doc/en_US.ISO8859-1/htdocs/releases/5.3R/relnotes-ia64.html

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org" />
<title>FreeBSD/ia64 5.3-RELEASE Release Notes</title>
<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.7" />
<link rel="STYLESHEET" type="text/css" href="docbook.css" />
</head>
<body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084"
alink="#0000FF">
<div class="ARTICLE">
<div class="TITLEPAGE">
<h1 class="TITLE"><a id="AEN2" name="AEN2">FreeBSD/ia64 5.3-RELEASE Release
Notes</a></h1>

<h3 class="CORPAUTHOR">The FreeBSD Project</h3>

<p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002, 2003, 2004 The FreeBSD
Documentation Project</p>

<p class="PUBDATE">$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v
1.761.2.12.2.3 2004/11/03 10:12:51 hrs Exp $<br />
</p>

<div>
<div class="ABSTRACT"><a id="AEN13" name="AEN13"></a>
<p>The release notes for FreeBSD 5.3-RELEASE contain a summary of the changes made to the
FreeBSD base system since 5.2.1-RELEASE. This document lists applicable security
advisories that were issued since the last release, as well as significant changes to the
FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.</p>
</div>
</div>

<hr />
</div>

<div class="TOC">
<dl>
<dt><b>Table of Contents</b></dt>

<dt>1 <a href="#INTRO">Introduction</a></dt>

<dt>2 <a href="#NEW">What's New</a></dt>

<dd>
<dl>
<dt>2.1 <a href="#SECURITY">Security Advisories</a></dt>

<dt>2.2 <a href="#KERNEL">Kernel Changes</a></dt>

<dd>
<dl>
<dt>2.2.1 <a href="#BOOT">Boot Loader Changes</a></dt>

<dt>2.2.2 <a href="#PROC">Hardware Support</a></dt>

<dt>2.2.3 <a href="#NET-PROTO">Network Protocols</a></dt>

<dt>2.2.4 <a href="#DISKS">Disks and Storage</a></dt>

<dt>2.2.5 <a href="#FS">File Systems</a></dt>

<dt>2.2.6 <a href="#AEN925">Contributed Software</a></dt>
</dl>
</dd>

<dt>2.3 <a href="#USERLAND">Userland Changes</a></dt>

<dd>
<dl>
<dt>2.3.1 <a href="#RC-SCRIPTS"><tt class="FILENAME">/etc/rc.d</tt> Scripts</a></dt>
</dl>
</dd>

<dt>2.4 <a href="#CONTRIB">Contributed Software</a></dt>

<dt>2.5 <a href="#PORTS">Ports/Packages Collection Infrastructure</a></dt>

<dt>2.6 <a href="#RELENG">Release Engineering and Integration</a></dt>

<dt>2.7 <a href="#DOC">Documentation</a></dt>
</dl>
</dd>

<dt>3 <a href="#UPGRADE">Upgrading from previous releases of FreeBSD</a></dt>
</dl>
</div>

<div class="SECT1">
<h2 class="SECT1"><a id="INTRO" name="INTRO">1 Introduction</a></h2>

<p>This document contains the release notes for FreeBSD 5.3-RELEASE on the IA-64 hardware
platform. It describes recently added, changed, or deleted features of FreeBSD. It also
provides some notes on upgrading from previous versions of FreeBSD.</p>

<p>This distribution of FreeBSD 5.3-RELEASE is a release distribution. It can be found at
<a href="ftp://ftp.FreeBSD.org/" target="_top">ftp://ftp.FreeBSD.org/</a> or any of its
mirrors. More information on obtaining this (or other) release distributions of FreeBSD
can be found in the <a
href="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors.html"
target="_top">``Obtaining FreeBSD'' appendix</a> to the <a
href="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/" target="_top">FreeBSD
Handbook</a>.</p>

<p>All users are encouraged to consult the release errata before installing FreeBSD. The
errata document is updated with ``late-breaking'' information discovered late in the
release cycle or after the release. Typically, it contains information on known bugs,
security advisories, and corrections to documentation. An up-to-date copy of the errata
for FreeBSD 5.3-RELEASE can be found on the FreeBSD Web site.</p>
</div>

<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="NEW" name="NEW">2 What's New</a></h2>

<p>This section describes the most user-visible new or changed features in FreeBSD since
5.2.1-RELEASE. In general, changes described here are unique to the 5-STABLE branch
unless specifically marked as [MERGED] features.</p>

<p>Typical release note items document recent security advisories issued after
5.3-RELEASE, new drivers or hardware support, new commands or options, major bug fixes,
or contributed software upgrades. They may also list changes to major ports/packages or
release engineering practices. Clearly the release notes cannot list every single change
made to FreeBSD between releases; this document focuses primarily on security advisories,
user-visible changes, and major architectural improvements.</p>

<div class="SECT2">
<hr />
<h3 class="SECT2"><a id="SECURITY" name="SECURITY">2.1 Security Advisories</a></h3>

<p>A bug in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mksnap_ffs&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mksnap_ffs</span>(8)</span></a>
has been fixed; it caused the creation of a file system snapshot to reset the flags on
the file system to their default values. The possible consequences depended on local
usage, but could include disabling extended access control lists or enabling the use of
setuid executables stored on an untrusted file system. This bug also affected the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=dump&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">dump</span>(8)</span></a> <var
class="OPTION">-L</var> option, which uses <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mksnap_ffs&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mksnap_ffs</span>(8)</span></a>.
Note that <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mksnap_ffs&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mksnap_ffs</span>(8)</span></a> is
normally only available to the superuser and members of the <tt
class="GROUPNAME">operator</tt> group. For more information, see security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:01.mksnap_ffs.asc"
target="_top">FreeBSD-SA-04:01</a>.</p>

<p>A bug with the System V Shared Memory interface (specifically the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=shmat&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">shmat</span>(2)</span></a> system
call) has been fixed. This bug can cause a shared memory segment to reference unallocated
kernel memory. In turn, this can permit a local attacker to gain unauthorized access to
parts of kernel memory, possibly resulting in disclosure of sensitive information, bypass
of access control mechanisms, or privilege escalation. More details can be found in
security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc"
target="_top">FreeBSD-SA-04:02</a>. [MERGED]</p>

<p>A programming error in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=jail_attach&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">jail_attach</span>(2)</span></a>
system call has been fixed. This error could allow a process with superuser privileges
inside a <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">jail</span>(8)</span></a>
environment to change its root directory to that of a different jail, and thus gain full
read and write access to files and directories within the target jail. More information
can be found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:03.jail.asc"
target="_top">FreeBSD-SA-04:03</a>.</p>

<p>A potential low-bandwidth denial-of-service attack against the FreeBSD TCP stack has
been prevented by limiting the number of out-of-sequence TCP segments that can be held at
one time. More details can be found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:04.tcp.asc"
target="_top">FreeBSD-SA-04:04</a>. [MERGED]</p>

<p>A bug in <b class="APPLICATION">OpenSSL</b>'s SSL/TLS ChangeCipherSpec message
processing that could result in a null pointer dereference has been fixed. This could
allow a remote attacker to crash an <b class="APPLICATION">OpenSSL</b>-using application
and cause a denial-of-service on the system. More details can be found in security
advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
target="_top">FreeBSD-SA-04:05</a>. [MERGED]</p>

<p>A programming error in the handling of some IPv6 socket options within the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=setsockopt&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">setsockopt</span>(2)</span></a>
system call has been fixed. This allows a local attacker to cause a system panic, and may
allow unauthorized access to parts of kernel memory, possibly resulting in disclosure of
sensitive information, bypass of access control mechanisms, or privilege escalation. More
details can be found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:06.ipv6.asc"
target="_top">FreeBSD-SA-04:06</a>.</p>

<p>Two programming errors in <b class="APPLICATION">CVS</b> have been fixed. They allow a
server to overwrite arbitrary files on the client, and a client to read arbitrary files
on the server when accessing remote CVS repositories. More details can be found in
security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc"
target="_top">FreeBSD-SA-04:07</a>. [MERGED]</p>

<p>A bugfix for <b class="APPLICATION">Heimdal</b> rectifies a problem in which it would
not perform adequate checking of authentication across autonomous realms. For more
information, see security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
target="_top">FreeBSD-SA-04:08</a>. [MERGED]</p>

<p>A programming error in <b class="APPLICATION">CVS</b> which could allow a malicious
client to overwrite arbitrary portions of the server's memory has been fixed. For more
information, see security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc"
target="_top">FreeBSD-SA-04:10</a>. [MERGED]</p>

<p>A potential cache consistency problem of the implementation of the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=msync&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">msync</span>(2)</span></a> system
call involving the <var class="LITERAL">MS_INVALIDATE</var> operation has been fixed.
However, as a side effect of closing this security problem, the <var
class="LITERAL">MS_INVALIDATE</var> flag no longer guarantees that all pages in the range
are invalidated. Users who require the old semantics of <var
class="LITERAL">MS_INVALIDATE</var> and are not concerned with the security issue being
fixed can set the <var class="VARNAME">vm.old_msync</var> sysctl to 1 which will revert
to the old (insecure) behavior. For more information, see security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:11.msync.asc"
target="_top">FreeBSD-SA-04:11</a>. [MERGED]</p>

<p>A programming error in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">jail</span>(2)</span></a> system
call which results in a failure to verify that an attempt to manipulate routing tables
originated from a non-jailed process has been fixed. For more information, see security
advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:12.jail.asc"
target="_top">FreeBSD-SA-04:12</a>. [MERGED]</p>

<p>A programming error in the handling of some Linux system calls which may result in
memory locations being accessed without proper validation has been fixed. For more
information, see security advisory <a
href="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:13.linux.asc"
target="_top">FreeBSD-SA-04:13</a>. [MERGED]</p>

<p>A number of programming errors in <b class="APPLICATION">CVS</b> which allow
information disclosure, denial-of-service, or possibly arbitrary code execution, have
been fixed via an upgrade to <b class="APPLICATION">CVS</b> 1.11.17. For more
information, see security advisory <a
href="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc"
target="_top">FreeBSD-SA-04:14</a>.</p>

