/package. &merged;</para> 796 797 <para>The &man.le.4; driver, which supports AMD Am7900 LANCE 798 and Am79C9xx PCnet NICs, 799 has been added. While the &man.lnc.4; driver also supports these 800 NICs, this driver has several advantages over it such as 801 MPSAFE, ALTQ, VLAN_MTU, ifmedia, and 32-bit DMA for PCI 802 variants. This driver is based on NetBSD's implementation. 803 &merged;</para> 804 805 <para>The &man.lge.4; driver is now MPSAFE. &merged;</para> 806 807 <para>The lnc(4) driver has been removed. The &man.le.4; and 808 &man.pcn.4; drivers support all devices that were supported 809 by lnc(4).</para> 810 811 <para>The &man.msk.4; driver has been added. It supports 812 network interfaces using the Marvell/SysKonnect Yukon II 813 Gigabit Ethernet controller. &merged;</para> 814 815 <para>The &man.my.4; driver is now MPSAFE. &merged;</para> 816 817 <para>The &man.my.4; driver now supports &man.altq.4;. &merged;</para> 818 819 <para>[&arch.amd64;, &arch.i386;] The &man.mxge.4; driver, 820 which supports Myricom Myri10GE 10 Gigabit Ethernet 821 adapters, has been added. For more details, see 822 &man.mxge.4;.</para> 823 824 <para>The &man.nfe.4; driver, an open-source driver for nForce 825 Ethernet devices, has been added, originally from 826 OpenBSD.</para> 827 828 <para>[&arch.arm;] The &man.npe.4; driver, which supports the 829 Intel XScale Network Processing Engine, has been 830 added. &merged;</para> 831 832 <para>The &man.nve.4; driver has been updated to version 1.0-0310 833 (23-Nov-2005). It also now has &man.altq.4; support. &merged;</para> 834 835 <para>The &man.pcn.4; driver is now MPSAFE. &merged;</para> 836 837 <para>The &man.re.4; driver now supports the D-Link DGE-528(T) 838 Gigabit Ethernet card.</para> 839 840 <para>The &man.rum.4; driver has been added. It supports 841 WLAN adapters based on the Ralink RT2501USB and RT2601USB 842 chipsets.</para> 843 844 <para>The &man.sf.4; driver is now MPSAFE. &merged;</para> 845 846 <para>The &man.sk.4; driver is now MPSAFE. &merged;</para> 847 848 <para>The &man.ste.4; driver is now MPSAFE. &merged;</para> 849 850 <para>The &man.stge.4; driver has been added. It supports the 851 Sundance/Tamarack TC9021 Gigabit Ethernet controller and was 852 ported from NetBSD. &merged;</para> 853 854 <para>The &man.ti.4; driver now supports big-endian 855 architectures such as sparc64.</para> 856 857 <para>The &man.ufoma.4; driver for 858 FOMA (third generation mobile phone system by NTT DoCoMo, Inc. 859 in Japan) has been added. 860 This should support other third generation mobile phones 861 since the driver is based on USB Implementation Guideline 862 from MCPC (Mobile Computing Promotion Consortium) in Japan.</para> 863 864 <para>The vgapci(4) driver has been added. This is a stub 865 device driver for VGA PCI devices and serves as a bus 866 so that other drivers such as drm(4), 867 &man.acpi.video.4;, and &man.agp.4; can attach to 868 it thus allowing multiple drivers for the same device.</para> 869 870 <para>The &man.vge.4; driver now supports &man.altq.4;. &merged;</para> 871 872 <para>The &man.wi.4; driver is now buildable as 873 a kernel module.</para> 874 875 <para>[&arch.amd64;, &arch.i386;, &arch.pc98;] The &man.wlan.wep.4;, 876 &man.wlan.ccmp.4;, and &man.wlan.tkip.4; drivers 877 have been included in the <filename>GENERIC</filename> 878 kernel by default.</para> 879 880 <para>The network interface groups feature has been imported 881 from OpenBSD. This feature allows an administrator to, for 882 example, apply firewall rules to an entire group of 883 interfaces. More information can be found in 884 &man.ifconfig.8;.</para> 885 886 <para>The 802.11 protocol stack now has support for 900 MHz 887 cards, as well as quarter- and half-channel support 888 for 802.11a. &merged;</para> 889 890 </sect4> 891 </sect3> 892 893 <sect3 id="net-proto"> 894 <title>Network Protocols</title> 895 896 <para>The &man.arp.4; retransmission algorithm has been 897 rewritten so that ARP requests are retransmitted without 898 suppression, while there is demand for such ARP entry. 899 Due to this change, a sysctl variable 900 <varname>net.link.ether.inet.host_down_time</varname> 901 has been removed. &merged;</para> 902 903 <para>The &man.arp.4; protocol now supports a sysctl variable 904 <varname>net.link.ether.inet.log_arp_permanent_modify</varname> 905 to suppress logging of attempts to modify 906 permanent ARP entries. &merged;</para> 907 908 <para>[&arch.amd64;, &arch.i386;, &arch.pc98;] An experimental BPF Just-In-Time compiler 909 has been implemented for both &man.bpf.4; and &man.ng.bpf.4;. 910 To enable this, the 911 <literal>options BPF_JITTER</literal> kernel option is needed. 912 The <varname>net.bpf_jitter.enable</varname> 913 can be used to disable this feature.</para> 914 915 <para>Multiple copies of a packet received via different 916 &man.bpf.4; listeners now all have identical 917 timestamps. &merged;</para> 918 919 <para>The &man.bpf.4; device now supports several new 920 &man.ioctl.2; calls to allow examining inbound vs. outbound 921 packets, as well as packets that have been injected onto the 922 network.</para> 923 924 <para>The bridge(4) driver has been removed from the tree. Its 925 functionality has been completely replaced by 926 &man.if.bridge.4;.</para> 927 928 <para>The &man.enc.4; IPsec filtering pseudo-device has been 929 added. It allows firewall packages using the &man.pfil.9; 930 framework to examine (and filter) IPsec traffic before 931 outbound encryption and after inbound decryption. &merged;</para> 932 933 <para>The &man.gre.4; driver, which is for GRE encapsulation 934 found in RFC 1701 and RFC 1702, now supports IPv6 over GRE.</para> 935 936 <para>The &man.if.bridge.4; driver now supports 937 creating SPAN ports, which transmit a copy of every frame 938 received by the bridge. This feature can be enabled 939 by using &man.ifconfig.8;. &merged;</para> 940 941 <para>The &man.if.bridge.4; driver now supports 942 RFC 3378 EtherIP. This change makes it possible to 943 add &man.gif.4; interfaces to bridges, which will then 944 send and receive IP protocol 97 packets. 945 Packets are Ethernet frames with an EtherIP header prepended. 946 &merged;</para> 947 948 <para>The &man.if.bridge.4; driver now supports RSTP, the Rapid 949 Spanning Tree Protocol (802.1w). &merged;</para> 950 951 <para>A hard-coded limit on the number of IPv4 multicast group 952 memberships (formerly 20) has been removed.</para> 953 954 <para>The path MTU discovery for multicast packets in the &os; 955 IPv6 stack has been disabled by default. 956 Path MTU notification from a large number of multicast routers 957 can be a kind of distributed Denial-of-Service attack to a router. 958 This feature can be re-enabled by using a new sysctl variable 959 <varname>net.inet6.ip6.mcast_pmtu</varname>. &merged;</para> 960 961 <para>IPv6 multicast forwarding is now dynamically loadable, via 962 the <filename>ip_mroute.ko</filename> module.</para> 963 964 <para>IPv6 link-local addresses are now enabled only 965 if <varname>ipv6_enable</varname> is set in &man.rc.conf.5;. 966 &merged;</para> 967 968 <para>The &man.ipfw.4; IP packet filter now supports IPv6. &merged;</para> 969 970 <para>The &man.ipfw.4; firewall system now supports 971 a <literal>tablearg</literal> feature, which allows 972 values obtained from a table lookup to be used as part of a 973 rule. &merged; 974 This feature can be used to optimize some rulesets 975 or to implement policy-based routing inside a firewall. 976 For example, the following rules will throw different 977 packets to different pipes:</para> 978 979 <programlisting>pipe 1000 config bw 1000Kbyte/s 980pipe 4000 config bw 4000Kbyte/s 981table 1 add x.x.x.x 1000 982table 1 add x.x.x.y 4000 983pipe tablearg ip from table(1) to any</programlisting> 984 985 <para>The &man.ipfw.4; packet filter now supports 986 <literal>tag</literal> and <literal>untag</literal> rule keywords. 987 When a packet matches a rule with the <literal>tag</literal> 988 keyword, the numeric tag for the given number in the range 989 from 0 to 65535 will be attached to the packet. 990 The tag acts as an internal marker (it is not sent out over 991 the wire) that can be used to identify these packets later on, 992 for example, by using <literal>tagged</literal> 993 rule option. For more details, see &man.ipfw.8;. &merged;</para> 994 995 <para>The <literal>IPFIREWALL_FORWARD_EXTENDED</literal> kernel 996 option has been removed. This option was used to permit 997 &man.ipfw.4; to redirect packets with local destinations. 