diff --git a/en/docs.sgml b/en/docs.sgml index 5d9e64752e..2b905563d6 100644 --- a/en/docs.sgml +++ b/en/docs.sgml @@ -1,574 +1,574 @@ + %includes; ]> &header;

A wide variety of documentation is available for FreeBSD, on this web site, on other web sites, and available over the counter.

On this site

All the documentation on this site can be downloaded in a variety of different formats (HTML, Postscript, PDF, and more) and compression schemes (GZip, BZip2, Zip) from the FreeBSD FTP site.

This documentation is provided and maintained by the FreeBSD Documentation Project, and we are always looking for people to contribute new documentation and maintain existing documentation.

Books

The FreeBSD FAQ
Frequently Asked Questions, and answers, covering all aspects of FreeBSD.

The FreeBSD Handbook
A constantly evolving, comprehensive resource for FreeBSD users.

The FreeBSD Developer's Handbook
For people who want to develop software for FreeBSD (and not just people who are developing FreeBSD itself).

Chapter 2 of "The Design and Implementation of the 4.4BSD Operating System"
Donated by Addison-Wesley, provides a design overview of 4.4BSD, from which FreeBSD was originally derived.

Chapter 8 of "The FreeBSD Corporate Networker's Guide"
Donated by Addison-Wesley, provides an in-depth look at using FreeBSD to provide printing services to Windows, NT, and Novell hosts.

The Pedantic PPP Primer
Everything you need to know about configuring PPP on FreeBSD.

The Porter's Handbook
Essential reading if you plan on providing a port of a third party piece of software.

The FreeBSD Documentation Project Primer for New Contributors
Everything you need to know in order to start contributing to the FreeBSD Documentation Project.

Articles

The Committer's Guide
Introductory information for FreeBSD committers.

Console Server Tutorial
How to setup a FreeBSD based console server with a cheap multi-port serial card.

Contributing to FreeBSD
How to contribute to the FreeBSD Project.

The List of FreeBSD Contributors
A list of organizations and individuals who have helped enhance FreeBSD.

Setting up a CVS repository - The FreeBSD way
How to set up a CVS repository that uses the same CVSROOT infrastructure as the FreeBSD project.

CVSup Advanced Points
An article with some tips about the subtleties of CVSup.

Dialup firewalling with FreeBSD
How to set up a firewall using PPP and ipfw over a dialup link with dynamically assigned IP addresses.

Creating a diskless X server
How to create a diskless X server.

The Euro symbol on FreeBSD
How to configure FreeBSD and related applications to display the new Euro symbol.

Filtering Bridges
Configuring firewalls and filtering on FreeBSD hosts acting as bridges rather than routers.

Fonts and FreeBSD
A description of the various font technologies in FreeBSD, and how to use them with different programs.

Formatting media on FreeBSD
How to slice, partition, and format fixed and removable media on FreeBSD.

How to get the best results from the FreeBSD-questions mailing list
Tips and tricks to help you maximize the chances of getting useful information from the -questions mailing list.

Java, and Jakarta Tomcat
Information on setting up Java and Jakarta Tomcat on a FreeBSD system.

FreeBSD on Laptops
Information about running FreeBSD on a laptop.

An MH Primer
An introduction to using the MH mail reader on FreeBSD.

Using FreeBSD with other operating systems
How to install FreeBSD alongside one or more different operating systems on the same computer.

FreeBSD First Steps
For people coming to FreeBSD and Unix for the first time.

Writing FreeBSD Problem Reports
How to best formulate and submit a problem report to the FreeBSD Project.

Programming Tools on FreeBSD
This document has moved into The Developer's Handbook.

PXE booting FreeBSD
How to create an Intel PXE server using FreeBSD, and how to configure a FreeBSD client to boot from a PXE server.

FreeBSD Release Engineering
Describes the approach used by the FreeBSD release engineering team to make production quality releases of the FreeBSD Operating System. It describes the tools available for those interested in producing customized FreeBSD releases for corporate rollouts or commercial productization.

FreeBSD Release Engineering for Third Party Packages
Describes the approach used by the FreeBSD release engineering team to produce a high quality package set suitable for official FreeBSD release media. This document is a work in progress, but eventually it will cover the process used to build a clean package set on the FreeBSD.org "Ports Cluster", how to configure any other set of machines as a ports cluster, how to split up the packages for the release media, and how to verify that a package set is consistent.

Serial and UART devices
Detailed information about the use of serial ports on FreeBSD, including several multi-port serial cards.

FreeBSD and Solid State Devices
The use of solid state disk devices in FreeBSD.

Storage Devices
Detailed information about using storage devices with FreeBSD, including ESDI disks, and SCSI disks, tape drives, and CDROM drives.

Bootstrapping Vinum: A Foundation for Reliable Servers
A gentle introduction to failure-resilient servers and step-by-step instructions for building one with Vinum.

Design elements of the FreeBSD VM system
An easy to follow description of the design of the FreeBSD virtual memory system.

Zip-drives and FreeBSD
How to format, mount, and use an Iomega Zip (SCSI, IDE, or parallel) Drive on FreeBSD.

Mirroring FreeBSD
The all in one guide for mirroring the FreeBSD website, CVSup servers, FTP servers, and more.

Manual pages

FreeBSD
For release: 1.0, 1.1, 1.1.5.1, 2.0, 2.0.5, 2.1.0, 2.1.5, 2.1.6.1, 2.1.7.1, 2.2.1, 2.2.2, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5.1, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 4.5-stable, 5.0-current, Ports.
Other Systems
Unix Seventh Edition (V7), 2.8BSD, 2.9.1BSD, 2.10BSD, 2.11BSD, 4.3BSD Reno, NET/2, 386BSD 0.1, 4.4BSD Lite2, Linux, NetBSD, OpenBSD, Darwin, Plan 9, SunOS 4.x, SunOS 5.x, ULTRIX 4.2, and XFree86.

Other documentation

4.4BSD Documents: This is a hypertext version of the 4.4BSD documents from /usr/share/doc, where you will find the documents on a FreeBSD machine (if you install the doc distribution).

Info Documents: This is a hypertext version of the Info documents from /usr/share/info, where you will find the Info documents on a FreeBSD machine (if you install the info distribution).

On other web sites

Various independent efforts have also produced a great deal of useful information about FreeBSD.

Books

Articles

Links

In the real world...

FreeBSD in the Press

Articles in the press about FreeBSD.

Newsgroups

The following newsgroups contain discussion pertinent to FreeBSD users:

Additional resources

Year 2000 Compatibility

The FreeBSD project's current statement about its Year 2000 compatibility.

BSD Real-Quick (TM) Newsletter

A monthly (sometimes bi-weekly) newsletter announcing recent developments in the FreeBSD arena. Subscribe to freebsd-announce to receive this newsletter via e-mail.

The Source Code

If you like digging your fingers into source code, here is a hypertext version of the FreeBSD kernel source. This is brought to you courtesy of Warren Toomey.

Daemon News

The industry leader in BSD news.

Like FreeBSD itself, this documentation is the product of a volunteer effort. The goals of the project are outlined here, as are the procedures for submitting corrections and new material.

The FreeBSD Diary

The FreeBSD Diary is a collection of how-to entries aimed at UNIX novices. The aim is to provide a set of step-by-step guides to installing and configuring various ports.

The O'Reilly Network BSD Dev Center

The BSD Dev Center includes two regular columns on FreeBSD, featuring tips and tutorials.

&footer; diff --git a/en/events/2002/bsdcon-devsummit.sgml b/en/events/2002/bsdcon-devsummit.sgml index bed9bbdbbf..95f9db002c 100644 --- a/en/events/2002/bsdcon-devsummit.sgml +++ b/en/events/2002/bsdcon-devsummit.sgml @@ -1,1922 +1,1922 @@ - + %includes; %developers; ]> &header;

The second FreeBSD Developer Summit was held on February 15, 2002, at the Cathedral Hills Hotel in San Francisco, CA, immediately following the USENIX 2002 BSD Conference at the same location. The FreeBSD Developer Summit was sponsored by DARPA and NAI Labs, and hosted by NAI Labs. Notes were taken by George Neville-Neil and edited by Robert Watson. Markup by Murray Stokely.

Meeting began at 09:30am, ended at 5:00pm.

Agenda

Attending:

In person:

On The Phone:

Via webcast:

Joe Karthauser is recording the call and is web casting.

The meeting followed a format where each section was led by an individual and then a discussion ensued. Not all of the discussion was caught but I have tried to make those sections understandable.

Opening Remarks - Robert Watson

Welcome to the second FreeBSD Developer Summit at BSDCon 2002. This event is sponsored by:

The sponsors covered the cost of the room, food, telephone access, etc. In addition, Joe Karthauser is providing webcast access, and Yahoo! is providing bandwidth for that using the FreeBSD.org cluster.

This is actually the second FreeBSD Developer Summit -- the first was at the USENIX Annual Technical Conference in Boston last summer.

The goals are to provide the opportunity for insight into on-going work, and to solicit comments, design input, and help on parts of the work.

There are rules of engagement. Presenters should attempt to remember to check for questions on the phone, respect people asking questions, keep moving, and if told to stop, stop, as well as provide notes on the presentations later. Others should do the same, especially with regards to stopping when asked to stop.

(Tentative schedule reviewed)

People will be on their own for lunch.

Let's go around the room, please give your name, and say something about what you do or why you're here.

Inheritance Added to KOBJ - Justin Gibbs

Inheritance models have been put into newbus to reduce code duplication. This was done because he was trying to get cardbus to work. Code did not adhere with the spec. There were conflicts with copying from PCI. Cardbus is just an extension to PCI.

If you look at the current cardbus under BSD it's just all of PCI with symbols renamed. Newbus is an OO type framework was and was half way there. KOBJ and Newbus work today with a table of methods. To invoke a method an indirection is done to a lookup. This makes it so that the invoker doest not need to know where the invoked method is.