<p>A bug in the <var class="LITERAL">CONS_SCRSHOT</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ioctl&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ioctl</span>(2)</span></a> has
been fixed; it may allow unauthorized access to parts of kernel memory, possibly
resulting in disclosure of sensitive information, bypass of access control mechanisms, or
privilege escalation. For more information, see security advisory <a
href="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:15.syscons.asc"
target="_top">FreeBSD-SA-04:15</a>.</p>
</div>

<div class="SECT2">
<hr />
<h3 class="SECT2"><a id="KERNEL" name="KERNEL">2.2 Kernel Changes</a></h3>

<p><var class="LITERAL">ADAPTIVE_MUTEXES</var> has been added and enabled by default.
This changes the behavior of blocking mutexes to spin if the thread that currently owns
the mutex is executing on another CPU. This feature can be disabled explicitly by setting
a kernel option <var class="VARNAME">NO_ADAPTIVE_MUTEXES</var>.</p>

<p>A kernel option <var class="VARNAME">ADAPTIVE_GIANT</var>, which causes the Giant lock
to also be treated in an adaptive fashion when adaptive mutexes are enabled, has been
added. This improves the performance of SMP machines and is enabled by default on the
i386.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=bus_dma&sektion=9&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">bus_dma</span>(9)</span></a>
interface now supports transparently honoring the alignment and boundary constraints in
the DMA tag when loading buffers, and <code class="FUNCTION">bus_dmamap_load()</code>
will automatically use bounce buffers when needed. In addition, a set of sysctls <var
class="VARNAME">hw.busdma.*</var> for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=bus_dma&sektion=9&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">bus_dma</span>(9)</span></a>
statistics has been added.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=contigmalloc&sektion=9&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">contigmalloc</span>(9)</span></a>
function has been reimplemented with an algorithm which stands a greatly-improved chance
of working despite pressure from running programs. The old algorithm can be used by
setting a sysctl <var class="VARNAME">vm.old_contigmalloc</var>. More details can be
found in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=contigmalloc&sektion=9&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">contigmalloc</span>(9)</span></a>
manual page.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=devfs&sektion=5&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">devfs</span>(5)</span></a> path
rules now work correctly on directories.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=getvfsent&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">getvfsent</span>(3)</span></a> API
has been removed.</p>

<p>The <var class="VARNAME">hw.pci.allow_unsupported_io_range</var> loader tunable has
been removed.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">jail</span>(2)</span></a> now
supports the use of raw sockets from within a jail. This feature is disabled by default,
and controlled by using the <var class="VARNAME">security.jail.allow_raw_sockets</var>
sysctl.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=kqueue&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">kqueue</span>(2)</span></a> now
supports a new filter <var class="LITERAL">EVFILT_FS</var> to be used to signal generic
file system events to the user space. Currently, mount, unmount, and up/down status of
NFS are signaled.</p>

<p>KDB, a new debugger framework, has been added. This consists of a new GDB backend,
which has been rewritten to support threading, run-length encoding compression, and so
on, and the frontend that provides a framework in which multiple, different debugger
backends can be configured and which provides basic services to those backends. The
following options have been changed:</p>

<ul>
<li>
<p>KDB is enabled by default via the kernel options <var class="LITERAL">options
KDB</var>, <var class="LITERAL">options GDB</var>, and <var class="LITERAL">options
DDB</var>. Both <var class="LITERAL">DDB</var> and <var class="LITERAL">GDB</var> specify
which KDB backends to include.</p>
</li>

<li>
<p><var class="LITERAL">WITNESS_DDB</var> has been renamed to <var
class="LITERAL">WITNESS_KDB</var>.</p>
</li>

<li>
<p><var class="LITERAL">DDB_TRACE</var> has been renamed to <var
class="LITERAL">KDB_TRACE</var>.</p>
</li>

<li>
<p><var class="LITERAL">DDB_UNATTENDED</var> has been renamed to <var
class="LITERAL">KDB_UNATTENDED</var>.</p>
</li>

<li>
<p><var class="LITERAL">SC_HISTORY_DDBKEY</var> has been renamed to <var
class="LITERAL">SC_HISTORY_KDBKEY</var>.</p>
</li>

<li>
<p><var class="LITERAL">DDB_NOKLDSYM</var> has been removed. The new DDB backend supports
pre-linker symbol lookups as well as KLD symbol lookups at the same time.</p>
</li>

<li>
<p><var class="LITERAL">GDB_REMOTE_CHAT</var> has been removed. The GDB protocol hacks to
allow this are FreeBSD specific. At the same time, the GDB protocol has packets for
console output.</p>
</li>
</ul>

<p>KDB also serves as the single point of contact for any and all code that wants to make
use of the debugger functions, such as entering the debugger or handling of the alternate
break sequence. For this purpose, the frontend has been made non-optional. All debugger
requests are forwarded or handed over to the current backend, if applicable. Selection of
the current backend is done by the <var class="VARNAME">debug.kdb.current</var> sysctl. A
list of configured backends can be obtained with the <var
class="VARNAME">debug.kdb.available</var> sysctl. One can enter the debugger by writing
to the <var class="VARNAME">debug.kdb.enter</var> sysctl.</p>

<p>A new sysctl <var class="VARNAME">debug.kdb.stop_cpus</var> has been added. This
controls whether or not IPI (Inter Processor Interrupts) to other CPUs will be delivered
when entering the debugger, in order to stop them while in the debugger.</p>

<p>A new kernel option <var class="LITERAL">MAC_STATIC</var> which disables internal MAC
Framework synchronization protecting against dynamic load and unload of MAC policies, has
been added.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mac_bsdextended&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">mac_bsdextended</span>(4)</span></a> policy can now apply only the
first matching rule instead of all matching rules. This feature can be enabled by setting
a new sysctl <var class="VARNAME">mac_bsdextended_firstmatch_enabled</var>.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mac_bsdextended&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">mac_bsdextended</span>(4)</span></a> policy can now log failed
attempts to syslog's <var class="LITERAL">AUTHPRIV</var> facility. This feature can be
enabled by setting a new sysctl <var class="VARNAME">mac_bsdextended_logging</var>.</p>

<p>mballoc has been replaced with mbuma, an Mbuf and Cluster allocator built on top of a
number of extensions to the UMA framework. Due to this change, the <var
class="LITERAL">NMBCLUSTERS</var> kernel option is no longer used. The maximum number of
the clusters is still capped off according to <var class="LITERAL">maxusers</var>, but it
can be made unlimited by setting the <var class="VARNAME">kern.ipc.nmbclusters</var>
loader tunable to zero.</p>

<p><tt class="FILENAME">/dev/kmem</tt>, <tt class="FILENAME">/dev/mem</tt>, and <tt
class="FILENAME">/dev/io</tt> are also provided as kernel loadable modules now.</p>

<p>A bug in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mmap&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mmap</span>(2)</span></a> that
could cause pages marked as <var class="LITERAL">PROT_NONE</var> to become readable under
certain circumstances has been fixed. [MERGED]</p>

<p>A new loader tunable <var class="VARNAME">debug.mpsafenet</var> has been added and
enabled by default. This causes the FreeBSD network stack to operate without the Giant
lock, resulting in performance improvement by increasing parallelism and decreasing
latency in network processing. Note that enabling one of the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ng_tty&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ng_tty</span>(4)</span></a>
Netgraph node type, KAME IPsec, and IPX/SPX subsystem results in a boot-time restoration
of Giant-enabled network operation, or run-time warning on dynamic load as these
components require Giant lock for correct operation.</p>

<p>A new kernel option <var class="VARNAME">NET_WITH_GIANT</var> has been added. This
restores the default value of debug.mpsafenet to <var class="LITERAL">0</var>, and is
intended for use on systems compiled with known unsafe components, or where a more
conservative configuration is desired.</p>

<p>A new loader tunable <var class="VARNAME">debug.mpsafevm</var> has been added. This
currently results in almost Giant-free execution of zero-fill page faults.</p>

<p>A devclass level has been added to the dev sysctl tree, in order to support per-class
variables in addition to per-device variables. This means that <var
class="VARNAME">dev.foo0.bar</var> is now called <var
class="VARNAME">dev.foo.0.bar</var>, and it is possible to to have <var
class="VARNAME">dev.foo.bar</var> as well.</p>

<p>A new sysctl, <var class="VARNAME">kern.always_console_output</var>, has been added.
It makes output from the kernel go to the console despite the use of <var
class="VARNAME">TIOCCONS</var>.</p>

<p>A sysctl <var class="VARNAME">kern.sched.name</var> which has the name of the
scheduler currently in use, has been added, and the <var
class="VARNAME">kern.quantum</var> sysctl has been moved to <var
class="VARNAME">kern.sched.quantum</var> for consistency.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pci&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pci</span>(4)</span></a> bus
resource and power management have been updated.</p>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> Although the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pci&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pci</span>(4)</span></a> bus power
state management has been enabled by default, it may cause problems on some systems. This
can be disabled by setting the tunable <var class="VARNAME">hw.pci.do_powerstate</var> to
<var class="LITERAL">0</var>.</p>
</blockquote>
</div>

<br />
<br />
<p>The ULE scheduler has been added as an additional scheduler. Note that the
conventional one, which is called 4BSD, is still used as the default scheduler in the <tt
class="FILENAME">GENERIC</tt> kernel. For the average user, interactivity is reported to
be better in many cases. This means less ``skipping'' and ``jerking'' in interactive
applications while the machine is very busy. This will not prevent problems due to
overloaded disk subsystems, but it does help with overloaded CPUs. On SMP machines, ULE
has per-CPU run queues which allow for CPU affinity, CPU binding, and advanced
HyperThreading support, as well as providing a framework for more optimizations in the
future. As fine-grained kernel locking continues, the scheduler will be able to make more
efficient use of the available parallel resources.</p>

<p>A linear search algorithm used in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vm_map_findspace&sektion=9&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">vm_map_findspace</span>(9)</span></a> has been replaced with an
O(log n) algorithm built into the map entry splay tree. This significantly reduces the
overhead in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vm_map_findspace&sektion=9&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">vm_map_findspace</span>(9)</span></a> for applications that <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mmap&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mmap</span>(2)</span></a> many
hundreds or thousands of regions.</p>