998 This behavior is now always enabled when 999 the <literal>IPFIREWALL_FORWARD</literal> kernel option is 1000 enabled. &merged;</para> 1001 1002 <para>The ip6fw(8) packet filter has been removed. Since &man.ipfw.4; has gained 1003 IPv6 support, it should be used instead. Please note that some rules might need 1004 to be adjusted.</para> 1005 1006 <para>The &man.lagg.4; driver, ported from OpenBSD and NetBSD, 1007 has been added to support a variety of protocols and algorithms 1008 for link aggregation, failover, and fault tolerance.</para> 1009 1010 <para>The &man.natm.4;, Native Mode ATM protocol layer is now MPSAFE.</para> 1011 1012 <para>A new &man.ng.deflate.4; Netgraph node type has been 1013 added. It implements Deflate PPP compression. &merged;</para> 1014 1015 <para>The &man.ng.ether.4; Netgraph node no longer overwrites 1016 the MAC address of outgoing frames by default. &merged;</para> 1017 1018 <para>The &man.ng.iface.4; Netgraph node now supports &man.altq.4;. 1019 &merged;</para> 1020 1021 <para>A new &man.ng.pred1.4; Netgraph node type has been added 1022 to implement Predictor-1 PPP compression. &merged;</para> 1023 1024 <para>The &man.ng.tag.4; Netgraph node has been added to 1025 support the manipulation of mbuf tags attached to data in the 1026 kernel. &merged;</para> 1027 1028 <para>A bug has been fixed in which NFS over TCP would not reconnect 1029 when the server sent a FIN. This problem had occurred 1030 with Solaris NFS servers. &merged;</para> 1031 1032 <para>The default retransmit timer for NFS over TCP is now 60 seconds. 1033 This change prevents the unnecessary retransmission of 1034 non-idempotent NFS requests. The <varname>nfs_access_cache</varname> 1035 variable in &man.rc.conf.5; has also been changed to 60.</para> 1036 1037 <para>The default minimum number of nfsiod kernel threads 1038 (&man.sysctl.8; variable <varname>vfs.nfs.iodmin</varname>) 1039 has been changed from 4 to 0.</para> 1040 1041 <para>The sysctl variables <varname>net.inet.ip.portrange.reservedhigh</varname> 1042 and <varname>net.inet.ip.portrange.reservedlow</varname> 1043 can be used with IPv6 now. &merged;</para> 1044 1045 <para>A new sysctl variable <varname>net.inet.icmp.reply_from_interface</varname> 1046 has been added. This allows the &man.icmp.4; 1047 reply to non-local packets to be generated with 1048 the IP address the packet came through in. 1049 This is useful for routers to show in &man.traceroute.8; 1050 the actual path a packet has taken instead of 1051 the possibly different return path.</para> 1052 1053 <para>A new sysctl variable <varname>net.inet.icmp.quotelen</varname> 1054 has been added. This allows to change length of 1055 the quotation of the original packet in an ICMP reply. 1056 The minimum of 8 bytes is internally enforced. 1057 The maximum quotation is the remaining space in the 1058 reply mbuf. This option is added in response to the 1059 issues raised in I-D 1060 <filename>draft-gont-icmp-payload-00.txt</filename>.</para> 1061 1062 <para>The &man.icmp.4; now always quotes the entire TCP header 1063 when responding and allocate an mbuf cluster if needed. 1064 This change fixes the TCP issues raised in I-D 1065 <filename>draft-gont-icmp-payload-00.txt</filename>.</para> 1066 1067 <para>A new socket option <literal>IP_MINTTL</literal> has been added. 1068 This may be used to set the minimum acceptable 1069 TTL a packet must have when received on a socket. 1070 All packets with a lower TTL are silently dropped. 1071 This works on already connected/connecting and 1072 listening sockets for RAW, UDP, and TCP. This option 1073 is only really useful when set to <literal>255</literal>, preventing packets 1074 from outside the directly connected networks reaching 1075 local listeners on sockets. Also, this option allows 1076 userland implementation of <quote>The Generalized TTL 1077 Security Mechanism (GTSM)</quote> found in RFC 3682.</para> 1078 1079 <para>The kernel &man.ppp.4; driver now supports IPv6.</para> 1080 1081 <para>Stealth forwarding now supports IPv6 as well as IPv4. 1082 This behavior can be controlled by using a new sysctl variable 1083 <varname>net.inet6.ip6.stealth</varname>.</para> 1084 1085 <para>The <literal>PIM</literal> kernel option has been removed. 1086 The corresponding code is now included in the 1087 <literal>MROUTING</literal> kernel option.</para> 1088 1089 <para>Support has been added for the Stream Control Transmission 1090 Protocol (SCTP). SCTP implements a reliable, message-oriented 1091 transport protocol, and is defined in RFC 3268. It is enabled 1092 in &os; with the <literal>SCTP</literal> kernel option.</para> 1093 1094 <para>The <literal>IPV6_V6ONLY</literal> socket option 1095 now works for UDP.</para> 1096 1097 <para>The <literal>TCP_DROP_SYNFIN</literal> kernel option is now 1098 included in the kernel by default. The 1099 <varname>net.inet.tcp.drop_synfin</varname> sysctl variable still 1100 defaults to <literal>0</literal>.</para> 1101 1102 <para>The TCP bandwidth-delay product limiting feature has 1103 been disabled when the RTT is below a certain threshold. 1104 This optimization does not make sense on a LAN, as it has 1105 trouble figuring out the maximal bandwidth due to the coarse 1106 tick granularity. A new sysctl variable 1107 <varname>net.inet.tcp.inflight.rttthresh</varname> specifies 1108 the threshold in milliseconds below which this feature 1109 will disengage. It defaults to 10ms. &merged;</para> 1110 1111 <para>The &os; network stack now has support for TCP 1112 Segmentation Offload (TSO). TSO reduces the overhead of 1113 sending bulk TCP data by allowing a network interface to 1114 convert a large data transfer into multiple TCP segments to be 1115 sent on the network. This functionality can be enabled or 1116 disabled on a per-interface basis with 1117 the <literal>tso</literal> and <literal>-tso</literal> flags 1118 to &man.ifconfig.8;. Network interfaces and drivers 1119 supporting TSO currently include &man.em.4;, 1120 &man.mxge.4; and &man.cxgb.4;.</para> 1121 1122 <para>&os; now supports auto-sizing of TCP socket buffers. This 1123 allows the socket buffer sizes to adapt dynamically to network 1124 conditions, rather than being set statically. The behavior of 1125 this feature can be controlled using 1126 the <varname>net.inet.tcp.sendbuf_*</varname> 1127 and <varname>net.inet.tcp.recvbuf_*</varname> sysctl 1128 variables.</para> 1129 1130 <para>The <varname>net.link.tap.up_on_open</varname> sysctl variable 1131 has been added to the &man.tap.4; driver. If enabled, new tap 1132 devices will marked <literal>up</literal> upon creation. &merged; 1133 </para> 1134 1135 <para>Support for &man.kqueue.2; operations has been added to 1136 the &man.tun.4; driver. &merged;</para> 1137 1138 </sect3> 1139 1140 <sect3 id="disks"> 1141 <title>Disks and Storage</title> 1142 1143 <para>The &man.aac.4; driver now supports the Adaptec 2610SA SATA-RAID 1144 controller in some Hewlett-Packard machines.</para> 1145 1146 <para>The performance of the &man.amr.4; driver has been improved; 1147 it also now supports full 64-bit DMA. While this feature is 1148 enabled by default, this can be forced off by setting the 1149 <varname>hw.amr.force_sg32</varname> loader tunable for 1150 debugging purpose. 1151 &merged;</para> 1152 1153 <para>The &man.amr.4; driver now supports the &man.ioctl.2; requests 1154 necessary for the Linux LSI MegaRaid tools in &os;'s Linux emulation 1155 environment. 1156 &merged;</para> 1157 1158 <para>The &man.arcmsr.4; driver has been updated to version 1159 1.20.00.13. &merged;</para> 1160 1161 <para>The &man.ahc.4; driver is now MPSAFE.</para> 1162 1163 <para>The &man.ahd.4; driver is now MPSAFE.</para> 1164 1165 <para>The &man.ata.4; driver now supports a workaround 1166 for some controllers whose DMA does not work properly 1167 in 48bit mode. For affected controllers, 1168 PIO mode will be used for access to areas beyond 137GB. 1169 &merged;</para> 1170 1171 <para>The &man.ata.4; driver now supports the ITE IT8211F IDE controller, 1172 and the Promise PDC40718 and PDC40719 chip found in Promise 1173 Fasttrak TX4300. 1174 &merged;</para> 1175 1176 <para>The &man.ata.4; driver now supports DMA for kernel crash dumps, 1177 as well as crash dumping to an &man.ataraid.4; device. 