diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml index f091e6df7d8..99500b6f9ae 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml @@ -132,2451 +132,103 @@ Security Advisories - A temporary file vulnerability in &man.texindex.1;, which - could allow a local attacker to overwrite files in the context - of a user running the &man.texindex.1; utility, has been fixed. - For more details see security advisory FreeBSD-SA-06:01.texindex. &merged; - - A temporary file vulnerability in the &man.ee.1; text - editor, which could allow a local attacker to overwrite files in - the context of a user running &man.ee.1;, has been fixed. For - more details see security advisory FreeBSD-SA-06:02.ee. &merged; - - Several vulnerabilities in the &man.cpio.1; utility have - been corrected. For more - details see security advisory FreeBSD-SA-06:03.cpio. &merged; - - An error in &man.ipfw.4; IP fragment handling, which could - cause a crash, has been fixed. For more - details see security advisory FreeBSD-SA-06:04.ipfw. &merged; - - A potential buffer overflow in the IEEE 802.11 scanning code - has been corrected. For more - details see security advisory FreeBSD-SA-06:05.80211. &merged; - - Two instances in which portions of kernel memory could be - disclosed to users have been fixed. For more details see - security advisory FreeBSD-SA-06:06.kmem. &merged; - - A logic bug in the IP fragment handling in &man.pf.4;, which - could cause a crash under certain circumstances, has been fixed. - For more details see security advisory FreeBSD-SA-06:07.pf. &merged; - - A logic bug in the NFS server code, which could cause a crash when - the server received a message with a zero-length payload, has been fixed. - For more details see security advisory FreeBSD-SA-06:10.nfs. &merged; - - A programming error in the &man.fast.ipsec.4; implementation - results in the sequence number associated with a Security - Association not being updated, allowing packets to unconditionally - pass sequence number verification checks, has been fixed. - For more details see security advisory FreeBSD-SA-06:11.ipsec. &merged; - - A logic bug that could cause &man.opiepasswd.1; to allow an unprivileged - user to configure OPIE authentication for the root user under certain - circumstances, has been fixed. - For more details see security advisory FreeBSD-SA-06:12.opie. &merged; - - An asynchronous signal handling vulnerability in &man.sendmail.8;, - which could allow a remote attacker to execute arbitrary code with the - privileges of the user running sendmail, typically root, has been fixed. - For more details see security advisory FreeBSD-SA-06:13.sendmail. &merged; - - [&arch.amd64;, &arch.i386;] An information disclosure issue found in the - &os; kernel running on 7th- and 8th-generation AMD processors - has been fixed. For more details see security advisory FreeBSD-SA-06:14.fpu. &merged; - - A bug in &man.ypserv.8;, which effectively disabled the - /var/yp/securenets access control mechanism, - has been corrected. More details are available in security - advisory - FreeBSD-SA-06:15.ypserv. &merged; - - A bug in the smbfs file system, which could allow an - attacker to escape out of &man.chroot.2 environments on an smbfs - mounted file system, has been fixed. For more details, see - security advisory - FreeBSD-SA-06:16.smbfs. &merged; - - A potential denial of service problem in &man.sendmail.8; - caused by excessive recursion which leads to stack - exhaustion when attempting delivery of a malformed - MIME message, has been fixed. For more details, - see security advisory FreeBSD-SA-06:17.sendmail. &merged; - - A potential buffer overflow condition in &man.sppp.4; has - been corrected. For more details, see security advisory - FreeBSD-SA-06:18.ppp. &merged; - - An OpenSSL bug related to validation of PKCS#1 v1.5 - signatures has been fixed. For more details, see security - advisory - FreeBSD-SA-06:19.openssl. &merged; - - A potential denial of service attack against &man.named.8; - has been fixed. For more details, see security advisory - FreeBSD-SA-06:20.bind. &merged; - - Several programming errors have been fixed in &man.gzip.1;. - They could have the effect of causing a crash or an infinite - loop when decompressing files. More information can be found in - security advisory - FreeBSD-SA-06:21.gzip. &merged; - - Several vulnerabilities have been fixed in OpenSSH. More - details can be found in security advisory - FreeBSD-SA-06:22.openssh. &merged; - - Multiple errors in the OpenSSL &man.crypto.3; library have - been fixed. Potential effects are varied, and are documented in - more detail in security advisory - FreeBSD-SA-06:23.openssl. &merged; - - A bug that could permit corrupt archives to cause an - infinite loop in &man.libarchive.3; and &man.tar.1; has been - fixed. More details are available in - FreeBSD-SA-06:24.libarchive. &merged; - - A bug that could allow users in - the operator group to read parts of kernel - memory has been corrected. For more details, consult security - advisory - FreeBSD-SA-06:25.kmem. &merged; - - A bug in the jail startup script that - could permit privilege escalation via a symlink attack has been - fixed. More information is available in - FreeBSD-SA-07:01.jail. &merged; - - Two remote denials of service in BIND (one involving DNSSEC and - one involving recursive DNS queries) have been fixed. For more - information, see security advisory - FreeBSD-SA-07:02.bind. &merged; - - Processing of IPv6 type 0 Routing Headers is now - controlled by the net.inet6.ip6.rthdr0_allowed - sysctl variable, which defaults to 0 (off). - For more information, see security advisory - FreeBSD-SA-07:03.ipv6. &merged; - - A potential heap overflow in the &man.file.1; utility - (and the &man.libmagic.3; library on which it relies) has been - fixed. More details can be found in security advisory - FreeBSD-SA-07:04.file. &merged; - - Problems with &man.libarchive.3; and &man.tar.1; handling - corrupted &man.tar.5; archive files have been fixed. More - details can be found in security advisory - FreeBSD-SA-07:05.libarchive. &merged; - - A buffer overflow in &man.tcpdump.1; has been corrected. - More information can be found in security advisory - FreeBSD-SA-07:06.tcpdump. &merged; - - A bug in &man.named.8;, which could result in an attacker - being able to poison a resolver's DNS cache, has been fixed. - More details are included in security advisory - FreeBSD-SA-07:07.bind. &merged; + Kernel Changes - &man.acpi.4; now has support for the HPET time counter. &merged; - - The &man.acpi.ibm.4; driver now supports setting the fan control - mode to manual or automatic, and adjusting the fan speed if the - fan control mode is manual. To enable manual control of the fan speed, - the sysctl variable dev.acpi_ibm.0.fan - needs to be set to zero (manual). This should only be used with - extreme precaution, as disabling automatic fan control might - overheat the hardware and lead to permanent damage. - - The &man.apm.4; suspend/resume support has been improved. - - The &man.cpufreq.4; CPU frequency control framework is now - enabled in the GENERIC kernel. - - Security event auditing is now supported in the &os; kernel, - and is enabled by the AUDIT kernel - configuration option. The option is enabled in the - GENERIC kernel. More information can be found - in the &man.audit.4; manual page. - - Support for the Camellia block cipher has been added to the - &os; kernel. It can now be specified as a cipher in &man.ipsec.4; - and &man.geli.8;. More information on Camellia can be found in - RFC 4132. - - The options COMPAT_43 kernel - configuration option has been deemed unnecessary and has been - removed from GENERIC and related kernel - configurations. This change may result in a small performance - increase for some workloads. - - The dumb console driver (&man.dcons.4;) is now enabled in the - GENERIC kernel. - - The &man.ddb.4; debugger now provides the show lock - command. If the argument has a valid lock class, - this displays various information about the lock and calls a - new function pointer in lock_class (lc_ddb_show) to dump class-specific - information about the lock as well (such as the owner of a mutex or - xlock'ed sx lock). &merged; - - The &man.ddb.4; debugger now provides the show sleepq - command. This takes a wait channel as an argument and looks - for a sleep queue associated with that wait channel. - - DEFAULTS kernel configuration files - for each platform have been added. These files contain - directives that are implicitly included in all kernel - configurations, and generally include basic, mandatory - functionality for each platform. &merged; - - A bug in file descriptor handling such that a simple - close(0); dup(fd) sequence does not return - descriptor 0 in some cases, has been fixed. - - The &man.firmware.9; subsystem has been added. This - subsystem provides a mechanism - to load binary data into the kernel via a specially crafted module. - &merged; - - The &man.gdb.1; remote debugging interface now supports - copying console messages to a remote debugger instance. - To enable this, set debug.gdbcons="1" - in loader.conf, enter boot -d; - gdb; step from the loader prompt, - then attach &man.gdb.1; from a remote machine. - The sysctl variable debug.gdbcons can be - used to turn on/off this functionality. - - &man.hwpmc.4; and &man.pmcstat.8; now support profiling - of dynamically loaded kernel modules and - shared objects loaded with &man.dlopen.3;. - - A new kern.hostuuid sysctl variable - has been added to hold a host's Universally Unique Identifier - (UUID). This UUID is computed or generated by a new - rc.d/hostid startup script and, where - possible, is saved to disk to be persistent across reboots. - - The kernel configuration - option has been improved. The full configuration of a running kernel - can now be obtained via sysctl -b kern.conftxt. - It can also be extracted from a kernel file via - config -x kernelfile. To preserve the literal - kernel configuration with all the comments included, the - option of &man.config.8; can be used. - - Support for Kernel Scheduled Entities (KSE) is now a kernel - option (previously it was a mandatory feature in the kernel). - It is enabled in the GENERIC kernel (thus there is no change in - functionality) for all platforms except &arch.sun4v;. - - The Linux ABI support was enhanced to support emulation of - Linux 2.6.16. This is not enabled by default. To turn it on - the compat.linux.osrelease sysctl variable - has to be set to 2.6.16. Note that this - support is still experimental. - - Support for Message Signaled Interrupts (MSI) and Extended - Message Signaled Interrupts (MSI-X) has been added to