<p>The loader tunables <var class="VARNAME">debug.witness_*</var> have been renamed to
<var class="VARNAME">debug.witness.*</var>.</p>

<p>The FreeBSD dynamic and static linker now support Thread Local Storage (TLS), a <b
class="APPLICATION">GCC</b> feature which supports a <var class="LITERAL">__thread</var>
modifier to the declaration of global and static variables. This extra modifier means
that the variable's value is thread-local; one thread changing its value will not affect
the value of the variable in any other thread.</p>

<p>The kernel's file descriptor allocation code has been updated, and is now derived from
similar code in OpenBSD.</p>

<div class="SECT3">
<hr />
<h4 class="SECT3"><a id="BOOT" name="BOOT">2.2.1 Boot Loader Changes</a></h4>
</div>

<div class="SECT3">
<hr />
<h4 class="SECT3"><a id="PROC" name="PROC">2.2.2 Hardware Support</a></h4>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=acpi_video&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">acpi_video</span>(4)</span></a>
driver has been added to control display switching and backlight brightness using the
ACPI Video Extensions.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nmdm&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nmdm</span>(4)</span></a> driver
has been rewritten to improve its reliability.</p>

<p>The <tt class="DEVICENAME">raid(4)</tt> driver (RAIDframe disk driver from NetBSD) has
been removed. It is currently non-functional, and would require some amount of work to
make it work under the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> API in
5-CURRENT.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pcic&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pcic</span>(4)</span></a> driver
is no longer maintained and has been removed from the <tt class="FILENAME">GENERIC</tt>
kernel configuration file. The entry had actually been commented out for a long time.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ubser&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ubser</span>(4)</span></a> device
driver has been added to support BWCT console management serial adapters.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ucycom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ucycom</span>(4)</span></a> driver
has been added for the Cypress CY7C637xx and CY7C640/1xx families of USB to RS232
bridges, such as the one found in the DeLorme Earthmate USB GPS receiver (which is the
only device currently supported by this driver). This driver is not complete because
there is no support yet for flow control and output.</p>

<p>The device driver infrastructure and many drivers have been updated. Among the
changes: many more drivers now use automatically-assigned major numbers (instead of the
old static major numbers); enhanced functions have been added to support cloning of
pseudo-devices; several changes have been made to the driver API, including a new <var
class="VARNAME">d_version</var> field in <var class="VARNAME">struct cdevsw</var>. Note
that third-party device drivers will require recompiling after this change.</p>

<div class="SECT4">
<hr />
<h5 class="SECT4"><a id="MM" name="MM">2.2.2.1 Multimedia Support</a></h5>

<p>The <tt class="DEVICENAME">meteor</tt> (video capture) driver has been removed due to
breakage and lack of maintainership.</p>

<p>The Direct Rendering Manager (DRM) code has been updated from the DRI Project CVS tree
as of 26 May 2004. This update includes new PCI IDs and a new packet for Radeon.</p>

<p>The drivers for various sound cards have been reorganized; <var class="LITERAL">device
sound</var> is the generic sound driver, and <var class="LITERAL">device snd_*</var> are
device-specific sound drivers now. The <tt class="DEVICENAME">midi</tt> driver, which
supports serial port and several sound cards, has been removed. More details can be found
in the related manual pages: <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sound&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sound</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_ad1816&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_ad1816</span>(4)</span></a>,
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_als4000&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_als4000</span>(4)</span></a>,
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_cmi&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_cmi</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_cs4281&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_cs4281</span>(4)</span></a>,
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_csa&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_csa</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_ds1&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_ds1</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_emu10k1&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_emu10k1</span>(4)</span></a>,
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_es137x&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_es137x</span>(4)</span></a>,
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_gusc&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_gusc</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_maestro3&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_maestro3</span>(4)</span></a>,
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_sbc&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_sbc</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_solo&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">snd_solo</span>(4)</span></a>, and
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=snd_uaudio&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">snd_uaudio</span>(4)</span></a>.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sound&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sound</span>(4)</span></a>
(formerly <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pcm&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pcm</span>(4)</span></a>) driver
has been modified to read <tt class="FILENAME">/boot/device.hints</tt> on startup, to
allow setting of default values for mixer channels. Note that currently the device
driver's name used in <tt class="FILENAME">/boot/device.hints</tt> is still <var
class="LITERAL">pcm</var>. More detailed information and examples can be found in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sound&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sound</span>(4)</span></a> manual
page.</p>
</div>

<div class="SECT4">
<hr />
<h5 class="SECT4"><a id="NET-IF" name="NET-IF">2.2.2.2 Network Interface Support</a></h5>

<p>A short hiccup in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=em&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">em</span>(4)</span></a> driver during
parameter reconfiguration has been fixed. [MERGED]</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fwip&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fwip</span>(4)</span></a> driver,
which supports IP over FireWire, has been added. Note that currently the broadcast
channel number is hardwired and MCAP for multicast channel allocation is not supported.
This driver is intended to conform to the RFC 2734 and RFC 3146 standard for IP over
FireWire and eventually replace the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fwe&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fwe</span>(4)</span></a>
driver.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fxp&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fxp</span>(4)</span></a> now uses
the device sysctl tree such as <var class="VARNAME">dev.fxp0</var>, and those sysctls can
be set on a per-device basis.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fxp&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fxp</span>(4)</span></a> now
provides actual control over its capability to receive extended Ethernet frames,
indicated by the <var class="LITERAL">VLAN_MTU</var> interface capability. It can be
toggled from userland with the aid of the <var class="OPTION">vlanmtu</var> and <var
class="OPTION">-vlanmtu</var> options to <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span></a>.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=hme&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">hme</span>(4)</span></a> driver
now natively supports long frames, so it can be used for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vlan&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">vlan</span>(4)</span></a> with
full Ethernet MTU size.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=hme&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">hme</span>(4)</span></a> driver
now supports TCP/UDP Transmit/Receive checksum offload. Since <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=hme&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">hme</span>(4)</span></a> does not
compensate the checksum for UDP datagram which can yield to <var
class="LITERAL">0x0</var>, UDP transmit checksum offload is disabled by default. This can
be reactivated by setting the special link option <var class="OPTION">link0</var> with <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span></a>.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ixgb&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ixgb</span>(4)</span></a> driver,
which supports Intel PRO/10GBE 10 Gigabit Ethernet cards, has been added. [MERGED]</p>

<p>A bug that prevents VLAN support in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nge&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nge</span>(4)</span></a> driver
from working has been fixed. [MERGED]</p>

<p>Several bugs related to <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=polling&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">polling</span>(4)</span></a>
support in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rl&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">rl</span>(4)</span></a> driver have
been fixed. [MERGED]</p>

<p>Several bugs related to multicast and promiscuous mode handling in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sk&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">sk</span>(4)</span></a> driver have
been fixed.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ste&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ste</span>(4)</span></a> driver
now supports <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=polling&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">polling</span>(4)</span></a>.
[MERGED]</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=udav&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">udav</span>(4)</span></a> driver
has been added. It provides support for USB Ethernet adapters based on the Davicom DM9601
chipset.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vge&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">vge</span>(4)</span></a> driver,
which supports the VIA Networking Technologies VT6122 Gigabit Ethernet chip and
integrated 10/100/1000 copper PHY, has been added.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vr&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">vr</span>(4)</span></a> driver now
supports <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=polling&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">polling</span>(4)</span></a>.
[MERGED]</p>

<p>The hardware TX checksum support in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=xl&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">xl</span>(4)</span></a> driver has been
disabled as it does not work correctly and slows down the transmission rate. [MERGED]</p>

<p>Interface <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=polling&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">polling</span>(4)</span></a>
support can now be enabled on a per-interface basis. The following network drivers
support <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=polling&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">polling</span>(4)</span></a>: <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=dc&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">dc</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fxp&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fxp</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=em&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">em</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ixgb&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ixgb</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nge&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nge</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=re&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">re</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rl&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">rl</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sis&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sis</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ste&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ste</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vge&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">vge</span>(4)</span></a>, and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vr&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">vr</span>(4)</span></a>. And they now
also support this capability and it can be controlled via <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span></a>
except for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ixgb&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ixgb</span>(4)</span></a>.
[MERGED]</p>
</div>
</div>

<div class="SECT3">
<hr />
<h4 class="SECT3"><a id="NET-PROTO" name="NET-PROTO">2.2.3 Network Protocols</a></h4>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=gre&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">gre</span>(4)</span></a> tunnel
driver now supports WCCP version 2.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> rules
now support the <var class="LITERAL">versrcreach</var> option to verify that a valid
route to the source address of a packet exists in the routing table. This option is very
useful for routers with a complete view of the Internet (BGP) in the routing table to
reject packets with spoofed or unroutable source addresses. For example,</p>

<pre class="PROGRAMLISTING">
deny ip from any to any not versrcreach
</pre>

is equivalent to the following in Cisco IOS syntax: 

<pre class="PROGRAMLISTING">
ip verify unicast source reachable-via any
</pre>

<br />
<br />
<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> rules
now support the <var class="LITERAL">antispoof</var> option to verify that an incoming
packet's source address belongs to a directly connected network. If the network is
directly connected, then the interface on which the packet came in is compared to the
interface to which the network is connected. When the incoming interface and the directly
connected interface are not the same, the packet does not match. For example:</p>

<pre class="PROGRAMLISTING">
deny ip from any to any not antispoof in
</pre>

<br />
<br />
<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> rules
now support the <var class="LITERAL">jail</var> option to associate the rule with a
specific prison ID. For example:</p>

<pre class="PROGRAMLISTING">
count ip from any to any jail 2
</pre>

Note that this rule currently applies for TCP and UDP packets only. <br />
<br />
<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> now
supports lookup tables. This feature is useful for handling large sparse address sets.
[MERGED]</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> <var
class="LITERAL">forward</var> rule has to be compiled into the kernel with a kernel
option <var class="LITERAL">IPFIREWALL_FORWARD</var> to enable it.</p>