1178 &merged;</para> 1179 1180 <para>The &man.ata.4; driver now supports USB mass storage class 1181 devices. To enable it, a line <literal>device atausb</literal> 1182 in the kernel configuration file or loading the 1183 <filename>atausb</filename> kernel module is needed. 1184 Note that this functionality cannot coexist with the 1185 &man.umass.4; driver. &merged;</para> 1186 1187 <para>The &man.ataraid.4; driver now supports 1188 JMicron ATA RAID metadata. &merged;</para> 1189 1190 <para>The CAM subsystem is now MPSAFE.</para> 1191 1192 <para>The &man.ciss.4; driver is now MPSAFE.</para> 1193 1194 <para>The <literal>GEOM_LABEL</literal> class now supports 1195 Ext2FS, NTFS, and ReiserFS. &merged;</para> 1196 1197 <para>The <literal>GEOM_MIRROR</literal> class now supports 1198 kernel crash dumps to the GEOM providers. 1199 &merged;</para> 1200 1201 <para>The <literal>GEOM_MIRROR</literal> and <literal>GEOM_RAID3</literal> 1202 classes now support sysctl variables 1203 <varname>kern.geom.mirror.disconnect_on_failure</varname> 1204 and 1205 <varname>kern.geom.graid3.disconnect_on_failure</varname> 1206 to control whether failed components will be disconnected or not. 1207 The default value is <literal>1</literal> to preserve the current 1208 behavior, and if it is set to <literal>0</literal> such components 1209 are not disconnected and the kernel will try to still use them 1210 (only the first error will be logged). 1211 This is helpful for the case of multiple broken components (in 1212 different places), so actually all data is available. 1213 The broken components will be visible in <command>gmirror list</command> 1214 or <command>graid3 list</command> output with flag 1215 <literal>BROKEN</literal>. 1216 &merged;</para> 1217 1218 <para>The <literal>GEOM_MIRROR</literal> and <literal>GEOM_RAID3</literal> 1219 classes now use parallel I/O requests for synchronization 1220 to improve the performance. New sysctl variables 1221 <varname>kern.geom.mirror.sync_requests</varname> and 1222 <varname>kern.geom.raid3.sync_requests</varname> 1223 define how many parallel I/O requests should be used. 1224 Also, the sysctl variables 1225 <varname>kern.geom.mirror.reqs_per_sync</varname>, 1226 <varname>kern.geom.mirror.syncs_per_sec</varname>, 1227 <varname>kern.geom.raid3.reqs_per_sync</varname>, and 1228 <varname>kern.geom.raid3.syncs_per_sec</varname> 1229 are deprecated and have been removed. 1230 &merged;</para> 1231 1232 <para>A new GEOM_MULTIPATH class has been added to support 1233 multiple access paths to disk devices. The &man.gmultipath.8; 1234 utility has been added to control the behavior of disk devices 1235 using this feature.</para> 1236 1237 <para>A new GEOM class <literal>GEOM_ZERO</literal> has been added. 1238 It creates a very huge provider (41PB) <filename>/dev/gzero</filename> 1239 and is mainly useful for performance testing. 1240 On <literal>BIO_READ</literal> request it zero-fills 1241 <varname>bio_data</varname> and on <literal>BIO_WRITE</literal> 1242 it does nothing. 1243 &merged;</para> 1244 1245 <para>The GEOM class kernel module <filename>g_md.ko</filename> 1246 has been renamed to <filename>geom_md.ko</filename> 1247 for consistency.</para> 1248 1249 <para>[&arch.amd64;, &arch.i386;] The hptiop(4) driver has been added. 1250 It supports the Highpoint RocketRAID 3xxx series of controllers.</para> 1251 1252 <para>[&arch.amd64;, &arch.i386;] The &man.hptmv.4; driver has been updated and now supports 1253 amd64 as well as PAE.</para> 1254 1255 <para>The &man.isp.4; driver is now MPSAFE.</para> 1256 1257 <para>The &man.mfi.4; driver, which supports 1258 the LSI MegaRAID SAS controller family, has been added. 1259 &merged;</para> 1260 1261 <para>The &man.mpt.4; driver has been updated to support 1262 various new features such as RAID volume and RAID member 1263 state/settings reporting, periodic volume re-synchronization 1264 status reporting, and sysctl variables for volume 1265 re-synchronization rate, volume member write cache status, 1266 and volume transaction queue depth.</para> 1267 1268 <para>The &man.mpt.4; driver now supports SAS HBA (partially), 1269 64-bit PCI, and large data transfer.</para> 1270 1271 <para>The &man.mpt.4; driver is now MPSAFE.</para> 1272 1273 <para>The &man.twa.4; driver has been updated to the 3.60.03.006 1274 release on the 3ware Web site. &merged;</para> 1275 1276 <para>A new GEOM-based disk encryption facility, GEOM_ELI, has been 1277 added. It uses the &man.crypto.9; framework for hardware acceleration 1278 and supports different cryptographic algorithms. See &man.geli.8; for 1279 more information. &merged;</para> 1280 1281 <para>The &man.geli.8; disk encryption system now supports loading keyfiles before the root 1282 file system is mounted. &merged; 1283 For example, the following entries 1284 can be used in <filename>/boot/loader.conf</filename> to enable 1285 it:</para> 1286 1287 <programlisting>geli_da0_keyfile0_load="YES" 1288geli_da0_keyfile0_type="da0:geli_keyfile0" 1289geli_da0_keyfile0_name="/boot/keys/da0.key0" 1290geli_da0_keyfile1_load="YES" 1291geli_da0_keyfile1_type="da0:geli_keyfile1" 1292geli_da0_keyfile1_name="/boot/keys/da0.key1" 1293geli_da0_keyfile2_load="YES" 1294geli_da0_keyfile2_type="da0:geli_keyfile2" 1295geli_da0_keyfile2_name="/boot/keys/da0.key2" 1296 1297geli_da1s3a_keyfile0_load="YES" 1298geli_da1s3a_keyfile0_type="da1s3a:geli_keyfile0" 1299geli_da1s3a_keyfile0_name="/boot/keys/da1s3a.key"</programlisting> 1300 1301 <para>&man.geli.8; is now able to perform data integrity 1302 verification (data authentication) of encrypted data stored on 1303 disk. Note that the encryption algorithm is now specified to 1304 the &man.geli.8; control program using the <option>-e</option> 1305 option; the <option>-a</option> option is now used to specify 1306 the authentication algorithm. &merged;</para> 1307 1308 <para>The scsi_sg driver, which emulates a significant 1309 subset of the Linux SCSI SG passthrough device API, has 1310 been added. It is 1311 intended to allow programs running under Linux emulation 1312 (as well as native &os; applications) to access the 1313 <filename>/dev/sg<replaceable>*</replaceable></filename> 1314 devices supported by Linux. &merged;</para> 1315 1316 <para>The &man.umass.4; driver now supports 1317 <literal>PLAY_MSF</literal>, 1318 <literal>PLAY_TRACK</literal>, 1319 <literal>PLAY_TRACK_REL</literal>, 1320 <literal>PAUSE</literal>, 1321 <literal>PLAY_12</literal> commands so that 1322 the &man.cdcontrol.1; utility can handle a USB CD drive.</para> 1323 </sect3> 1324 1325 <sect3 id="fs"> 1326 <title>File Systems</title> 1327 1328 <para>[&arch.amd64;, &arch.i386;, &arch.pc98;] The &man.linsysfs.5; 1329 pseudo-file system driver has been added. 1330 It provides a subset of the 1331 Linux <filename>sys</filename> file system, and is required for 1332 the correct operation of some Linux binaries (such as the LSI 1333 MegaRAID SAS utility). &merged;</para> 1334 1335 <para>A part of the FreeBSD NFS subsystem (the interface with 1336 the protocol stack and callouts, the NFS client side) is now MPSAFE.</para> 1337 1338 <para>The &man.pseudofs.9; pseudo file system construction kit and 1339 all of its consumers (&man.procfs.5;, &man.linprocfs.5; and 1340 &man.linsysfs.5;), are now MPSAFE.</para> 1341 1342 <para>The unionfs file system has been re-implemented. This 1343 version solves many crashing and locking issues compared to 1344 the previous implementation. It also adds 1345 new <quote>transparent</quote> and <quote>masquerade</quote> 1346 modes for automatically creating files in the upper file system 1347 layer of unions. More information can be found in the 1348 &man.mount.unionfs.8; manual page. &merged;</para> 1349 1350 <para>[&arch.amd64;, &arch.i386;, &arch.pc98;] Support for Sun's ZFS has been 1351 added. More information about this file system can be found 1352 in the &man.zfs.8; manual page or 1353 on the <ulink url="http://www.opensolaris.org/os/community/zfs/"> 1354 OpenSolaris ZFS page</ulink>.</para> 1355 1356 <para>Initial (read-only) support for SGI's XFS file system has been 1357 added.</para> 1358 </sect3> 1359 </sect2> 1360 1361 <sect2 id="userland"> 1362 <title>Userland Changes</title> 1363 1364 <para>The addr2ascii() and ascii2addr() library calls, originally 1365 introduced by the INRIA IPv6 implementation, have been removed 1366 from <filename>libc</filename>. They have no consumers in the 1367 &os; base system. In a related change, support 1368 for <literal>AF_LINK</literal> addresses has been added to 1369 &man.getnameinfo.3;.