the kernel's - PCI support code. &merged; - - The &man.priv.9; kernel interface has been added. Its purpose - is checking the availability of privilege for threads and credentials. - Unlike the existing &man.suser.9; interface, &man.priv.9; exposes a - named privilege identifier to the privilege checking code, allowing - more complex policies regarding the granting of privilege to be - expressed. - - The &man.random.4; entropy device driver is now MPSAFE. - &merged; - - &os; now supports concurrent &man.read.2;/&man.readv.2; - access to a file. - - The kernel's &man.sx.9; locks have been optimized to use - simple atomic operations for the common cases of obtaining and - releasing shared and exclusive locks. While this change is not - generally user-visible, it is the basis for some substantial - performance improvements. - - The ULE process scheduler has been revised to improve its - behavior, in particular interactivity under load, for both - uniprocessor and multiprocessor machines. This - implementation has commonly been referred to as ULE - 3.0. (ULE 3.0 was formerly known as SCHED_SMP, - which in turn was based on version 2.0 of the ULE scheduler. - ULE 2.0 was never a part of any &os; release, however it - was the subject of many development, testing, and - benchmarking efforts.) - - The SIGCHLD signal queuing has been - added. For each child process whose status has been changed, - a SIGCHLD instance is queued. If the signal is still pending, - and the process changed status several times, the signal information - is updated to reflect the latest process status. - There is a loader tunable kern.sigqueue.queue_sigchild - which can control the behavior, setting it to zero disables the - SIGCHLD queuing feature. - - [&arch.amd64;, &arch.i386;] Instead of including all of physical - memory in a kernel crash dump, the kernel now defaults to dumping only pages that are - actively mapped into kernel virtual memory. A new - debug.minidump sysctl variable - can be used to turn off this behavior when set to zero. &merged; - - A new sysctl variable kern.malloc_stats - has been added. This allows exporting of kernel malloc - statistics via a binary structure stream. - - A new sysctl variable kern.forcesigexit - has been added. This forces a process - to sigexit if a trap signal is being held by the current thread or - ignored by the current process. It is enabled by default. - - The pcvt(4) driver, an alternative to &man.syscons.4;, - has been removed, as it had fallen out of sync with the rest - of the kernel. - - RedZone, a buffer corruption protection for the kernel &man.malloc.9; - facility has been implemented. This detects both buffer underflows and - overflows at runtime on &man.free.9; and &man.realloc.9;, - and prints backtraces from where memory was allocated and from where - it was freed. For more details, see the &man.redzone.9; manual page. - - A new sysctl variable security.mac.biba.interfaces_equal - which makes all network interfaces be created with the label - biba/equal(equal-equal), has been added. - This is useful where programs such as &man.dhclient.8; and &man.ppp.8;. - which initialize network interfaces do not have any labeling support. - This variable is set as 0 (disabled) by default. - &merged; - - A new loader tunable vm.kmem_size_min has been - added. This allows to specify a minimal size for - vm.kmem_size. - - A new sysctl variable vm.zone_stats - has been added. This allows to export &man.uma.9; allocator - statistics via a binary structure stream. - - The sysctl variable hw.pci.do_powerstate - has been split into two sysctl variables - hw.pci.do_powerstate_nodriver - and hw.pci.do_powerstate_resume. - Also, these variables have been changed from a boolean to a range. - 0 means no power management, - 1 means conservative power management which - any device class that has caused problems is added to the watch list, - 2 means aggressive power management where - any device class that is not fundamental to the system is added to the list, - and 3 means power them all down unconditionally. - The default values are 0 for - hw.pci.do_powerstate_nodriver and - 1 for hw.pci.do_powerstate_resume. - - [&arch.ia64;] The GENERIC kernel now enables - SMP support by default. - - Sample kernel configuration files - src/sys/arch/conf/MAC - for the Mandatory Access Control framework have been added. - - POSIX_TIMERS support has been updated to 200112L. - - An experimental support for POSIX message queue has been - implemented. - - &os; now runs on the Xbox, whose architecture is nearly identical - to the i386. For details of the latest development, see - . - &merged; - - The locking strategy for UNIX domain sockets has been - revised to improve concurrency; this change has yielded - substantial performance improvements on various SMP workloads - (in particular, MySQL on 8-way &arch.amd64; systems) with little - or no measured overhead on UP systems. - - Several minor but widespread changes to the Newbus API have - been made In order to support some on-going work with interrupt - filtering. Because this change also breaks the kernel ABI, all - third-party device drivers will need to be modified and - recompiled. + Boot Loader Changes - A new option , - which allows setting the boot2 - serial console speed in the /boot.config - file or on the boot: prompt line, - has been added. - - [&arch.amd64;, &arch.i386;] A new loader tunable - comconsole_speed to change - the serial console speed has been added. - If the previous stage boot loader requested a serial console, - then the default speed is determined from the current serial port - speed. Otherwise it is set to 9600 or the value of - the BOOT_COMCONSOLE_SPEED kernel option. - &merged; - - [&arch.amd64;, &arch.i386;] &man.firewire.4; and &man.dcons.4; - support has been added to the boot loader. To enable it, - LOADER_FIREWIRE_SUPPORT=yes has to be added - to /etc/make.conf and the loader be rebuilt. - - - - - [&arch.pc98;] A bootable CDROM loader has been implemented - for the pc98 platform. &merged; - - [&arch.pc98;] The IPLware support - in boot0.5 has been enhanced to support version 3.33. - - [&arch.i386;] A bug in the i386 boot loader, which could - cause file system corruption if - a nextboot.conf file was used and landed - after cylinder 1023, has been fixed. &merged; + Hardware Support - The &man.amdsmb.4; driver has been added. It provides - support for the AMD-8111 SMBus 2.0 controller. &merged; - - The &man.cardbus.4;, &man.pccard.4;, - &man.pccbb.4;, and &man.exca.4; drivers are now buildable - as kernel modules. - - An &man.acpi.dock.4; driver has been added to provide - support for controlling laptop docking station functions via - ACPI. &merged; - - The &man.acpi.thermal.4; driver now supports - passive cooling. &merged; - - The &man.acpi.thermal.4; driver now supports overriding - the _PSV, _HOT, and - _CRT temperature values. - - Support for the alpha architecture has been removed. Alpha - support will remain on the RELENG_5 and RELENG_6 codelines. - - The &man.cardbus.4; driver now supports - /dev/cardbus%d.cis. - - [&arch.i386;, &arch.pc98;] The &man.ce.4; driver, - which supports Cronyx Tau-PCI/32 adapters, has been added. - &merged; - - [&arch.i386;, &arch.amd64;] The &man.coretemp.4; driver - has been added to provide temperature readings on &intel; - &core; processors. - - The est &man.cpufreq.4; driver now supports - frequency control for the VIA C7-M family of processors. - - Support for the PadLock Security Co-processor in VIA C3, - Eden, and C7 - processors has been added to the &man.crypto.9; subsystem. - More information can be found in the &man.padlock.4; manual - page. - &merged; - - The &man.firewire.4; code is now MPSAFE. - - icee(4), a generic I2C EEPROM driver, has been added. - - A bug which prevented the &man.ichsmb.4; kernel module - from unloading has been fixed. - - [&arch.amd64;, &arch.i386;] Dual-core processors (such as the Intel - Core Duo) now have both cores available for use by - default in SMP-enabled kernels. &merged; - - [&arch.amd64;, &arch.i386;] &man.ipmi.4;, an OpenIPMI compatible driver, - has been added. - OpenIPMI (Intelligent Platform Management Interface) is an open - standard designed to enable remote monitoring and control of server, - networking and telecommunication platforms. &merged; - - The &man.kbdmux.4; driver has been integrated into &man.syscons.4; and - the kbd device driver. - By default &man.syscons.4; will look for the &man.kbdmux.4; - keyboard first, and then, if not found, look for any keyboard. - Switching to &man.kbdmux.4; can be done at boot time by loading - the kbdmux kernel module via &man.loader.8;, - or at runtime via &man.kldload.8; and releasing the active - keyboard. &merged; - - [&arch.amd64;, &arch.i386;] The &man.kbdmux.4; driver is now included in the - GENERIC kernel by default. - Also, the Boot FreeBSD with USB keyboard - menu item in the boot loader menu has been removed - since this fixes USB keyboard probing problems. - &merged; - - The &man.nfsmb.4; driver, which supports the NVIDIA nForce - 2/3/4 SMBus 2.0 controller, has been added. &merged; - - [&arch.ia64;, &arch.powerpc;] The loader tunable debug.mpsafevfs - is set to 1 by default. - - The &man.sab.4; driver has been removed (it has been - superceded by the &man.scc.4; driver). - - The &man.scc.4; driver has been added. - This provides generic support for serial communications - controllers and delegates the control over each channel - and mode to a subordinate driver such as &man.uart.4;. - - [&arch.amd64;] The smbios(4) driver support for amd64 has been - added. - - [&arch.sun4v;] &os; now has preliminary support for the Sun Microsystems - UltraSPARC-T1 architecture. &os;/sun4v has been demonstrated - to run on the Sun Fire T1000 and Sun Fire T2000 servers. - More information can be found on the - sun4v - Project - page. - - The tnt4882(4) driver, which supports the National Instruments - PCI-GPIB card, has been added. - - [&arch.amd64;, &arch.i386;, &arch.ia64;, &arch.sparc64;] The &man.uart.4; driver has been included in the - GENERIC kernel by default. - When both &man.sio.4; and &man.uart.4; can handle a given serial port, - &man.sio.4; will claim it. - - The &man.uark.4; driver, which supports the Arkmicro - Technologies ARK3116-based USB serial adapter, has been - added. - - The &man.uart.4; driver now supports LOM (Lights Out Management) - and RSC (Remote System Control) devices as consoles. - - The zs driver has been removed. Its functionality - has been superceded by that of the &man.uart.4; driver. - - [&arch.i386;] A new loader tunable - hw.apic.enable_extint has been added. - This tunable can be used to disable