os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/en_US.ISO8859-1/htdocs/releases/8.4R/errata.html
Glen Barber 35a3d1dda6 Regen after r279285 
Sponsored by:	The FreeBSD Foundation
2015-02-25 16:40:25 +00:00

153 lines
No EOL
28 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>FreeBSD 8.4-RELEASE Errata</title><link rel="stylesheet" type="text/css" href="docbook.css" /><link rev="made" href="mailto:doc@FreeBSD.org" /><meta name="generator" content="DocBook XSL Stylesheets V1.78.1" /><meta name="description" content="This document lists errata items for FreeBSD 8.4-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD. This errata document for FreeBSD 8.4-RELEASE will be maintained until the FreeBSD 8.4-RELEASE end of life." /><script xmlns="" type="text/javascript" src="/layout/js/google.js"></script></head><body><div class="article"><div xmlns="" class="titlepage"><div><div><h1 xmlns="http://www.w3.org/1999/xhtml" class="title"><a id="idp60791504"></a>FreeBSD 8.4-RELEASE Errata</h1></div><div><div xmlns="http://www.w3.org/1999/xhtml" class="author"><h3 class="author"><span class="orgname">
The FreeBSD Project
</span></h3></div></div><div><p xmlns="http://www.w3.org/1999/xhtml" class="copyright">Copyright © 2015 The FreeBSD Documentation Project</p></div><div><div xmlns="http://www.w3.org/1999/xhtml" class="legalnotice"><a id="trademarks"></a><p>FreeBSD is a registered trademark of
the FreeBSD Foundation.</p><p>Intel, Celeron, Centrino, Core, EtherExpress, i386,
i486, Itanium, Pentium, and Xeon are trademarks or registered
trademarks of Intel Corporation or its subsidiaries in the United
States and other countries.</p><p>SPARC, SPARC64, and
UltraSPARC are trademarks of SPARC International, Inc in the United
States and other countries. SPARC International, Inc owns all of the
SPARC trademarks and under licensing agreements allows the proper use
of these trademarks by its members.</p><p>Many of the designations used by
manufacturers and sellers to distinguish their products are claimed
as trademarks. Where those designations appear in this document,
and the FreeBSD Project was aware of the trademark claim, the
designations have been followed by the <span class="quote">&#8220;<span class="quote">&#8482;</span>&#8221;</span> or the
<span class="quote">&#8220;<span class="quote">®</span>&#8221;</span> symbol.</p></div></div><div>Last modified on 2015-02-05 by gjb.</div><div><div xmlns="http://www.w3.org/1999/xhtml" class="abstract"><div class="abstract-title">Abstract</div><p>This document lists errata items for FreeBSD 8.4-RELEASE,
containing significant information discovered after the release
or too late in the release cycle to be otherwise included in the
release documentation.
This information includes security advisories, as well as news
relating to the software or documentation that could affect its
operation or usability. An up-to-date version of this document
should always be consulted before installing this version of
FreeBSD.</p><p>This errata document for FreeBSD 8.4-RELEASE
will be maintained until the FreeBSD 8.4-RELEASE end of life.</p></div></div></div><hr /></div><div class="toc"><div class="toc-title">Table of Contents</div><dl class="toc"><dt><span class="sect1"><a href="#intro">1. Introduction</a></span></dt><dt><span class="sect1"><a href="#security">2. Security Advisories</a></span></dt><dt><span class="sect1"><a href="#errata">3. Errata Notices</a></span></dt><dt><span class="sect1"><a href="#open-issues">4. Open Issues</a></span></dt><dt><span class="sect1"><a href="#late-news">5. Late-Breaking News and Corrections</a></span></dt></dl></div><div class="sect1"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="intro"></a>1. Introduction</h2></div></div></div><p>This errata document contains <span class="quote">&#8220;<span class="quote">late-breaking news</span>&#8221;</span>
about FreeBSD 8.4-RELEASE
Before installing this version, it is important to consult this
document to learn about any post-release discoveries or problems
that may already have been found and fixed.</p><p>Any version of this errata document actually distributed
with the release (for example, on a CDROM distribution) will be
out of date by definition, but other copies are kept updated on
the Internet and should be consulted as the <span class="quote">&#8220;<span class="quote">current
errata</span>&#8221;</span> for this release. These other copies of the
errata are located at <code class="uri"><a class="uri" href="http://www.FreeBSD.org/releases/" target="_top">http://www.FreeBSD.org/releases/</a></code>, plus any sites
which keep up-to-date mirrors of this location.</p><p>Source and binary snapshots of FreeBSD 8.4-STABLE also
contain up-to-date copies of this document (as of the time of