</para> 1370 1371 <para>Padding of <varname>ai_addrlen</varname> 1372 in <varname>struct addrinfo</varname> has been removed, 1373 which was originally for the ABI compatibility. 1374 For example, this change breaks the ABI compatibility of the 1375 &man.getaddrinfo.3; function on 64-bit architectures, including 1376 &os;/amd64, &os;/ia64, and &os;/sparc64.</para> 1377 1378 <para>The &man.asf.8; utility has been revised and extended. Now 1379 it can operate via several interfaces including &man.kvm.3;, 1380 which supports not only live systems, but also kernel crash dumps. 1381 &merged;</para> 1382 1383 <para>The &man.arp.8; utility now allows the <option>-i</option> 1384 option together with the <option>-d</option> and <option>-a</option> options 1385 to allow all entries for a given interface to be removed. &merged;</para> 1386 1387 <para>The OpenBSM userland tools, including &man.audit.8;, 1388 &man.auditd.8;, 1389 &man.auditreduce.1;, and 1390 &man.praudit.1;, have been added. &merged;</para> 1391 1392 <para>The &man.bsdiff.1; and &man.bspatch.1; utilities 1393 have been added. These are tools for constructing and 1394 applying binary patches. &merged;</para> 1395 1396 <para>The &man.bsnmpd.1; utility now supports the Host Resources 1397 MIB described in RFC 2790. &merged;</para> 1398 1399 <para>&man.cached.8; has been added. It is a daemon that caches 1400 the results of nsswitch lookups (such as those to the password, 1401 group, and services databases) for improved performance.</para> 1402 1403 <para>The &man.cmp.1; utility now supports an <option>-h</option> 1404 flag to compare the symbolic link itself rather than the 1405 file that the link points to. &merged;</para> 1406 1407 <para>The &man.config.8; utility now supports the <literal>nocpu</literal> 1408 directive, which cancels the effect of a 1409 previous <literal>cpu</literal> directive. &merged;</para> 1410 1411 <para>The &man.config.8; utility now reads <filename>DEFAULTS</filename> 1412 kernel configuration file if it exists in the current directory 1413 before the specified configuration file. &merged;</para> 1414 1415 <para>The &man.cp.1; utility now supports a <option>-l</option> 1416 option, which causes it to create hardlinks to the source files 1417 instead of copying them. &merged;</para> 1418 1419 <para>The &man.csh.1; utility now supports NLS catalogs. 1420 Note that this requires installing 1421 the <filename role="package">shells/tcsh_nls</filename> port. 1422 &merged;</para> 1423 1424 <para>The &man.csup.1; utility has been imported. 1425 This is an implementation of a CVSup-compatible client written 1426 in the C language. Note that it currently supports checkout mode 1427 only. &merged;</para> 1428 1429 <para>The &man.dhclient.8; program now sends the host's name in 1430 DHCP requests if it is not specified in the configuration 1431 file. &merged;</para> 1432 1433 <para>The &man.devd.8; utility now supports a <option>-f</option> option 1434 to specify a configuration file. &merged;</para> 1435 1436 <para>The &man.du.1; program now supports a <option>-n</option> 1437 flag, which causes it to ignore files and directories with 1438 the <literal>nodump</literal> flag set. &merged;</para> 1439 1440 <para>The &man.dump.8; and &man.restore.8; programs now attempt to 1441 save and restore extended attribute information on files.</para> 1442 1443 <para>The &man.fsdb.8; utility now supports changing the birth 1444 time of files on UFS2 file systems using the new 1445 <literal>btime</literal> command. &merged;</para> 1446 1447 <para>The &man.fsdb.8; program now supports 1448 a <literal>findblk</literal> command, which finds the inode(s) 1449 owning a specific disk block. &merged;</para> 1450 1451 <para>The &man.find.1; program now supports <option>-Btime</option> 1452 and other related primaries, which can be used to create expressions 1453 based on a file's creation time. &merged;</para> 1454 1455 <para>T/TCP support in &man.finger.1; (and the <option>-T</option> 1456 flag used to enable it) has been removed.</para> 1457 1458 <para>A bug in the &man.find.1; program which prevents 1459 numeric arguments for <option>-user</option> and 1460 <option>-group</option> from working as expected 1461 has been fixed.</para> 1462 1463 <para>The &man.freebsd-update.8; utility, a tool for managing 1464 binary updates to the &os; base system, has been added. &merged;</para> 1465 1466 <para>The &man.ftpd.8; utility now creates a PID file 1467 <filename>/var/run/ftpd.pid</filename> even when 1468 no <option>-p</option> option is specified. &merged;</para> 1469 1470 <para>The &man.ftpd.8; utility now has support for RFC2389 (FEAT) 1471 and rudimentary support for RFC2640 (UTF8). The RFC2640 support 1472 is optional and can be enabled using the new <option>-8</option> 1473 flag. More information can be found in the &man.ftpd.8; manual 1474 page.</para> 1475 1476 <para>The &man.gbde.8; utility now supports 1477 <option>-k</option> and <option>-K</option> options 1478 to specify a key file in addition to a passphrase.</para> 1479 1480 <para>The &man.getfacl.1; utility now supports 1481 a <option>-q</option> flag to suppress the per-file header 1482 comment listing the file name, owner, and group. 1483 &merged;</para> 1484 1485 <para>The &man.getent.1; utility has been imported from NetBSD. 1486 It retrieves and displays information from an administrative 1487 database (such as <filename>hosts</filename>) using the lookup 1488 order specified in &man.nsswitch.conf.5;. &merged;</para> 1489 1490 <para>The &man.gpt.8; utility now supports setting GPT partition labels.</para> 1491 1492 <para>The &man.gvinum.8; utility now supports commands 1493 to rename objects and to move a subdisk from 1494 one drive to another. &merged;</para> 1495 1496 <para>The &man.gvinum.8; utility now supports the 1497 <command>resetconfig</command> sub-command.</para> 1498 1499 <para>An implementation of Generic Security Service API (GSS-API) 1500 version 2 and its C binding described in RFC2743 and RFC2744 1501 has been added. This is a new extensible GSS-API layer which 1502 can support GSS-API plugins, similar the the Solaris 1503 implementation, and the Kerberos 5 GSS mechanism has 1504 been rewritten as a plugin library for the new implementation.</para> 1505 1506 <para>The &man.hccontrol.8; utility now supports HCI node 1507 autodetection.</para> 1508 1509 <para>The &man.id.1; utility now prints the effective user 1510 ID after the group ID.</para> 1511 1512 <para>The &man.id.1; utility now supports a <option>-A</option> 1513 flag to print process audit properties, including the audit user 1514 id. &merged;</para> 1515 1516 <para>The &man.ifconfig.8; utility now supports 1517 a <option>-k</option> flag to allow printing 1518 potentially sensitive keying material to standard output. 1519 This sensitive information will not be printed by default. 1520 &merged;</para> 1521 1522 <para>The &man.ifconfig.8; utility now supports a <option>-tunnel</option> 1523 parameter, which is just an alias for <option>deletetunnel</option>, 1524 yet is more convenient and easier to type. &merged;</para> 1525 1526 <para>The <option>-vlandev</option> parameter to &man.ifconfig.8; 1527 no longer requires a network interface as its argument. The 1528 argument still is supported for backward compatibility, but 1529 is now deprecated and its use is discouraged. &merged;</para> 1530 1531 <para>The &man.iostat.8; utility now supports 1532 a <option>-x</option> flag (inspired by Solaris) to print 1533 extended disk statistics. If the new <option>-z</option> flag is 1534 also specified, no output is made for disks with no 1535 activity. &merged;</para> 1536 1537 <para>The &man.ipfwpcap.8; utility has been added; it captures 1538 packets on a &man.divert.4; socket and writes them as 1539 &man.pcap.3; (also known as &man.tcpdump.1;) format data to a 1540 file or pipe.