The extension that was added is that instead of a single table it's a list of interfaces. Every interface can inherit from a parent. In cardbus there is a list. One method is the device interface for probe/attach. Then there is an interface for the bus. The third is a sys parsing interface that can be shared with pccardd.

Inside this the interfaces inherit from PCI and then he overrides a few methods.

The amount of code to support cardbus drops from 1000s of lines to a few hundred.

The system is implemented through the indirection already in newbus. When a class is registered the way you declare it is a list of interfaces. Each interface can declare a parent. The compiler walks the list to find the correct function. This allows you to call your superclass.

The only thing that gets a little ugly is that some of the ways you specify your class or invoke a superclass. You can generate a macro wrapper but you have to know which interface is yours.

Another upshot is that the way most drivers are implemented today if they need a generic method they have to explicitly put that into their method table. If they don't need it then they don't. With the inheritance model you just create a null interface.

Diffs on his web site.

Whole method tables collapse to one or two entries.

Open issues:

His question is what release should this go into and how do we manage the transition if we decide to do this?

How do we design the versioning? Run time? Link time? In the multipathing case is an array of dev_t sufficient?

Discussion

Anon : I hesitate to throw this out. The way you do version verification in Solaris is that an init gets called which passes a version to the api to check it. Another thing you get from init.

In the solaris case there is a single number. How do I automate that versioning check with more interfaces?

Paul : I don't think we should over engineer the problem. We only bump per release in libraries.

Justin : When you bump the version is one part of it.

Julian : Do you want more than one version at once?

Justin : Assuming we use name munging you could have.

Gnn : Have you looked at COM?

Warner : I have a few comments. There are several problems in one here. I like the multiple inheritance. The versioning seems orthogonal. The multipath is orthogonal. We should break this apart.

Justin : I have 14K lines of diffs just to make multiple-inheritance work on my laptop.

Julian : The other drivers will still work.

Justin : No they will not, they'll die early in init. I could turn those into fatal errors.

PoulHK : If the change is so significant then the first thing we want to do is versioning.

Justin : Its almost as if you want a version of newbus.

PoulHK : A change of this scale is not very easy to get all right. Particular because we can't change all drivers.

Justin : The only saving grace is that the transition can be mechanical.

PoulHK : Why not a compatability layer while doing conversion?

Justin : Sure and then you could use Perl to change the whole tree. I hesitate because in 90% of my own changes led to code reduction and we should do that.

PoulHK : I think we'll have the human eyes.

David O : How long to get your basic framework working?

Justin : Right now my stuff is done, the rest of the tree is a man/week. I'd like to get versioning done now.

Mark M : Does that include the script?

Justin : No manually.

Julian : The problem is the requirement where you can't break things. Perhaps we should have official breakage. For instance for a week.

Nick : If you're going to do that then lay down a tag before the breakage.

PoulHK : Development model discussion. Lets limit this discussion.

Robert : Lets assume the discussion of how it gets into the tree is not relevant. Do you want the versioning before then?

PoulHK : Two questions we should figure out first. 1) Any objections?

Warner : One last point. It seems like we're spending a lot of effort re-inventing the object wheel. We should just shoot KOBJ and consider using a subset of C++ to do this. Then we can leverage the language.

Justin : One problem is that C++ does not allow this easily. If you do eC++ then there is multiple-inheritance.

Warner : I mean C++ with no exceptions but not eC++.

Justin : Then people say they want exceptions.

Julian : I wouldn't mind having our own pre-processors.

Robert : Let's move on.

Nectar : COM does work its in Mozilla we can use this kind of technology. We don't need C++ to do those things.

Justin : One last thing is the problem in this inheritance model is how you deal with IVARS. The problem is that those name spaces are not unique. What I'm thinking of doing is passing the interface object along. This gives you a further

Brian : C++ won't help us solve versioning. Although COM would solve some of these problems it should not be in the fast path.

Robert : Lets not go there.

Warner : The other issue is the softc issue. Only one can own it.

Justin : You can use ivars for that.

Warner : There are issues with bridges.

Justin : You use a method to get to your ivars which hang off of the softc.

PoulHK : Half of us have no idea because we have no docs.

Robert : Lets go to the phone.

Robert : No technical questions on the phone.

New Architectures

PowerPC - Benno Rice

Has now commited the page map code with something more sane. Has also got the system to the point where it tries to mount root. Turning on invariants blows it up. Hoping to get to single user in a month or so on the simulator. With some luck we may get to multi-user by 5.0. Needs some more help. Possibly on real hardware. That's about it.

Discussion:

Robert : This relates to release engineering later.

David : Is everything in CVS?

Benno : Not everything yet, but things have to be cleaned up. Some time in the next week after the invariants problem is fixed.

PoulHK : What hardware?

Benno : Right now on pSim which is in ports. Once that's working the first hardware will be new world apple hardware. Some old world apple hardware and then a Motorola board.

Justin : What are the prospects for using this in embedded?

Benno : Depends on whether you've got open firmware or not.

David : Targetting embedded is very difficult. Pick a reference platform then move on. Wind River has 20+ boards etc.

Benno : What I'm hoping to do is to make this as easy as possible.

David : Given a reference platform its easier to build from there.

Benno : The other note that I will make is that I'm only targeting PowerPC similar to 700.

Warner : I was going to comment that NetBSD has done well with little tiny ports to different boards.

Justin : How different are these?

Gnn : Very different.

Anon : Have you had any help from Apple or hardware vendors?

Benno : I have a bit of help from them. In terms of hardware support I've had none except for the Motorola board.

IA64 - David O'Brien

Kind of hosed now due to toolchain issues. It will take significant effort to bootstrap this. It may take a month to get to multi-user.

When Peter arrives later, he may have more to add.

x86-64 - David O'Brien

We have a toolchain that works and is mostly in the tree. There is a simulator issue. I need a new simulator from AMD but they're not responsive. Hardware not available yet but we're not in a rush.

Questions

Justin : During the NetBSD there was some talk about PAE coming for free. Is that true and will it affect us?

David : Peter is already adding this stuff.

Justin : Peter is looking at the stuff that was presented here.

Warner : Isn't part of this meaning that ethernet drivers have to use DMA.

Justin : It's not as bad as it looks because all the devices don't need bounce buffers.

Sparc64 - Jake Burk Burkholder

Basic status is we boot multi-user on real hardware. Looking at targeting Ultra 2, 5, 10 and Blade 100. Something for 5.0 but it may be a very manual install procedure. Toolchain is native but we haven't tested it much. It is a hosted tool chain. Runs on Sparc64, generates Sparc64 binaries, but it's not the full usual thing. gcc3.1 and binutils 2.12

Discussion

Anon : What is the bootstrapping?

Jake : TFTP.

Robert : Bootloader?

Jake : We can mount Solaris disks.

Robert : How likely that all of world will be self hosting by 5.0?

Jake : Right now we're having problems with Perl.

David : There is polishing to be done but even if you're not a hacker it's fine.

Jake : Still finding endianness problems.

Terry : If someone wanted to use that for 32 bit how tough would it be?

Jake : You'd need to rewrite the kernel.

Terry : Do you document that?

Jake : It's mostly pmap.

Anon : SBUS support?

Jake : Ultra 2 has sbus support.

Benno : Have you got the gem ethernet driver working?

Jake : Yes.

Robert : Any questions on the phone?

StrongArm

Robert : We did have a slot for ARM related ports.

David : On StrongARM we can get to copyright messages etc. This is a bunch of code off to the side. What path do we want to take on this? Wait until it works? Check it in now?

Justin : Who has been working on this?

David : Someone in Canada.

Robert : Is the person who's doing this work willing to go all the way to maintain it etc.

David : The basic idea is the iPAQ. The idea is more of a reference port.

Warner : MIPS port is unchanged. Some people have this and are just deciding whether to contribute it. Chicken and an egg problem.

Justin : Interesting embedded platform.

David : If it's on a DECStation then it's not embedded.

Warner : This is on current MIPS technology for a router company.

Toolchain - David O'Brien

Questions:

John : What are the plans 5.0?

David : Interest is in new ports. For instance C++ will lag. Like you say we need gcc3.1 and binutils. Will commit to get kernel and interesting parts of user land working. Very soon there will be something that those who want to play with it can download. It's debatable who will clean this up for new hardware.

Robert : We'll discuss the release engineering later. There is a notion of supported vs. non-supported and toolchains will have to follow.

Julian : There are some thread fixes that went in. Patches to gdb?

David : I'm trying to get them out of someone. If I get a patch I'll put it in. I need paperwork from the FSF to commit it.

Julian : I'm going to need help to beat up gdb for KSE.

David : Talk to John, DFR and yourself on this.

Nick : How much change goes in to gcc for a FreeBSD release?

David : The issue is the dual a.out/elf stuff, that's the problem.

Architectural Issues (General Discussions)

PoulHK : I have 3 issues. One is - endianess in the on disk file system. Do we want to be able to move + endianess in the on disk filesystem. Do we want to be able to move a disk from Sparc64 to x86. I also need to collect the various disk label formats. What do we do about "you broke world on foobar architecture" issue?

Warner : I'll address the last question first. We need to build up a set of machines or build up cross building.

David : I don't know if anyone set up an environment.

Warner : NetBSD has done some things to deal with this.

Robert : Supported release? The same thing can be done in the cross platform build. If a particular arch is going to be supported then we must have a build cluster.

Benno : On the subject of PPC I'd be willing to offer them.

Nik C : The NetBSD folks are talking about having a tinderbox environment. We might talk to them about sharing.

PoulHK : On the subject of tinderbox. About 2 years ago I set up a machine to test this kind of thing but got a lot of negative feedback. If we want to do a tinderbox like system it will require buy in by the committers.

Nik C : I think the Mozilla team do it more with a web page status.

David : The gcc group does a tinderbox and it knows who did the commit.

Action item : This could be farmed out to sysadmins who want to contribute.

Justin : From my standpoint, if I could cross build the Sparc64 that would help.

Robert : If we're going to commit to having multiple platforms we need to solve this.

Nik C : There are also issues of regression testing.

David : I don't know what could be done with it.