masking of the ExtINT pin on the first - I/O APIC. At least one chipset for the Intel Pentium III seems - to need this, even though all of the pins in the 8259As are masked. - The default is still to mask the ExtINT pin. - - [&arch.i386;] Support has been improved for - so-called legacy-free hardware, in particular, - i386 systems without AT-style keyboard controllers such as the - Macbook Pro. &merged; + Multimedia Support - The &man.agp.4; driver now supports ATI AGP chipsets. - &merged; + - The new midi(4) driver which is based on NetBSD's one - has been added. This supports &man.snd.cmi.4; and - &man.snd.emu10k1.4; drivers. - - The &man.sound.4; driver now supports - wider range sampling rate, multiple precisions choice, - and 24/32 bit PCM format conversion. &merged; - - The &man.snd.als4000.4; driver is now MPSAFE. &merged; - - The &man.snd.atiixp.4; driver has been added. - This supports ATI IXP 200/300/400 series audio controllers. &merged; - - The &man.snd.atiixp.4; driver now supports - suspend and resume features. &merged; - - The &man.snd.cmi.4; driver is now MPSAFE. - - The &man.snd.emu10kx.4; driver has been added. It - supports Creative SoundBlaster Live! and Audigy series sound - cards with optional pseudo-multichannel playback. - - The &man.snd.envy24.4; driver has been added to support - the Envy24 series of audio chips. - - The &man.snd.envy24ht.4; driver has been added to support - the VIA Envy24HT series of audio chips. - - The &man.snd.es137x.4; driver is now MPSAFE. &merged; - - The &man.snd.ich.4; driver is now MPSAFE. &merged; - - The &man.snd.hda.4; driver has been added. It supports - devices that conform to revision 1.0 of the Intel High Definition - Audio specification. - - The &man.snd.solo.4; driver is now MPSAFE. &merged; - - The &man.snd.spicds.4; driver has been added to support - I2S SPI audio codec chips. - - The &man.snd.via8233.4; driver is now MPSAFE. &merged; - - The &man.snd.via82c686.4; driver is now MPSAFE. &merged; - - [&arch.amd64;] The &man.speaker.4; driver now supports &os;/amd64. &merged; - - The &man.uaudio.4; driver now supports 24/32 bit audio - formats and conversion. Network Interface Support - The &man.ath.4; driver has been updated to - HAL version 0.9.20.3. &merged; + - [&arch.amd64;, &arch.i386;, &arch.pc98;, &arch.sparc64;] - The &man.ath.4;, &man.ath.hal.4;, and - ath_rate_sample drivers have been - included in the GENERIC kernel by - default. &merged; - - The &man.axe.4; driver now supports &man.altq.4;. &merged; - - [&arch.amd64;, &arch.i386;] The &man.bce.4; driver, which supports Broadcom - NetXtreme II (BCM5706/BCM5708) PCI/PCIe Gigabit Ethernet controllers, - has been added. For more details, see &man.bce.4;. &merged; - - A bug which prevents the &man.bfe.4; driver from working - on a system with over 1GB RAM has been fixed. &merged; - - The &man.bge.4; driver's Jumbo frame support is now MPSAFE. - - The &man.bge.4; driver now supports big-endian - architectures such as sparc64. - - The &man.bge.4; driver now supports &man.polling.4; mode. - &merged; - - The &man.cm.4; driver is now MPSAFE. - - The &man.cxgb.4; driver has been added. It provides support for - 10 Gigabit Ethernet adapters based on the Chelsio T3 and T3B chipsets. - - - The &man.dc.4; driver is now MPSAFE. &merged; - - The &man.de.4; driver has been converted to the &man.bus.dma.9; - API and is now MPSAFE. - - The &man.ed.4; driver is now MPSAFE. - - The &man.edsc.4; driver, which provides Ethernet discard network - interfaces, has been added. &merged; - - The &man.el.4; driver has been removed due to lack of use. - - The &man.em.4; driver now supports big-endian - architectures such as sparc64. &merged; - - The &man.em.4; driver has been updated to - version 6.5.0 from Intel. Among other changes, it now supports - 80003, 82571, 82571EB, 82572 and 82575 based adapters, as well as - onboard-NICs on ICH8-based motherboards. &merged; - - The &man.em.4; driver now includes - initial support for suspend and resume features. - - The performance of the &man.em.4; driver has been improved - by using a fast interrupt handler and taskqueue - instead of ithread handler. This change can be disabled - by defining NO_EM_FASTINTR kernel option - for debugging purpose. - - The IP over FireWire (&man.fwip.4;) driver is now enabled in - the GENERIC kernel. - - The &man.gem.4; driver now supports &man.altq.4;. - - The firmware images needed by the &man.ipw.4; driver are now - part of the &os; base system. For the loaded firmware to work the - license at /usr/share/doc/legal/intel_ipw/LICENSE - must be agreed to and legal.intel_ipw.license_ack=1 - has to be added to /boot/loader.conf. - Prior versions of the driver used the firmware image in the - net/ipw-firmware-kmod - port/package or the - net/ipw-firmware - port/package. &merged; - - The &man.iwi.4; driver now supports big-endian - architectures such as sparc64. - - A number of improvements and bugfixes have been made to the - functionality of the &man.iwi.4; driver. &merged; - - The firmware images needed by the &man.iwi.4; driver are now - part of the &os; base system. For the loaded firmware to work the - license at /usr/share/doc/legal/intel_iwi/LICENSE - must be agreed to and legal.intel_iwi.license_ack=1 - has to be added to /boot/loader.conf. - Prior versions of the driver used the firmware image in the - net/iwi-firmware-kmod - port/package or the - net/iwi-firmware - port/package. &merged; - - The ixgbe driver, which supports the Intel 10G PCI-Express - adapter (82598), has been added. - - The &man.le.4; driver, which supports AMD Am7900 LANCE - and Am79C9xx PCnet NICs, - has been added. While the &man.lnc.4; driver also supports these - NICs, this driver has several advantages over it such as - MPSAFE, ALTQ, VLAN_MTU, ifmedia, and 32-bit DMA for PCI - variants. This driver is based on NetBSD's implementation. - &merged; - - The &man.lge.4; driver is now MPSAFE. &merged; - - The lnc(4) driver has been removed. The &man.le.4; and - &man.pcn.4; drivers support all devices that were supported - by lnc(4). - - The &man.msk.4; driver has been added. It supports - network interfaces using the Marvell/SysKonnect Yukon II - Gigabit Ethernet controller. &merged; - - The &man.my.4; driver is now MPSAFE. &merged; - - The &man.my.4; driver now supports &man.altq.4;. &merged; - - [&arch.amd64;, &arch.i386;] The &man.mxge.4; driver, - which supports Myricom Myri10GE 10 Gigabit Ethernet - adapters, has been added. For more details, see - &man.mxge.4;. &merged; - - [&arch.amd64;, &arch.i386;] The &man.nfe.4; driver, an open-source driver for nForce - Ethernet devices, has been added, originally from - OpenBSD. This driver has replaced the &man.nve.4; driver in - the GENERIC kernel. - - [&arch.arm;] The &man.npe.4; driver, which supports the - Intel XScale Network Processing Engine, has been - added. &merged; - - The &man.nve.4; driver has been updated to version 1.0-0310 - (23-Nov-2005). It also now has &man.altq.4; support. &merged; - - The &man.nxge.4; driver, which supports the Neterion - Xframe 10 Gigabit Ethernet adapter, has been added. - - The &man.pcn.4; driver is now MPSAFE. &merged; - - The &man.re.4; driver now supports the D-Link DGE-528(T) - Gigabit Ethernet card. - - The &man.rum.4; driver has been added. It supports - WLAN adapters based on the Ralink RT2501USB and RT2601USB - chipsets. - - The &man.sf.4; driver is now MPSAFE. &merged; - - The &man.sk.4; driver is now MPSAFE. &merged; - - The &man.ste.4; driver is now MPSAFE. &merged; - - The &man.stge.4; driver has been added. It supports the - Sundance/Tamarack TC9021 Gigabit Ethernet controller and was - ported from NetBSD. &merged; - - The &man.ti.4; driver now supports big-endian - architectures such as sparc64. - - The &man.ufoma.4; driver for - FOMA (third generation mobile phone system by NTT DoCoMo, Inc. - in Japan) has been added. - This should support other third generation mobile phones - since the driver is based on USB Implementation Guideline - from MCPC (Mobile Computing Promotion Consortium) in Japan. - - The vgapci(4) driver has been added. This is a stub - device driver for VGA PCI devices and serves as a bus - so that other drivers such as drm(4), - &man.acpi.video.4;, and &man.agp.4; can attach to - it thus allowing multiple drivers for the same device. - - The &man.vge.4; driver now supports &man.altq.4;. &merged; - - The &man.wi.4; driver is now buildable as - a kernel module. - - [&arch.amd64;, &arch.i386;, &arch.pc98;] The &man.wlan.wep.4;, - &man.wlan.ccmp.4;, and &man.wlan.tkip.4; drivers - have been included in the GENERIC - kernel by default. - - [&arch.amd64;, &arch.i386;] The &man.zyd.4; driver - has been added. It provides support for ZyDAS ZD1211/ZD1211B USB - IEEE 802.11 b/g wireless network devices. - - The network interface groups feature has been imported - from OpenBSD. This feature allows an administrator to, for - example, apply firewall rules to an entire group of - interfaces. More information can be found in - &man.ifconfig.8;. - - The 802.11 protocol stack has been significantly reworked. - Among the new features are support for background scanning - and roaming between APs, as well as support that will be - required by 802.11n-capable devices. - - The 802.11 protocol stack now has support for 900 MHz - cards, as well as quarter- and half-channel support - for 802.11a. &merged; - - The &os; network stack now runs entirely free of the - Giant kernel lock, and relies solely on the kernel's - fine-grained locking primitives to manage parallelism. This - significantly improves the network stack's performance on - multi-processor systems; uni-processor systems could also - see performance gains. - ISDN4BSD and netatm have been temporarily - disconnected from the build. These modules all require - the Giant kernel lock for their operation; disconnecting - them allows the removal of the NET_NEEDS_GIANT compatability - shim. It is planned to convert - these modules to fine-grained kernel locking and re-connect - them for &os; 7.1-RELEASE. Network Protocols - The &man.arp.4; retransmission algorithm has been - rewritten so that ARP requests are retransmitted without - suppression, while there is demand for such ARP entry. - Due to this change, a sysctl variable - net.link.ether.inet.host_down_time - has been removed. &merged; - - The &man.arp.4; protocol now supports a sysctl variable - net.link.ether.inet.log_arp_permanent_modify - to suppress logging of attempts to modify - permanent ARP entries. &merged; - - [&arch.amd64;, &arch.i386;, &arch.pc98;] An experimental BPF Just-In-Time compiler - has been implemented for both &man.bpf.4; and &man.ng.bpf.4;. - To enable this, the - options BPF_JITTER kernel option is needed. - The net.bpf_jitter.enable - can be used to disable this feature. - - Multiple copies of a packet received via different - &man.bpf.4; listeners now all have identical - timestamps. &merged; - - The &man.bpf.4; device now supports several new - &man.ioctl.2; calls to allow examining inbound vs. outbound - packets, as well as packets that have been injected onto the - network. - - The bridge(4) driver has been removed from the tree. Its - functionality has been completely replaced by - &man.if.bridge.4;. - - The &man.enc.4; IPsec filtering pseudo-device has been - added. It allows firewall packages using the &man.pfil.9; - framework to examine (and filter) IPsec traffic before - outbound encryption and after inbound decryption. &merged; - - The &man.gre.4; driver, which is for GRE encapsulation - found in RFC 1701 and RFC 1702, now supports IPv6 over GRE. - - The &man.if.bridge.4; driver now supports - creating SPAN ports, which transmit a copy of every frame - received by the bridge. This feature can be enabled - by using &man.ifconfig.8;. &merged; - - The &man.if.bridge.4; driver now supports - RFC 3378 EtherIP. This change makes it possible to - add &man.gif.4; interfaces to bridges, which will then - send and receive IP protocol 97 packets. - Packets are Ethernet frames with an EtherIP header prepended. - &merged; - - The &man.if.bridge.4; driver now supports RSTP, the Rapid - Spanning Tree Protocol (802.1w). &merged; - - The &man.if.bridge.4; driver now supports a - private flag on bridge ports; - no private port on a bridge can communicate with any - other private port. This functionlity is useful in - scenarios such as number of customers VLANs bridged - with a server network; it might be desirable to prevent - the customer VLANs from communicating with each other - but allow all of them to access the server network. The - private flag on a bridge port can be set or cleared via - &man.ifconfig.8;. - - A hard-coded limit on the number of IPv4 multicast group - memberships (formerly 20) has been removed. - - The path MTU discovery for multicast packets in the &os; - IPv6 stack has been disabled by default. - Path MTU notification from a large number of multicast routers - can be a kind of distributed Denial-of-Service attack to a router. - This feature can be re-enabled by using a new sysctl variable - net.inet6.ip6.mcast_pmtu. &merged; - - IPv6 multicast forwarding is now dynamically loadable, via - the ip_mroute.ko module. - - IPv6 link-local addresses are now enabled only - if ipv6_enable is set in &man.rc.conf.5;. - &merged; - - The &man.ipfw.4; IP packet filter now supports IPv6. &merged; - - The &man.ipfw.4; firewall system now supports - a tablearg feature, which allows - values obtained from a table lookup to be used as part of a - rule. &merged; - This feature can be used to optimize some rulesets - or to implement policy-based routing inside a firewall. - For example, the following rules will throw different - packets to different pipes: - - pipe 1000 config bw 1000Kbyte/s -pipe 4000 config bw 4000Kbyte/s -table 1 add x.x.x.x 1000 -table 1 add x.x.x.y 4000 -pipe tablearg ip from table(1) to any - - The &man.ipfw.4; packet filter now supports - tag and untag rule keywords. - When a packet matches a rule with the tag - keyword, the numeric tag for the given number in the range - from 0 to 65535 will be attached to the packet. - The tag acts as an internal marker (it is not sent out over - the wire) that can be used to identify these packets later on, - for example, by using tagged - rule option. For more details, see &man.ipfw.8;. &merged; - - The &man.ipfw.4; packet filter now supports filtering on - Routing Header Type 0 and Mobile IPv6 Routing Header Type 2 - in addition to filtering on the non-differentiated presence - of any Routing Header. - - The IPFIREWALL_FORWARD_EXTENDED kernel - option has been removed. This option was used to permit - &man.ipfw.4; to redirect packets with local destinations. - This behavior is now always enabled when - the IPFIREWALL_FORWARD kernel option is - enabled. &merged; - - The ip6fw(8) packet filter has been removed. Since &man.ipfw.4; has gained - IPv6 support, it should be used instead. Please note that some rules might need - to be adjusted. - - The KAME IPsec implementation has been removed. In its - place, FAST_IPSEC is now the only IPsec - implementation supported by the &os; kernel. The - IPSEC kernel configuration option, which - formerly enabled KAME IPsec, now enables - FAST_IPSEC. FAST_IPSEC - now supports both IPv4 and IPv6, uses fine-grained kernel - locking, and supports hardware cryptographic - acceleration. - - Support for tunneling IPX over IP has been removed. - - The &man.lagg.4; driver, ported from OpenBSD and NetBSD, - has been added to support a variety of protocols and algorithms - for link aggregation, failover, and fault tolerance. &merged; - - The &man.natm.4;, Native Mode ATM protocol layer is now MPSAFE. - - The &man.ng.car.4; Netgraph node has been added. It implements - various traffic shaping and rate limiting algorithms. - - A new &man.ng.deflate.4; Netgraph node type has been - added. It implements Deflate PPP compression. &merged; - - The &man.ng.ether.4; Netgraph node no longer overwrites - the MAC address of outgoing frames by default. &merged; - - The &man.ng.h4.4; Netgraph node is now MPSAFE. - - The &man.ng.iface.4; Netgraph node now supports &man.altq.4;. - &merged; - - The &man.ng.ppp.4; Netgraph node is now MPSAFE. &merged; - - A new &man.ng.pred1.4; Netgraph node type has been added - to implement Predictor-1 PPP compression. &merged; - - The &man.ng.tag.4; Netgraph node has been added to - support the manipulation of mbuf tags attached to data in the - kernel. &merged; - - A bug has been fixed in which NFS over TCP would not reconnect - when the server sent a FIN. This problem had occurred - with Solaris NFS servers. &merged; - - The default retransmit timer for NFS over TCP is now 60 seconds. - This change prevents the unnecessary retransmission of - non-idempotent NFS requests. The nfs_access_cache - variable in &man.rc.conf.5; has also been changed to 60. - - The default minimum number of nfsiod kernel threads - (&man.sysctl.8; variable vfs.nfs.iodmin) - has been changed from 4 to 0. - - The sysctl variables net.inet.ip.portrange.reservedhigh - and net.inet.ip.portrange.reservedlow - can be used with IPv6 now. &merged; - - A new sysctl variable net.inet.icmp.reply_from_interface - has been added. This allows the &man.icmp.4; - reply to non-local packets to be generated with - the IP address the packet came through in. - This is useful for routers to show in &man.traceroute.8; - the actual path a packet has taken instead of - the possibly different return path. - - A new sysctl variable net.inet.icmp.quotelen - has been added. This allows to change length of - the quotation of the original packet in an ICMP reply. - The minimum of 8 bytes is internally enforced. - The maximum quotation is the remaining space in the - reply mbuf. This option is added in response to the - issues raised in I-D - draft-gont-icmp-payload-00.txt. - - The &man.icmp.4; now always quotes the entire TCP header - when responding and allocate an mbuf cluster if needed. - This change fixes the TCP issues raised in I-D - draft-gont-icmp-payload-00.txt. - - A new socket option IP_MINTTL has been added. - This may be used to set the minimum acceptable - TTL a packet must have when received on a socket. - All packets with a lower TTL are silently dropped. - This works on already connected/connecting and - listening sockets for RAW, UDP, and TCP. This option - is only really useful when set to 255, preventing packets - from outside the directly connected networks reaching - local listeners on sockets. Also, this option allows - userland implementation of The Generalized TTL - Security Mechanism (GTSM) found in RFC 3682. - - The kernel &man.ppp.4; driver now supports IPv6. - - Stealth forwarding now supports IPv6 as well as IPv4. - This behavior can be controlled by using a new sysctl variable - net.inet6.ip6.stealth. - - The PIM kernel option has been removed. - The corresponding code is now included in the - MROUTING kernel option. - - Support has been added for the RFC 3678 Source-Specific - Multicast (SSM) socket API. More details can be found in - the &man.sourcefilter.3; manual page. - - Support has been added for the Stream Control Transmission - Protocol (SCTP). SCTP implements a reliable, message-oriented - transport protocol, and is defined in RFC 4960. It is enabled - in &os; with the SCTP kernel option and is - part of the GENERIC kernel. More - information can be found in the &man.sctp.4; manual page. - - The IPV6_V6ONLY socket option - now works for UDP. - - The TCP_DROP_SYNFIN kernel option is now - included in the kernel by default. The - net.inet.tcp.drop_synfin sysctl variable still - defaults to 0. - - The TCP bandwidth-delay product limiting feature has - been disabled when the RTT is below a certain threshold. - This optimization does not make sense on a LAN, as it has - trouble figuring out the maximal bandwidth due to the coarse - tick granularity. A new sysctl variable - net.inet.tcp.inflight.rttthresh specifies - the threshold in milliseconds below which this feature - will disengage. It defaults to 10ms. &merged; - - The &os; network stack now has support for TCP - Segmentation Offload (TSO). TSO reduces the overhead of - sending bulk TCP data by allowing a network interface to - convert a large data transfer into multiple TCP segments to be - sent on the network. This functionality can be enabled or - disabled on a per-interface basis with - the tso and -tso flags - to &man.ifconfig.8;. Network interfaces and drivers - supporting TSO currently include &man.em.4;, - &man.mxge.4; and &man.cxgb.4;. - - &os; now supports auto-sizing of TCP socket buffers. This - allows the socket buffer sizes to adapt dynamically to network - conditions, rather than being set statically. The behavior of - this feature can be controlled using - the net.inet.tcp.sendbuf_* - and net.inet.tcp.recvbuf_* sysctl - variables. - - The net.link.tap.up_on_open sysctl variable - has been added to the &man.tap.4; driver. If enabled, new tap - devices will marked up upon creation. &merged; - - - Support for &man.kqueue.2; operations has been added to - the &man.tun.4; driver. &merged; + Disks and Storage - The &man.aac.4; driver now supports the Adaptec 2610SA SATA-RAID - controller in some Hewlett-Packard machines. + - The performance of the &man.amr.4; driver has been improved; - it also now supports full 64-bit DMA. While this