os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/en/releases/4.6R/relnotes-alpha.html
Bruce A. Mah a50755209e Fix up URL references to the Handbook in the 4.6-RELEASE and 5.0-DP1 
release documentation.

With one exception (the 4.6-RELEASE announce.sgml), these are all
generated files.  Usually I would be opposed to editing the generated
output, except that we're already getting bug reports resulting from
changing the way we refer to the Handbook.

Only doing this for 4.6-RELEASE and 5.0-DP1 now because these are the
latest active "releases".

Suggested by:	nik
2002-06-30 21:44:39 +00:00

1048 lines
47 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org">
<title>FreeBSD/alpha 4.6-RELEASE Release Notes</title>
<meta name="GENERATOR" content=
"Modular DocBook HTML Stylesheet Version 1.73 ">
<link rel="STYLESHEET" type="text/css" href="docbook.css">
</head>
<body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link=
"#0000FF" vlink="#840084" alink="#0000FF">
<div class="ARTICLE">
<div class="TITLEPAGE">
<h1 class="TITLE"><a name="AEN2">FreeBSD/alpha 4.6-RELEASE
Release Notes</a></h1>
<h3 class="CORPAUTHOR">The FreeBSD Project</h3>
<p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002 by
The FreeBSD Documentation Project</p>
<p class="PUBDATE">$FreeBSD:
src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v
1.22.2.249 2002/06/02 16:35:29 bmah Exp $<br>
</p>
<div>
<div class="ABSTRACT">
<a name="AEN11"></a>
<p>The release notes for FreeBSD 4.6-RELEASE contain a
summary of the changes made in the FreeBSD base system
since 4.5-RELEASE. Both changes for kernel and userland
are listed, as well as applicable security advisories
for the base system that were issued since the last
release. Some brief remarks on upgrading are also
presented.</p>
</div>
</div>
<hr>
</div>
<div class="TOC">
<dl>
<dt><b>Table of Contents</b></dt>
<dt>1 <a href="#AEN13">Introduction</a></dt>
<dt>2 <a href="#AEN21">What's New</a></dt>
<dd>
<dl>
<dt>2.1 <a href="#KERNEL">Kernel Changes</a></dt>
<dd>
<dl>
<dt>2.1.1 <a href="#AEN51">Processor/Motherboard
Support</a></dt>
<dt>2.1.2 <a href="#AEN57">Boot Loaders</a></dt>
<dt>2.1.3 <a href="#AEN62">Network Interface
Support</a></dt>
<dt>2.1.4 <a href="#AEN125">Network
Protocols</a></dt>
<dt>2.1.5 <a href="#AEN142">Disks and
Storage</a></dt>
<dt>2.1.6 <a href="#AEN163">Filesystems</a></dt>
<dt>2.1.7 <a href="#AEN166">PCCARD
Support</a></dt>
<dt>2.1.8 <a href="#AEN169">Multimedia
Support</a></dt>
<dt>2.1.9 <a href="#AEN178">Contributed
Software</a></dt>
</dl>
</dd>
<dt>2.2 <a href="#SECURITY">Security
Advisories</a></dt>
<dt>2.3 <a href="#USERLAND">Userland Changes</a></dt>
<dd>
<dl>
<dt>2.3.1 <a href="#AEN465">Contributed
Software</a></dt>
<dt>2.3.2 <a href="#AEN513">Ports/Packages
Collection</a></dt>
</dl>
</dd>
<dt>2.4 <a href="#AEN520">Release Engineering and
Integration</a></dt>
</dl>
</dd>
<dt>3 <a href="#AEN531">Upgrading from previous releases
of FreeBSD</a></dt>
</dl>
</div>
<div class="SECT1">
<hr>
<h1 class="SECT1"><a name="AEN13">1 Introduction</a></h1>
<p>This document contains the release notes for FreeBSD
4.6-RELEASE on the Alpha/AXP hardware platform. It
describes new features of FreeBSD that have been added (or
changed) since 4.5-RELEASE. It also provides some notes on
upgrading from previous versions of FreeBSD.</p>
<p>This distribution of FreeBSD 4.6-RELEASE is a release
distribution. It can be found at <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/releases" target=
"_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/releases</a> or
any of its mirrors. More information on obtaining this (or
other) release distributions of FreeBSD can be found in the
<a href="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors.html"
target="_top">``Obtaining FreeBSD''</a> appendix in the <a
href="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/" target=
"_top">FreeBSD Handbook</a>.</p>
</div>
<div class="SECT1">
<hr>
<h1 class="SECT1"><a name="AEN21">2 What's New</a></h1>
<p>This section describes the most user-visible new or
changed features in FreeBSD since 4.5-RELEASE. Typical
release note items document new drivers or hardware
support, new commands or options, major bugfixes, or
contributed software upgrades. Security advisories for the
base system that were issued after 4.5-RELEASE are also
listed.</p>
<div class="SECT2">
<hr>
<h2 class="SECT2"><a name="KERNEL">2.1 Kernel
Changes</a></h2>
<p>The kernel dump device can now be set via the <tt
class="VARNAME">dumpdev</tt> loader tunable. As a result,
it is now possible to obtain crash dumps from panics
during the late stages of kernel initialization (before
the system enters into single-user mode).</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=snp&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">snp</span>(4)</span></a> device is no
longer static and can now be compiled as a module.</p>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN51">2.1.1
Processor/Motherboard Support</a></h3>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN57">2.1.2 Boot