PoulHK : This is a purely organizational question. What does it take to do this. Do we discuss this on developer?

Greg : I really do think we should try to find a way to be endian clean.

PoulHK : We're not going to take suggestions. There will be a UFS2 and it will be 64bit. As part of that we're still not sure if we will have to fork the UFS tree. One of the things I was considering doing was at a slight performance hit doing big or little endianness on any disk. Is that the way to do it?

Alfred : NetBSD has this and it's fast.

Justin : I would think of it terms of having two modules, one for each endian.

Benno : It would be nice to be able to do this when bringing up new big endian systems.

PoulHK : The performance is an issue but not as big as the code intrusion. Should we do it as two - separate file systems or should we put this functionality directly + separate filesystems or should we put this functionality directly into UFS2?

Matt : Two comments on the FS stuff. One just from the point of view of fixing bugs, I would prefer a single copy. You could also do this via a conversion program.

PoulHK : It's not just a question about sticking in macros. Soft updates makes this much more complex.

Jake : On big endian machines I just use NFS.

Greg : Conversion does not make any sense.

Justin : The other thing I want to say is that you can just have two modules.

Robert : Before we go too much further we should look at NetBSD.

PoulHK : Is there interest?

Gnn : Removable media is reason enough to do it.

Warner : When I've talked to NetBSD about this they consider it a feature they don't want to give up.

Robert : Any questions on the phone for architectures.

None.

GEOM - Poul-Henning Kamp

This changes the semantics of how we handle disks. There also may be a slight performance hit.

The way it works is that there are methods that do transformation on the data on the disk. Simple translations move data, complex transformations include encryption.

A method exposes one or more logical providers. It exposes an interface where you can read/write a given size.

Other methods connect to the providers (consumers). All providers have a dev method which allows it to show up in devfs. There is a locking mechanism so you don't get parallel write problems.

The system is autoconfiguring.

The locking method. When you open a device somewhere there are three counters associated with it, read, write, and exclusive. Exclusive bit prevents anyone else from opening it for write.

The intent is that the modules that recognize the on disk format will be endianness aware. We hope that types will be explicit. I need support from people to collect information on disk label formats.

Some current drivers do RAID etc. but I'd like to get that out of the drivers, again this requires information about the on disk format. This would allow us to come up single user with a mirrored root.

I'd like input on :

I/O Statistics (What to collect?)

Greg : Read/Writes/Data transfered etc. A way of finding the % busy time of each device.

PoulHK : With tagged queuing that is kind of useless.

Anon : The dev stack does keep track of how long a device has been busy (transaction outstanding).

PoulHK : One of the things there is an explicit cloning of the struct bio. So you have one for each edge in the graph. One of the things I want to be able to do is put - in a transparent node. This allows the moving of file systems.

+ in a transparent node. This allows the moving of filesystems.

Anon : You have to have per transaction storage for this to work.

Justin : You want to have something to make it so that softupdates does not need to do the sleep/nice trick.

Matt : The real problem with fsck is that when you're skipping around the disk the 3ms seek can hurt other things.

Justin : You were saying that if I open ad0s1 read only then ad0 inherits that.

PoulHK : It depends on where you are in the tree etc.

Nick C : From the work you've done so far, do you have performance numbers?

PoulHK : No, because I'm in the simulator. It does cost copying two struct bios.

Alfred : To modify the on disk disk label when its mounted read only can you modify it?

PoulHK : The BSD module decides that. You cannot go down to the raw disk and do that.

Alfred : What if I want to expand - the root file system?

+ the root filesystem?

PoulHK : Making a partition larger while its open is fine, making it smaller will be problematic.

Alfred : I think this locking is a bad idea.

PoulHK : The only thing that's going to be magic is having the root partition in single user. I'm not going make an escape hatch for this.

Robert : Are there any other issues?

Justin : What is the name space?

PoulHK : The control will be sysctl. I want to remove the ioctls from these. I haven't really decided on the name space. I want to make sure that /dev does not change.

Julian : Have you considered using the earlier discussed methods and inheritance so that this all works together?

PoulHK : I discounted them for performance reasons. I discounted newbus because it has a one way tree. The one thing we're having a lot of problems now is something going away. That does not work today.

Julian : How do you handle the case when the device rips out at the bottom when you've got a downwards going command?

PoulHK : There's two things to it. A struct bio traveling down will either be in the consumer or the provider and that's where the lock is. Modules can also be shut off safely.

Alfred : Couldn't you just provide a generic callback?

PoulHK : I can do that because they're all sitting in the module. I need to negotiate with the device driver writers about that.

Nik C : Is this an implementation based on new research work or wholly new?

PoulHK : I've read what I could find but most current systems have a fixed hierarchy.

Robert : Will this give us a chance to retrofit the system with 64 bits?

PoulHK : struct bio will have 64 bit numbers.

Network Stack - Luigi Rizzo

Recent work has been on performance. Removal of unnecessary copies. Using clusters etc. There is the polling code but it's only on a few devices. Need to add support for more devices.

Do people like polling?

PoulHK : I worry about interactions with the rest of the system. We should probably spend some time looking at that.

Luigi : The next thing to do is add mixed mode operation.

Jonathan has something to say about how network interrupts are dispatched.

Some minor fixes to the stack. FIFO buffers on UDP

I have a version of PGM (reliable multicast). I plan to commit to current and stable if people ask.

The ICSI folks have changes to multicast API which will help with IGMPv3.

Some of this code I do for myself. How do we do kernel patches?

Questions

Alfred : There's two things. With 256byte MBUFS and clusters for DMA people are seeing really bad utilization of memory for networking packets. Certain application servers with small packets have problems.

Luigi : I've talked to Peter Wemm about this stuff.

Julian : First, I have some times worried about the flexibility of polling regarding different networking types. For instance the number of packets on Gigabit vs. PPP. I'm worried about the extremes.

Luigi : This will become completely irrelevant when I implement mixed mode.

Julian : Second is to do with the TCP stack trying to remove copies. Have you got any intention of evaluating the recent SACK implementation?

Luigi : That broke standard TCP.

Alfred : Actually SACK is out of style now. One other thing on performance is that the drivers do a mget/mclget at once.

Julian : Third question is the ability to add meta data to packets using m_aux?

Luigi : My major concern is that a generic system is very slow because of scanning for data.

Robert : I think that that's worth doing. Julian will you own that?

Julian : Yes.

Anon : Impact of polling scheme on SMP?

Luigi : They don't compile together. Right now I only have one polling loop. With a giant lock around the stack what's the point?

PoulHK : To what extent do we want to use the netgraph code? How do we deal with the multiple ATM stacks.

Warner : Lets lose the ones that don't work.

PoulHK : None of them work now.

Greg : Just losing them could get us into a bounce. Maybe we should try to encourage using it.

PoulHK : Is ATM interesting to FreeBSD at all?

Gnn : ATM is necessary for DSL

Justin : What about DAFS? That uses ATM.

Julian : Since our end user community does not use 5.0 that's part of the problem.

PoulHK : It's a perfectly valid point. Who's going to fix it?

Anon : The ATM list is somewhat active.

PoulHK : There are two stacks one that is used by the Japanese and one that does a bunch of weird stuff that no one uses.

Robert : Action item is to query the atm list to see what's up with this.

Action Item : Query the ATM list about which stack they want/use.

Julian : We want to be careful about ripping it out if people are using it with DSL cards.

Warner : One of the weaknesses in the current network stack is dealing with removable devices.

Peter : You have to eject a button on M$. Laughter.

Robert : Part of the problem is the ifnet pointers from mbufs etc. We do need a long term solution. If you ifconfig down that doesn't fix it.

Luigi : You could try to keep the ifnet structure alive. Dummynet can scan all the mbufs whenever you delete a pipe. It's expensive but you could do it on eject.

Alfred : The drivers have to be more robust.

Julian : I actually did some work on adding reference counts to all consumers of ifnet structures. It reference counted everything but it didn't cause a performance issue.

Luigi : This becomes an issue only at higher speeds.

Robert : We may want to defer this to SMPng.

Gnn : You could have a two level hierarchy of device drivers.

Terry : Virtual interfaces.

PoulHK : This ties into another issue about how we look at our interfaces. No one notices when I unplug my device.

Peter Wemm : The problem isn't deleting the routes its adding more routing messages.

Nick S : Also includes dhclient.

Gnn : Need new routing messages.

Paul Richards : Wants activities brought up to userland for devd.

Anon : At BEOS we had the user list all the potential interfaces.

Robert : I think we still need a routing socket event.

All : Discuss on mailing list.

Jonathan L : If we're talking about doing this with cables this works with MII but it's only in kevent and not in routing sockets.

Matt : Having a carrier loss flag an existing route is the right answer.

PoulHK : Re raise netgraph issue. What is the future of netgraph in the tree right now. We have very few users now.

Julian : What parts are not done?

PoulHK : Configuration etc.

Alfred : Netgraph is extremely useful. It needs to be documented and a bit more bolted down.

Julian : It is bolted down. For 5.0 only one API changed. There's plenty of documentation.

Peter W : Originally when it first came up it was not meant for high speed.

Julian : I was being cautious. We could switch over all of PPP to use it etc.

Nick S : I'd like to see the mpd netgraph configuration files become more /usr/sbin/ppp.

Julian : Brian has been toying with having ppp take over mpd.

Gnn : Can we use netgraph for SMP?

Peter W : I'm a refugee from a streams based system. It's scary. Be a little bit careful.

Terry : I think it would be very hard to for example take the Rice work and make it work in the context of netgraph where you're processing interrupts to completion. The advantage of going to completion.

Luigi : I think I'm doing the same thing .

Jonathan L : I have code that does that. I've replaced all the queuing calls with a single call.

Robert : Bring this to an end.

LUNCH

TrustedBSD - Robert Watson

DARPA funding has accelerated work.

Goal is to introduce security features for new consumers.

Most basic component is ACL work (fine grained ACLs). We needed extended attributes, so those are in too. Currently low performance and low reliability. Userland still needs new utilities.