<p>A new sysctl <var class="VARNAME">net.inet.ip.process_options</var> has been added to
control the processing of IP options. When this sysctl is set to <var
class="LITERAL">0</var>, IP options are ignored and passed unmodified; set to <var
class="LITERAL">1</var>, all IP options are processed (default); and set to <var
class="LITERAL">2</var>, all packets with IP options are rejected with an ICMP filter
prohibited message.</p>

<p>Some bugs in the IPsec implementation from the KAME Project have been fixed. These
bugs were related to freeing memory objects before all references to them were removed,
and could cause erratic behavior or kernel panics after flushing the Security Policy
Database (SPD).</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=natd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">natd</span>(8)</span></a> now
supports multiple instances via a new option <var class="OPTION">globalports</var>. This
allows <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=natd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">natd</span>(8)</span></a> to bind
to different network interfaces and share load.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ng_atmllc&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ng_atmllc</span>(4)</span></a>
Netgraph node type, which handles RFC 1483 ATM LLC encapsulation, has been added.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ng_hub&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ng_hub</span>(4)</span></a>
Netgraph node type, which supports a simple packet distribution that acts like an
Ethernet hub, has been added. [MERGED]</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ng_rfc1490&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ng_rfc1490</span>(4)</span></a>
Netgraph node type now supports Cisco style encapsulation, which is often used alongside
RFC 1490 in frame relay links.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ng_sppp&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ng_sppp</span>(4)</span></a>
Netgraph node type, which is a <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=netgraph&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">netgraph</span>(4)</span></a>
interface to the original <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sppp&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sppp</span>(4)</span></a> network
module for synchronous lines, has been added.</p>

<p>A new Netgraph method has been added to restore some behavior lost in the change from
4.<var class="REPLACEABLE">X</var> style <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ng_tee&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ng_tee</span>(4)</span></a>
Netgraph nodes.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ng_vlan&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ng_vlan</span>(4)</span></a>
Netgraph node type, which supports IEEE 802.1Q VLAN tagging, has been added. [MERGED]</p>

<p><var class="LITERAL">PFIL_HOOKS</var> support is now always compiled into the kernel,
and the associated kernel compile options have been removed. All of the packet filter
subsystems that FreeBSD supports now use the <var class="LITERAL">PFIL_HOOKS</var>
framework.</p>

<p>The link state change notification of Ethernet media support has been added to the
routing socket.</p>

<p>Link Quality Monitoring (LQM) support in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ppp&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ppp</span>(8)</span></a> has been
reimplemented. LQM, which is described in RFC 1989, allows PPP to keep track of the
quality of a running connection. [MERGED]</p>

<p>The pseudo-interface cloning has been updated and the match function to allow creation
of <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=stf&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">stf</span>(4)</span></a>
interfaces named <tt class="DEVICENAME">stf0</tt>, <tt class="DEVICENAME">stf</tt>, or
<tt class="DEVICENAME">6to4</tt>. Note that this breaks backward compatibility; for
example, <tt class="COMMAND">ifconfig stf</tt> now creates the interface named <tt
class="DEVICENAME">stf</tt>, not <tt class="DEVICENAME">stf0</tt>, and does not print <tt
class="DEVICENAME">stf0</tt> to stdout.</p>

<p>The following TCP features are now enabled by default: RFC 3042 (Limited Retransmit),
RFC 3390 (increased initial congestion window sizes), TCP bandwidth-delay product
limiting. The sysctls <var class="VARNAME">net.inet.tcp.rfc3042</var>, <var
class="VARNAME">net.inet.tcp.rfc3390</var>, and <var
class="VARNAME">net.inet.tcp.inflight.enable</var> for these features are available. More
information can be found in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=tcp&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">tcp</span>(4)</span></a>.</p>

<p>FreeBSD's TCP implementation now includes support for a minimum MSS (settable via the
<var class="VARNAME">net.inet.tcp.minmss</var> sysctl variable) and a rate limit on
connections that send many small TCP segments within a short period of time (via the <var
class="VARNAME">net.inet.tcp.minmssoverload</var> sysctl variable). Connections exceeding
this limit may be reset and dropped. This feature provides protection against a class of
resource exhaustion attacks.</p>

<p>The TCP implementation now includes partial (output-only) support for RFC 2385
(TCP-MD5) digest support. This feature, enabled with the <var
class="LITERAL">TCP_SIGNATURE</var> and <var class="LITERAL">FAST_IPSEC</var> kernel
options, is a TCP option for authenticating TCP sessions. <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=setkey&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">setkey</span>(8)</span></a> now
includes support for the TCP-MD5 class of security associations. [MERGED]</p>

<p>The TCP connection reset handling has been improved to make several reset attacks as
difficult as possible while maintaining compatibility with the widest range of TCP
stacks.</p>

<p>The implementation of RFC 1948 has been improved. The time offset component of an
Initial Sequence Number (ISN) now includes random positive increments between clock ticks
so that ISNs will always be increasing, no matter how quickly the port is recycled.</p>

<p>The random ephemeral port allocation, which comes from OpenBSD, has been implemented.
This is enabled by default and can be disabled by using the <var
class="VARNAME">net.inet.ip.portrange.randomized</var> sysctl. [MERGED]</p>

<p>TCP Selective Acknowledgements (SACK) as described in RFC 2018 have been added. This
improves TCP performance over connections with heavy packet loss. SACK can be enabled
with the sysctl <var class="VARNAME">net.inet.tcp.sack.enable</var>.</p>
</div>

<div class="SECT3">
<hr />
<h4 class="SECT3"><a id="DISKS" name="DISKS">2.2.4 Disks and Storage</a></h4>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ata</span>(4)</span></a> driver
now supports <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=cardbus&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">cardbus</span>(4)</span></a>
ATA/SATA controllers.</p>

<p>A number of bugs in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ata</span>(4)</span></a> driver
have been fixed. Most notably, master/slave device detection should work better, and some
problems with timeouts should be resolved.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ata</span>(4)</span></a> driver
now supports the Promise command sequencer present on all modern Promise controllers
(PDC203** PDC206**).</p>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> This also adds preliminary support for the Promise SX4/SX4000 as a
``normal'' Promise ATA controller; ATA RAID's are supported, but only RAID0, RAID1, and
RAID0+1.</p>
</blockquote>
</div>

<br />
<br />
<p>The <var class="LITERAL">DA_OLD_QUIRKS</var> kernel option, which is for the CAM SCSI
disk driver (<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=cam&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">cam</span>(4)</span></a>), has
been removed. [MERGED]</p>

<p>A bug in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> that
could result in I/O hangs in some rare cases has been fixed.</p>

<p>A new <var class="LITERAL">GEOM_CONCAT</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class
has been added to concatenate multiple disks to appear as a single larger disk.</p>

<p>A new <var class="LITERAL">GEOM_NOP</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class
for various testing purposes has been added.</p>

<p>A new <var class="LITERAL">GEOM_RAID3</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class
for RAID3 transformation and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=graid3&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">graid3</span>(8)</span></a>
userland utility have been added.</p>

<p>A new <var class="LITERAL">GEOM_STRIPE</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class
which implements RAID0 transformation has been added. This class has two modes: ``fast''
and ``economic''. In fast mode, when very small stripe size is used, only one I/O request
will be sent to every disk in a stripe; it performs about 10 times faster for small
stripe sizes than economic mode and other RAID0 implementations. While fast mode is used
by default, it consumes more memory than economic mode, which sends requests each time.
Economic mode can be enabled by setting a loader tunable <var
class="VARNAME">kern.geom.stripe.fast</var> to 0. It is also possible to specify the
maximum memory that fast mode can consume, by setting the loader tunable <var
class="VARNAME">kern.geom.stripe.maxmem</var>.</p>

<p>GEOM Gate, which consists of a new <var class="LITERAL">GEOM_GATE</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class
and several GEOM Gate userland utilities (<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ggatel&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ggatel</span>(8)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ggatec&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ggatec</span>(8)</span></a>, and
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ggated&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ggated</span>(8)</span></a>), has
been added. It supports exporting devices, including non <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a>-aware
devices, through the network.</p>

<p>A new <var class="LITERAL">GEOM_LABEL</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class to
detect volume labels on various file systems, such as UFS, MSDOSFS (FAT12, FAT16, FAT32),
and ISO9660, has been added.</p>

<p>A new <var class="LITERAL">GEOM_GPT</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class,
which supports GUID Partition Table (GPT) partitions and the ability to have a large
number of partitions on a single disk, has been added into <tt
class="FILENAME">GENERIC</tt> by default.</p>

<p>A new <var class="LITERAL">GEOM_MIRROR</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class to
support RAID1 functionality has been added. The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=gmirror&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">gmirror</span>(8)</span></a>
utility can be used for control of this class.</p>

<p>A new <var class="LITERAL">GEOM_UZIP</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class to
implement read-only compressed disks has been added. This currently supports cloop V2.0
disk compression format.</p>

<p>A new <var class="LITERAL">GEOM_VINUM</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> class to
support cooperation between <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vinum&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">vinum</span>(4)</span></a> and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> has been
added.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ips&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ips</span>(4)</span></a> driver
now supports the recent Adaptec ServeRAID series SCSI controller cards.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=umass&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">umass</span>(4)</span></a> driver
now supports the missing ATAPI MMC commands and handles the timeout properly.
[MERGED]</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=vinum&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">vinum</span>(4)</span></a> volume
manager has been updated to use the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> disk I/O
request transformation framework. A <tt class="COMMAND">gvinum</tt> userland utility has
been added.</p>

<p>Support for LSI-type software RAID has been added.</p>
</div>

<div class="SECT3">
<hr />
<h4 class="SECT3"><a id="FS" name="FS">2.2.5 File Systems</a></h4>

<p>The EXT2FS file system code now includes partial support for large (&gt; 4GB) files.
This support is partial in that it will refuse to create large files on file systems that
have not been upgraded to <var class="LITERAL">EXT2_DYN_REV</var> or that do not have the
<var class="LITERAL">EXT2_FEATURE_RO_COMPAT_LARGE_FILE</var> flag set in the
superblock.</p>

<p>A panic in the NFSv4 client has been fixed; this occurred when attempting operations
against an NFSv3/NFSv2-only server.</p>