feature is - enabled by default, this can be forced off by setting the - hw.amr.force_sg32 loader tunable for - debugging purpose. - &merged; - - The &man.amr.4; driver now supports the &man.ioctl.2; requests - necessary for the Linux LSI MegaRaid tools in &os;'s Linux emulation - environment. - &merged; - - The &man.arcmsr.4; driver has been updated to version - 1.20.00.13. &merged; - - The &man.ahc.4; driver is now MPSAFE. - - The &man.ahd.4; driver is now MPSAFE. - - The &man.ata.4; driver now supports a workaround - for some controllers whose DMA does not work properly - in 48bit mode. For affected controllers, - PIO mode will be used for access to areas beyond 137GB. - &merged; - - The &man.ata.4; driver now supports the ITE IT8211F IDE controller, - and the Promise PDC40718 and PDC40719 chip found in Promise - Fasttrak TX4300. - &merged; - - The &man.ata.4; driver now supports DMA for kernel crash dumps, - as well as crash dumping to an &man.ataraid.4; device. - &merged; - - The &man.ata.4; driver now supports USB mass storage class - devices. To enable it, a line device atausb - in the kernel configuration file or loading the - atausb kernel module is needed. - Note that this functionality cannot coexist with the - &man.umass.4; driver. &merged; - - The &man.ataraid.4; driver now supports - JMicron ATA RAID metadata. &merged; - - The CAM subsystem is now MPSAFE. - - The &man.ciss.4; driver is now MPSAFE. - - A new GEOM_JOURNAL class has been added - to the GEOM storage transformation system. It supports - block-level journaling operations, which can be used by file - system modules to perform file system journaling and to keep - file systems in a consistent state. (Currently, only UFS file - systems are supported.) Its operation can be controlled using - the &man.gjournal.8; utility. - - The GEOM_LABEL class now supports - Ext2FS, NTFS, and ReiserFS. &merged; - - The GEOM_MIRROR class now supports - kernel crash dumps to the GEOM providers. - &merged; - - The GEOM_MIRROR and GEOM_RAID3 - classes now support sysctl variables - kern.geom.mirror.disconnect_on_failure - and - kern.geom.graid3.disconnect_on_failure - to control whether failed components will be disconnected or not. - The default value is 1 to preserve the current - behavior, and if it is set to 0 such components - are not disconnected and the kernel will try to still use them - (only the first error will be logged). - This is helpful for the case of multiple broken components (in - different places), so actually all data is available. - The broken components will be visible in gmirror list - or graid3 list output with flag - BROKEN. - &merged; - - The GEOM_MIRROR and GEOM_RAID3 - classes now use parallel I/O requests for synchronization - to improve the performance. New sysctl variables - kern.geom.mirror.sync_requests and - kern.geom.raid3.sync_requests - define how many parallel I/O requests should be used. - Also, the sysctl variables - kern.geom.mirror.reqs_per_sync, - kern.geom.mirror.syncs_per_sec, - kern.geom.raid3.reqs_per_sync, and - kern.geom.raid3.syncs_per_sec - are deprecated and have been removed. - &merged; - - A new GEOM_MULTIPATH class has been added to support - multiple access paths to disk devices. The &man.gmultipath.8; - utility has been added to control the behavior of disk devices - using this feature. - - A new GEOM_VIRSTOR class has been added - to provide virtual storage devices of arbitrary size with - physical devices as backing store. More information can be - found in the manual page for its control utility, - &man.gvirstor.8;. - - A new GEOM class GEOM_ZERO has been added. - It creates a very huge provider (41PB) /dev/gzero - and is mainly useful for performance testing. - On BIO_READ request it zero-fills - bio_data and on BIO_WRITE - it does nothing. - &merged; - - The GEOM class kernel module g_md.ko - has been renamed to geom_md.ko - for consistency. - - [&arch.amd64;, &arch.i386;] The &man.hptiop.4; driver has been added. - It supports the Highpoint RocketRAID 3xxx series of controllers. - - [&arch.amd64;, &arch.i386;] The &man.hptmv.4; driver has been updated and now supports - amd64 as well as PAE. - - The &man.isp.4; driver is now MPSAFE. - - The &man.mfi.4; driver, which supports - the LSI MegaRAID SAS controller family, has been added. - &merged; - - The &man.mpt.4; driver has been updated to support - various new features such as RAID volume and RAID member - state/settings reporting, periodic volume re-synchronization - status reporting, and sysctl variables for volume - re-synchronization rate, volume member write cache status, - and volume transaction queue depth. &merged; - - The &man.mpt.4; driver now supports SAS HBA (partially), - 64-bit PCI, and large data transfer. &merged; - - The &man.mpt.4; driver is now MPSAFE. - - [&arch.amd64;, &arch.i386;] Experimental support for the - TMPFS file system has been added. TMPFS is an efficient - memory file system originally developed for the NetBSD project - during the Google Summer of Code. More information can be - found in the &man.tmpfs.5; manual page. - - The &man.twa.4; driver has been updated to the 3.70.03.007 - release on the 3ware Web site. It now supports AMCC's 3ware - 9650 series of SATA controllers. &merged; - - A new GEOM-based disk encryption facility, GEOM_ELI, has been - added. It uses the &man.crypto.9; framework for hardware acceleration - and supports different cryptographic algorithms. See &man.geli.8; for - more information. &merged; - - The &man.geli.8; disk encryption system now supports loading keyfiles before the root - file system is mounted. &merged; - For example, the following entries - can be used in /boot/loader.conf to enable - it: - - geli_da0_keyfile0_load="YES" -geli_da0_keyfile0_type="da0:geli_keyfile0" -geli_da0_keyfile0_name="/boot/keys/da0.key0" -geli_da0_keyfile1_load="YES" -geli_da0_keyfile1_type="da0:geli_keyfile1" -geli_da0_keyfile1_name="/boot/keys/da0.key1" -geli_da0_keyfile2_load="YES" -geli_da0_keyfile2_type="da0:geli_keyfile2" -geli_da0_keyfile2_name="/boot/keys/da0.key2" - -geli_da1s3a_keyfile0_load="YES" -geli_da1s3a_keyfile0_type="da1s3a:geli_keyfile0" -geli_da1s3a_keyfile0_name="/boot/keys/da1s3a.key" - - &man.geli.8; is now able to perform data integrity - verification (data authentication) of encrypted data stored on - disk. Note that the encryption algorithm is now specified to - the &man.geli.8; control program using the - option; the option is now used to specify - the authentication algorithm. &merged; - - The &man.iscsi.initiator.4; driver, a kernel driver for - the Internet SCSI (iSCSI) protocol, has been added. This - driver allows access to remote SCSI devices over TCP/IP - networks. The &man.iscontrol.8; userland utility is used - to control the operation of the driver. - - The scsi_sg driver, which emulates a significant - subset of the Linux SCSI SG passthrough device API, has - been added. It is - intended to allow programs running under Linux emulation - (as well as native &os; applications) to access the - /dev/sg* - devices supported by Linux. &merged; - - The &man.umass.4; driver now supports - PLAY_MSF, - PLAY_TRACK, - PLAY_TRACK_REL, - PAUSE, - PLAY_12 commands so that - the &man.cdcontrol.1; utility can handle a USB CD drive. File Systems - [&arch.amd64;, &arch.i386;, &arch.pc98;] The &man.linsysfs.5; - pseudo-file system driver has been added. - It provides a subset of the - Linux sys file system, and is required for - the correct operation of some Linux binaries (such as the LSI - MegaRAID SAS utility). &merged; + - A part of the FreeBSD NFS subsystem (the interface with - the protocol stack and callouts, the NFS client side) is now MPSAFE. - - The &man.pseudofs.9; pseudo file system construction kit and - all of its consumers (&man.procfs.5;, &man.linprocfs.5; and - &man.linsysfs.5;), are now MPSAFE. - - The unionfs file system has been re-implemented. This - version solves many crashing and locking issues compared to - the previous implementation. It also adds - new transparent and masquerade - modes for automatically creating files in the upper file system - layer of unions. More information can be found in the - &man.mount.unionfs.8; manual page. &merged; - - [&arch.amd64;, &arch.i386;, &arch.pc98;] Support for Sun's ZFS has been - added. More information about this file system can be found - in the &man.zfs.8; manual page or - on the - OpenSolaris ZFS page. - - Initial (read-only) support for SGI's XFS file system has been - added. Userland Changes - The addr2ascii() and ascii2addr() library calls, originally - introduced by the INRIA IPv6 implementation, have been removed - from libc. They have no consumers in the - &os; base system. In a related change, support - for AF_LINK addresses has been added to - &man.getnameinfo.3;. - - Padding of ai_addrlen - in struct addrinfo has been removed, - which was originally for the ABI compatibility. - For example, this change breaks the ABI compatibility of the - &man.getaddrinfo.3; function on 64-bit architectures, including - &os;/amd64, &os;/ia64, and &os;/sparc64. - - The &man.asf.8; utility has been revised and extended. Now - it can operate via several interfaces including &man.kvm.3;, - which supports not only live systems, but also kernel crash dumps. - &merged; - - The &man.arp.8; utility now allows the - option together with the and options - to allow all entries for a given interface to be removed. &merged; - - The &man.atrun.8; utility has gained PAM support. Before - running a job for a user account, it will check the account - status with PAM and refuse to run the job if the account is - unavailable. The default definition of an unavailable account - includes those expired and administratively locked out with - &man.pw.8;. - - The OpenBSM userland tools, including &man.audit.8;, - &man.auditd.8;, - &man.auditreduce.1;, and - &man.praudit.1;, have been added. &merged; - - The &man.bsdiff.1; and &man.bspatch.1; utilities - have been added. These are tools for constructing and - applying binary patches. &merged; - - The &man.bsnmpd.1; utility now supports the Host Resources - MIB described in RFC 2790. &merged; - - The &man.camcontrol.8; utility now supports - a readcap command to display the size of - devices. &merged; - - The &man.cmp.1; utility now supports an - flag to compare the symbolic link itself rather than the - file that the link points to. &merged; - - The &man.config.8; utility now supports the nocpu - directive, which cancels the effect of a - previous cpu directive. &merged; - - The &man.config.8; utility now reads DEFAULTS - kernel configuration file if it exists in the current directory - before the specified configuration