Loaders</a></h3>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN62">2.1.3 Network
Interface Support</a></h3>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=an&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">an</span>(4)</span></a> driver now
supports Cisco LEAP, as well as the ``Home'' WEP key.
The Linux Aironet utilities are now supported under
emulation.</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=dc&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">dc</span>(4)</span></a> driver now has
support for VLANs.</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=fpa&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">fpa</span>(4)</span></a> driver now
works on Alpha machines.</p>
<p>The my driver, which supports the Myson Fast
Ethernet and Gigabit Ethernet adapters, has been
added.</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=wi&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">wi</span>(4)</span></a> driver now has
support for Prism II and Prism 2.5-based NICs.
104/128-bit WEP now works on Prism cards.</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=wi&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">wi</span>(4)</span></a> driver now
supports using a FreeBSD host as a wireless access
point. This functionality can be enabled using the <tt
class="LITERAL">mediaopt hostap</tt> option of <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ifconfig</span>(8)</span></a>. This
feature requires a wireless adapter based on the Prism
II chipset.</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=wi&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">wi</span>(4)</span></a> driver now has
support for <b class=
"APPLICATION">bsd-airtools</b>.</p>
<p>The xe driver can now be built as a module.</p>
<p>Selected network drivers now implement a
semi-polling mode, which makes systems much more
resilient to attacks and overloads. To enable polling,
the following options are required in a kernel
configuration file:</p>
<pre class="PROGRAMLISTING">
options DEVICE_POLLING
options HZ=1000 # not compulsory but strongly recommended
</pre>
The <tt class="VARNAME">kern.polling.enable</tt> sysctl
variable will then activate polling mode; with the <tt
class="VARNAME">kern.polling.user_frac</tt> sysctl
indicating the percentage of CPU time to be reserved
for userland. The devices initially supporting polling
are <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=dc&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">dc</span>(4)</span></a>, <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=fxp&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">fxp</span>(4)</span></a>, <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=rl&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">rl</span>(4)</span></a>, and <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sis&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sis</span>(4)</span></a>. More details
can be found in the <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=polling&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">polling</span>(4)</span></a> manual
page.<br>
<br>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN125">2.1.4 Network
Protocols</a></h3>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=bridge&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">bridge</span>(4)</span></a> now has
better support for multiple, fully-independent bridging
clusters, and is much more stable in the presence of
dynamic attachments and detatchments. Full support for
VLANs is also supported.</p>
<p>A bug in the IPsec processing for IPv4, which caused
the inbound SPD checks to be ignored, has been
fixed.</p>
<p>A new ng_eiface netgraph module has been added,
which appears as an Ethernet interface but delivers its
Ethernet frames to a Netgraph hook.</p>
<p>A new <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ng_etf&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ng_etf</span>(4)</span></a> netgraph
node allows Ethernet type packets to be filtered to
different hooks depending on ethertype.</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=tcp&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">tcp</span>(4)</span></a> syncache
implementation had a bug that could cause kernel
panics; this has been fixed.</p>
<p>The TCP implementation now properly ignores packets
addressed to IP-layer broadcast addresses.</p>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN142">2.1.5 Disks and
Storage</a></h3>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ahc&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ahc</span>(4)</span></a> driver was
synchronized with the version from FreeBSD -CURRENT as
of 29 April 2002.</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ata</span>(4)</span></a> driver was
synchronized with the driver from FreeBSD -CURRENT as
of 18 March 2002.</p>
<div class="IMPORTANT">
<blockquote class="IMPORTANT">
<p><b>Important:</b> Some users have experienced
problems during testing with ATA tagged queueing.