<p>The <var class="LITERAL">MSDOSFS_LARGE</var> kernel option has been added to support
FAT32 file systems bigger than 128GB. This option is disabled by default. It uses at
least 32 bytes of kernel memory for each file on disk; furthermore it is only safe to use
in certain controlled situations, such as read-only mount with less than 1 million files
and so on. Exporting these large file systems over NFS is not supported.</p>

<p>The SMBFS client now has support for SMB request signing, which prevents ``man in the
middle'' attacks and is required in order to connect to Windows 2003 servers in their
default configuration. As signing each message imposes a significant performance penalty,
this feature is only enabled if the server requires it; this may eventually become an
option to <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mount_smbfs&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">mount_smbfs</span>(8)</span></a>.</p>
</div>

<div class="SECT3">
<hr />
<h4 class="SECT3"><a id="AEN925" name="AEN925">2.2.6 Contributed Software</a></h4>

<p>The <b class="APPLICATION">ALTQ framework</b> has been imported from a KAME snapshot
as of 7 June 2004. This import breaks ABI compatibility of <var class="VARNAME">struct
ifnet</var> and requires all network drives to be recompiled. Additionally, some of the
networking drivers have been modified to support the ALTQ framework. Updated drivers are
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=bfe&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">bfe</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=em&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">em</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fxp&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fxp</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=em&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">em</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=lnc&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">lnc</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=tun&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">tun</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=de&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">de</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rl&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">rl</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sis&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sis</span>(4)</span></a>, and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=xl&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">xl</span>(4)</span></a>.</p>

<p><b class="APPLICATION">IPFilter</b> has been updated from version 3.4.31 to version
3.4.35 [MERGED].</p>

<p>An ia64 stack unwinder, <b class="APPLICATION">Unwind Express (libuwx)</b> by
Hewlett-Packard has been imported for use in the kernel.</p>
</div>
</div>

<div class="SECT2">
<hr />
<h3 class="SECT2"><a id="USERLAND" name="USERLAND">2.3 Userland Changes</a></h3>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=acpidump&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">acpidump</span>(8)</span></a> now
supports SSDT tables. Dumping or disassembling the DSDT will now include the contents if
there are any SSDT table as well.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=bsdlabel&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">bsdlabel</span>(8)</span></a> now
supports a <var class="OPTION">-f</var> option to work on files instead of disk
partitions.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=bsdtar&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">bsdtar</span>(1)</span></a> is now
the default <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=tar&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">tar</span>(1)</span></a> utility
in the FreeBSD base system. <tt class="FILENAME">/usr/bin/tar</tt> is a symlink pointing
to <tt class="FILENAME">/usr/bin/bsdtar</tt> by default. To return to using <tt
class="FILENAME">/usr/bin/gtar</tt> by default, the <var class="VARNAME">WITH_GTAR</var>
make variable can be used.</p>

<p>The <tt class="COMMAND">bthidcontrol</tt> and <tt class="COMMAND">bthidd</tt>
commands, which support Bluetooth HIDs (Human Interface Devices), have been added.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=col&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">col</span>(1)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=colcrt&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">colcrt</span>(1)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=colrm&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">colrm</span>(1)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=column&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">column</span>(1)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fmt&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fmt</span>(1)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=join&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">join</span>(1)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rev&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">rev</span>(1)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=tr&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">tr</span>(1)</span></a>, and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ul&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">ul</span>(1)</span></a> now support
multibyte characters.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=conscontrol&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">conscontrol</span>(8)</span></a>
now supports <var class="LITERAL">set</var> and <var class="LITERAL">unset</var> commands
which set/unset the virtual console. <var class="LITERAL">unset</var> makes output from
the system, such as the kernel <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=printf&sektion=9&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">printf</span>(9)</span></a>,
always go to the real main console. This is an interface to the tty ioctl <var
class="LITERAL">TIOCCONS</var>.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=cron&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">cron</span>(8)</span></a> daemon
accepts two new options, <var class="OPTION">-j</var> and <var class="OPTION">-J</var>,
to enable time jitter for jobs to run as unprivileged users and the superuser,
respectively. Time jitter means that <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=cron&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">cron</span>(8)</span></a> will
sleep for a small random period of time in the specified range before executing a job.
This feature is intended to smooth load peaks appearing when a lot of jobs are scheduled
for a particular moment. [MERGED]</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=cut&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">cut</span>(1)</span></a>'s <var
class="OPTION">-c</var>, <var class="OPTION">-d</var>, and <var class="OPTION">-f</var>
options now work correctly in locales with multibyte characters.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=cvs&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">cvs</span>(1)</span></a> now
supports an <var class="OPTION">iso8601</var> option keyword to print dates in ISO 8601
format.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=daemon&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">daemon</span>(8)</span></a> now
supports a <var class="OPTION">-p</var> option to create a PID file.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=dd&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">dd</span>(1)</span></a> now supports a
<var class="OPTION">fillchar</var> option to specify an alternative padding character
when using a conversion mode, or when using <var class="OPTION">noerror</var> with <var
class="OPTION">sync</var> and an input error occurs.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=df&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">df</span>(1)</span></a> now supports a
<var class="OPTION">-c</var> option to display a grand total of statistics for file
systems.</p>

<p>A bug in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=df&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">df</span>(1)</span></a>, which can
print invalid information when a <var class="OPTION">-t</var> option is specified and a
mount point is not accessible by the calling user, has been fixed.</p>

<p>The <tt class="COMMAND">doscmd</tt> utility has been removed from the FreeBSD base
system. It is now available via the <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/emulators/doscmd/pkg-descr"><tt
class="FILENAME">emulators/doscmd</tt></a> port in the FreeBSD Ports Collection.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=dump&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">dump</span>(8)</span></a> and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=restore&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">restore</span>(8)</span></a> now
support a <var class="OPTION">-P</var> option to specify backup methods other than files
and tapes. The argument is passed to a normal <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">sh</span>(1)</span></a> pipeline with
either the <var class="VARNAME">$DUMP_VOLUME</var> or <var
class="VARNAME">$RESTORE_VOLUME</var> environment variable defined, respectively. For
more information, see <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=dump&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">dump</span>(8)</span></a> and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=restore&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">restore</span>(8)</span></a>.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=eeprom&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">eeprom</span>(8)</span></a>
utility to display and modify system configurations stored in EEPROM or NVRAM has been
added. The current implementation supports systems equipped with Open Firmware.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fgetwln&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fgetwln</span>(3)</span></a>
function, a wide character version of <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fgetln&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fgetln</span>(3)</span></a>, has
been added.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=find&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">find</span>(1)</span></a> utility
now supports a <var class="OPTION">-acl</var> primary to locate files with <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=acl&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">acl</span>(3)</span></a>.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=find&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">find</span>(1)</span></a> utility
now supports a new primary <var class="OPTION">-depth <var
class="REPLACEABLE">n</var></var> which tests whether the depth of the current file
relative to the starting point of the traversal is <var class="REPLACEABLE">n</var>.
[MERGED]</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ftpd</span>(8)</span></a> now
opens a socket for a data transfer in active mode using the effective UID of the current
user, not <tt class="USERNAME">root</tt>. This is useful for matching anonymous FTP data
traffic with a single <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(8)</span></a> rule
with <var class="LITERAL">uid</var>.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ftw&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ftw</span>(3)</span></a> and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nftw&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nftw</span>(3)</span></a>
functions to traverse a directory hierarchy have been implemented.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(8)</span></a> utility
for operating on <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">geom</span>(4)</span></a> classes
from the userland has been added.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=gpt&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">gpt</span>(8)</span></a>, a GUID
partition table maintenance utility, now supports a <var class="OPTION">remove</var>
command. Its <var class="OPTION">add</var> command now supports a <var
class="OPTION">-i</var> option, which allows the user to specify the partition number of
a new partition.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=id&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">id</span>(1)</span></a> now supports a
<var class="OPTION">-M</var> option to print the MAC label of the current process.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span></a> now
supports renaming of network interfaces at run-time using the <var
class="OPTION">name</var> parameter.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span></a> now
prints the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=polling&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">polling</span>(4)</span></a>
status on the interface. [MERGED]</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span></a> now
provides the <var class="OPTION">vlanmtu</var> and <var class="OPTION">-vlanmtu</var>
options, which control the capability of some Ethernet interfaces to receive extended
frames (i.e. frames containing more than 1500 bytes of payload).</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ifconfig</span>(8)</span></a> now
provides the <var class="OPTION">vlanhwtag</var> and <var class="OPTION">-vlanhwtag</var>
options, which control the capability of some Ethernet interfaces to process VLAN tags in
the hardware.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=indent&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">indent</span>(1)</span></a> now
supports a <var class="OPTION">-ldi</var> option to control indentation of local
variables. A number of other tunings were made to this utility.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=indent&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">indent</span>(1)</span></a> now
supports <var class="OPTION">-fbs</var> and <var class="OPTION">-ut</var> for function
declarations with the opening brace on the same line as the declaration of arguments all
spaces and no tabs in order to fix problem when non-8 space tabs are used.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ip6fw&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ip6fw</span>(8)</span></a> now
supports a <var class="OPTION">-n</var> flag to stop it from making any changes to the
rules in the kernel.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipcs&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipcs</span>(1)</span></a> now
supports a <var class="OPTION">-u</var> option to display information about IPC
mechanisms owned by the specified user.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(8)</span></a> now
supports a <var class="OPTION">-b</var> flag to print only the action and comment for
each rule, thus omitting the rule body.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">jail</span>(8)</span></a> now
supports a <var class="OPTION">-U</var> option to run a command as a user which exists
only in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">jail</span>(2)</span></a>
environment.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">jail</span>(8)</span></a> now
supports a <var class="OPTION">-l</var> option to clean the environment. All environment
variables are discarded except for <var class="VARNAME">HOME</var>, <var
class="VARNAME">SHELL</var>, <var class="VARNAME">PATH</var>, <var
class="VARNAME">TERM</var>, and <var class="VARNAME">USER</var> before running the jailed
program under a specific user's credentials. This behavior is similar to that provided by
the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=su&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">su</span>(1)</span></a> <var
class="OPTION">-l</var> option.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=kgdb&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">kgdb</span>(1)</span></a>, a
kernel debugging utility which uses <b class="APPLICATION">libgdb</b> and understands
kernel threads, kernel modules, and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=kvm&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">kvm</span>(3)</span></a>, has been
added.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=killall&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">killall</span>(1)</span></a> now
supports a <var class="OPTION">-e</var> flag to make the <var class="OPTION">-u</var>
operate on effective, rather than real, user IDs. [MERGED]</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=libalias&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">libalias</span>(3)</span></a> now
has support (and a new API) for multiple aliasing instances in a single process. The
existing API has been reimplemented in terms of the new one to preserve
compatibility.</p>