The more interesting work is in the Mandatory Access Control. Goal is to enforce new restrictions in the kernel. Multi-level security uses this.

Part of the work is to port SE Linux stuff to BSD.

This stuff interacts with other subsystems including the network.

Mandatory policies. Discretionary rights are you protecting your own data. This is very hard to manage. MAC addresses this by defining policies for users in the system. Where you have many users on the same machine. There are a couple of traditional systems that are in military systems and trusted systems.

MLS is a confidentiality policy. Who can read/write things based on clearance. Doing things based on the "need to know."

BIBA integrity system is the other. Secure levels are somewhat like this but are not comprehensive.

Type Enforcement. Flexible MAC based on administrator rules.

You can plug different models into the framework.

MAC requires pervasive enforcement. Current system can restrict access to interfaces. Can mark packets for security. Can control sockets.

What the framework does is provide a single framework to plug these into.

The framework provides APIs. You put these throughout the code. They are ifdef'd. If you don't compile with "options mac" you don't get this.

What happens with the framework a module can declare at boot time or you can do an LKM on it.

Right now these API calls are in a perforce branch. They are pervasive. They don't touch every part of the system, only the parts that NAI use.

There isn't a generic label structure. To add new labels you must recompile the kernel. Real key is to keep the costs low.

We don't allow for garbage collection on labels. Binary block that gets carried around.

This is not really integrated into userland.

Reduced the number of total security checks in the kernel by unifying on this i/f.

PoulHK : Does this flexibility include removing the existing checks?

Robert : No. You can only extend checks.

Directions are flexibility , add more hooks in to the MAC for the kernel, integrate other work like LOMAC. Need to teach userland something.

Alfred : Are you moving to per operation?

Robert : Right now we only do at open() time. We want to do read/write and send/recv.

Robert : Once we have read and write we'll be able to revoke access.

We'd like to commit this before 5.0. It's available in PerForce. PerForce now exports through cvsup.

We have not done any micro-benchmarks. Once we know then we can make a decision to leave it on or not.

Alfred : What about active mode tripwire like system?

Robert : You can do a number of things like that with the current framework.

PoulHK : One of the other things I would like to do is a best effort MD5 on files. This would make tripwire and mtree checks faster.

Robert : The problem with that is you don't get the data during these operations.

Right now the struct mbuf is extended but it would be nice to have a better system.

Alfred : m_aux

Robert : sounds expensive because of the list stuff

Terry : You said something about the NSA linux code. Independent? Licensing?

Robert : Interesting issue. All TrustedBSD work is under BSD license. The NSA stuff will not be under a BSD license but will be a module.

Terry : By compiled do you mean a loaded module? Binaries?

Robert : Not binary, you could imagine a package.

Anon : My understanding was that any project done by the gov't was PD. But that doesn't seem to be OK.

Robert : I can't say. Part of our contract was to release as open source.

Alfred : About compatability. How compatible are we with others?

Robert : We've tried to follow the specs.

Alfred : Perhaps support NFS extended attribute stuff?

Robert : Right now everyone does RPCs for ACLs and they're incompatible. Not in Posix 1e. We tried to work with others but some are not tracking (Linux).

Capabilities - Brian Feldman

Largely complete and stable. Unknown performance hit.

KSE - Julian Elischer

Very quick status report. It's an attempt to produce support for high quality threading within the kernel. Threading is outside the kernel, the support is inside. Taking advantage of work by Anderson (Scheduler Activations). NetBSD is sticking closer to the paper. We're doing a variant based on discussions with a lot of people. The basic concept is the same.

The threading comes with the ability to make async syscalls. Any syscall you do from the point of the view of the thread looks like its stopped but this does not stop the whole process. A new thread is produced on the fly. We've extended this to produce multiple upcall points, 1 per CPU. This is so you can run multiple upcalls on different CPUs. The upcalls occur to different stack contexts.

Status Report

There are a set of patches available on Julian's website. Gets us as far as pthread. Kernel supported, single CPU, threads. All syscalls are async, but only on one CPU at a time.

This was shown in the WIP.

Up next is to do multi-processor.

Next stage is to make it complete or even safe. What I've got works but I've broken ptrace so we can't debug processes. What I have checked in are a number of changes that were part of this change. This reduces the amount of diffs vs. the patch. It's not a terribly huge diff at the moment.

Next is to get gdb working again.

The next change would be to make the changes for multiple CPUs.

Need a more complete version of the API. Just have thread creation and thread kill right now.

I'm expecting that I'll have the current stuff checked in within the month. Depends on issues with gdb. I'm hoping June or July for the full multi-processor version.

I hope to check in soon so that user land folks can work with it.

Questions

Julian : Does anyone think this is a bad idea?

Greg : We never finished our discussion on Tuesday. 3 layers is too many.

Julian : There are 4 layers but 2 are basically null.

John : We talked about this, it is the right thing.

PoulHK : Sounds like a blue print paper.

Alfred : What do you plan on implementing in the upcall?

Julian : It's not an explicit call to allocate and deallocate threads. You do a call which says "I'm going to go into this mode" and when something blocks come back to me as an Nth or an N+1.

Alfred : OK.

Peter W : It works just like fork except instead of retuning just once in the parent/child it returns over and over again.

Matt : What I would like you to do is to provide us how much this simplifies the user land thread library.

Julian : Just to get basic threads on normal code (reads, writes, anything that could block) there is a set of code (~5000 lines of C) that has to keep track of this. The entire user land thread scheduler is 10 lines.

Peter W : The user level thread scheduler only works for networking but dies on disk stuff.

Robert : You get disk I/O parallelism.

Alfred : I'd like to still be able to use user land threading for networking.

Julian : There is no point in not using. All we're allocating for you is a stack.

Matt : There is a partitioning here. In I/O reading there is a problem, but in writing there is not. Only 1% of writes now block. If you're reading 1000s of sockets there is an issue.

Robert : KSEs are very general. Doing the basic stuff is the right answer.

Julian : My theory is in fact that we'll keep the current code and provide a new library. I don't want to be responsible for the entire threading system.

Matt : We can always change the default.

Julian : Just as an aside. As part of this work I had to rearrange the way in which threads are done. We now have a pool of free threads. It turns out that I now have a cache of threads. Thread reapers go in wait() (called by exit()).

Nick S : Corner case. Simple app that you register KSE callback thing and then it makes a call into a blocking syscall and blocks.

Julian : That thread is blocked.

Nick S : What happens when there is nothing to do?

Julian : It calls yield() and gets discarded. There is a mailbox between that could be used to tell the kernel "never call me" when the process knows that its blocked.

Greg : What are the performance implications?

Julian : None.

Peter W : For disk performance it will be great.

Julian : For a non-threaded process on a non-KSE kernel I can't see any difference.

Robert : Questions on the phone?

Phone : At what level does user land thread scheduler operate?

Julian : It's a library that you link with.

Phone : What about other languages?

Julian : You need to write the library. It's all very short.

Warner : Does this mean it breaks the one application that we have that's not written in C?

Peter W: cvsup will work.

SMPng - John Baldwin

I actually attempted to set up a BOF on this at the conference. The biggest topic of discussion was "how much do we expect of have done by 5.0?" A very conservative viewpoint is:

Overhaul process cred stuff.

Finish ktrace to work in an async kthread

Networking stack because its part of the target market and is a big net gain.

Much of the discussion centered around sockets.

Another suggestion was to trace down VOP read and write path and push down giant into that.

The last thing would be to make the kernel fully preemptable.

Greg : Where is the architectural overview?

John : I'm working on that.

Greg : What about light weight interrupts?

John : No real need.

Greg : I think we're going to fail unless we have a good theoretical base.

David : You've told us 3 things you've wanted for 5.0. These are micro-goals. What is the big picture?

John : The direction is a "fine grained locked kernel".

PoulHK : I'm sure we can come up with an architectural paper. Very little of 4BSD ever made it in either. I don't believe that can we make a full map.

Greg : I think we can.

PoulHK : We're talking about redoing sections of code.

John : What key milestones?

Greg : Light weight threads.

Peter/John : Already done.

Justin : Having been at the SMPng meeting the general consensus was to come up with a framework. LWT is an optimization. Maybe only to 2 CPUs at 5.0

David : What is it that you've accomplished from a high level?

John : Almost all the work is infrastructure. When BSD/OS did SMP they added mutexes and are using lock manager locks.

Bosko : LWI for x86 we just switch contexts it has a very minimal impact. The code is available

We don't generate code on the fly.

John : Current Status cont. We've taken more time to get it right. We've added common things like semaphores, reader writer locks. I've been making the kernel fully pre-emptible. I've commited half of this to current now. The ktrace is another infrastructural issue so its feasible.

David : Then general framework will be done by 5.0. Second to test the infrastructure you've been locking the proc structure. For 5.0 we're still not talking about super strong, fine grained SMP.

John : That's why we want to do the network stuff.

PoulHK : Geom and devfs can do this now. We don't need to wait. We have various pieces of code in the tree that can be taken out from under giant.

Matt : Just an example of what we'll probably be able to do fairly soon are the fsops in the file. For things like pipes, /dev/null/, /dev/zero. The i/o paths we have to concentrate on the most are read/write for vfsops. If we can't fine grain the others in 5.0 oh well.

Anon : What specifically are you planning in terms of performance gains before the release? Do we have any more firm of a schedule?

John : 2nd question (schedule) is for later discussion. 1st is "no more than 5% loss." I want to run some real benchmarks.

Warner : What benchmark are you going to use?

Luigi : What if we totally miss the numbers?

John : We'll have to revisit the whole release.

Peter : Turning spls into mutexs doesn't help us.

John : spls as mutexes still don't get us out from giant.

PoulHK : I need documentation.

Anon : I will be happy to help you with words.

Warner : I signed up to do locking for newbus.

Paul Richards : I'll help on documentation. We still need a roadmap.

Robert : The one thing on the must lock list is the network.

PoulHK : We can just put one lock around the network.