Typical symptoms are read timeouts at boot time
leading to a failure to mount the root filesystem.
These problems have only appeared on systems having
disks supporting tagged queueing attached to
motherboard ATA controllers. As this feature is
only supported by certain ATA hard disks, and must
be enabled explicitly (by setting <tt class=
"LITERAL">hw.ata.tags="1"</tt> in <tt class=
"FILENAME">/boot/loader.conf</tt>), this should not
pose a problem for a majority of users.</p>
</blockquote>
</div>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ata</span>(4)</span></a> driver now has
support for creating, deleting, querying, and
rebuilding ATA RAIDs under control of <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=atacontrol&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">atacontrol</span>(8)</span></a>.</p>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN163">2.1.6
Filesystems</a></h3>
<p>A bug was been fixed in soft updates that could
cause occasional filesystem corruption if the system is
shut down immediately after performing heavy filesystem
activities, such as installing a new kernel or other
software.</p>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN166">2.1.7 PCCARD
Support</a></h3>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN169">2.1.8 Multimedia
Support</a></h3>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN178">2.1.9 Contributed
Software</a></h3>
<div class="SECT4">
<h4 class="SECT4"><a name="AEN180">2.1.9.1
IPFilter</a></h4>
<p><b class="APPLICATION">IPFilter</b> has been
updated to 3.4.27.</p>
</div>
</div>
</div>
<div class="SECT2">
<hr>
<h2 class="SECT2"><a name="SECURITY">2.2 Security
Advisories</a></h2>
<p>An ``off-by-one'' bug has been fixed in <b class=
"APPLICATION">OpenSSH</b>'s multiplexing code. This bug
could have allowed an authenticated remote user to cause
<a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sshd&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sshd</span>(8)</span></a> to execute
arbitrary code with superuser privileges, or allowed a
malicious SSH server to execute arbitrary code on the
client system with the privileges of the client user.
(See security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
target="_top">FreeBSD-SA-02:13</a>.)</p>
<p>A programming error in <b class="APPLICATION">zlib</b>
could result in attempts to free memory multiple times.
The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=malloc&sektion=3&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">malloc</span>(3)</span></a>/<a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=free&sektion=3&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">free</span>(3)</span></a> routines used
in FreeBSD are not vulnerable to this error, but
applications receiving specially-crafted blocks of
invalid compressed data could be made to function
incorrectly or abort. This <b class=
"APPLICATION">zlib</b> bug has been fixed. For a
workaround and solutions, see security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:18.zlib.v1.2.asc"
target="_top">FreeBSD-SA-02:18</a>.</p>
<p>Bugs in the TCP SYN cache (``syncache'') and SYN
cookie (``syncookie'') implementations, which could cause
legitimate TCP/IP traffic to crash a machine, have been
fixed. For a workaround and patches, see security
advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:20.syncache.asc"
target="_top">FreeBSD-SA-02:20</a>.</p>
<p>A routing table memory leak, which could allow a
remote attacker to exhaust the memory of a target
machine, has been fixed. A workaround and patches can be
found in security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:21.tcpip.asc"
target="_top">FreeBSD-SA-02:21</a>.</p>
<p>A bug with memory-mapped I/O, which could cause a
system crash, has been fixed. For more information about
a solution, see security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:22.mmap.asc"
target="_top">FreeBSD-SA-02:22</a>.</p>
<p>A security hole, in which SUID programs could be made
to read from or write to inappropriate files through
manipulation of their standard I/O file descriptors, has
been fixed. Information regarding a solution can be found
in security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc"
target="_top">FreeBSD-SA-02:23</a>.</p>
<p>Some unexpected behavior could be allowed with <a
href=
"http://www.FreeBSD.org/cgi/man.cgi?query=k5su&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">k5su</span>(8)</span></a> because it does
not require that an invoking user be a member of the <tt
class="GROUPNAME">wheel</tt> group when attempting to
become the superuser (this is the case with <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=su&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">su</span>(1)</span></a>). To avoid this
situation, <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=k5su&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">k5su</span>(8)</span></a> is now
installed non-SUID by default (effectively disabling it).