<p>A <b class="APPLICATION">libarchive</b> library for manipulation of compressed and
uncompressed archive files has been added. More details can be found in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=libarchive&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">libarchive</span>(3)</span></a>.</p>

<p><b class="APPLICATION">libdisk</b> now uses <var class="VARNAME">d_addr_t</var> for
disk addresses. This allows <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sysinstall</span>(8)</span></a> to
properly handle disks and file systems more than 1 TB.</p>

<p>The library formerly known as <b class="APPLICATION">libkse</b> has been renamed <b
class="APPLICATION">libpthread</b> and is now the default threading library on the i386,
amd64, and ia64 platforms. <b class="APPLICATION">GCC</b>'s <var
class="OPTION">-pthread</var> option has been changed to use <b
class="APPLICATION">libpthread</b> rather than <b class="APPLICATION">libc_r</b>.</p>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> Users with older binaries (for example, ports compiled before this change
was made) should use <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=libmap.conf&sektion=5&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">libmap.conf</span>(5)</span></a>
to map <b class="APPLICATION">libc_r</b> and/or <b class="APPLICATION">libkse</b> to <b
class="APPLICATION">libpthread</b>.</p>
</blockquote>
</div>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> Users with NVIDIA-supplied drivers and libraries may need to use a <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=libmap.conf&sektion=5&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">libmap.conf</span>(5)</span></a>
that maps <b class="APPLICATION">libpthread</b> references to the older <b
class="APPLICATION">libc_r</b> since these drivers and utilities do not work with <b
class="APPLICATION">libpthread</b>.</p>
</blockquote>
</div>

<br />
<br />
<p><b class="APPLICATION">libpthread</b> now supports a <var
class="VARNAME">LIBPTHREAD_SYSTEM_SCOPE</var> environment variable to force 1:1 mode
(using system scope threads). Note that building <b class="APPLICATION">libpthread</b>
with <var class="OPTION">-DSYSTEM_SCOPE_ONLY</var> flag also forces 1:1 mode, and that
this option is set by default for architectures that do not support M:N mode yet. In
addition, a <var class="VARNAME">LIBPTHREAD_PROCESS_SCOPE</var> environment variable can
be used to force M:N mode (using process scope threads). For example:</p>

<pre class="SCREEN">
<samp class="PROMPT">%</samp> <kbd class="USERINPUT">env LIBPTHREAD_SYSTEM_SCOPE=yes <var
class="REPLACEABLE">threaded_app</var></kbd>
</pre>

<p>forces the application <var class="REPLACEABLE">threaded_app</var> to use system scope
threads, and</p>

<pre class="SCREEN">
<samp class="PROMPT">%</samp> <kbd
class="USERINPUT">env LIBPTHREAD_PROCESS_SCOPE=yes <var
class="REPLACEABLE">threaded_app</var></kbd>
</pre>

<p>forces it to use process scope threads.</p>

<p>A bug in the <var class="OPTION">-d</var> option of <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=look&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">look</span>(1)</span></a> has been
fixed. Also, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=look&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">look</span>(1)</span></a> now
works correctly in locales with multibyte characters.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ls&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">ls</span>(1)</span></a> now treats
filenames as multibyte character strings according to the current <var
class="VARNAME">LC_CTYPE</var> when determining which characters are printable.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=make&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">make</span>(1)</span></a> now
supports the new <var class="LITERAL">.warning</var> directive.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=make&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">make</span>(1)</span></a> now
supports the POSIX-compatible <var class="LITERAL">+</var> flag in <tt
class="FILENAME">Makefile</tt> command lines, which causes a line to be executed even
when <var class="OPTION">-n</var> is specified. This is useful for calls to submakes, for
example.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=make&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">make</span>(1)</span></a> now puts
variable assignments from the command line into the <var class="VARNAME">MAKEFLAGS</var>
variable as required by POSIX. This causes such variables to be pushed into all sub-makes
called by the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=make&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">make</span>(1)</span></a> (except
when the <var class="VARNAME">MAKEFLAGS</var> variable is explicitly changed in the
sub-make's environment). This makes them also mostly un-overrideable in sub-makes except
on the sub-make's command line.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nearbyint&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nearbyint</span>(3)</span></a> and
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nearbyintf&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nearbyintf</span>(3)</span></a>
C99 functions have been implemented.</p>

<p>The <tt class="FILENAME">tgmath.h</tt> C99 header has been implemented. This provides
type-generic macros for the <tt class="FILENAME">math.h</tt> and <tt
class="FILENAME">complex.h</tt> functions that have float, double and long double
implementations.</p>

<p>The GNU extensions of <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mbsnrtowcs&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mbsnrtowcs</span>(3)</span></a>
and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=wcsnrtombs&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">wcsnrtombs</span>(3)</span></a>
have been implemented.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=newsyslog&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">newsyslog</span>(8)</span></a> now
allows users to set a debugging option via the <tt class="FILENAME">newsyslog.conf</tt>
file.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=newsyslog&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">newsyslog</span>(8)</span></a>
uses a new order when processing files to rotate. It first rotates all files that need to
be rotated, then sends a single signal to each process which needs to be signaled, and
finally compresses all the files that were rotated.</p>

<p>A <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nextwctype&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nextwctype</span>(3)</span></a>
function to iterate over all characters in a particular character class has been
added.</p>

<p>Initial support for UTF-8 versions of all the currently supported system locales has
been added. This is primarily for the benefit of the <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/misc/utf8locale/pkg-descr"><tt
class="FILENAME">misc/utf8locale</tt></a> port.</p>

<p>An Israel Hebrew locale <var class="LITERAL">he_IL.UTF-8</var> has been added.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=logins&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">logins</span>(1)</span></a>
utility has been added to display information about user and system accounts.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mountd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mountd</span>(8)</span></a> now
supports the <var class="OPTION">-p</var> option, which allows users to specify a known
port for use in firewall rulesets.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=netstat&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">netstat</span>(1)</span></a> now
displays the multicast group memberships present in the system.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=newfs&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">newfs</span>(8)</span></a> and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mdmfs&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mdmfs</span>(8)</span></a> now
support a <var class="OPTION">-l</var> flag to enable them to set the MAC multilabel flag
on new file systems without requiring the use of <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=tunefs&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">tunefs</span>(8)</span></a>.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nologin&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nologin</span>(8)</span></a> now
reports login attempts via <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=syslogd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">syslogd</span>(8)</span></a>.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nologin&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nologin</span>(8)</span></a> has
been moved from <tt class="FILENAME">/sbin/nologin</tt> to <tt
class="FILENAME">/usr/sbin/nologin</tt>. <tt class="FILENAME">/sbin/nologin</tt> remains
as a symbolic link for backward compatibility.</p>

<p>A bugfix has been applied to NSS support, which fixes problems when using third-party
NSS modules (such as <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/net/nss_ldap/pkg-descr"><tt
class="FILENAME">net/nss_ldap</tt></a>) and groups with large membership lists.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=od&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">od</span>(1)</span></a> now has
POSIX-style support for multibyte characters.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=patch&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">patch</span>(1)</span></a> has
been replaced with a BSD-licensed version from OpenBSD. This includes a <var
class="OPTION">--posix</var> option for strict POSIX conformance.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pgrep&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pgrep</span>(1)</span></a> and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pkill&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pkill</span>(1)</span></a>
commands, which come from NetBSD, have been added. They also support a <var
class="OPTION">-M</var> option to extract values associated with the name list from the
specified core instead of the default <tt class="FILENAME">/dev/kmem</tt>, and a <var
class="OPTION">-N</var> option to extract the name list from the specified system instead
of the default kernel.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ppp&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ppp</span>(8)</span></a> now
supports a ``set rad_alive <var class="REPLACEABLE">N</var>'' command to enable periodic
RADIUS accounting information being sent to the RADIUS server. [MERGED]</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ppp&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ppp</span>(8)</span></a> now
supports a ``set pppoe [standard|3Com]'' command to configure the operating mode of an
underlying <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ng_pppoe&sektion=4&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ng_pppoe</span>(4)</span></a>
Netgraph node.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ps&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">ps</span>(1)</span></a> compatibility
with POSIX/SUSv3 has been improved. The changes include <var class="OPTION">-p</var> for
a list of process IDs, <var class="OPTION">-t</var> for a list of terminal names, <var
class="OPTION">-A</var> which is equivalent to <var class="OPTION">-ax</var>, <var
class="OPTION">-G</var> for a list of group IDs, <var class="OPTION">-X</var> which is
the opposite of <var class="OPTION">-x</var>, and some minor improvements. For more
information, see <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ps&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">ps</span>(1)</span></a>. [MERGED]</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ps&sektion=1&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">ps</span>(1)</span></a> now supports a
<var class="OPTION">-O emul</var> format option, which prints the name of the system call
emulation environment the process is in.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pw&sektion=8&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">pw</span>(8)</span></a> now supports a
<var class="OPTION">-H</var> option, which accepts an encrypted password on a file
descriptor. [MERGED]</p>

<p>A bug in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rarpd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">rarpd</span>(8)</span></a> that
prevents it from working properly when a interface has more than one IP address has been
fixed. [MERGED]</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=regex&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">regex</span>(3)</span></a> now
supports regular expression matching aware of multibyte characters.</p>