Nick S : On a uniprocessor the locks are just null right?

John : Yes on spin locks.

Nick S : Nevermind.

Luigi : Do we care about performance on uniprocessors on 5.0?

John : One thing that SMPng may help buy is that if you have two network interfaces then you can handle more stuff.

Luigi : Do we care or not about uniprocessor on 5.0.

John : Yes

Julian : In the uniprocessor case KSE degrades down to forkeed processors.

Peter W : Need a graph of the locking the subsystems.

Break

5.0 Release Engineering - Murray Stokely

There are a number changes to the team. Murray, Robert, John, Bruce Mah. Change review committee. Documented the process.

We think its pretty important to take a more active role. Want to do developer previews (polished snapshot). April 1 will be preview 1. Goals are:

Got a bit of a feature list for 5.0 final. SMPng is broken down into several sections. UFS2. KSE. PAM overhaul. TrustedBSD etc.

I'd like some feedback on this.

Discussion

Warner : Are we doing to try to have the developer release 2 done so we can hand out CDs at Usenix?

John : That might be pushing it.

Anon : Can we push Usenix back a bit? (Laughter)

David : Feature freeze is a code slush. Will I as a committer see a freeze?

Murray : You will not have to worry about bug fixes but you must act rationally.

Paul R : Do we really need multiple release branches?

Robert : Good to have around.

Alfred : Could we reach a consensus on what sort of debugging will be in 5.0?

Robert : We want to get this to early access people.

Murray : This is an opt in thing anyway.

Alfred : We need a list of the debug options etc.

Warner : The cardbus will ship with debugging turned on but its tunable.

PoulHK : We need to know if we're going to turn off the a/j options on malloc3().

Doug : I don't know how tied you are to the release schedule. If you want to spend all of October polishing. If we go backwards from October we can do Release 1 on May 15. April 1st is too soon and puts you in weird catagories relative to Usenix.

Murray : The way we have it set up now... (Graphic)

	April 1 (DP 1)
 
 	June 9-14 (Usenix)
 
 	June 25 (DP2)
 
 	October 1st is Feature Freeze
 
 	October 20th is Code Freeze
 
 	Nov 20th 5.0 Release
 
 ALTERNATE
 
 	May 15 DP 1
 
 	July DP 2

Murray : The number of people running current is too small.

Paul Richards : Not much point in doing DP 1 if DP2 is totally different.

Murray : But that means that other non SMP stuff is still not in.

David : People are talking about what they're planning for 5.0 Perhaps you might to poll the people who have balls in the air. Is there anything that April 1 is going to give us?

Murray : Wide spread testing.

Alfred : I think the sooner the better.

Justin : Why do we think that just because we put together a shrink wrap that people will use it?

Murray : Because its a discipline on all of us to get this stuff in there. If we're moving towards a goal we need to do that.

Justin : This is not about the final release but about what is in the tree today. Therefore the first preview is not an interesting release.

Murray : Its concrete steps towards 5.0 release.

Justin : I don't know that it's necessary.

Doug : We're going to have people generating bug reports against things that are spurious problem reports.

Warner : Cardbus vs. PCI interrupt routing is an example of this.

Justin : I guess the way I look at this is that we force productization is to force the date. Why is it that on a daily basis that things suck so bad?

David : Why does it suck so bad?

Justin : Because people don't get shat on for breaking things.

Robert : Why does it suck?

Justin : I put it on my server and its slow. Instead of fixing PCI interrupts.

PoulHK : I'd like to point out that we have substantial historical experience with all .0 releases. It is indisputable that a snapshot CDROM makes people run it. Getting something out there is crucial to the testing of CURRENT. If we simply call this current snapshot that will be best. Set your date and roll your CD.

Gnn : These are different issues.

Justin : The people that used to complain about it but don't anymore.

Alfred : We have 4 more platforms, it's more difficult now.

Murray : We have build machines etc.

Justin : When I first joined people were in it because they had to do stuff incorrectly because they had to do things on time. If we're going to engineer a real product then yeah, it's difficult but that's the reason why this is a cool project. So just giving up and saying it is hard is BS.

Gnn : Process, process, process...

Julian : Breaking the build is not as bad as breaking the kernel. What's harder is committing a subsystem that affects another subsystem. In terms of the process I'd like to see a best practices document. On how people develop patches etc. A list of things you should do etc.

David : You can do that from freefall.

Julian : As soon as I find out its broken I'll fix it.

David : I have posted them many times.

Justin : One other thing I would suggest is that instead of becoming active only during release you should be doing this full time. If people start putting stuff in the tree today that's not going in to 5.0 then slap their hands. Make a window so that people...

Peter : The Mozilla tackled the build problems with tinderbox. This will solve a lot of problems.

	while (1)
 	{
 	      build
 	      if (break)
 		 send mail to those who committed most recently
 	      else
 	         clear list of recent committers
 	}

Nick S : The suggestion that tangential features should be barred until after 5.0 bugs me.

Justin : It should not be your arbitrary decision. It should be whatever body is empowered to make that decision.

Robert : We're using the Usenix to November window.

Paul Richards : This is a volunteer project. In our volunteer time we wanted to what we couldn't do in our normal jobs. Volunteers will do things by rules.

PoulHK : This project was started by people for fun. Every time you use the word enforce you get fun--. It is much better to inspire than to enforce. You should not let people get away with things. I hate to say this but some times you need to slap fingers. Many times people will thank you for it. We see it again that people go off and need to be brought back.

Robert : We have 10 minutes left. Let's wrap up.

Paul Richards : Can we take Justin's proposal?

Peter : Going from chaos to clamp down. This can push a code fork.

Doug : One is that in regards to PoulHK said in addition to the potential cost of disciplining a committer you have to measure the cost against the others who want that person gone. How many more people could we attract if that stress wasn't present.

Justin : You either have a good manager or a bad manager. Good managers trust you. Are the people in the release engineering team going to be good managers?

Peter : The MFC process seems to work nicely but going further may not be the best idea.

Robert : Do you think the schedule is going too far?

Julian : Usenix may not be such a large audience to worry about. People there are technical enough. On how many snapshots we have. I've been wondering whether we should have 5.0 on the disc but 5.0 and the cvs tree and cvsup so people can easily upgrade. Bootstrap CDs.

Murray : Any issues with the name?

PoulHK : Why not snapshot?

Warner : I think the dates look good but I would pick a different.

Concluding Remarks - Robert Watson

Robert : Should we do another of these at Usenix?

All : Yes.

John : 2 days?

Robert : What could we do better?

Sundry : parking validation, connectivity, projector, catered lunch, ...

PoulHK : I would like to propose we make a formal hour every month to talk about on irc?

&footer; diff --git a/en/features.sgml b/en/features.sgml index 0311fc0a16..9faa705e6b 100644 --- a/en/features.sgml +++ b/en/features.sgml @@ -1,101 +1,101 @@ + %includes; ]> &header;

FreeBSD offers many advanced features.

No matter what the application, you want your system's resources performing at their full potential. FreeBSD's advanced features enable you to do just that.

A complete operating system based on 4.4BSD.

FreeBSD's distinguished roots derive from the latest BSD software releases from the Computer Systems Research Group at the University of California, Berkeley. The book The Design and Implementation of 4.4BSD Operating System, written by the 4.4BSD system architects, thus describes much of FreeBSD's core functionality in detail.

Drawing on the skills and experience of a diverse and world-wide group of volunteer developers, the FreeBSD Project has worked to extend the feature set of the 4.4BSD operating system in many ways, striving constantly to make each new release of the OS more stable, faster and containing new functionality driven by user requests.

FreeBSD provides higher performance, greater compatibility with other operating systems and less system administration.

FreeBSD's developers attacked some of the more difficult problems in operating systems design to give you these advanced features:

Work in-progress includes support for fine-grained SMP locking in kernel, allowing higher performance on multi-processor machines, support for Scheduler Activations, allowing parallelism in threaded - programs, file system snapshots, fsck-free booting, network + programs, filesystem snapshots, fsck-free booting, network optimizations such as zero-copy sockets and event-driven socket IO, ACPI support, and advanced security features such as Mandatory Access Control.

&footer; diff --git a/en/news/press-rel-5.sgml b/en/news/press-rel-5.sgml index 359d72b6d6..7fe3b20805 100644 --- a/en/news/press-rel-5.sgml +++ b/en/news/press-rel-5.sgml @@ -1,135 +1,135 @@ - + %includes; %newsincludes; ]> &header;

New FreeBSD Core Team Elected

BSD Conference, Monterey, CA, October 18, 2000 The FreeBSD Project announced today the election of a new Core Team, the project's management board. This marks the first occasion on which the team has been selected by means of an election among the project's developers. Joining the Core team as new members are Greg Lehey, Warner Losh, Mike Smith, and Robert Watson. Re-elected members are Satoshi Asami, David Greenman, Jordan Hubbard, Doug Rabson, and Peter Wemm.

FreeBSD Project co-founder and continuing Core Team member Jordan Hubbard expressed excitement over the results, "For the first time since the FreeBSD project was formed, open elections have determined the composition of its core team and set an important precedent whereby any developer can now become part of the project's leadership." The new core team also well-represents FreeBSD's diverse and highly skilled group of international developers, with -expertise ranging from RAID file system and device-driver development +expertise ranging from RAID filesystem and device-driver development to extensive security backgrounds.

New Core Team members were elected from and by the FreeBSD committers team, the formal development staff of the FreeBSD project. Committers have direct access to the FreeBSD source repository, and perform the majority of software development associated with the project. Until this point, the Core Team was a self-selected board providing architectural and administrative direction.

This summer, the committers voted to move to a democratic model allowing the project to adapt to the changing development requirements of the open source operating system community. However, with over half of the prior Core Team re-elected from the old team, strong continuity exists.

Departing Core Team member Poul-Henning Kamp said, "I'm very proud of what we have done together in the Core Team over the last 8 years. The new Core, and the fact that they are elected by the committers, means that the project will be much more responsive to change in the future."