More information can be found in security advisory <a
href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc"
target="_top">FreeBSD-SA-02:24</a>.</p>
<p>Multiple vulnerabilities were found in the <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=bzip2&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">bzip2</span>(1)</span></a> utility, which
could allow files to be overwritten without warning or
allow local users unintended access to files. These
problems have been corrected with a new import of <b
class="APPLICATION">bzip2</b>. For more information, see
security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc"
target="_top">FreeBSD-SA-02:25</a>.</p>
<p>A bug has been fixed in the implementation of the TCP
SYN cache (``syncache''), which could allow a remote
attacker to deny access to a service when accept filters
(see <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=accept_filter&sektion=9&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">accept_filter</span>(9)</span></a>) were
in use. This bug has been fixed; for more information,
see security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:26.accept.asc"
target="_top">FreeBSD-SA-02:26</a>.</p>
<p>Due to a bug in <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=rc&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">rc</span>(8)</span></a>'s use of shell
globbing, users may be able to remove the contents of
arbitrary files if <tt class=
"FILENAME">/tmp/.X11-unix</tt> does not exist and the
system can be made to reboot. This bug has been corrected
(see security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:27.rc.asc"
target="_top">FreeBSD-SA-02:27</a>).</p>
</div>
<div class="SECT2">
<hr>
<h2 class="SECT2"><a name="USERLAND">2.3 Userland
Changes</a></h2>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=atacontrol&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">atacontrol</span>(8)</span></a> has been
added to control various aspects of the <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ata</span>(4)</span></a> driver.</p>
<p>On ATAPI CDROM drives, <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=cdcontrol&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">cdcontrol</span>(1)</span></a> now
supports a <tt class="LITERAL">speed</tt> command to set
the maximum speed to be used by the drive.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ctags&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ctags</span>(1)</span></a> no longer
creates a corrupt tags file if the source file used <tt
class="LITERAL">//</tt> (C++-style) comments.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=dump&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">dump</span>(8)</span></a> now supplies
progress information in its process title, useful for
monitoring automated backups.</p>
<p><tt class="FILENAME">/etc/rc.firewall</tt> and <tt
class="FILENAME">/etc/rc.firewall6</tt> will no longer
add their own hardcoded rules in the cases of a rules
file in the <tt class="VARNAME">firewall_type</tt>
variable or a non-existent firewall type. (The motivation
for this change is to avoid acting on assumptions about a
site's firewall policies.) In addition, the <tt class=
"LITERAL">closed</tt> firewall type now works as
documented in the <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=rc.firewall&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">rc.firewall</span>(8)</span></a> manual
page.</p>
<p>The functionality of <tt class=
"FILENAME">/etc/security</tt> has been been moved into a
set of scripts under the <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=periodic&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">periodic</span>(8)</span></a> framework,
to make local customization easier and more maintainable.
These scripts now reside in <tt class=
"FILENAME">/etc/periodic/security/</tt>.</p>
<p>The <tt class="OPTION">ether</tt> address family of <a
href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ifconfig</span>(8)</span></a> has been
changed to a more generic <tt class="OPTION">link</tt>
family (<tt class="OPTION">ether</tt> is still accepted
for backwards compatability).</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=fsdb&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">fsdb</span>(8)</span></a> now supports a
<tt class="LITERAL">blocks</tt> command to list the
blocks allocated by a particular inode.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ispppcontrol&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ispppcontrol</span>(8)</span></a> has
been deleted, and its functionality has been folded into
<a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=spppcontrol&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">spppcontrol</span>(8)</span></a>.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=k5su&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">k5su</span>(8)</span></a> is no longer
installed SUID <tt class="USERNAME">root</tt> by default.