file. &merged; - - The &man.cp.1; utility now supports a - option, which causes it to create hardlinks to the source files - instead of copying them. &merged; - - The &man.cron.8; daemon has gained PAM support. Before - running a command from account's private &man.crontab.5; file, - it will check the account status with PAM and skip the command - if the account is unavailable. The default definition of an - unavailable account includes those expired and administratively - locked out with &man.pw.8;. In addition, &man.cron.8; will - skip commands from private &man.crontab.5; files if a - &man.nologin.5; file exists, unless the &man.crontab.5; owner's - login class is exempt from &man.nologin.5; restriction. - Commands from the system file /etc/crontab - are not subject to the PAM check. - - The &man.csh.1; utility now supports NLS catalogs. - Note that this requires installing - the shells/tcsh_nls port. - &merged; - - The &man.csup.1; utility has been imported. - This is an implementation of a CVSup-compatible client written - in the C language. Note that it currently supports checkout mode - only. &merged; - - The &man.dhclient.8; program now supports the Classless Static - Route option as described in RFC 3442. - - The &man.dhclient.8; program now sends the host's name in - DHCP requests if it is not specified in the configuration - file. &merged; - - The &man.devd.8; utility now supports a option - to specify a configuration file. &merged; - - The &man.du.1; program now supports a - flag, which causes it to ignore files and directories with - the nodump flag set. &merged; - - The &man.dump.8; and &man.restore.8; programs now attempt to - save and restore extended attribute information on files. - - A libelf library implementing - the SVR4 &man.elf.3; / &man.gelf.3; API for manipulating ELF files - has been added. - - The &man.fdisk.8; program now supports a - flag to print the slice table in fdisk configuration format. - - The &man.fsdb.8; utility now supports changing the birth - time of files on UFS2 file systems using the new - btime command. &merged; - - The &man.fsdb.8; program now supports - a findblk command, which finds the inode(s) - owning a specific disk block. &merged; - - The &man.find.1; program now supports - and other related primaries, which can be used to create expressions - based on a file's creation time. &merged; - - T/TCP support in &man.finger.1; (and the - flag used to enable it) has been removed. - - A bug in the &man.find.1; program which prevents - numeric arguments for and - from working as expected - has been fixed. - - The &man.freebsd-update.8; utility, a tool for managing - binary updates to the &os; base system, has been added. &merged; - - The &man.ftpd.8; utility now creates a PID file - /var/run/ftpd.pid even when - no option is specified. &merged; - - The &man.ftpd.8; utility now has support for RFC2389 (FEAT) - and rudimentary support for RFC2640 (UTF8). The RFC2640 support - is optional and can be enabled using the new - flag. More information can be found in the &man.ftpd.8; manual - page. &merged; - - The &man.gcc.1; SSP (Stack-Smashing Protector) support is now - enabled by default. - - The &man.gbde.8; utility now supports - and options - to specify a key file in addition to a passphrase. - - The &man.getfacl.1; utility now supports - a flag to suppress the per-file header - comment listing the file name, owner, and group. - &merged; - - The &man.getent.1; utility has been imported from NetBSD. - It retrieves and displays information from an administrative - database (such as hosts) using the lookup - order specified in &man.nsswitch.conf.5;. &merged; - - The &man.gpt.8; utility now supports setting GPT partition labels. - - The &man.gvinum.8; utility now supports commands - to rename objects and to move a subdisk from - one drive to another. &merged; - - The &man.gvinum.8; utility now supports the - resetconfig sub-command. - - An implementation of Generic Security Service API (GSS-API) - version 2 and its C binding described in RFC2743 and RFC2744 - has been added. This is a new extensible GSS-API layer which - can support GSS-API plugins, similar the the Solaris - implementation, and the Kerberos 5 GSS mechanism has - been rewritten as a plugin library for the new implementation. - - The &man.hccontrol.8; utility now supports HCI node - autodetection. - - The &man.id.1; utility now prints the effective user - ID after the group ID. - - The &man.id.1; utility now supports a - flag to print process audit properties, including the audit user - id. &merged; - - The &man.ifconfig.8; utility now supports - a flag to allow printing - potentially sensitive keying material to standard output. - This sensitive information will not be printed by default. - &merged; - - The &man.ifconfig.8; utility now supports a - parameter, which is just an alias for , - yet is more convenient and easier to type. &merged; - - The parameter to &man.ifconfig.8; - no longer requires a network interface as its argument. The - argument still is supported for backward compatibility, but - is now deprecated and its use is discouraged. &merged; - - The &man.iostat.8; utility now supports - a flag (inspired by Solaris) to print - extended disk statistics. If the new flag is - also specified, no output is made for disks with no - activity. &merged; - - The &man.ipfwpcap.8; utility has been added; it captures - packets on a &man.divert.4; socket and writes them as - &man.pcap.3; (also known as &man.tcpdump.1;) format data to a - file or pipe. - - The &man.jail.8; utility supports a option to - write out a JidFile, similar to a PidFile, containing - the jailid, path, hostname, IP and the command used to start - the jail. &merged; - - The &man.jail.8; program now supports a - option to specify a jail's securelevel. &merged; - - The &man.jexec.8; utility now supports - and flags to specify username credentials - under which a command should be executed. &merged; - - The &man.kdump.1; program now supports a - flag, which causes kdump to print an additional field holding - the threadid. &merged; - - The &man.kdump.1; program now supports a - flag to suppress the display of I/O data. &merged; - - The &man.kdump.1; program now supports printing - flags in a system call argument by using symbol names. - - The &man.kenv.1; utility now supports a - flag to suppress warnings. - - &man.kgdb.1; now supports a - option to open kmem-based targets in read-write mode. - This allows one to use kgdb on /dev/mem - and be able to patch memory on a live system. - - The &man.libarchive.3; library now supports - POSIX.1e-style Extended Attributes. - - The &man.libarchive.3; library now contains support for - &man.ar.1;-style archives. - - The libc library now includes - initial implementation of symbol maps and symbol version - definitions. - - The libedit library has been - updated from the NetBSD source tree as of August 2005. - - The libm library now includes - initial implementation of symbol maps and symbol version - definitions. - - The &man.libmemstat.3; library has been added. - This is for use by debugging and monitoring applications - in tracking kernel memory statistics. It provides an - abstracted interface to &man.uma.9; and &man.malloc.9; - statistics, wrapped around the binary stream sysctl variables - for the allocators. &merged; - - The &man.ln.1; utility now supports - an flag, which deletes existing - empty directories when creating symbolic links. - &merged; - - The &man.locate.1; utility now supports - a flag to make this utility - interoperable with &man.xargs.1;'s flag. - &merged; - - The &man.logger.1; utility now supports - a , which specifies the port to which syslog - messages should be sent. &merged; - - The &man.ls.1; utility now supports - an flag to disable the automatic - flag for the superuser. &merged; - - The &man.ls.1; utility now supports - an flag to use the file creation - time for sorting. &merged; - - A new &man.malloc.3; implementation has been introduced. - This implementation, sometimes referred to - as jemalloc, was designed to improve the - performance of multi-threaded programs, particularly on SMP - systems, while preserving the performance of single-threaded - programs. Due to the use of different algorithms and data - structures, jemalloc may expose some previously-unknown bugs in - userland code, although most of the &os; base system and common - ports have been tested and/or fixed. Note that jemalloc uses - &man.mmap.2; to obtain memory and only uses &man.sbrk.2; under - limited circumstances (and then only for 32-bit architectures). - As a result, the datasize resource limit - has little practical effect for typical applications. The - vmemoryuse resource limit, however, can be - used to bound the total virtual memory used by a process, as - described in &man.limits.1;. - - The &man.mdconfig.8; utility now supports producing - device listings formatted as XML. Currently, the - list and query - sub-commands support this feature. - - The &man.mdconfig.8; utility's option - now supports specifying multiple devices separated - by comma character. - - The &man.mdmfs.8; utility now supports a flag - to allow skipping the &man.newfs.8; process - when using a vnode-backed disk. - - The &man.mdmfs.8; utility now supports a flag - to allow to specify location of the &man.mdconfig.8; - utility instead of using the default one - (/sbin/mdconfig). - - A new function &man.memmem.3; has been implemented in - libc. This is the binary equivalent to - &man.strstr.3; and found in glibc. - - The &man.mergemaster.8; utility now supports - an option to explicitly specify - an architecture to pass through to the underlying makefiles. - &merged; - - The &man.mount.8; dev - and nodev options have - been removed. - - The &man.mount.8; utility now supports &man.mqueuefs.5;. - - A bug which prevents the &man.mount.8; utility from converting - a read-only mount to read-write via mount -u -o rw, - has been fixed. - - The &man.mount.8; utility now supports a - late keyword in &man.fstab.5;, along with a - corresponding command-line option to specify - that these late file systems should be - mounted. &merged; - - A number of the file - system-specific mount_* - utilities have been removed, in favor of the more general - &man.mount.8; command with a option. - Specifically, these commands are: - mount_devfs, - mount_ext2fs, - mount_fdescfs, - mount_linprocfs, - mount_procfs, - mount_std, - mount_linsysfs, - mount_reiserfs, and - mount_umapfs. - - - The &man.moused.8; daemon now supports an flag - to enable horizontal virtual scrolling similar to the - flag for vertical virtual scrolling. - &merged; - - The mrouted(8) multicast