The changing of the guard in project leadership comes amid good feelings, Kamp indicated: all past Core members will continue on with the project with increased emphasis on development, "Now I get to spend more time on the FreeBSD source code instead of on project management."

Elected Core Team Members

Satoshi Asami is a co-founder and CTO of DecorMagic, Inc., and manages the FreeBSD Ports Collection.

David Greenman is a co-founder of the FreeBSD Project and is currently President of TeraSolutions, Inc., a company that manufactures Internet servers and RAID storage systems.

Jordan Hubbard is a co-founder of the FreeBSD Project as well as its public relations officer and release engineer. He is also Vice President for Open Source Solutions at BSDi.

Greg Lehey is an Open Source Researcher with Linuxcare; he has spent most of his professional career in Germany, where he worked for computer manufacturers such as Univac, Tandem, and Siemens-Nixdorf. He is the author of the Vinum volume management and RAID software for FreeBSD, has been involved in the FreeBSD SMPng project, and is the author of Porting Unix Software and The Complete FreeBSD.

Warner Losh has been porting NetBSD's pccard code to FreeBSD and has been FreeBSD Security Officer for the past two years.

Doug Rabson is a co-founder of Qube Software Ltd., which specializes in 3D graphics technology. His work on FreeBSD includes the alpha and ia64 ports, and he was the main architect for FreeBSD's device driver framework.

Mike Smith is Principal Engineer in BSDi's Open Source Solutions group and has been active in the FreeBSD developer community as a developer resource, OEM liaison, sometime architect and device driver author.

Robert Watson is a research scientist at NAI Labs, working on network and operating system security research. His contributions to the FreeBSD Project include work on trusted operating system extensions (TrustedBSD), security architecture, and work on the security-officer team.

Peter Wemm has been involved with FreeBSD since the early days of the ISP Industry in Australia and has since relocated to the US to work as a Software Engineer for Yahoo!, Inc. His involvement in FreeBSD includes management of the FreeBSD source code repository and kernel development.

About FreeBSD

FreeBSD is a liberally-licensed open source operating system with its origins in BSD Net/2 and 4.4 Lite, the Berkeley Software Distributions developed at the University of California at Berkeley until 1994. It is developed and maintained by a global organization of paid and volunteer contributors. FreeBSD is distinguished by its high -performance networking and file system support, and is widely used +performance networking and filesystem support, and is widely used among Internet service providers, including industry-recognized companies such as Yahoo!, above.net, and Verio. FreeBSD is also frequently used as a platform for embedded networking devices, including products from IBM, Inktomi, Juniper Networks, and Network Alchemy - a Nokia Company.

More information may be found at http://www.FreeBSD.org/.

Press Contact

Jordan Hubbard
The FreeBSD Project
925-682-7859
jkh@FreeBSD.org

# # #

BSD is a registered trademark of Berkeley Software Design, Inc. Other trademarks are property of their respective owners. BSD technologies were originally developed by the University of California, Berkeley and its contributors.

&footer; diff --git a/en/news/status/report-2001-07.xml b/en/news/status/report-2001-07.xml index 41a9ece812..229ed9c162 100644 --- a/en/news/status/report-2001-07.xml +++ b/en/news/status/report-2001-07.xml @@ -1,1201 +1,1201 @@ July 2001 - $FreeBSD: www/en/news/status/report-july-2001.xml,v 1.3 2001/09/18 12:22:07 chris Exp $ + $FreeBSD: www/en/news/status/report-july-2001.xml,v 1.4 2001/09/18 17:48:22 chris Exp $
Introduction

Last month's status report was apparently a great success: I received countless e-mails with comments, questions, and suggestions. I've tried to incorporate any suggestions and address any problems from these e-mails in this month's report, which captures a far more extensive snapshot of FreeBSD activity in the last month. Unlike last month's report, it does a better job of reflecting non-development activity, such as on-going conference planning, documentation, and so on. This is a trend I hope to see improve in future months as well.

On the topic of conferences, in the future I'd like to report more on publication activities relating to FreeBSD, including online journals with articles relating to FreeBSD, paper journals, conference papers, and so on. Likewise, I would be interested in including references to Call for Papers relating to FreeBSD. I'll take this opportunity to plug both registration and paper submission for BSDCon Europe in November, which has status included in this report, and for the general BSD Conference being hosted by USENIX in February. Your attendance and submissions make these conferences "happen", and promote FreeBSD as a platform for new research, feature development, and application products. Work of extremely high calibre is performed on FreeBSD, and we need to get the word out.

Submission for Future Editions

Next month, we're maintaining much the same submission requirements: reports should be one or two paragraphs long, sent by e-mail, and approximate the layout of the entries this month (Project, Contact, URL, and text). I'll send out reminders again over the week before the deadline, with more specific instructions. An area where I'd like to explore improvement lies in the coordination of related status reports for larger projects, such as new architectural work or platform ports. This might even have the effect of encouraging communication within these projects :-). I'd like to continue to focus on pulling in a broader range of groups and their activities, including the Security Officer, Release Engineer, and Core Team.

-- Robert Watson < rwatson@FreeBSD.org >

ACPI Mike Smith msmith@FreeBSD.org

ACPI (Advanced Configuration and Power Interface) is an industry standard which obsoletes APM, Intel MPS, PnPBIOS, and other Intel PC firmware interface standards. It is also used on the IA64 platform. More information on ACPI is available at

http://developer.intel.com/technology/iapc/acpi

The FreeBSD ACPI subsystem project is based heavily on the Intel ACPI Component Architecture. This status report outlines the current state of the project; future updates will focus on changes as they occur.

The Intel ACPI interpreter is fully integrated, although bugs are still coming out of the woodwork occasionally.

Work is ongoing in the following areas:

 ARM Port Stephane Potvin septovin@videotron.ca

The ARM port is currently going pretty well. The kernel is compiling and is able to boot to the point where it panics trying to initialize the network subsystem. The current reference platform is the Netwinder but this may change as many people expressed interest in a more broadly available platform. Things that need to be done before it can get further includes adding footbridge, timer and interrupt supports. The pmap module is not completed yet either.

 BIND 9 Doug Barton dougb@FreeBSD.org Jeroen Ruigrok asmodai@freebsd.org

Now that BIND 8.2.4 is finally imported the time has come to look at getting BIND 9 imported into CURRENT. The current idea is to have it imported alongside BIND 8 so that people can play with either one until all import problems have been taken care of and people have tested it a bit.

 binup Eric Melville eric@FreeBSD.org

Although gaining a new name, the project has been at a standstill due to both resource availability during the move between BSDi and Wind River, and other commitments of the developers. The project should obtain an official mailing list, as well as return to an active state after the dust settles.

 BSDCon Europe Paul Richards paul@freebsd-services.co.uk Josef Karthauser joe@tao.org.uk

The conference will take place at the Thistle Hotel, Brighton, UK from 9-11 November 2001.

The aim of the conference is to provide a focal point for European users and developers of all the BSD derived operating systems. The format will be similar to other conferences, with 2 days of technical sessions over the Saturday and Sunday.

We'll be finalising the schedule towards the end of the month and anybody who is interested in doing a talk should contact us asap. There are no restrictions on the use of talks, if it's been done before we may still be interested in having it presented to an European audience, and we make no claims to the talks so speakers are free to present the talks again at other conferences.

We're also still looking for sponsors.

We had 80 pre-registrations in the first week so we're expecting a good turnout.

 CAM Matthew Jacob mjacob@FreeBSD.org Justin Gibbs gibbs@FreeBSD.org

The new CAM transport code is starting to get supported in more HBAs and to get refined so that it does the intended per-protocol support. No progress on doing any SMPNG work for CAM has been made yet. This is a fairly high priority.

 Problem Reports Poul-Henning Kamp phk@FreeBSD.org

Thanks to various outstanding individual efforts, we are now down to just below 2300 open bug-reports. This means that we have fought our way back to the level we had around march 2000.

 Documentation Project Documentation Project doc@FreeBSD.org

Work continues (in large part sponsored by WRS) on updating the Handbook ready for the second print edition. There has been a flurry of activity in this area recently, and the ToDo list can be seen at

http://www.freebsd.org/docproj/handbook.html

Dima and others are doing a stellar job of keeping up with the steady flow of incoming PRs relating to the documentation project.

The Developers' Handbook,

http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/index.html

is a year old; it contains a wealth of useful content for developers developing on, or for, FreeBSD. As ever, more contributions are always required, not only for the developers' handbook, but for all of the FreeBSD documentation set.

 Fibre Channel Support Matthew Jacob mjacob@feral.com

The basic design hasn't changed and this project mainly is in the phase of continued hardening and test case development. The next major feature will be to fully integrate into the new CAM TRAN code and to fully support on the fly device addition and removal. The only HBA supported is QLogic at this time. Future support for the QLogic line is planned to have 2300 (2Gb) and IP support before October.

 Hardware Watchpoints in the Kernel Debugger Brian Dean bsd@FreeBSD.org

Hardware watchpoints are now available for kernel debugging on the IA32 (i386) architecture. One can now set hardware watchpoints using the new ddb command 'hwatch', which is analogous to the existing 'watch' command. Alternatively, if greater flexibility is required, direct access to the debug registers is available using the ddb 'set' command which allows complete control over the processor hardware debug facilities. Hardware watchpoints are very useful in tracking down those elusive memory overwrite bugs in the kernel. Hardware watchpoints can even be used to set a code breakpoint in ROM, which is commonly found in embedded systems.

 ifconfig support for IEEE 802.11 wireless devices Brooks Davis brooks@FreeBSD.org

Support for configuring IEEE 802.11 wireless devices via ifconfig has been committed to -current and -stable. It contains most of the functionality needed to configure an wireless device. Some missing features are being worked on including integrated support for DHCP so a single entry in /etc/rc.conf can be used to fully configure a wireless device on a DHCP lan and setting the CTS/RTS threshold. Currently the an(4) and wi(4) drivers are supported in -current and -stable with the awi(4) device supported in -current. Further work is needed to support Frequency Hopping devices such as ray(4).

 jailNG Robert Watson rwatson@FreeBSD.org

jailNG is a from-scratch rewrite of the popular jail(8) service, focussing on improved management functions, as well as more fine-grained configurability. An initial prototype has been written, based on explicitly named and configured jails, and work is proceeding on userland integration. Currently, it's not clear if the timeline for this will be 5.0-RELEASE, or 5.1-RELEASE.