the snapshot).</p><p>For a list of all FreeBSD CERT security advisories, see <code class="uri"><a class="uri" href="http://www.FreeBSD.org/security/" target="_top">http://www.FreeBSD.org/security/</a></code> or <code class="uri"><a class="uri" href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/" target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a></code>.</p></div><div class="sect1"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="security"></a>2. Security Advisories</h2></div></div></div><p>Problems described in the following security advisories have
been fixed in 8.4-RELEASE. For more information, consult
the individual advisories available from
<code class="uri"><a class="uri" href="http://security.FreeBSD.org/" target="_top">http://security.FreeBSD.org/</a></code>.</p><div class="informaltable"><table width="100%" border="0"><colgroup><col width="40%" /><col width="30%" /><col width="30%" /></colgroup><thead><tr><th>Advisory</th><th>Date</th><th>Topic</th></tr></thead><tbody><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-13:07.bind.asc" target="_top">FreeBSD-SA-13:07.bind</a></td><td>26 July 2013</td><td><p>Denial of Service vulnerability in
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=named&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span></a></p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-13:09.ip_multicast.asc" target="_top">FreeBSD-SA-13:09.ip_multicast</a></td><td>21 August 2013</td><td><p>Integer overflow in computing the size of
a temporary buffer can result in a buffer which is too
small for the requested operation</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-13:10.sctp.asc" target="_top">FreeBSD-SA-13:10.sctp</a></td><td>21 August 2013</td><td><p>Fix a bug that could lead to kernel memory
disclosure with SCTP state cookie</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-13:12.ifioctl.asc" target="_top">FreeBSD-SA-13:12.ifioctl</a></td><td>10 September 2013</td><td><p>In IPv6 and NetATM, stop
<code class="literal">SIOCSIFADDR</code>,
<code class="literal">SIOCSIFBRDADDR</code>,
<code class="literal">SIOCSIFDSTADDR</code> and
<code class="literal">SIOCSIFNETMASK</code> at the socket layer
rather than pass them on to the link layer without
validation or credential checks</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-13:13.nullfs.asc" target="_top">FreeBSD-SA-13:13.nullfs</a></td><td>10 September 2013</td><td><p>Prevent cross-mount hardlinks between different
nullfs mounts of the same underlying
filesystem</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc" target="_top">FreeBSD-SA-14:01.bsnmpd</a></td><td>14 January 2014</td><td><p>bsnmpd remote denial of service
vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:02.ntpd.asc" target="_top">FreeBSD-SA-14:02.ntpd</a></td><td>14 January 2014</td><td><p>ntpd distributed reflection Denial of Service
vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:04.bind.asc" target="_top">FreeBSD-SA-14:04.bind</a></td><td>14 January 2014</td><td><p>BIND remote denial of service
vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:05.nfsserver.asc" target="_top">FreeBSD-SA-14:05.nfsserver</a></td><td>8 April 2014</td><td><p>NFS deadlock vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:06.openssl.asc" target="_top">FreeBSD-SA-14:06.openssl</a></td><td>8 April 2014</td><td><p>ECDSA Cache Side-channel Attack in
OpenSSL</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:08.tcp.asc" target="_top">FreeBSD-SA-14:08.tcp</a></td><td>30 April 2014</td><td><p>TCP reassembly vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:11.sendmail.asc" target="_top">FreeBSD-SA-14:11.sendmail</a></td><td>5 June 2014</td><td><p>sendmail improper close-on-exec flag
handling</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:12.ktrace.asc" target="_top">FreeBSD-SA-14:12.ktrace</a></td><td>5 June 2014</td><td><p>ktrace memory disclosure</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:14.openssl.asc" target="_top">FreeBSD-SA-14:14.openssl</a></td><td>5 June 2014</td><td><p>OpenSSL multiple vulnerabilities</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:16.file.asc" target="_top">FreeBSD-SA-14:16.file</a></td><td>5 June 2014</td><td><p>Multiple vulnerabilities in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=file&amp;sektion=1"><span class="citerefentry"><span class="refentrytitle">file</span>(1)</span></a> and
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=libmagic&amp;sektion=3"><span class="citerefentry"><span class="refentrytitle">libmagic</span>(3)</span></a></p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:17.kmem.asc" target="_top">FreeBSD-SA-14:17.kmem</a></td><td>8 July 2014</td><td><p>kernel memory disclosure in control message and