Users requiring this feature can either manually change
the permissions on the <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=k5su&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">k5su</span>(8)</span></a> executable or
add <tt class="LITERAL">ENABLE_SUID_K5SU=yes</tt> to <tt
class="FILENAME">/etc/make.conf</tt> before a source
upgrade.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ldd&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ldd</span>(1)</span></a> can now be used
on shared libraries, in addition to executables.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=last&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">last</span>(1)</span></a> now supports a
<tt class="OPTION">-y</tt> flag, which causes the year to
be included in the session start time.</p>
<p><tt class="FILENAME">libstand</tt> now has support for
loading large kernels and modules split across several
physical media.</p>
<p><tt class="FILENAME">libusb</tt> has been renamed as
<tt class="FILENAME">libusbhid</tt>, following NetBSD's
naming conventions.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=lpd&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">lpd</span>(8)</span></a> now recognizes
the <tt class="OPTION">-s</tt> flag as the preferred
synonym for <tt class="OPTION">-p</tt> (these flags cause
<a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=lpd&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">lpd</span>(8)</span></a> not to open a
socket for network print jobs).</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=lpd&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">lpd</span>(8)</span></a> now implements a
new <tt class="LITERAL">rc</tt> printcap option. When
specified in a print queue for a remote host, boolean
option causes <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=lpd&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">lpd</span>(8)</span></a> to resend the
data file for each copy the user requested via <tt class=
"COMMAND">lpr -#<tt class=
"REPLACEABLE"><i>n</i></tt></tt>.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ls&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ls</span>(1)</span></a> now accepts a <tt
class="OPTION">-h</tt> flag, which when combined with the
<tt class="OPTION">-l</tt> flag, causes file sizes to be
printed with unit suffixes, such that the number of
digits printed is fewer than four.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=m4&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">m4</span>(1)</span></a> now accepts a <tt
class="OPTION">-s</tt> flag to cause it to emit <tt
class="LITERAL">#line</tt> directives for use by <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=cpp&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">cpp</span>(1)</span></a>.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=mergemaster&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">mergemaster</span>(8)</span></a> now
supports two new flags. The <tt class="OPTION">-p</tt>
flag enables a ``pre-<tt class=
"LITERAL">buildworld</tt>'' mode to compare files known
to be essential to the success of the <tt class=
"LITERAL">buildworld</tt> and <tt class=
"LITERAL">installworld</tt> system updating steps. The
<tt class="OPTION">-C</tt> flag, used after a successful
<a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=mergemaster&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">mergemaster</span>(8)</span></a> run,
compares options in <tt class=
"FILENAME">/etc/rc.conf</tt> to the default options in
<tt class="FILENAME">/etc/defaults/rc.conf</tt>.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ngctl&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ngctl</span>(8)</span></a> now supports a
<tt class="OPTION">write</tt> command to send a data
packet down a given hook.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=patch&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">patch</span>(1)</span></a> now accepts a
<tt class="OPTION">-i</tt> command-line flag to read a
patch from a file, rather than standard input.</p>
<p>A <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=pam_ssh&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">pam_ssh</span>(8)</span></a> module has
been added to allow the use of SSH passphrases and
keypairs for authentication. This module also handles
session management by invoking <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ssh-agent&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ssh-agent</span>(1)</span></a>.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=pr&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">pr</span>(1)</span></a> now supports the
<tt class="OPTION">-f</tt> and <tt class="OPTION">-p</tt>
flags to pause output going to a terminal.</p>
<p>The <tt class="OPTION">-W</tt> option to <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ps&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ps</span>(1)</span></a> (to extract
information from a specified swap device) has been