 FreeBSD Java Project Greg Lewis glewis@eyesbeyond.com

The main development in the FreeBSD Java Project over the last month was the release of an initial "Developers Only" patchset for the JDK 1.3.1. Since that release progress had been made towards a much more useable alpha quality patchset which is likely to be turned into a port, as per the current JDK 1.2.2 patchset. This new patchset will feature a number of bugfixes, which essentially get the JDK to a working state for early adopters, and an initial implementation of "native threads" based on FreeBSD's userland pthreads. Unfortunately this implementation isn't fully functional, but is included in the hope of more getting more eyesballs on the code (particularly experience pthread programmers). We'd also like to welcome Fuyuhiko Maruyama-san as a new committer, the usual punishment for too many good patches.

 jpman project Japanese Man Page Project man-jp@jp.FreeBSD.org

We have been working to provide Japanese version of FreeBSD online manuals, since 1996. Currently, RELENG_4 manuals are based. Translated versions are placed on doc/ja_JP.eucJP/man and provided to users using ports/japanese/man-doc. Also, we discuss about related commands (e.g. ports/japanese/man and ports/japanese/groff).

 Kernel Summit - Usenix 2001 John Baldwin jhb@FreeBSD.org

The first FreeBSD kernel summit meeting was held June 29-30, 2001 in Boston, MA at the Usenix 2001 Annual Technical Conference. Links to a variety of files are posted on the web site.

Note: I (jhb) am still working on writing up a general summary of the meeting. When that is completed it will be posted here and mailed to the -hackers mailing list.

 KSE threading the kernel Julian Elischer julian@elischer.org

I'm working on multithreading the kernel. So far I have over 400KB of diffs relative to todays -current (I'm keeping my tree updated with changes as they occur rather than get hit with a big updte at the end).

I have split the proc structure and am changing most of the kernel to pass around a thread identifier instead of a proc structure.

The following interfaces have been changed so far:

I have still a lot of work to go with a lot of "dumb editing" (s/struct proc \*p/struct thread \*td/) usually I change a few items and then fix everything that breaks when I try compile it. I'd like to check it in on a branch so others can help the editing but haven't worked out the best way to do it yet.

I have implemented changes to the scheduler so that kse's are scheduled instead of processes, and threads sleep, letting the kse pick up a new thread. but it's not anywhere ready yet (heck it doesn't compile yet :-)

Note that I have not yet updated the document listed above.. everywhere it mentions "ksec" or "KSE-context", the code uses the word "thread". I will update it soon as Jason has sent me the source.

 FreeBSD Monthly Development Status Reports Robert Watson rwatson@FreeBSD.org> Chris Costello chris@FreeBSD.org

The FreeBSD Monthly Development Status Report aims to keep users and developers up-to-date on the latest goings-on in the FreeBSD project by providing summaries of each project and its status. At the time of this writing, the July 2001 status report is being prepared and is very near release. The FreeBSD Web site now has a Status Reports section, which, when the July 2001 report is released, will be updated to include a link to an HTML-ified version.

 NetBSD rc.d port Doug Barton dougb@FreeBSD.org Sheldon Hearn sheldonh@FreeBSD.org

The NetBSD rc.d port aims to improve the FreeBSD startup process by porting Luke Mewburn's rc.d work from NetBSD to FreeBSD. This will score FreeBSD startup and shutdown dependencies without losing the traditional and much loved - monolothic configuration file system.

+ monolothic configuration filesystem.

Luke Mewburn's USENIX paper and slides on the system as implemented in NetBSD are available here:

http://groups.yahoo.com/group/FreeBSD-rc/message/3

Interested parties are urged to study this material before joining the discussion list.

The intention at this stage is to decide on an approach that will ensure that the differences between the NetBSD rc.d system and the system as ported to FreeBSD will be kept to a minimum. This will probably involve discussions with Luke around those areas of the system that are identified as areas for potential improvement.

 Netgraph ATM Hartmut Brandt brandt@fokus.gmd.de

The goal of this project is the implementation of ATM signalling and other ATM protocols by means of the netgraph(4) framework. This should provide an easily extendable architecture for using ATM on FreeBSD. Currently the full UNI4.0 stack (except for the LIJ capability) has been implemented, including ILMI and a first version of the ATM Forum API for UNI. An implementation of Classical IP over ATM is also available. Drivers have been implemented for the Fore PCA200E and Fore HE-155 cards.

 network device cloning Brooks Davis brooks@FreeBSD.org

Network device cloning support has been imported from NetBSD. This allows virtual devices to be allocated on demand rather then being staticly allocated at compile time. Our implementation differs slightly from that of NetBSD's in that we allow both the creation of specific devices (i.e. gif0) and arbitrary devices instead of just allowing specific devices. Currently, the only device in the tree which has been converted is the gif(4) device which has been converted in both -current and -stable. Work is ongoing to convert all other virtual network devices with work in progress on faith, stf, and vlan interfaces. In general this conversion is accompanied by appropriate modifications to make these devices fully modular.

 Next Generation POSIX threads (NGPT) Arun Sharma arun@sharma.dhs.org

Porting NGPT (next generation pthreads) to FreeBSD

NGPT is an effort led by IBM engineers to implement MxN threads (also known as many user threads to one kernel thread mapping) on Linux. I have ported it to FreeBSD to use rfork(2).

The port is right here:

http://www.freebsd.org/cgi/query-pr.cgi?pr=29239

OLDCARD upgrade to support PCI cards Warner Losh imp@village.org

Funded by: Monzoon Networking, LLC

This month has been a month of conventration and consolidation. Much of the changes from current have been migrating into stable. I've improved power support, suspend/resume interactions, interrupt handling, and ability to work after windows/NEWCARD has run. Interrupt routing continues to be a locking issue for a complete MFC. Current patches are available at the above website. I'm racing to get this done before 4.4 is released.

 Open Runtime Platform (ORP) Arun Sharma arun@sharmas.dhs.org eGroups: ORP orp@egroups.com

Information on Intel ORP - a BSD licensed Java VM is right here:

http://www.intel.com/research/mrl/orp/

A FreeBSD patch has been tested to work with NGPT and submitted to the ORP project. The patch is available here:

http://www.sharma-home.net/~adsharma/projects/orp/orp-freebsd-1.0.5.patch.txt.gz

There are some issues to be ironed out to make it work with FreeBSD's default (user level) pthread implementation.

 OpenPackages

OpenPackages intends to create a software packaging system that will allow third-party programs to be installed, without operating system dependent changes, on as many platforms as are feasible. OpenPackages was originally based on code from the BSD ports systems, and has been improved and extended by developers of many heritages.

The OpenPackages Project is pleased to release the Milestone 2 codebase. This release contains a working package building system and a single test package. OP currently is known to build on certain instances of the following operating systems: FreeBSD, HP/UX, IRIX, Linux (Debian, Red Hat, Suse, Mandrake, TurboLinux, Caldera, etc.), NetBSD, OpenBSD, Solaris

 PAM Mark R V Murray mark@grondar.za

(First report)

Large cleanup and extension of FreeBSD PAM modules. All modules are to be documented, consistant in style (style(9) used) and as complete as possible WRT functionality. Mostly done.

 PowerPC Port Benno Rice benno@FreeBSD.org

We now have the rudiments of device support. We have a nexus driver for OpenFirmware machines, along with support for the Apple UniNorth PCI/AGP host bridge. I'm currently trying to get the USB hardware working so that I can get closer to having a console driver independant of OpenFirmware, then I'll be trying to get the system to get to single-user mode using NFS.

 PPP IPv6 Support Brian Somers brian@freebsd-services.com

Work has begun, but nothing has yet been committed. The NCP addresses used by ppp have been abstracted and initial support has been added to the filter set for ipv6 addresses. NCP negotiation hasn't yet been started.

 Porting ppp to hurd & linux Brian Somers brian@Awfulhak.org

Patches have been submitted to get ppp working under HURD, and mostly under Linux. There are GPL copyright problems that need to be addressed.

 pppoed Brian Somers brian@freebsd-services.com

Making pppoed function in a production environment. Most of the work is complete and committed. Additional work includes adding a -l option where ``-l label'' is shorthand for ``-e exec ppp -direct label'' and discovering why rogue child processes are being left around.

 PRFW - Hooks within the FreeBSD kernel Evan Sarmiento ems@open-root.org

PRFW is a set of hooks which I have integrated into the FreeBSD kernel. This allows modules to easily intercept system calls with less overhead. It also supports per-pid restrictions, which means, one process may not be able to use X function in Y manner, but another process may.

Progress: I was working on this in 4.3-RELEASE, but now I'm merging it into current. I will be submitting a patch to the mailing lists in about a week.

 SCSI Tape Support Matthew Jacob mjacob@feral.com

This driver is currently not working well under -current and is undergoing some work at this time. No major design or feature changes are planned. There was some notion of adding TapeAlert support, but HP supports that as a binary product via a user library and it was felt that it'd be more politically prudent to leave it alone.

 SMPng Peter Wemm peter@FreeBSD.org John Baldwin jhb@FreeBSD.org

Development

In the 'smpng' p4 branch there is code to make the ast() function loop to close the race when an AST is triggered while we are handling previously triggered AST's.

In the 'jhb_preemption' p4 branch work is being done to make the kernel fully preemptive. It is reportedly stable on UP x86, but SMP x86 locks up, UP alpha has problems during shutdown and can recurse indefinitely until it exhausts its stack.

Management

We are using a perforce repository for live development work, which can track multiple seperate long-lived works-in-progress and collaborate between multiple developers at the same time on the same change set.

FreeBSD-current is being imported into p4 hourly, for easy tracking of the moving -current tree.