SCTP notifications</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:18.openssl.asc" target="_top">FreeBSD-SA-14:18.openssl</a></td><td>9 September 2014</td><td><p>Multiple vulnerabilities in
OpenSSL</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:19.tcp.asc" target="_top">FreeBSD-SA-14:19.tcp</a></td><td>16 September 2014</td><td><p>Denial of Service in TCP packet
processing</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:21.routed.asc" target="_top">FreeBSD-SA-14:21.routed</a></td><td>21 October 2014</td><td><p><a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=routed&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">routed</span>(8)</span></a> denial of service
vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:23.openssl.asc" target="_top">FreeBSD-SA-14:23.openssl</a></td><td>21 October 2014</td><td><p>Multiple vulnerabilities in
OpenSSL</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:25.setlogin.asc" target="_top">FreeBSD-SA-14:25.setlogin</a></td><td>4 November 2014</td><td><p>kernel stack disclosure in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=setlogin&amp;sektion=2"><span class="citerefentry"><span class="refentrytitle">setlogin</span>(2)</span></a> and
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=getlogin&amp;sektion=2"><span class="citerefentry"><span class="refentrytitle">getlogin</span>(2)</span></a></p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:26.ftp.asc" target="_top">FreeBSD-SA-14:26.ftp</a></td><td>4 November 2014</td><td><p>Remote command execution in
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=ftp&amp;sektion=1"><span class="citerefentry"><span class="refentrytitle">ftp</span>(1)</span></a></p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:28.file.asc" target="_top">FreeBSD-SA-14:28.file</a></td><td>10 December 2014</td><td><p>Multiple vulnerabilities in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=file&amp;sektion=1"><span class="citerefentry"><span class="refentrytitle">file</span>(1)</span></a> and
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=libmagic&amp;sektion=3"><span class="citerefentry"><span class="refentrytitle">libmagic</span>(3)</span></a></p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:29.bind.asc" target="_top">FreeBSD-SA-14:29.bind</a></td><td>10 December 2014</td><td><p>BIND remote denial of service
vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:31.ntp.asc" target="_top">FreeBSD-SA-14:31.ntp</a></td><td>23 December 2014</td><td><p>Multiple vulnerabilities in NTP
suite</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:01.openssl.asc" target="_top">FreeBSD-SA-15:01.ntp</a></td><td>14 January 2015</td><td><p>Multiple vulnerabilities in
OpenSSL</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:02.kmem.asc" target="_top">FreeBSD-SA-15:02.kmem</a></td><td>27 January 2015</td><td><p>Fix SCTP SCTP_SS_VALUE kernel memory corruption
and disclosure vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:03.sctp.asc" target="_top">FreeBSD-SA-15:03.sctp</a></td><td>27 January 2015</td><td><p>Fix SCTP stream reset
vulnerability</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:04.igmp.asc" target="_top">FreeBSD-SA-15:04.igmp</a></td><td>25 February 2015</td><td><p>Integer overflow in IGMP protocol</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:05.bind.asc" target="_top">FreeBSD-SA-15:05.igmp</a></td><td>25 February 2015</td><td><p>Remote denial of service
vulnerability</p></td></tr></tbody></table></div></div><div class="sect1"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="errata"></a>3. Errata Notices</h2></div></div></div><div class="informaltable"><table width="100%" border="0"><colgroup><col width="40%" /><col width="30%" /><col width="30%" /></colgroup><thead><tr><th>Errata</th><th>Date</th><th>Topic</th></tr></thead><tbody><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-13:01.fxp.asc" target="_top">FreeBSD-EN-13:01.fxp</a></td><td>28 June 2013</td><td><p>Fixed a problem where <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=dhclient&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">dhclient</span>(8)</span></a> would
infinitely try to intialize <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=fxp&amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">fxp</span>(4)</span></a></p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-13:02.vtnet.asc" target="_top">FreeBSD-EN-13:02.vtnet</a></td><td>28 June 2013</td><td><p>Fixed a problem frames sent to additional MAC
addresses are not forwarded to the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=vtnet&amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">vtnet</span>(4)</span></a>