useless for some time; it has been removed.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=reboot&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">reboot</span>(8)</span></a> now takes a
<tt class="OPTION">-k</tt> to specify the next kernel to
boot.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sshd&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sshd</span>(8)</span></a> no longer emits
fake S/Key challenges for users who do not have S/Key
enabled. The prior behavior created confusing, useless
one-time-password prompts when using some newer SSH
clients to connect to a FreeBSD system.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sysinstall</span>(8)</span></a> now has
rudimentary support for retrieving packages from the
correct volume of a multiple-volume installation (such as
a multi-CD distribution).</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=tftp&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">tftp</span>(1)</span></a> and <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=tftpd&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">tftpd</span>(8)</span></a> now support
IPv6.</p>
<p>The <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=usbhidctl&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">usbhidctl</span>(1)</span></a> utility
has been added to manipulate USB Human Interface
Devices.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=uuencode&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">uuencode</span>(1)</span></a> and <a
href=
"http://www.FreeBSD.org/cgi/man.cgi?query=uudecode&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">uudecode</span>(1)</span></a> now accept
a <tt class="OPTION">-o</tt> option to set their output
files. <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=uuencode&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">uuencode</span>(1)</span></a> can now be
made to do base64 encoding when given the <tt class=
"OPTION">-m</tt> flag, while <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=uudecode&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">uudecode</span>(1)</span></a> can now
automatically decode base64 files.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=watch&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">watch</span>(8)</span></a> now takes a
<tt class="OPTION">-f</tt> option to specify a <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=snp&sektion=4&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">snp</span>(4)</span></a> device to
use.</p>
<p>Locales with names of the form <tt class=
"LITERAL">*.EUC</tt> have been renamed to the form <tt
class="LITERAL">*.euc??</tt>. For example, <tt class=
"LITERAL">ja_JP.EUC</tt> has become <tt class=
"LITERAL">ja_JP.eucJP</tt>. This improves locale name
compatability with FreeBSD CURRENT, X11R6, and a number
of other UNIX versions.</p>
<p>The locale support was synchronized with the code from
FreeBSD -CURRENT. This change brings support for the <tt
class="LITERAL">LC_NUMERIC</tt>, <tt class=
"LITERAL">LC_MONETARY</tt>, and <tt class=
"LITERAL">LC_MESSAGES</tt> categories, as well as
improvements to <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=strftime&sektion=3&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">strftime</span>(3)</span></a>, revised
locale definitions, and improvement of the localization
of many base system programs.</p>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN465">2.3.1 Contributed
Software</a></h3>
<p><b class="APPLICATION">BIND</b> has been updated to
8.3.2-T1B.</p>
<p><b class="APPLICATION">bzip2</b> has been updated to
1.0.2.</p>
<p><b class="APPLICATION">Heimdal Kerberos</b> has been
updated to 0.4e.</p>
<p>The <b class="APPLICATION">ISC DHCP</b> client has
been updated to 3.0.1RC8.</p>
<p><b class="APPLICATION">texinfo</b> has been updated
to 4.1.</p>
<p>The timezone database has been updated to the <tt
class="FILENAME">tzdata2002c</tt> release.</p>
<div class="SECT4">
<hr>
<h4 class="SECT4"><a name="AEN479">2.3.1.1
Sendmail</a></h4>
<p><b class="APPLICATION">sendmail</b> has been
updated to 8.12.3. <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sendmail</span>(8)</span></a> is no
longer installed as a set-user-ID <tt class=
"USERNAME">root</tt> binary (now set-group-ID <tt
class="GROUPNAME">smmsp</tt>). See <tt class=
"FILENAME">/usr/src/contrib/sendmail/RELEASE_NOTES</tt>
and <tt class="FILENAME">/etc/mail/README</tt> for
more information.</p>
<p>With this <b class="APPLICATION">sendmail</b>
upgrade, multiple <b class="APPLICATION">sendmail</b>
daemons (some required to handle outgoing mail) are
started by <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=rc&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">rc</span>(8)</span></a>, even if the
<tt class="VARNAME">sendmail_enable</tt> variable is
set to <tt class="LITERAL">NO</tt>. To completely
disable <b class="APPLICATION">sendmail</b>, <tt
class="VARNAME">sendmail_enable</tt> must be set to