routing daemon has been removed - from the &os; base system. It implements the DVMRP multicast - routing protocol, which has largely been replaced by PIM in many - multicast installations. The related map-mbone(8) and mrinfo(8) - utilities have also been removed. These programs are now - available in the &os; Ports Collection - as net/mrouted. - - The &man.netstat.1; utility now supports an - flag for interface stats mode, - which prints all interface statistics in human readable form. &merged; - - The &man.netstat.1; utility now supports - printing &man.ipsec.4; protocol statistics. - Note that the output of netstat -s -p ipsec - differs depending on which stack is compiled into - the kernel since they each keep different statistics. &merged; - - The &man.netstat.1; utility now supports printing - &man.sctp.4; protocol statistics. - - The /etc/nsswitch.conf file is now - installed statically instead of being generated on every - reboot. - - The objformat(1) utility and getobjformat(3) library (the - last remnants of a.out object file support) have been removed. - - The &man.pam.nologin.8; module no longer provides - an authentication function; instead it now provides an account - management function. Third-party files in - /usr/local/etc/pam.d may - need manual editing; specifically, lines in these files of - the form: - - auth required pam_nologin.so no_warn - - These lines need to have the word auth - replaced with the word account. - - &man.nscd.8; has been added. It is a daemon that caches - the results of nsswitch lookups (such as those to the password, - group, and services databases) for improved performance. - - The &man.periodic.8; daily script now supports - display of the status of &man.gmirror.8;, &man.graid3.8;, - &man.gstripe.8;, and &man.gconcat.8; devices. - Note that these are disabled by default. &merged; - - A new function, &man.pidfile.3;, which provides reliable - pidfiles handling, has been implemented in - libutil. &merged; - - The &man.ping.8; utility now supports a sweeping - ping in which &man.icmp.4; payload of - packets being sent is increased with given step. - This is useful for testing problematic channels, MTU issues - or traffic policing functions in networks. &merged; - - The &man.ping.8; command now supports a - option to specify the maximum time to wait for an echo reply. - &merged; - - The &man.pkill.1; utility now supports a - option which allows to - restrict matches to a process whose PID is stored in the - pidfile file. When another new option - is also specified, the pidfile file must be locked with the - &man.flock.2; syscall or created with &man.pidfile.3;. - - The &man.pkill.1; utility now supports a - flag which works like - of &man.rm.1;. When this flag is specified, &man.pkill.1; - will ask for confirmation before sending a signal to - each matching process. - - The &man.pkill.1; utility (also known as &man.pgrep.1;) has - been moved from /usr/bin - to /bin so that it can be used by startup - scripts. Symbolic links from its former location have been - created for backward compatibility. &merged; - - The &man.pmcstat.8; program has seen several enhancements: - It can now log over a network socket to a remote host. The - now takes a comma-seperated list of CPUs - to configure for PMC allocation. The option - has been enhanced to take a regular expression for selecting - processes based on their command names. &man.pmcstat.8; now - allocates system PMCs on all CPUs by default, not just CPU 0. - - The &man.powerd.8; program now supports a - option, which specifies a pidfile to use. - - An extensible implementation of &man.printf.3;, compatible - with GLIBC, has been added to libc. It is - only used if the environment variable - USE_XPRINTF is defined, one of the extension - functions is called, or the global variable - __use_xprintf is set to a value greater than - 0. Five extensions are currently supported: - %H (hex dump), - %T (time_t and - time-related structures), - %M (errno message), - %Q (double-quoted, escaped string), - %V (&man.strvis.3;-format string), - &merged; - - The &man.pw.8; program now supports a - option to set the permissions of a user's newly created home - directory. &merged; - - The DNS resolver library in &os;'s libc - has been updated to that from BIND 9.4.1. - - The &man.rfcomm.sppd.1; program now supports service names - in addition to option with channel number. - The supported names are: DUN (Dial-Up Networking), FAX (Fax), - LAN (LAN Access Using PPP), and SP (Serial Port). &merged; - - The &man.rpcbind.8; program can now bind its TCP listening - socket to an IP address other than INADDR_ANY using the - flag. The new flag allows - it to bind to IPv6 addresses only. - - The &man.rpcgen.1; utility now generates headers and stub files - that can be used with ANSI C compilers by default. - - The &man.rpc.lockd.8; and &man.rpc.statd.8; programs now - accept options to indicate which port they - should bind to. &merged; - - The &man.rtld.1; runtime linker now supports ELF symbol versioning - using GNU semantics. This implementation aims to be compatible - with symbol versioning support as implemented by GNU libc and - documented in - and LSB 3.0. Also, dlvsym() - function has been added to - allow lookups for a specific version of a given symbol. - - The &man.sa.8; utility now supports - and flags. They can be used to specify - the per-user and per-process summary file location, - respectively. - - A bug in the &man.sed.1; utility which can cause - incorrect calculation of pattern space length in some cases - has been fixed. - - The &man.sed.1; utility now supports case-insensitive - pattern matching; this feature can be enabled by using - the I flag after the closing delimiter for a - regular expression. - - The behavior of the &man.setenv.3; family of library calls - has been changed from the historic BSD API to the - behavior mandated by POSIX. As a result, several base system - utility that relied on the old API have been updated to track - this change. - - The flag to &man.setfacl.1; now properly - sets the ACL on a symbolic link, not the link target. - - The &man.sh.1; utility now supports a times - built-in command. &merged; - - The &man.snapinfo.8; utility, which shows snapshot locations - on UFS file systems, has been added. &merged; - - The &man.sockstat.1; utility, which shows connected and - listening network sockets, now supports a new - command-line option, which can be used to filter displayed sockets - by protocol name (as listed in &man.protocols.5;). - - The &man.strtonum.3; library function has been implemented - based on OpenBSD's implementation. This is an improved version of - &man.strtoll.3;. &merged; - - The &man.sysctl.8; utility now supports a - flag to suppress a limited set of warnings and errors. - - The &man.tail.1; utility now supports a - flag to suppress header lines when multiple files are - specified. &merged; - - The version of tcpslice in the &os; base system has been - removed due to obsolescence. A more up-to-date version can be - found in the Ports Collection - as net/tcpslice. - - The &man.time.1; utility now prints the time that a given - command has been running if sent a SIGINFO signal. - - The &man.top.1; program now supports a - flag to display process titles from their argument vectors; - this feature is useful for watching processes that change their - titles via &man.setproctitle.3;. - - The &man.top.1; program now supports a - flag to display the &man.jail.8; ID for each process. &merged; - - The &man.touch.1; utility now supports a - flag that allows the access and modification times of a file to be - adjusted by a specified value. &merged; - - The &man.traceroute.8; program now supports - a flag, which causes it to display the - differences between the sent and received - packets. &merged; - - The &man.traceroute.8; utility now supports - a option, which sets a fixed destination - port for probe packets. This can be useful for tracing behind - packet-filtering firewalls. &merged; - - &man.traceroute.8; now decodes the complete set of ICMP - unreachable messages in its output. &merged; - - The &man.truss.1; utility now supports an - flag for the same functionality as the strace utility - (devel/strace). - - The &man.truss.1; utility no longer depends on the availability - of the &man.procfs.5; file system; it uses the &man.ptrace.2; - interface instead for controlling a traced process. - - [&arch.powerpc;] The &man.truss.1; utility now supports &os;/powerpc. - - The usbd(8) utility has been removed. - The &man.devd.8; utility and its configuration - file now support functionality which is equivalent to it. - - The &man.uuidgen.1; utility has been moved from - /usr/bin to /bin. - - The vnconfig(8) utility, which was long ago replaced by - &man.mdconfig.8;, has been removed. - - The wicontrol(8) utility has been removed. Configuration - functions for &man.wi.4; interfaces should be performed using - &man.ifconfig.8;. - - The &man.xargs.1; utility now supports a - flag which makes the command execution when the standard input - does not contain any non-whitespace-characters. &merged; - - The shared library version number of all libraries has - been updated due to some possible ABI changes. The libraries - include: snmp_*, libdialog, libg2c, libobjc, - libreadline, libregex, libstdc++, libkrb5, libalias, libarchive, - libbegemot, libbluetooth, libbsnmp, libbz2, libc_r, libcrypt, - libdevstat, libedit, libexpat, libfetch, libftpio, libgpib, - libipsec, libkiconv, libmagic, libmp, libncp, libncurses, - libnetgraph, libngatm, libopie, libpam, libpthread, libradius, - libsdp, libsmb, libtacplus, libthr, libthread_db, libugidfw, - libusbhid, libutil, libvgl, libwrap, libypclnt, libm, libcrypto, - libssh, and libssl. - - The wcsdup() function has been - implemented. This function is popular in Microsoft and GNU - systems. - - The &man.wlandebug.8; utility has been added to the main - &os; source tree (it previously lived in a tools area). It - provides control over a number of types of debugging output - in the &man.wlan.4; module and related drivers, and can be - useful for debugging wireless issues. - - The &man.wpa.passphrase.8; utility has been added. It - generates a 256-bit pre-shared WPA key from an ASCII - passphrase. &merged; - - The compiler toolchain is now capable of generating - executables for systems using the ARM processor. &merged; + <filename>/etc/rc.d</filename> Scripts - The auditd script for - OpenBSM &man.auditd.8; has been added. &merged; + - The bluetooth script - has been added. This script will be called from - &man.devd.8; in response to device attachment/detachment - events and to stop/start