interface</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-13:04.freebsd-update.asc" target="_top">FreeBSD-EN-13:04.freebsd-update</a></td><td>26 October 2013</td><td><p>Multiple fixes</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-13:05.freebsd-update.asc" target="_top">FreeBSD-EN-13:05.freebsd-update</a></td><td>28 November 2013</td><td><p>Fix INDEX generation</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:01.random.asc" target="_top">FreeBSD-EN-14:01.random</a></td><td>14 January 2014</td><td><p>Disable hardware RNGs by default</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:02.mmap.asc" target="_top">FreeBSD-EN-14:02.mmap</a></td><td>14 January 2014</td><td><p>Fix incorrect coalescing of stack
entry</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:03.pkg.asc" target="_top">FreeBSD-EN-14:03.pkg</a></td><td>15 May 2014</td><td><p>Add pkg bootstrapping, configuration and public
keys</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:04.kldxref.asc" target="_top">FreeBSD-EN-14:04.kldxref</a></td><td>15 May 2014</td><td><p>Improve build repeatability for
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=kldxref&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">kldxref</span>(8)</span></a></p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:06.exec.asc" target="_top">FreeBSD-EN-14:06.exec</a></td><td>3 June 2014</td><td><p>Fix triple-fault when executing from a threaded
process</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:08.heimdal.asc" target="_top">FreeBSD-EN-14:08.heimdal</a></td><td>24 June 2014</td><td><p>Fix <code class="literal">gss_pseudo_random()</code>
interoperability issue</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:09.jail.asc" target="_top">FreeBSD-EN-14:09.jail</a></td><td>8 July 2014</td><td><p>Fix jail fails to start if
WITHOUT_INET/WITHOUT_INET6 is use</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:10.tzdata.asc" target="_top">FreeBSD-EN-14:10.tzdata</a></td><td>21 October 2014</td><td><p>Time zone data file update</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:12.zfs.asc" target="_top">FreeBSD-EN-14:12.zfs</a></td><td>4 November 2014</td><td><p>Fix NFSv4 and ZFS cache consistency
issue</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:13.freebsd-update.asc" target="_top">FreeBSD-EN-14:13.freebsd-update</a></td><td>23 December 2014</td><td><p>Fix directory deletion issue</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:02.openssl.asc" target="_top">FreeBSD-EN-15:02.openssl</a></td><td>25 February 2015</td><td><p>OpenSSL update</p></td></tr><tr><td><a class="link" href="https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:03.freebsd-update.asc" target="_top">FreeBSD-EN-15:03.freebsd-update</a></td><td>25 February 2015</td><td><p><a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=freebsd-update&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">freebsd-update</span>(8)</span></a> updates libraries in
suboptimal order</p></td></tr></tbody></table></div></div><div class="sect1"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="open-issues"></a>4. Open Issues</h2></div></div></div><p>[20130613] The <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=vtnet&amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">vtnet</span>(4)</span></a> network interface driver
displays the following message upon configuration when using
<span class="application">QEMU</span> 1.4.1 and later:</p><pre class="screen">vtnet0: error setting host MAC filter table</pre><p>This message is harmless when the interface has only one MAC
address. The patch for this issue is filed to a PR <a class="link" href="http://www.FreeBSD.org/cgi/query-pr.cgi?pr=178955" target="_top">kern/178955</a>.</p><p>[20130609] There is incompatibility in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">jail</span>(8)</span></a>
configuration because the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">jail</span>(8)</span></a> utility and
<code class="filename">rc.d/jail</code> script has been changed. More
specifically, the following <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">sysctl</span>(8)</span></a> variables cannot be
used to set the default parameters for jails:</p><pre class="programlisting">security.jail.mount_zfs_allowed
security.jail.mount_procfs_allowed
security.jail.mount_nullfs_allowed
security.jail.mount_devfs_allowed
security.jail.mount_allowed
security.jail.chflags_allowed
security.jail.allow_raw_sockets
security.jail.sysvipc_allowed
security.jail.socket_unixiproute_only
security.jail.set_hostname_allowed</pre><p>These could be set by manually using <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">sysctl</span>(8)</span></a> utility,
the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl.conf&amp;sektion=5"><span class="citerefentry"><span class="refentrytitle">sysctl.conf</span>(5)</span></a> file, or for some of them the following