<tt class="LITERAL">NONE</tt>. Alternatively, for
systems using a different MTA, the <tt class=
"VARNAME">mta_start_script</tt> variable can be used
to point to a different startup script (more details
can be found in <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=rc.sendmail&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">rc.sendmail</span>(8)</span></a>).</p>
<p>The permissions for <b class=
"APPLICATION">sendmail</b> alias and map databases
built via <tt class=
"FILENAME">/etc/mail/Makefile</tt> now default to
mode 0640 to protect against a file locking local
denial of service. It can be changed by setting the
new <tt class="VARNAME">SENDMAIL_MAP_PERMS</tt> <tt
class="FILENAME">make.conf</tt> option.</p>
<p>The permissions for the <b class=
"APPLICATION">sendmail</b> statistics file, <tt
class="FILENAME">/var/log/sendmail.st</tt>, have been
changed from mode 0644 to mode 0640 to protect
against a file locking local denial of service.</p>
</div>
</div>
<div class="SECT3">
<hr>
<h3 class="SECT3"><a name="AEN513">2.3.2 Ports/Packages
Collection</a></h3>
<p>The Ports Collection infrastructure now uses <b
class="APPLICATION">XFree86</b> 4.2.0 as the default
version of the X Window System for the purposes of
satisfying dependencies. To return to using <b class=
"APPLICATION">XFree86</b> 3.3.6, add the following line
to <tt class="FILENAME">/etc/make.conf</tt>:</p>
<pre class="PROGRAMLISTING">
XFREE86_VERSION=3
</pre>
</div>
</div>
<div class="SECT2">
<hr>
<h2 class="SECT2"><a name="AEN520">2.4 Release
Engineering and Integration</a></h2>
<p><b class="APPLICATION">XFree86</b> 4.2.0 is now the
default version of the X Window System supported by <a
href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sysinstall</span>(8)</span></a>. It
installs <b class="APPLICATION">XFree86</b> as a set of
standard binary packages, so the usual package utilities
such as <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=pkg_info&sektion=1&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">pkg_info</span>(1)</span></a> can be used
to examine/manipulate its components.</p>
</div>
</div>
<div class="SECT1">
<hr>
<h1 class="SECT1"><a name="AEN531">3 Upgrading from
previous releases of FreeBSD</a></h1>
<p>If you're upgrading from a previous release of FreeBSD,
you generally will have three options:</p>
<ul>
<li>
<p>Using the binary upgrade option of <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-RELEASE">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sysinstall</span>(8)</span></a>. This
option is perhaps the quickest, although it presumes
that your installation of FreeBSD uses no special
compilation options.</p>
</li>
<li>
<p>Performing a complete reinstall of FreeBSD.
Technically, this is not an upgrading method, and in
any case is usually less convenient than a binary
upgrade, in that it requires you to manually backup and
restore the contents of <tt class="FILENAME">/etc</tt>.
However, it may be useful in cases where you want (or
need) to change the partitioning of your disks.</p>
</li>
<li>
<p>From source code in <tt class=
"FILENAME">/usr/src</tt>. This route is more flexible,
but requires more disk space, time, and more technical
expertise. Upgrading from very old versions of FreeBSD
may be problematic; in cases like this, it is usually
more effective to perform a binary upgrade or a
complete reinstall.</p>
</li>
</ul>
<br>
<br>
<p>Please read the <tt class="FILENAME">INSTALL.TXT</tt>
file for more information, preferably <span class=
"emphasis"><i class="EMPHASIS">before</i></span> beginning
an upgrade. If you are upgrading from source, please be
sure to read <tt class="FILENAME">/usr/src/UPDATING</tt> as
well.</p>
<p>Finally, if you want to use one of various means to
track the -STABLE or -CURRENT branches of FreeBSD, please
be sure to consult the <a href=
"http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html"
target="_top">``-CURRENT vs. -STABLE''</a> section of the
<a href="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/" target=
"_top">FreeBSD Handbook</a>.</p>
<div class="IMPORTANT">
<blockquote class="IMPORTANT">
<p><b>Important:</b> Upgrading FreeBSD should, of
course, only be attempted after backing up <span class=
"emphasis"><i class="EMPHASIS">all</i></span> data and
configuration files.</p>
</blockquote>
</div>
</div>
</div>
<hr>
<p align="center"><small>This file, and other release-related
documents, can be downloaded from <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/releases">ftp://ftp.FreeBSD.org/pub/FreeBSD/releases</a>.</small></p>
<p align="center"><small>For questions about FreeBSD, read the
<a href="http://www.FreeBSD.org/docs.html">documentation</a>
before contacting &#60;<a href=
"mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.</small></p>
<p align="center"><small>For questions about this
documentation, e-mail &#60;<a href=
"mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</small></p>
<br>
<br>
</body>
</html>
Reference in a new issue View git blame Copy permalink