<p>The configuration files used by the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=resolver&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">resolver</span>(3)</span></a> now
support the <var class="LITERAL">timeout:</var> and <var class="LITERAL">attempts:</var>
keywords.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=resolver&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">resolver</span>(3)</span></a> and
associated interfaces are now much more reentrant and thread-safe. Multiple DNS lookups
can now be run at the same time, showing major improvements in the performance of some
multi-threaded applications. Some multi-threaded programs need to be recompiled; examples
from the Ports Collection are <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/www/mozilla/pkg-descr"><tt
class="FILENAME">www/mozilla</tt></a> and variants, <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/mail/evolution/pkg-descr"><tt
class="FILENAME">mail/evolution</tt></a>, <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/devel/gnomevfs/pkg-descr"><tt
class="FILENAME">devel/gnomevfs</tt></a>, and <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/devel/gnomevfs2/pkg-descr"><tt
class="FILENAME">devel/gnomevfs2</tt></a>.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rmdir&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">rmdir</span>(1)</span></a> now
supports a <var class="OPTION">-v</var> flag, which makes it verbose.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=savecore&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">savecore</span>(8)</span></a> now
works correctly for dump files larger than 2GB.</p>

<p>A bug in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=script&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">script</span>(1)</span></a> has
been fixed so that it now works correctly if the standard input is closed. This fix
prevents a potentially dangerous interaction with the <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/sysutils/portupgrade/pkg-descr"><tt
class="FILENAME">sysutils/portupgrade</tt></a> package; if it was run non-interactively,
it could remove all out-of-date ports without reinstalling them.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sdpd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sdpd</span>(8)</span></a>
Bluetooth Service Discovery Protocol daemon has been added.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sed&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sed</span>(1)</span></a>'s <var
class="LITERAL">y</var> (translate) command now supports multibyte characters.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sha1&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sha1</span>(1)</span></a> and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rmd160&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">rmd160</span>(1)</span></a>
utilities have been added. Similar to <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=md5&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">md5</span>(1)</span></a>, they
calculate a message digest of their inputs. [MERGED]</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=smbmsg&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">smbmsg</span>(8)</span></a>, a
small utility to send/receive SMBus messages, has been added.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=talk&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">talk</span>(1)</span></a> now uses
<tt class="HOSTID">localhost</tt> as a default machine name in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=talkd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">talkd</span>(8)</span></a> request
packets when the destination and source are local. This makes <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=talk&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">talk</span>(1)</span></a>
dependent on a valid host entry for <tt class="HOSTID">localhost</tt> in <tt
class="FILENAME">/etc/hosts</tt> or the DNS.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=tftpd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">tftpd</span>(8)</span></a> now
supports two new options: a <var class="OPTION">-w</var> option allows new files to be
created, and a <var class="OPTION">-U</var> option allows the umask to be set.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=top&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">top</span>(1)</span></a> can now
display the current amount of I/O. This feature can be enabled by hitting ``m'' or
passing the command line option <var class="OPTION">-m io</var>.</p>

<p>Many userland utilities in the base system (mostly GNU contributed utilities) now use
the system version of <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=getopt_long&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">getopt_long</span>(3)</span></a>,
rather than the GNU version.</p>

<div class="SECT3">
<hr />
<h4 class="SECT3"><a id="RC-SCRIPTS" name="RC-SCRIPTS">2.3.1 <tt
class="FILENAME">/etc/rc.d</tt> Scripts</a></h4>

<p>The <tt class="FILENAME">diskless</tt> script has been split out into <tt
class="FILENAME">hostname</tt>, <tt class="FILENAME">resolve</tt>, <tt
class="FILENAME">tmp</tt>, and <tt class="FILENAME">var</tt> scripts.</p>

<p>The <tt class="FILENAME">gbde_swap</tt> script, which supports gbde-enabled swap
devices, has been added. When the <var class="VARNAME">gbde_swap_enable</var> variable is
specified in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&sektion=5&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">rc.conf</span>(5)</span></a>, a
swap device named <tt class="FILENAME">/dev/<var class="REPLACEABLE">foo.bde</var></tt>
in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fstab&sektion=5&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fstab</span>(5)</span></a> is
automatically attached at boot time with the device <tt class="FILENAME">/dev/<var
class="REPLACEABLE">foo</var></tt> and a random key, which is generated by computing the
MD5 checksum of 512 bytes read from <tt class="FILENAME">/dev/random</tt>. Note that this
prevents recovery of kernel dumps.</p>

<p>The <var class="VARNAME">ip6addrctl_enable</var> and <var
class="VARNAME">ip6addrctl_verbose</var> variables have been added. When <var
class="VARNAME">ip6addrctl_enable</var> is set to <var class="LITERAL">YES</var>, the
address selection policy is installed into the kernel. If <tt
class="FILENAME">/etc/ip6addrctl.conf</tt> exists, it will be used; otherwise, a default
policy will be installed. The default policy is one described in RFC 3484 when <var
class="VARNAME">ipv6_enable</var> is set to <var class="LITERAL">YES</var>. Otherwise,
the priority policy for IPv4 address will be used as a default policy.</p>

<p>The <tt class="FILENAME">mixer</tt> script has been added. It saves the current
settings of all audio mixers present in the system on shutdown and restores the settings
on boot.</p>

<p>The <tt class="FILENAME">named</tt> script has been updated to support <b
class="APPLICATION">BIND 9</b> in the base system. The changes include:</p>

<ul>
<li>
<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=named&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">named</span>(8)</span></a> runs in
a <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=chroot&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">chroot</span>(2)</span></a>
directory <tt class="FILENAME">/var/named</tt> by default. The <var
class="VARNAME">named_chrootdir</var> variable can be used to disable this behavior or to
change the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=chroot&sektion=2&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">chroot</span>(2)</span></a>
directory.</p>
</li>

<li>
<p>When the <var class="VARNAME">named_chroot_autoupdate</var> variable is set to <var
class="LITERAL">YES</var> (the default), the chroot directory is automatically configured
at the boot time. A symbolic link which points to <tt
class="FILENAME">/var/named/etc/namedb</tt> is created as <tt
class="FILENAME">/etc/namedb</tt>, and a symbolic link which points to <tt
class="FILENAME">/var/named/var/run/named/pid</tt> is created as <tt
class="FILENAME">/var/run/named/pid</tt>. The latter can be disabled by using the <var
class="VARNAME">named_symlink_enable</var> variable in <tt
class="FILENAME">rc.conf</tt>.</p>
</li>

<li>
<p>The <tt class="FILENAME">rndc.key</tt> file is automatically created if it does not
exist.</p>
</li>
</ul>

<p>The <tt class="FILENAME">pf</tt> and <tt class="FILENAME">pflog</tt> scripts for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pf&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">pf</span>(4)</span></a> have been
added.</p>
</div>
</div>

<div class="SECT2">
<hr />
<h3 class="SECT2"><a id="CONTRIB" name="CONTRIB">2.4 Contributed Software</a></h3>

<p>The <b class="APPLICATION">ACPI-CA</b> code has been updated from the 20030619
snapshot to the 20040527 snapshot.</p>

<p>The <b class="APPLICATION">AMD (am-utils)</b> has been updated from version 6.0.9 to
version 6.0.10p1.</p>

<p><b class="APPLICATION">awk</b> from Bell Labs has been updated from the 29 July 2003
release to the 7 February 2004 release.</p>

<p><b class="APPLICATION">BIND</b> has been updated from version 8.3.1-REL to version
9.3.0.</p>

<p><b class="APPLICATION">CVS</b> has been updated from version 1.11.15 to version
1.11.17. [MERGED]</p>

<p>The <b class="APPLICATION">FILE</b> has been updated from version 3.41 to version
4.10.</p>

<p><b class="APPLICATION">gdtoa</b> (a library that performs conversions of numbers
between binary and decimal form) has been updated from version 20030324 to version
20040118.</p>

<p><b class="APPLICATION">GDB</b> has been updated to version 6.1.1.</p>

<p><b class="APPLICATION">GNU Binutils</b> has been updated to a 23 May 2004 snapshot
from the FSF 2.15 branch.</p>

<p><b class="APPLICATION">GNU GCC</b> has been updated from 3.3.3-prerelease as of 6
November 2003 to 3.4.2-prerelease as of 28 July 2004.</p>

<p><b class="APPLICATION">GNU grep</b> has been updated from version 2.4d to version
2.5.1.</p>

<p><b class="APPLICATION">GNU less</b> has been updated from version 371 to version
381.</p>

<p><b class="APPLICATION">GNU readline</b> 4.3 has been updated with official patches 001
through 005.</p>

<p>The <b class="APPLICATION">GNU regex</b> library has been updated to the version
included with <b class="APPLICATION">GNU grep</b> 2.5.1.</p>

<p><b class="APPLICATION">GNU sort</b> has been updated from textutils 2.1 to a coreutils
snapshot as of 12 August 2004.</p>

<p>The <b class="APPLICATION">GNU tar</b> implementation in the base system is now called
<tt class="FILENAME">gtar</tt>.</p>

<p><b class="APPLICATION">Heimdal Kerberos</b> has been updated from version 0.6 to
version 0.6.1.</p>

<p>The <b class="APPLICATION">ISC DHCP</b> client has been updated from version 3.0.1
RC10 to version 3.0.1.</p>

<p><b class="APPLICATION">libpcap</b> has been updated from version 0.7.1 to version
0.8.3.</p>

<p><b class="APPLICATION">lukemftpd</b> has been updated from a snapshot as of 3 November
2003 to one as of 9 August 2004.</p>

<p><b class="APPLICATION">NTP</b> has been updated from version 4.1.1a to version
4.2.0.</p>

<p><b class="APPLICATION">OpenPAM</b> has been updated from the Dogwood release to the
Eelgrass release.</p>

<p><b class="APPLICATION">OpenSSH</b> has been updated from version 3.6.1p1 to version
3.8.1p1.</p>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> The configuration defaults for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sshd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sshd</span>(8)</span></a> have
been changed. SSH protocol version 1 is no longer enabled by default. In addition,
password authentication over SSH is disabled by default if PAM is enabled.</p>
</blockquote>
</div>

<br />
<br />
<p><b class="APPLICATION">OpenSSL</b> has been updated from version 0.9.7c to version
0.9.7d. [MERGED]</p>