particular device without unplugging - it by hand. The configuration parameters are in - /etc/defaults/bluetooth.device.conf, - and can be overridden by using - /etc/bluetooth/$device.conf - (where $device is ubt0, - btcc0, and so on.) - For more details, see &man.bluetooth.conf.5;. &merged; - - The ftpd script for - stand-alone &man.ftpd.8; has been added. - - The gbde_swap script has - been removed in favor a new encswap - script which also supports &man.geli.8; for swap - encryption. - - The geli and geli2 - scripts has been added for &man.geli.8; device - configuration on boot. - - The ike script for - IPsec IKE daemon has been removed because no such daemon - is included in the base system. - - The hcsecd and - sdpd scripts have been added - for &man.hcsecd.8; and &man.sdpd.8; daemons. - These daemons can run even if no Bluetooth devices - are attached to the system, but both daemons depend on - Bluetooth socket layer and thus disabled by default. - Bluetooth sockets layer must be either loaded - as a module or compiled into kernel before the daemons can run. - &merged; - - The hostapd script for - &man.hostapd.8; has been added. &merged; - - The mdconfig script to - handle vnode backed &man.md.4; devices has been added. - This is a replacement of the ramdisk - script, and all of variables in ramdisk_* - have been changed to mdconfig_*. - Also, two new &man.rc.conf.5; variables - mdconfig_*_files - and - mdconfig_*_cmd - have been added. For example: - - mdconfig_md0="-t malloc -s 10m" -mdconfig_md1="-t vnode -f /var/foo.img" - - The netif script now supports - ipv4_addrs_ifn - variables, - which add one or more IPv4 address from a ranged list in - CIDR notation. &merged; For example: - - ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28" - - The rcconf.sh script in /etc/rc.d - has been removed and a variable early_late_divider, - which designates the script to separate the early and late stages - of the boot process, has been added. - - The rc.initdiskless script now uses &man.tar.1; - instead of &man.pax.1; because &man.pax.1; needs a writable - temporary directory that may not be available when this script - runs. - - The pccard script has been removed - since OLDCARD is deprecated. - - The ppp-user script has been renamed to - ppp. &merged; - - The sendmail script no longer rebuilds - the aliases database if it is missing or older than the aliases - file. If desired, set the new rc.conf option - sendmail_rebuild_aliases to "YES" to restore - that functionality. - - The removable_interfaces variable - has been removed. - - A new keyword NOAUTO in - ifconfig_ifn - has been added. This prevents configuration of an interface - at boot time or via /etc/pccard_ether, - and allows /etc/rc.d/netif - to be used to start and stop an interface - on a purely manual basis. Contributed Software - Intel ACPI-CA - has been updated to 20070320. + - awk has been updated from the 24 - April 2005 release to the 1 May 2007 release. - - BIND has been updated from 9.3.1 - to 9.4.1-p1. - - BSNMPD has been updated from - 1.11 to 1.12. - - BZIP2 has been updated from - 1.0.3 to 1.0.4. - &merged; - - GNU Diffutils has been updated - from 2.7 to 2.8.7. - &merged; - - DRM has - been updated to a snapshot from DRI CVS as of 20060517. - &merged; - - The Forth Inspired Command Language (FICL) - used in the boot loader has been updated to 3.03. - - FILE has been updated from 4.12 - to 4.21. - - The GNU version of gzip has been - replaced with a modified version of gzip ported from NetBSD. - &merged; - - netcat has been updated from the - version in a 4 February 2005 OpenBSD snapshot to the version - included in OpenBSD 4.1. &merged; - - GCC has been updated from 3.4.4 - to 4.2.1. - - GNU Readline library has been - updated from 5.0 to 5.2 patch 2. &merged; - - GNU Troff - has been updated from version 1.19 to version 1.19.2. - &merged; - - IPFilter has been updated from - 4.1.8 to 4.1.23. - - less has been updated from v381 - to v409. &merged; - - libpcap has been updated from - 0.9.1 to 0.9.4. &merged; - - lukemftpd has been updated from a - snapshot from NetBSD as of 9 August 2004 to a snapshot from - NetBSD as of 31 August 2006. &merged; - - OpenSSH has been updated from - 4.2p1 to 4.5p1. &merged; - - OpenSSL has been updated from - 0.9.7e to 0.9.8e. - - ncurses has been updated from - 5.2-20020615 to 5.6-20061217. ncurses now also has wide - character support. &merged; - - hostapd - has been updated from version 0.3.9 to version 0.5.8. - - - PF has been updated from OpenBSD - version 3.7 to OpenBSD version 4.1. - - sendmail has been updated from - 8.13.4 to 8.14.1. &merged; - - tcpdump has been updated from - 3.9.1 to 3.9.4. &merged; - - The timezone database has been updated from the - tzdata2005l release to the - tzdata2007h release. &merged; - - tip has been updated to a - snapshot from OpenBSD as of 20060831. - - TrustedBSD OpenBSM, - version 1.0 alpha 15, an implementation of the documented Sun Basic - Security Module (BSM) Audit API and file format, as well as local - extensions to support the Mac OS X and &os; operating systems - has been added. This also includes command line tools for audit - trail reduction and conversion to text and XML, as well as - documentation of the commands, file format, and APIs. - For this functionality, the AUDIT kernel option, - /var/audit directory, and - audit group have been added. &merged; - - WPA Supplicant - has been updated from version 0.3.9 to version 0.5.8. - - - zlib - has been updated from version 1.2.2 to version 1.2.3. &merged; Ports/Packages Collection Infrastructure - &man.pkg.add.1; now supports an - flag to disable checking whether the same package is already - installed or not. &merged; + - The &man.pkg.add.1; program now supports an - flag, which is the same as the flag - except that the given prefix is also used recursively for the - dependency packages if any. &merged; - - The &man.pkg.add.1; and &man.pkg.create.1; utilities now support - a flag to save packages to the current directory - (or PKGDIR if defined) by default. - &merged; - - The &man.pkg.create.1; program now supports an - flag to support basic regular expressions for package name, - an flag for extended regular - expressions, and a for exact matching. &merged; - - The &man.pkg.version.1; utility now supports an - flag to show the origin recorded on package generation - instead of the package name, and an flag - to list packages with a specific registered origin. - &merged; - - The &man.portsnap.8; utility (sysutils/portsnap) - has been added into the &os; base system. This is a secure, - easy to use, fast, lightweight, and generally good way for - users to keep their ports trees up to date. &merged; - - A incorrect handling of HTTP_PROXY_AUTH - in the &man.portsnap.8; utility has been fixed. &merged; - - The startup scripts from the local_startup - directory now evaluated by using &man.rcorder.8; with scripts - in the base system. &merged; - - The suffix of startup scripts from the Ports Collection - has been removed. This means foo.sh - is renamed to foo, and now - scripts whose name is something like - foo.ORG will also be invoked. - You are recommended to reinstall packages which install - such scripts and remove extra files in the - local_startup directory. &merged; - - New rc.conf variables, - ldconfig_local_dirs and - ldconfig_local32_dirs have been added. - These hold lists of local &man.ldconfig.8; directories. - &merged; - - The @cwd command in - pkg-plist now allows - the case where no directory argument is given. If no - directory argument is given, it will set current - working directory to the first prefix given by the - @cwd command. &merged; Release Engineering and Integration - The default partition sizing algorithm of the - &man.sysinstall.8; utility has been changed. + - - - On systems where the disk capacity is larger than (3 * RAMsize + 10GB), - the default sizes will now be as follows: - - - - - - - - Partition - Size - - - - - swapRAMsize * 2 - /512 MB - /tmp512 MB - /var1024 MB + RAMsize - /usrthe rest (8GB or more) - - - - - - - On systems where the disk capacity is larger than - (RAMsize / 8 + 2 GB), the default sizes will be - in the following ranges, with space allocated - proportionally: - - - - - - - - Partition - Size - - - - - swapfrom RAMsize / 8 to RAMsize * 2 - /from 256MB to 512MB - /tmpfrom 128MB to 512MB - /varfrom 128MB to 1024MB - /usrfrom 1536MB to 8192MB - - - - - - - On systems with even less disk space, the existing behavior is not - changed. - - - - The &man.sysinstall.8; utility now displays the running &os; - version in menu titles. &merged; - - A new showconfig - target has been added in src/Makefile - to show the build configuration of the &os; source tree. - - A /media directory has been - added to contain mount points for removable media - such as CDROMs, floppy disks, USB drives, and so on. &merged; - - The src.conf file, which - contains settings that will apply to every build involving - the &os; source tree, has been added. - For details, see &man.build.7; and &man.src.conf.5;. - - The supported version of - the GNOME desktop environment - (x11/gnome2) has been - updated from 2.10.2 to 2.18.0. As a part of this update, the - default prefix for GNOME (and some - related programs) has moved from - /usr/X11R6 - to /usr/local. &merged; - - The supported version of - the KDE desktop environment - (x11/kde3) has been - updated from 3.4.2 to 3.5.7. &merged; - - [&arch.amd64;, &arch.i386;] The supported Linux emulation now uses the - libraries in the - emulators/linux_base-fc4 - package. &merged; - - The supported version of - the Perl interpreter - (lang/perl5.8) has been updated - from 5.8.7 to 5.8.8. &merged; - - The supported version of - the &xorg; windowing system - (x11/xorg) has been updated - from 6.8.2 to 7.2.0. &merged; - - The default value of X11BASE has been changed - from /usr/X11R6 to /usr/local, - the default value of LOCALBASE. &merged; - - [&arch.pc98;] &os;/pc98 release CDROMs are now - bootable on systems with some supported SCSI adapters. - &merged; Documentation - Documentation of existing functionality has been improved by - the addition of the following manual pages: - &man.acpi.sony.4;, &man.device.get.sysctl.9;, - &man.ext2fs.5;, - &man.mca.8;, - &man.nanobsd.8;, - &man.snd.mss.4;, &man.snd.t4dwave.4;, - &man.sysctl.9;. + - The manual pages for NTP - have been updated to 4.2.0, to match the version of - code actually included in &os;. &merged; - - Initial support for kernel subsystem API documentation generating - framework using devel/doxygen - has been added into src/sys/doc/subsys. - To generate the API document, type make doxygen - in src/ directory.