variables in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&amp;sektion=5"><span class="citerefentry"><span class="refentrytitle">rc.conf</span>(5)</span></a>:</p><pre class="programlisting">jail_set_hostname_allow="yes"
jail_socket_unixiproute_only="yes"
jail_sysvipc_allow="yes"</pre><p>These parameters must now be specified in
<code class="varname">jail_parameters</code> (or
<code class="varname">jail_<em class="replaceable"><code>jailname</code></em>_parameters</code>
for per-jail configuration) in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&amp;sektion=5"><span class="citerefentry"><span class="refentrytitle">rc.conf</span>(5)</span></a>. For
example:</p><pre class="programlisting">jail_parameters="allow.sysvipc allow.raw_sockets"</pre><p>The valid keywords are the following. For more detail, see
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">jail</span>(8)</span></a> manual page.</p><pre class="programlisting">allow.set_hostname
allow.sysvipc
allow.raw_sockets
allow.chflags
allow.mount
allow.mount.devfs
allow.mount.nullfs
allow.mount.procfs
allow.mount.zfs
allow.quotas
allow.socket_af</pre><p>[20130608] FreeBSD 8.4-RELEASE no longer supports FreeBSD CVS
repository. Some documents mistakenly refer to
<code class="literal">RELENG_8_4_0_RELEASE</code> as CVS tag for the release and
<code class="literal">RELENG_8_4</code> as CVS branch tag for the
8.4-RELEASE security branch. However, FreeBSD Project no longer
supports FreeBSD CVS repository and 8.4-RELEASE has been released by
using FreeBSD subversion repository instead.
<code class="literal">RELENG_8_4</code> corresponds to
<code class="literal">svn://svn.FreeBSD.org/base/releng/8.4</code>, and
<code class="literal">RELENG_8_4_0_RELEASE</code> corresponds to
<code class="literal">svn://svn.FreeBSD.org/base/release/8.4.0</code>.
Please note that FreeBSD source tree for 8.4-RELEASE and its security
branch cannot be updated by using official CVSup servers.</p><p>[20130607] (removed about a <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=bge&amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">bge</span>(4)</span></a> network interface
driver issue because it was incorrect)</p><p>[20130606] The <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=fxp&amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">fxp</span>(4)</span></a> network interface driver may not
work well with the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=dhclient&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">dhclient</span>(8)</span></a> utility. More specifically,
if the <code class="filename">/etc/rc.conf</code> has the following
line:</p><pre class="programlisting">ifconfig_fxp0="DHCP"</pre><p>to activate a DHCP client to configure the network
interface, the following notification messages are displayed and
the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=dhclient&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">dhclient</span>(8)</span></a> utility keeps trying to initialize the
network interface forever.</p><pre class="screen">kernel: fxp0: link state changed to UP
kernel: fxp0: link state changed to DOWN</pre><p>A patch to fix this issue will be released as an Errata
Notice.</p></div><div class="sect1"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="late-news"></a>5. Late-Breaking News and Corrections</h2></div></div></div><p>[20130606] As described in FreeBSD 8.4-RELEASE Release Notes,
FreeBSD ZFS subsystem has been updated to support feature flags for
ZFS pools. However, the default version number of a newly
created ZFS pool is still <code class="literal">28</code>.</p><p>This is because FreeBSD 9.0 and 9.1 do not support the feature
flags. This means ZFS pools with feature flag support cannot be
used on FreeBSD 9.0 and 9.1. An 8.X system with v28 ZFS pools can
be upgraded to 9.X with no problem. Note that <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=zfs&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">zfs</span>(8)</span></a>
<code class="command">send</code> and <code class="command">receive</code> commands
do not work between pools with different versions. Once a ZFS
pool is upgraded from v28, there is no way to upgrade the system
to FreeBSD 9.0 and 9.1. FreeBSD 9.2 and later will support ZFS pools
with feature flags.</p><p>To create a ZFS pool with feature flag support, use the
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=zpool&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">zpool</span>(8)</span></a> <code class="command">create</code> command and then the
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=zpool&amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">zpool</span>(8)</span></a> <code class="command">upgrade</code> command.</p></div></div></body></html>
Reference in a new issue View git blame Copy permalink