</para> 1541 1542 <para>The &man.jail.8; utility supports a <option>-J 1543 <replaceable>jid_file</replaceable></option> option to 1544 write out a JidFile, similar to a PidFile, containing 1545 the jailid, path, hostname, IP and the command used to start 1546 the jail. &merged;</para> 1547 1548 <para>The &man.jail.8; program now supports a <option>-s</option> 1549 option to specify a jail's securelevel. &merged;</para> 1550 1551 <para>The &man.jexec.8; utility now supports <option>-u</option> 1552 and <option>-U</option> flags to specify username credentials 1553 under which a command should be executed. &merged;</para> 1554 1555 <para>The &man.kdump.1; program now supports a <option>-H</option> 1556 flag, which causes kdump to print an additional field holding 1557 the threadid. &merged;</para> 1558 1559 <para>The &man.kdump.1; program now supports a <option>-s</option> 1560 flag to suppress the display of I/O data. &merged;</para> 1561 1562 <para>The &man.kdump.1; program now supports printing 1563 flags in a system call argument by using symbol names.</para> 1564 1565 <para>The &man.kenv.1; utility now supports a <option>-q</option> 1566 flag to suppress warnings.</para> 1567 1568 <para>&man.kgdb.1; now supports a <option>-w</option> 1569 option to open kmem-based targets in read-write mode. 1570 This allows one to use kgdb on <filename>/dev/mem</filename> 1571 and be able to patch memory on a live system.</para> 1572 1573 <para>The &man.lastcomm.1; utility now supports a <option>-X</option> 1574 flag to export accounting data in a text format.</para> 1575 1576 <para>The &man.libarchive.3; library now supports 1577 POSIX.1e-style Extended Attributes.</para> 1578 1579 <para>The &man.libarchive.3; library now contains support for 1580 &man.ar.1;-style archives.</para> 1581 1582 <para>The <application>libc</application> library now includes 1583 initial implementation of symbol maps and symbol version 1584 definitions.</para> 1585 1586 <para>The <application>libedit</application> library has been 1587 updated from the NetBSD source tree as of August 2005.</para> 1588 1589 <para>The <application>libm</application> library now includes 1590 initial implementation of symbol maps and symbol version 1591 definitions.</para> 1592 1593 <para>The &man.libmemstat.3; library has been added. 1594 This is for use by debugging and monitoring applications 1595 in tracking kernel memory statistics. It provides an 1596 abstracted interface to &man.uma.9; and &man.malloc.9; 1597 statistics, wrapped around the binary stream sysctl variables 1598 for the allocators. &merged;</para> 1599 1600 <para>The &man.ln.1; utility now supports 1601 an <option>-F</option> flag, which deletes existing 1602 empty directories when creating symbolic links. 1603 &merged;</para> 1604 1605 <para>The &man.locate.1; utility now supports 1606 a <option>-0</option> flag to make this utility 1607 interoperable with &man.xargs.1;'s <option>-0</option> flag. 1608 &merged;</para> 1609 1610 <para>The &man.logger.1; utility now supports 1611 a <option>-P</option>, which specifies the port to which syslog 1612 messages should be sent. &merged;</para> 1613 1614 <para>The &man.ls.1; utility now supports 1615 an <option>-I</option> flag to disable the automatic 1616 <option>-A</option> flag for the superuser. &merged;</para> 1617 1618 <para>The &man.ls.1; utility now supports 1619 an <option>-U</option> flag to use the file creation 1620 time for sorting. &merged;</para> 1621 1622 <para>A new &man.malloc.3; implementation has been introduced. 1623 This implementation, sometimes referred to 1624 as <quote>jemalloc</quote>, was designed to improve the 1625 performance of multi-threaded programs, particularly on SMP 1626 systems, while preserving the performance of single-threaded 1627 programs. Due to the use of different algorithms and data 1628 structures, jemalloc may expose some previously-unknown bugs in 1629 userland code, although most of the &os; base system and common 1630 ports have been tested and/or fixed.</para> 1631 1632 <para>The &man.mdconfig.8; utility now supports producing 1633 device listings formatted as XML. Currently, the 1634 <command>list</command> and <command>query</command> 1635 sub-commands support this feature.</para> 1636 1637 <para>The &man.mdconfig.8; utility's <option>-u</option> option 1638 now supports specifying multiple devices separated 1639 by comma character.</para> 1640 1641 <para>The &man.mdmfs.8; utility now supports a <option>-P</option> flag 1642 to allow skipping the &man.newfs.8; process 1643 when using a vnode-backed disk.</para> 1644 1645 <para>The &man.mdmfs.8; utility now supports a <option>-E</option> flag 1646 to allow to specify location of the &man.mdconfig.8; 1647 utility instead of using the default one 1648 (<filename>/sbin/mdconfig</filename>).</para> 1649 1650 <para>A new function &man.memmem.3; has been implemented in 1651 <filename>libc</filename>. This is the binary equivalent to 1652 &man.strstr.3; and found in <filename>glibc</filename>.</para> 1653 1654 <para>The &man.mergemaster.8; utility now supports 1655 an <option>-A</option> option to explicitly specify 1656 an architecture to pass through to the underlying makefiles. 1657 &merged;</para> 1658 1659 <para>The &man.mount.8; <literal>nodev</literal> option has 1660 been removed.</para> 1661 1662 <para>The &man.mount.8; utility now supports &man.mqueuefs.5;.</para> 1663 1664 <para>A bug which prevents the &man.mount.8; utility from converting 1665 a read-only mount to read-write via <command>mount -u -o rw</command>, 1666 has been fixed.</para> 1667 1668 <para>The &man.mount.8; utility now supports a 1669 <literal>late</literal> keyword in &man.fstab.5;, along with a 1670 corresponding <option>-l</option> command-line option to specify 1671 that these <quote>late</quote> file systems should be 1672 mounted. &merged;</para> 1673 1674 <para>The &man.moused.8; daemon now supports an <option>-H</option> flag 1675 to enable horizontal virtual scrolling similar to the 1676 <option>-V</option> flag for vertical virtual scrolling. 1677 &merged;</para> 1678 1679 <para>The mrouted(8) multicast routing daemon has been removed 1680 from the &os; base system. It implements the DVMRP multicast 1681 routing protocol, which has largely been replaced by PIM in many 1682 multicast installations. The related map-mbone(8) and mrinfo(8) 1683 utilities have also been removed. These programs are now 1684 available in the &os; Ports Collection 1685 as <filename role="package">net/mrouted</filename>.</para> 1686 1687 <para>The &man.netstat.1; utility now supports an 1688 <option>-h</option> flag for interface stats mode, 1689 which prints all interface statistics in human readable form. &merged;</para> 1690 1691 <para>The &man.netstat.1; utility now supports 1692 printing &man.ipsec.4; protocol statistics if the 1693 kernel was compiled with <literal>FAST_IPSEC</literal> 1694 rather than the KAME IPSEC stack. 1695 Note that the output of <command>netstat -s -p ipsec</command> 1696 differs depending on which stack is compiled into 1697 the kernel since they each keep different statistics. &merged;</para> 1698 1699 <para>The <filename>/etc/nsswitch.conf</filename> file is now 1700 installed statically instead of being generated on every 1701 reboot.</para> 1702 1703 <para>The objformat(1) utility and getobjformat(3) library (the 1704 last remnants of a.out object file support) have been removed.</para> 1705 1706 <para>The &man.periodic.8; daily script now supports 1707 display of the status of &man.gmirror.8;, &man.graid3.8;, 1708 &man.gstripe.8;, and &man.gconcat.8; devices. 1709 Note that these are disabled by default. &merged;</para> 1710 1711 <para>A new function, &man.pidfile.3;, which provides reliable 1712 pidfiles handling, has been implemented in 1713 <filename>libutil</filename>. &merged;</para> 1714 1715 <para>The &man.ping.8; utility now supports a <quote>sweeping 1716 ping</quote> in which &man.icmp.4; payload of 1717 packets being sent is increased with given step. 1718 This is useful for testing problematic channels, MTU issues 1719 or traffic policing functions in networks. &merged;</para> 1720 1721 <para>The &man.ping.8; command now supports a <option>-W</option> 1722 option to specify the maximum time to wait for an echo reply. 1723 &merged;</para> 1724 1725 <para>The &man.pkill.1; utility now supports a 1726 <option>-F</option> option which allows to 1727 restrict matches to a process whose PID is stored in the 1728 pidfile file. When another new option <option>-L</option> 1729 is also specified, the pidfile file must be locked with the 1730 &man.flock.2; syscall or created with &man.pidfile.3;.</para> 1731 1732 <para>The &man.pkill.1; utility now supports a 1733 <option>-I</option> flag which works like <option>-i</option> 1734 of &man.rm.1;. When this flag is specified, &man.pkill.1; 1735 will ask for confirmation before sending a signal to 1736 each matching process.