<p><b class="APPLICATION">OpenSSL</b> VIA C3 Nehemiah PadLock ACE (Advanced Cryptography
Engine) crypto support, which provides Advanced Encryption Standard (AES) encryption, has
been imported from a prerelease version of <b class="APPLICATION">OpenSSL</b>.</p>

<p><b class="APPLICATION">pf</b>, OpenBSD's packet filter as of OpenBSD 3.5-stable, has
been imported into the FreeBSD source tree and is now installed by default. Two new users
(<tt class="USERNAME">proxy</tt> and <tt class="USERNAME">_pflogd</tt>) and three new
groups (<tt class="USERNAME">authpf</tt>, <tt class="USERNAME">proxy</tt>, and <tt
class="USERNAME">_pflogd</tt>), which <b class="APPLICATION">pf</b> needs, have been
added as well.</p>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> On upgrading from source, these user accounts must be added in advance.
<var class="LITERAL">mergemaster -p</var> can be used to assist in creating the proper
entries in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=passwd&sektion=5&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">passwd</span>(5)</span></a> and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=group&sektion=5&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">group</span>(5)</span></a> files.
The <var class="VARNAME">NO_PF</var> variable in <tt class="FILENAME">make.conf</tt> can
be used to prevent <b class="APPLICATION">pf</b> from building.</p>
</blockquote>
</div>

<p>Several userland utilities of OpenBSD's <b class="APPLICATION">pf</b> have been
imported. <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ftp-proxy&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ftp-proxy</span>(8)</span></a> is
an ftp proxy for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pf&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">pf</span>(4)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pfctl&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pfctl</span>(8)</span></a> is an
equivalent to <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ipf&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipf</span>(8)</span></a>, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pflogd&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pflogd</span>(8)</span></a> is a
daemon which logs packets via <var class="LITERAL">if_pflog</var> in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pcap&sektion=3&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pcap</span>(3)</span></a> format,
and <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=authpf&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">authpf</span>(8)</span></a> is an
authentication shell to modify <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pf&sektion=4&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">pf</span>(4)</span></a> rulesets.</p>

<p><b class="APPLICATION">routed</b> has been updated from release 2.22 to release 2.27
from rhyolite.com. Note that for users relying on RIP's MD5 authentication feature, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=routed&sektion=8&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">routed</span>(8)</span></a> routed
is now incompatible with previous versions of FreeBSD; however, it is now compatible with
implementations from Sun, Cisco and other vendors.</p>

<p><b class="APPLICATION">sendmail</b> has been updated from version 8.12.10 to version
8.13.1. [MERGED]</p>

<p><b class="APPLICATION">tcpdump</b> has been updated from version 3.7.1 to version
3.8.3.</p>

<p><b class="APPLICATION">tcsh</b> has been updated from version 6.11 to version
6.13.00.</p>

<p>The timezone database has been updated from <tt class="FILENAME">tzdata2003a</tt> to
<tt class="FILENAME">tzdata2004e</tt>.</p>

<p><b class="APPLICATION">zlib</b> has been updated from version 1.1.4 to version
1.2.1.</p>
</div>

<div class="SECT2">
<hr />
<h3 class="SECT2"><a id="PORTS" name="PORTS">2.5 Ports/Packages Collection
Infrastructure</a></h3>

<p>Most of the startup/shutdown scripts installed by various ports now use the new <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rc&sektion=8&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">rc</span>(8)</span></a> framework
introduced in FreeBSD 5.<var class="REPLACEABLE">X</var>, while some ports still use the
old-style scripts. On startup, the new <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=rc&sektion=8&manpath=FreeBSD+5.3-RELEASE"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">rc</span>(8)</span></a> style scripts
are executed before the old-style scripts. On shutdown, exactly the reverse happens.</p>

<p>The <var class="LITERAL">SIZE</var> attribute for distfiles, which can be used for
checking file sizes before fetching, has been added and enabled by default. <var
class="VARNAME">DISABLE_SIZE</var> is a user control knob to disable the distfile size
checking. This is especially useful on old FreeBSD versions which did not have <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fetch&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">fetch</span>(1)</span></a> support
for this, and for some FTP proxies which always report incorrect or bogus sizes.</p>

<p>Two new files have been added to the ports tree to track noteworthy changes: <tt
class="FILENAME">ports/CHANGES</tt> lists major changes to the Ports Collection and its
infrastructure. <tt class="FILENAME">ports/UPDATING</tt> describes some potential
pitfalls that can be encountered when updating certain ports, analogous to <tt
class="FILENAME">src/UPDATING</tt> for the base system.</p>

<p>The version number parsing code has been rewritten in the system <tt
class="FILENAME">pkg_*</tt> tools, restoring compatibility with 4.x and <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/sysutils/portupgrade/pkg-descr"><tt
class="FILENAME">sysutils/portupgrade</tt></a>.</p>

<p>The package tools can now match packages with relational operators and csh-style <var
class="LITERAL">{...}</var> choices. For example:</p>

<pre class="SCREEN">
<samp class="PROMPT">#</samp> <kbd class="USERINPUT">pkg_info -I 'docbook&#62;=3.0'</kbd>
</pre>

<p>will list (all) docbook DTDs with at least version 3.0. Additional command line
options have also been added to aid pattern matching.</p>

<p>The package tools have improved handling of corrupt package databases.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pkg_create&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pkg_create</span>(1)</span></a>
now supports a <var class="OPTION">-S</var> option to make all <var
class="LITERAL">@cwd</var> paths be prefixed during package creation.</p>

<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pkg_info&sektion=1&manpath=FreeBSD+5.3-RELEASE">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pkg_info</span>(1)</span></a> now
supports a <var class="OPTION">-j</var> option to show the requirements script for each
package.</p>
</div>

<div class="SECT2">
<hr />
<h3 class="SECT2"><a id="RELENG" name="RELENG">2.6 Release Engineering and
Integration</a></h3>

<p>FreeBSD cryptography support is no longer an optional component of releases, and the
<var class="LITERAL">crypto</var> release distribution is now part of <var
class="LITERAL">base</var>. Note that the <var class="OPTION">-DNOCRYPT</var> build
option still exists for anyone who really wants to build non-cryptographic binaries.</p>

<p>The supported release of <b class="APPLICATION">GNOME</b> has been updated from
version 2.4 to version 2.6.2.</p>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> If you are using the older <b class="APPLICATION">GNOME</b> desktop
itself (<a href="http://www.FreeBSD.org/cgi/url.cgi?ports/x11/gnome2/pkg-descr"><tt
class="FILENAME">x11/gnome2</tt></a>), simply upgrading it from the FreeBSD Ports
Collection with <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=portupgrade&sektion=1&manpath=FreeBSD+Ports">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">portupgrade</span>(1)</span></a>
(<a href="http://www.FreeBSD.org/cgi/url.cgi?ports/sysutils/portupgrade/pkg-descr"><tt
class="FILENAME">sysutils/portupgrade</tt></a>) will cause serious problems. If you are a
<b class="APPLICATION">GNOME</b> desktop user, please read the instructions carefully at
<a href="http://www.FreeBSD.org/gnome/docs/faq26.html"
target="_top">http://www.FreeBSD.org/gnome/docs/faq26.html</a>, and use the <tt
class="FILENAME">gnome_upgrade.sh</tt> script to properly upgrade to <b
class="APPLICATION">GNOME</b> 2.6.</p>

<p>Note that if you are just a casual user of some of the <b
class="APPLICATION">GNOME</b> libraries, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=portupgrade&sektion=1&manpath=FreeBSD+Ports">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">portupgrade</span>(1)</span></a>
should be sufficient to update your ports.</p>
</blockquote>
</div>

<br />
<br />
<p>The supported release of <b class="APPLICATION">KDE</b> has been updated from version
3.1.4 to version 3.3.0.</p>

<p>The <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/security/portaudit/pkg-descr"><tt
class="FILENAME">security/portaudit</tt></a> utility has been added to the FreeBSD Ports
Collection. This utility will read a database containing known ports vulnerabilities and
report them to the administrator.</p>

<p>FreeBSD now uses <b class="APPLICATION">Xorg</b> instead of <b
class="APPLICATION">XFree86</b> as the default X Window System. The supported release is
<b class="APPLICATION">Xorg</b> X11R6.7.0. Note that <b class="APPLICATION">XFree86</b>
is also available in the FreeBSD Ports Collection (<a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/x11/XFree86-4/pkg-descr"><tt
class="FILENAME">x11/XFree86-4</tt></a>).</p>
</div>

<div class="SECT2">
<hr />
<h3 class="SECT2"><a id="DOC" name="DOC">2.7 Documentation</a></h3>
</div>
</div>

<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="UPGRADE" name="UPGRADE">3 Upgrading from previous releases of
FreeBSD</a></h2>

<p>Users with existing FreeBSD systems are <span class="emphasis"><i
class="EMPHASIS">highly</i></span> encouraged to read the ``FreeBSD 5.3-RELEASE Migration
Guide''. This document generally has the filename <tt class="FILENAME">MIGRATE5.TXT</tt>
on the distribution media, or any other place that the release notes can be found. It
offers some notes on migrating from FreeBSD 4.<var class="REPLACEABLE">X</var>, but more
importantly, also discusses some of the relative merits of upgrading to FreeBSD 5.<var
class="REPLACEABLE">X</var> versus running FreeBSD 4.<var
class="REPLACEABLE">X</var>.</p>

<div class="IMPORTANT">
<blockquote class="IMPORTANT">
<p><b>Important:</b> Upgrading FreeBSD should, of course, only be attempted after backing
up <span class="emphasis"><i class="EMPHASIS">all</i></span> data and configuration
files.</p>
</blockquote>
</div>
</div>
</div>

<hr />
<p align="center"><small>This file, and other release-related documents, can be
downloaded from <a href="ftp://ftp.FreeBSD.org/">ftp://ftp.FreeBSD.org/</a>.</small></p>

<p align="center"><small>For questions about FreeBSD, read the <a
href="http://www.FreeBSD.org/docs.html">documentation</a> before contacting &#60;<a
href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.</small></p>

<p align="center"><small>For questions about this documentation, e-mail &#60;<a
href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</small></p>
</body>
</html>