</para> 1737 1738 <para>The &man.pkill.1; utility (also known as &man.pgrep.1;) has 1739 been moved from <filename>/usr/bin</filename> 1740 to <filename>/bin</filename> so that it can be used by startup 1741 scripts. Symbolic links from its former location have been 1742 created for backward compatibility. &merged;</para> 1743 1744 <para>The &man.pmcstat.8; program has seen several enhancements: 1745 It can now log over a network socket to a remote host. The 1746 <option>-c</option> now takes a comma-seperated list of CPUs 1747 to configure for PMC allocation. The <option>-t</option> option 1748 has been enhanced to take a regular expression for selecting 1749 processes based on their command names. &man.pmcstat.8; now 1750 allocates system PMCs on all CPUs by default, not just CPU 0.</para> 1751 1752 <para>The &man.powerd.8; program now supports a 1753 <option>-P</option> option, which specifies a pidfile to use.</para> 1754 1755 <para>An extensible implementation of &man.printf.3;, compatible 1756 with GLIBC, has been added to <filename>libc</filename>. It is 1757 only used if the environment variable 1758 <varname>USE_XPRINTF</varname> is defined, one of the extension 1759 functions is called, or the global variable 1760 <varname>__use_xprintf</varname> is set to a value greater than 1761 <literal>0</literal>. Five extensions are currently supported: 1762 <literal>%H</literal> (hex dump), 1763 <literal>%T</literal> (<varname>time_t</varname> and 1764 time-related structures), 1765 <literal>%M</literal> (errno message), 1766 <literal>%Q</literal> (double-quoted, escaped string), 1767 <literal>%V</literal> (&man.strvis.3;-format string), 1768 &merged;</para> 1769 1770 <para>The DNS resolver library in &os;'s <application>libc</application> 1771 has been updated to that from BIND 9.3.3. &merged;</para> 1772 1773 <para>The &man.rfcomm.sppd.1; program now supports service names 1774 in addition to <option>-c</option> option with channel number. 1775 The supported names are: DUN (Dial-Up Networking), FAX (Fax), 1776 LAN (LAN Access Using PPP), and SP (Serial Port). &merged;</para> 1777 1778 <para>The &man.rpcbind.8; program can now bind its TCP listening 1779 socket to an IP address other than INADDR_ANY using the 1780 <option>-h</option> flag. The new <option>-6</option> flag allows 1781 it to bind to IPv6 addresses only.</para> 1782 1783 <para>The &man.rpcgen.1; utility now generates headers and stub files 1784 that can be used with ANSI C compilers by default.</para> 1785 1786 <para>The &man.rpc.lockd.8; and &man.rpc.statd.8; programs now 1787 accept <option>-p</option> options to indicate which port they 1788 should bind to. &merged;</para> 1789 1790 <para>The &man.rtld.1; runtime linker now supports ELF symbol versioning 1791 using GNU semantics. This implementation aims to be compatible 1792 with symbol versioning support as implemented by GNU libc and 1793 documented in <ulink url="http://people.redhat.com/~drepper/symbol-versioning"></ulink> 1794 and LSB 3.0. Also, <function>dlvsym()</function> 1795 function has been added to 1796 allow lookups for a specific version of a given symbol.</para> 1797 1798 <para>A bug in the &man.sed.1; utility which can cause 1799 incorrect calculation of pattern space length in some cases 1800 has been fixed.</para> 1801 1802 <para>The <option>-h</option> flag to &man.setfacl.1; now properly 1803 sets the ACL on a symbolic link, not the link target.</para> 1804 1805 <para>The &man.sh.1; utility now supports a <literal>times</literal> 1806 built-in command. &merged;</para> 1807 1808 <para>The &man.snapinfo.8; utility, which shows snapshot locations 1809 on UFS file systems, has been added. &merged;</para> 1810 1811 <para>The &man.sockstat.1; utility, which shows connected and 1812 listening network sockets, now supports a new <option>-P</option> 1813 command-line option, which can be used to filter displayed sockets 1814 by protocol name (as listed in &man.protocols.5;).</para> 1815 1816 <para>The &man.strtonum.3; library function has been implemented 1817 based on OpenBSD's implementation. This is an improved version of 1818 &man.strtoll.3;. &merged;</para> 1819 1820 <para>The &man.sysctl.8; utility now supports a <option>-q</option> 1821 flag to suppress a limited set of warnings and errors.</para> 1822 1823 <para>The &man.tail.1; utility now supports a <option>-q</option> 1824 flag to suppress header lines when multiple files are 1825 specified. &merged;</para> 1826 1827 <para>The version of tcpslice in the &os; base system has been 1828 removed due to obsolescence. A more up-to-date version can be 1829 found in the Ports Collection 1830 as <filename role="package">net/tcpslice</filename>.</para> 1831 1832 <para>The &man.time.1; utility now prints the time that a given 1833 command has been running if sent a <literal>SIGINFO</literal> signal.</para> 1834 1835 <para>The &man.top.1; program now supports a <option>-a</option> 1836 flag to display process titles from their argument vectors; 1837 this feature is useful for watching processes that change their 1838 titles via &man.setproctitle.3;.</para> 1839 1840 <para>The &man.top.1; program now supports a <option>-j</option> 1841 flag to display the &man.jail.8; ID for each process. &merged;</para> 1842 1843 <para>The &man.traceroute.8; program now supports 1844 a <option>-D</option> flag, which causes it to display the 1845 differences between the sent and received 1846 packets. &merged;</para> 1847 1848 <para>The &man.traceroute.8; utility now supports 1849 a <option>-e</option> option, which sets a fixed destination 1850 port for probe packets. This can be useful for tracing behind 1851 packet-filtering firewalls. &merged;</para> 1852 1853 <para>&man.traceroute.8; now decodes the complete set of ICMP 1854 unreachable messages in its output. &merged;</para> 1855 1856 <para>The &man.truss.1; utility now supports an <option>-s</option> 1857 flag for the same functionality as the strace utility 1858 (<filename role="package">devel/strace</filename>).</para> 1859 1860 <para>The &man.truss.1; utility no longer depends on the availability 1861 of the &man.procfs.5; file system; it uses the &man.ptrace.2; 1862 interface instead for controlling a traced process.</para> 1863 1864 <para>[&arch.powerpc;] The &man.truss.1; utility now supports &os;/powerpc.</para> 1865 1866 <para>The usbd(8) utility has been removed. 1867 The &man.devd.8; utility and its configuration 1868 file now support functionality which is equivalent to it.</para> 1869 1870 <para>The &man.uuidgen.1; utility has been moved from 1871 <filename>/usr/bin</filename> to <filename>/bin</filename>.</para> 1872 1873 <para>The vnconfig(8) utility, which was long ago replaced by 1874 &man.mdconfig.8;, has been removed.</para> 1875 1876 <para>The &man.xargs.1; utility now supports a <option>-r</option> 1877 flag which makes the command execution when the standard input 1878 does not contain any non-whitespace-characters. &merged;</para> 1879 1880 <para>The shared library version number of all libraries has 1881 been updated due to some possible ABI changes. The libraries 1882 include: snmp_<replaceable>*</replaceable>, libdialog, libg2c, libobjc, 1883 libreadline, libregex, libstdc++, libkrb5, libalias, libarchive, 1884 libbegemot, libbluetooth, libbsnmp, libbz2, libc_r, libcrypt, 1885 libdevstat, libedit, libexpat, libfetch, libftpio, libgpib, 1886 libipsec, libkiconv, libmagic, libmp, libncp, libncurses, 1887 libnetgraph, libngatm, libopie, libpam, libpthread, libradius, 1888 libsdp, libsmb, libtacplus, libthr, libthread_db, libugidfw, 1889 libusbhid, libutil, libvgl, libwrap, libypclnt, libm, libcrypto, 1890 libssh, and libssl.</para> 1891 1892 <para>The <function>wcsdup()</function> function has been 1893 implemented. This function is popular in Microsoft and GNU 1894 systems.</para> 1895 1896 <para>The &man.wpa.passphrase.8; utility has been added. It 1897 generates a 256-bit pre-shared WPA key from an ASCII 1898 passphrase. &merged;</para> 1899 1900 <para>The compiler toolchain is now capable of generating 1901 executables for systems using the ARM processor. &merged;</para> 1902 1903 <sect3 id="rc-scripts"> 1904 <title><filename>/etc/rc.d</filename> Scripts</title> 1905 1906 <para>The <filename>auditd</filename> script for 1907 OpenBSM &man.auditd.8; has been added. &merged;</para> 1908 1909 <para>The <filename>bluetooth</filename> script 1910 has been added. This script will be called from 1911 &man.devd.8; in response to device attachment/detachment 1912 events and to stop/start particular device without unplugging 1913 it by hand. The configuration parameters are in 1914 <filename>/etc/defaults/bluetooth.device.conf</filename>, 1915 and can be overridden by using 1916 <filename>/etc/bluetooth/<replaceable>$device</replaceable>.conf</filename> 1917 (where <replaceable>$device</replaceable> is <devicename>ubt0</devicename>, 1918 <devicename>btcc0</devicename>, and so on.) 1919 For more details, see &man.bluetooth.conf.5;. &merged;</para> 1920 1921 <para>The <filename>ftpd</filename> script for 1922 stand-alone &man.ftpd.8; has been added.</para> 1923 1924 <para>The <filename>gbde_swap</filename> script has 1925 been removed in favor a new <filename>encswap</filename> 1926 script which also supports &man.geli.8; for swap 1927 encryption.</para> 1928 1929 <para>The <filename>geli</filename> and <filename>geli2</filename> 1930 scripts has been added for &man.geli.8; device 1931 configuration on boot.</para> 1932 1933 <para>The <filename>ike</filename> script for 1934 IPsec IKE daemon has been removed because no such daemon 1935 is included in the base system.</para> 1936 1937 <para>The <filename>hcsecd</filename> and 1938 <filename>sdpd</filename> scripts have been added 1939 for &man.hcsecd.8; and &man.sdpd.8; daemons. 1940 These daemons can run even if no Bluetooth devices 1941 are attached to the system, but both daemons depend on 1942 Bluetooth socket layer and thus disabled by default. 1943 Bluetooth sockets layer must be either loaded 1944 as a module or compiled into kernel before the daemons can run. 1945 &merged;</para> 1946 1947 <para>The <filename>hostapd</filename> script for 1948 &man.hostapd.8; has been added. &merged;</para> 1949 1950 <para>The <filename>mdconfig</filename> script to 1951 handle vnode backed &man.md.4; devices has been added. 1952 This is a replacement of the <filename>ramdisk</filename> 1953 script, and all of variables in <varname>ramdisk_*</varname> 1954 have been changed to <varname>mdconfig_*</varname>. 1955 Also, two new &man.rc.conf.5; variables 1956 <varname>mdconfig_<replaceable>*</replaceable>_files</varname> 1957 and 1958 <varname>mdconfig_<replaceable>*</replaceable>_cmd</varname> 1959 have been added. For example:</para> 1960 1961 <programlisting>mdconfig_md0="-t malloc -s 10m" 1962mdconfig_md1="-t vnode -f /var/foo.img"</programlisting> 1963 1964 <para>The <filename>netif</filename> script now supports 1965 <varname>ipv4_addrs_<replaceable>ifn</replaceable></varname> 1966 variables, 1967 which add one or more IPv4 address from a ranged list in 1968 CIDR notation. &merged; For example:</para> 1969 1970 <programlisting>ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28"</programlisting> 1971 1972 <para>The <filename>rcconf.sh</filename> script in <filename>/etc/rc.d</filename> 1973 has been removed and a variable <varname>early_late_divider</varname>, 1974 which designates the script to separate the early and late stages 1975 of the boot process, has been added.</para> 1976 1977 <para>The <filename>rc.initdiskless</filename> script now uses &man.tar.1; 1978 instead of &man.pax.1; because &man.pax.1; needs a writable 1979 temporary directory that may not be available when this script 1980 runs.</para> 1981 1982 <para>The <filename>pccard</filename> script has been removed 1983 since OLDCARD is deprecated.</para> 1984 1985 <para>The <filename>ppp-user</filename> script has been renamed to 1986 <filename>ppp</filename>. &merged;</para> 1987 1988 <para>The <varname>removable_interfaces</varname> variable 1989 has been removed.</para> 1990 1991 <para>A new keyword <literal>NOAUTO</literal> in 1992 <varname>ifconfig_<replaceable>ifn</replaceable></varname> 1993 has been added. This prevents configuration of an interface 1994 at boot time or via <filename>/etc/pccard_ether</filename>, 1995 and allows <filename>/etc/rc.d/netif</filename> 1996 to be used to start and stop an interface 1997 on a purely manual basis.</para> 1998 </sect3> 1999 </sect2> 2000 2001 <sect2 id="contrib"> 2002 <title>Contributed Software</title> 2003 2004 <para><application>Intel ACPI-CA</application> 2005 has been updated to 20070320.</para> 2006 2007 <para><application>BIND</application> has been updated from 9.3.1 2008 to 9.3.4. &merged;</para> 2009 2010 <para><application>BSNMPD</application> has been updated from 2011 1.11 to 1.12.</para> 2012 2013 <para><application>BZIP2</application> has been updated from 2014 1.0.3 to 1.0.4.</para> 2015 2016 <para><application>DRM</application> has 2017 been updated to a snapshot from DRI CVS as of 20060517. 2018 &merged;</para> 2019 2020 <para>The Forth Inspired Command Language (<application>FICL</application>) 2021 used in the boot loader has been updated to 3.03.</para> 2022 2023 <para><application>FILE</application> has been updated from 4.12 2024 to 4.17.</para> 2025 2026 <para>The GNU version of <application>gzip</application> has been 2027 replaced with a modified version of gzip ported from NetBSD. 2028 &merged;</para> 2029 2030 <para><application>netcat</application> has been updated from the 2031 version in a 4 February 2005 OpenBSD snapshot to the version 2032 included in OpenBSD 4.1.</para> 2033 2034 <para><application>GCC</application> has been updated from 3.4.4 2035 to 3.4.6. &merged;</para> 2036 2037 <para><application>GNU Readline library</application> has been 2038 updated from 5.0 to 5.2 patch 2. &merged;</para> 2039 2040 <para><application>GNU Troff</application> 2041 has been updated from version 1.19 to version 1.19.2. 2042 &merged;</para> 2043 2044 <para><application>IPFilter</application> has been updated from 2045 4.1.8 to 4.1.13. &merged;</para> 2046 2047 <para><application>less</application> has been updated from v381 2048 to v394. &merged;</para> 2049 2050 <para><application>libpcap</application> has been updated from 2051 0.9.1 to 0.9.4. &merged;</para> 2052 2053 <para><application>lukemftpd</application> has been updated from a 2054 snapshot from NetBSD as of 9 August 2004 to a snapshot from 2055 NetBSD as of 31 August 2006. &merged;</para> 2056 2057 <para><application>OpenSSH</application> has been updated from 2058 4.2p1 to 4.5p1. &merged;</para> 2059 2060 <para><application>OpenSSL</application> has been updated from 2061 0.9.7e to 0.9.8e.</para> 2062 2063 <para><application>ncurses</application> has been updated from 2064 5.2-20020615 to 5.6-20061217. ncurses now also has wide 2065 character support. &merged;</para> 2066 2067 <para><application>hostapd</application> 2068 has been updated from version 0.3.9 to version 0.4.8. 2069 &merged;</para> 2070 2071 <para><application>sendmail</application> has been updated from 2072 8.13.4 to 8.14.1. &merged;</para> 2073 2074 <para><application>tcpdump</application> has been updated from 2075 3.9.1 to 3.9.4. &merged;</para> 2076 2077 <para>The timezone database has been updated from the 2078 <application>tzdata2005l</application> release to the 2079 <application>tzdata2006n</application> release. &merged;</para> 2080 2081 <para><application>tip</application> has been updated to a 2082 snapshot from OpenBSD as of 20060831.</para> 2083 2084 <para>TrustedBSD <application>OpenBSM</application>, 2085 version 1.0 alpha 14, an implementation of the documented Sun Basic 2086 Security Module (BSM) Audit API and file format, as well as local 2087 extensions to support the Mac OS X and &os; operating systems 2088 has been added. This also includes command line tools for audit 2089 trail reduction and conversion to text and XML, as well as 2090 documentation of the commands, file format, and APIs. 2091 For this functionality, the <literal>AUDIT</literal> kernel option, 2092 <filename>/var/audit</filename> directory, and 2093 <literal>audit</literal> group have been added. &merged;</para> 2094 2095 <para><application>WPA Supplicant</application> 2096 has been updated from version 0.3.9 to version 0.4.8. 2097 &merged;</para> 2098 2099 <para><application>zlib</application> 2100 has been updated from version 1.2.2 to version 1.2.3. &merged;</para> 2101 </sect2> 2102 2103 <sect2 id="ports"> 2104 <title>Ports/Packages Collection Infrastructure</title> 2105 2106 <para>&man.pkg.add.1; now supports an <option>-F</option> 2107 flag to disable checking whether the same package is already 2108 installed or not. &merged;</para> 2109 2110 <para>The &man.pkg.add.1; program now supports an <option>-P</option> 2111 flag, which is the same as the <option>-p</option> flag 2112 except that the given prefix is also used recursively for the 2113 dependency packages if any. &merged;</para> 2114 2115 <para>The &man.pkg.add.1; and &man.pkg.create.1; utilities now support 2116 a <option>-K</option> flag to save packages to the current directory 2117 (or <varname>PKGDIR</varname> if defined) by default. 2118 &merged;</para> 2119 2120 <para>The &man.pkg.create.1; program now supports an <option>-x</option> 2121 flag to support basic regular expressions for package name, 2122 an <option>-E</option> flag for extended regular 2123 expressions, and a <option>-G</option> for exact matching. &merged;</para> 2124 2125 <para>The &man.pkg.version.1; utility now supports an <option>-o</option> 2126 flag to show the origin recorded on package generation 2127 instead of the package name, and an <option>-O</option> flag 2128 to list packages with a specific registered origin. 2129 &merged;</para> 2130 2131 <para>The &man.portsnap.8; utility (<filename>sysutils/portsnap</filename>) 2132 has been added into the &os; base system. This is a secure, 2133 easy to use, fast, lightweight, and generally good way for 2134 users to keep their ports trees up to date. &merged;</para> 2135 2136 <para>A incorrect handling of <varname>HTTP_PROXY_AUTH</varname> 2137 in the &man.portsnap.8; utility has been fixed. &merged;</para> 2138 2139 <para>The startup scripts from the <varname>local_startup</varname> 2140 directory now evaluated by using &man.rcorder.8; with scripts 2141 in the base system. &merged;</para> 2142 2143 <para>The suffix of startup scripts from the Ports Collection 2144 has been removed. This means <filename>foo.sh</filename> 2145 is renamed to <filename>foo</filename>, and now 2146 scripts whose name is something like 2147 <filename>foo.ORG</filename> will also be invoked. 2148 You are recommended to reinstall packages which install 2149 such scripts and remove extra files in the 2150 <varname>local_startup</varname> directory. &merged;</para> 2151 2152 <para>New <filename>rc.conf</filename> variables, 2153 <varname>ldconfig_local_dirs</varname> and 2154 <varname>ldconfig_local32_dirs</varname> have been added. 2155 These hold lists of local &man.ldconfig.8; directories. 2156 &merged;</para> 2157 2158 <para>The <command>@cwd</command> command in 2159 <filename>pkg-plist</filename> now allows 2160 the case where no directory argument is given. If no 2161 directory argument is given, it will set current 2162 working directory to the first prefix given by the 2163 <command>@cwd</command> command. &merged;</para> 2164 </sect2> 2165 2166 <sect2 id="releng"> 2167 <title>Release Engineering and Integration</title> 2168 2169 <para>The default partition sizing algorithm of the 2170 &man.sysinstall.8; utility has been changed.</para> 2171 2172 <itemizedlist> 2173 <listitem> 2174 <para>On systems where the disk capacity is larger than (3 * RAMsize + 10GB), 2175 the default sizes will now be as follows:</para> 2176 2177 <informaltable frame="none" pgwide="0"> 2178 <tgroup cols="2"> 2179 <colspec colwidth="1*"> 2180 <colspec colwidth="2*"> 2181 <thead> 2182 <row> 2183 <entry>Partition</entry> 2184 <entry>Size</entry> 2185 </row> 2186 </thead> 2187 2188 <tbody> 2189 <row><entry>swap</entry><entry>RAMsize * 2</entry></row> 2190 <row><entry><filename>/</filename></entry><entry>512 MB</entry></row> 2191 <row><entry><filename>/tmp</filename></entry><entry>512 MB</entry></row> 2192 <row><entry><filename>/var</filename></entry><entry>1024 MB + RAMsize</entry></row> 2193 <row><entry><filename>/usr</filename></entry><entry>the rest (8GB or more)</entry></row> 2194 </tbody> 2195 </tgroup> 2196 </informaltable> 2197 </listitem> 2198 2199 <listitem> 2200 <para>On systems where the disk capacity is larger than 2201 (RAMsize / 8 + 2 GB), the default sizes will be 2202 in the following ranges, with space allocated 2203 proportionally:</para> 2204 2205 <informaltable frame="none" pgwide="0"> 2206 <tgroup cols="2"> 2207 <colspec colwidth="1*"> 2208 <colspec colwidth="2*"> 2209 <thead> 2210 <row> 2211 <entry>Partition</entry> 2212 <entry>Size</entry> 2213 </row> 2214 </thead> 2215 2216 <tbody> 2217 <row><entry>swap</entry><entry>from RAMsize / 8 to RAMsize * 2</entry></row> 2218 <row><entry><filename>/</filename></entry><entry>from 256MB to 512MB</entry></row> 2219 <row><entry><filename>/tmp</filename></entry><entry>from 128MB to 512MB</entry></row> 2220 <row><entry><filename>/var</filename></entry><entry>from 128MB to 1024MB</entry></row> 2221 <row><entry><filename>/usr</filename></entry><entry>from 1536MB to 8192MB</entry></row> 2222 </tbody> 2223 </tgroup> 2224 </informaltable> 2225 </listitem> 2226 2227 <listitem> 2228 <para>On systems with even less disk space, the existing behavior is not 2229 changed.</para> 2230 </listitem> 2231 </itemizedlist> 2232 2233 <para>The &man.sysinstall.8; utility now displays the running &os; 2234 version in menu titles. &merged;</para> 2235 2236 <para>A new <literal>showconfig</literal> 2237 target has been added in <filename>src/Makefile</filename> 2238 to show the build configuration of the &os; source tree.</para> 2239 2240 <para>A <filename>/media</filename> directory has been 2241 added to contain mount points for removable media 2242 such as CDROMs, floppy disks, USB drives, and so on. &merged;</para> 2243 2244 <para>The <filename>src.conf</filename> file, which 2245 contains settings that will apply to every build involving 2246 the &os; source tree, has been added. 2247 For details, see &man.build.7; and &man.src.conf.5;.</para> 2248 2249 <para>The supported version of 2250 the <application>GNOME</application> desktop environment 2251 (<filename role="package">x11/gnome2</filename>) has been 2252 updated from 2.10.2 to 2.18.0. As a part of this update, the 2253 default prefix for <application>GNOME</application> (and some 2254 related programs) has moved from 2255 <filename>/usr/X11R6</filename> 2256 to <filename>/usr/local</filename>. &merged;</para> 2257 2258 <para>The supported version of 2259 the <application>KDE</application> desktop environment 2260 (<filename role="package">x11/kde3</filename>) has been 2261 updated from 3.4.2 to 3.5.6. &merged;</para> 2262 2263 <para>[&arch.amd64;, &arch.i386;] The supported Linux emulation now uses the 2264 libraries in the 2265 <filename role="package">emulators/linux_base-fc4</filename> 2266 package. &merged;</para> 2267 2268 <para>The supported version of 2269 the <application>Perl</application> interpreter 2270 (<filename role="package">lang/perl5.8</filename>) has been updated 2271 from 5.8.7 to 5.8.8. &merged;</para> 2272 2273 <para>The supported version of 2274 the <application>&xorg;</application> windowing system 2275 (<filename role="package">x11/xorg</filename>) has been updated 2276 from 6.8.2 to 6.9.0. &merged;</para> 2277 2278 <para>[&arch.pc98;] &os;/pc98 release CDROMs are now 2279 bootable on systems with some supported SCSI adapters. 2280 &merged;</para> 2281 </sect2> 2282 2283 <sect2 id="doc"> 2284 <title>Documentation</title> 2285 2286 <para>Documentation of existing functionality has been improved by 2287 the addition of the following manual pages: 2288 &man.acpi.sony.4;, &man.device.get.sysctl.9;, 2289 &man.ext2fs.5;, 2290 &man.mca.8;, 2291 &man.nanobsd.8;, 2292 &man.snd.mss.4;, &man.snd.t4dwave.4;, 2293 &man.sysctl.9;.</para> 2294 2295 <para>The manual pages for <application>NTP</application> 2296 have been updated to 4.2.0, to match the version of 2297 code actually included in &os;. &merged;</para> 2298 2299 <para>Initial support for kernel subsystem API documentation generating 2300 framework using <filename role="package">devel/doxygen</filename> 2301 has been added into <filename>src/sys/doc/subsys</filename>. 2302 To generate the API document, type <command>make doxygen</command> 2303 in <filename>src/</filename> directory.</para> 2304 </sect2> 2305</sect1> 2306 2307<sect1 id="upgrade"> 2308 <title>Upgrading from previous releases of &os;</title> 2309 2310 <para></para> 2311 2312 <important> 2313 <para>Upgrading &os; should, of course, only be attempted after 2314 backing up <emphasis>all</emphasis> data and configuration 2315 files.</para> 2316 </important> 2317</sect1> 2318</article> 2319