I haven't written up a good primer yet, but we're able to open this up to the general developer community. NEWCARD work looks like it will be done here too. Perforce is ideal for tracking this sort of long-lived project without having to resort to passing patches around.

KSE work is now being checked into a kse p4 branch - thanks Julian!

KSE work is focusing on getting the main API changes into the base tree well before 5.0.

 SMPng mbuf allocator Bosko Milekic bmilekic@FreeBSD.org

mb_alloc is a specialized allocator for mbufs and mbuf clusters. It offers various important advantages over the old mbuf allocator, particularily for MP machines. Additionally, it is designed with the possibility of important future enchancements in mind.

The mb_alloc code has been committed to -CURRENT a month ago and appears to be holding up well. Prior to committing it, preliminary performance measurements were done merely to ensure that it is not significantly worse than the old allocator, even with Giant still in place. Results were promising [http://people.freebsd.org/~bmilekic/code/mb_alloc/results.html] - also see jlemon's results (link at the bottom of accompanying text). Since the commit, Matt Jacob has provided useful feedback and bugfixes. Work is now being done to re-enable mbtypes statistics and make appropriate changes to netstat(1) and systat(1).

 sparc64 port Jake Burkholder jake@freebsd.org

The sparc64 port has been committed to the FreeBSD repository. As such further development will occur in cvs, rather than as a separately maintained patch set. Significant progress has been made since the last status report, including; support for kernel debugging with ddb, much more complete pmap support, support for context switching and process creation, and filling out of important machine dependent data structures. Thomas Moestl has shown a strong interest in working on the port and is in the process of implementing support for saving and restoring a process's floating point context. I look forward to working with him and any other developers that happen to fall out of the wood works.

 FreeBSD/sparc64 kernel loader Robert Drehmel robert@ferrari.de

The sparc64 loader is functional enough to boot an ELF binary from an UFS filesystem using the existent openfirmware library, which has been revised to work flawlessly on 32-bit and 64-bit architectures. Support for netbooting and modules will be implemented next, followed by a better openfirmware mapping strategy.

 SYN cache implemetation for FreeBSD Jonathan Lemon jlemon@freebsd.org

This project brings a SYN cache implementation to FreeBSD, in order to make it more robust to DoS attacks. A SYN cookie approach was considered, but ultimately rejected becuase it does not conform to the TCP protocol. The SYN cache will work with T/TCP, IPV6 and IPSEC, and the size of each cache element is currently is less than 1/5th the size of a normal TCP control block.

 TrustedBSD Project Robert Watson rwatson@FreeBSD.org

It's been a busy month, with a number of relevant news items. Not least important is that NAI Labs was awarded a $1.2M contract from the US Defense Advanced Research Projects Agency (DARPA) to work on a variety of components relevant to the TrustedBSD Project, including support for pluggable security models, and supporting features such as improving the extended attributes - implementation, simple crypto support for swap and file systems, + implementation, simple crypto support for swap and filesystems, documentation, and much more.

On the features side, progress continues on Mandatory Access Control, object labeling, and improving the consistency of kernel access control mechanisms--in particular, with regard to inter-process authorization and credential management. Work has begun on porting LOMAC, NAI Labs' Low-Watermark Mandatory Access Control scheme, from Linux to FreeBSD, and it has been re-licensed under a BSD license. We hope to have an initial port complete in time for 5.0-RELEASE later this year.

 diff --git a/en/news/status/report-july-2001.xml b/en/news/status/report-july-2001.xml index 41a9ece812..229ed9c162 100644 --- a/en/news/status/report-july-2001.xml +++ b/en/news/status/report-july-2001.xml @@ -1,1201 +1,1201 @@ July 2001 - $FreeBSD: www/en/news/status/report-july-2001.xml,v 1.3 2001/09/18 12:22:07 chris Exp $ + $FreeBSD: www/en/news/status/report-july-2001.xml,v 1.4 2001/09/18 17:48:22 chris Exp $
Introduction

Last month's status report was apparently a great success: I received countless e-mails with comments, questions, and suggestions. I've tried to incorporate any suggestions and address any problems from these e-mails in this month's report, which captures a far more extensive snapshot of FreeBSD activity in the last month. Unlike last month's report, it does a better job of reflecting non-development activity, such as on-going conference planning, documentation, and so on. This is a trend I hope to see improve in future months as well.

On the topic of conferences, in the future I'd like to report more on publication activities relating to FreeBSD, including online journals with articles relating to FreeBSD, paper journals, conference papers, and so on. Likewise, I would be interested in including references to Call for Papers relating to FreeBSD. I'll take this opportunity to plug both registration and paper submission for BSDCon Europe in November, which has status included in this report, and for the general BSD Conference being hosted by USENIX in February. Your attendance and submissions make these conferences "happen", and promote FreeBSD as a platform for new research, feature development, and application products. Work of extremely high calibre is performed on FreeBSD, and we need to get the word out.

Submission for Future Editions

Next month, we're maintaining much the same submission requirements: reports should be one or two paragraphs long, sent by e-mail, and approximate the layout of the entries this month (Project, Contact, URL, and text). I'll send out reminders again over the week before the deadline, with more specific instructions. An area where I'd like to explore improvement lies in the coordination of related status reports for larger projects, such as new architectural work or platform ports. This might even have the effect of encouraging communication within these projects :-). I'd like to continue to focus on pulling in a broader range of groups and their activities, including the Security Officer, Release Engineer, and Core Team.

-- Robert Watson < rwatson@FreeBSD.org >

ACPI Mike Smith msmith@FreeBSD.org

ACPI (Advanced Configuration and Power Interface) is an industry standard which obsoletes APM, Intel MPS, PnPBIOS, and other Intel PC firmware interface standards. It is also used on the IA64 platform. More information on ACPI is available at

http://developer.intel.com/technology/iapc/acpi

The FreeBSD ACPI subsystem project is based heavily on the Intel ACPI Component Architecture. This status report outlines the current state of the project; future updates will focus on changes as they occur.

The Intel ACPI interpreter is fully integrated, although bugs are still coming out of the woodwork occasionally.

Work is ongoing in the following areas:

 ARM Port Stephane Potvin septovin@videotron.ca

The ARM port is currently going pretty well. The kernel is compiling and is able to boot to the point where it panics trying to initialize the network subsystem. The current reference platform is the Netwinder but this may change as many people expressed interest in a more broadly available platform. Things that need to be done before it can get further includes adding footbridge, timer and interrupt supports. The pmap module is not completed yet either.

 BIND 9 Doug Barton dougb@FreeBSD.org Jeroen Ruigrok asmodai@freebsd.org

Now that BIND 8.2.4 is finally imported the time has come to look at getting BIND 9 imported into CURRENT. The current idea is to have it imported alongside BIND 8 so that people can play with either one until all import problems have been taken care of and people have tested it a bit.

 binup Eric Melville eric@FreeBSD.org

Although gaining a new name, the project has been at a standstill due to both resource availability during the move between BSDi and Wind River, and other commitments of the developers. The project should obtain an official mailing list, as well as return to an active state after the dust settles.

 BSDCon Europe Paul Richards paul@freebsd-services.co.uk Josef Karthauser joe@tao.org.uk

The conference will take place at the Thistle Hotel, Brighton, UK from 9-11 November 2001.

The aim of the conference is to provide a focal point for European users and developers of all the BSD derived operating systems. The format will be similar to other conferences, with 2 days of technical sessions over the Saturday and Sunday.

We'll be finalising the schedule towards the end of the month and anybody who is interested in doing a talk should contact us asap. There are no restrictions on the use of talks, if it's been done before we may still be interested in having it presented to an European audience, and we make no claims to the talks so speakers are free to present the talks again at other conferences.

We're also still looking for sponsors.

We had 80 pre-registrations in the first week so we're expecting a good turnout.

 CAM Matthew Jacob mjacob@FreeBSD.org Justin Gibbs gibbs@FreeBSD.org

The new CAM transport code is starting to get supported in more HBAs and to get refined so that it does the intended per-protocol support. No progress on doing any SMPNG work for CAM has been made yet. This is a fairly high priority.

 Problem Reports Poul-Henning Kamp phk@FreeBSD.org

Thanks to various outstanding individual efforts, we are now down to just below 2300 open bug-reports. This means that we have fought our way back to the level we had around march 2000.

 Documentation Project Documentation Project doc@FreeBSD.org

Work continues (in large part sponsored by WRS) on updating the Handbook ready for the second print edition. There has been a flurry of activity in this area recently, and the ToDo list can be seen at

http://www.freebsd.org/docproj/handbook.html

Dima and others are doing a stellar job of keeping up with the steady flow of incoming PRs relating to the documentation project.

The Developers' Handbook,

http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/index.html

is a year old; it contains a wealth of useful content for developers developing on, or for, FreeBSD. As ever, more contributions are always required, not only for the developers' handbook, but for all of the FreeBSD documentation set.

 Fibre Channel Support Matthew Jacob mjacob@feral.com

The basic design hasn't changed and this project mainly is in the phase of continued hardening and test case development. The next major feature will be to fully integrate into the new CAM TRAN code and to fully support on the fly device addition and removal. The only HBA supported is QLogic at this time. Future support for the QLogic line is planned to have 2300 (2Gb) and IP support before October.

 Hardware Watchpoints in the Kernel Debugger Brian Dean bsd@FreeBSD.org

Hardware watchpoints are now available for kernel debugging on the IA32 (i386) architecture. One can now set hardware watchpoints using the new ddb command 'hwatch', which is analogous to the existing 'watch' command. Alternatively, if greater flexibility is required, direct access to the debug registers is available using the ddb 'set' command which allows complete control over the processor hardware debug facilities. Hardware watchpoints are very useful in tracking down those elusive memory overwrite bugs in the kernel. Hardware watchpoints can even be used to set a code breakpoint in ROM, which is commonly found in embedded systems.

 ifconfig support for IEEE 802.11 wireless devices Brooks Davis brooks@FreeBSD.org

Support for configuring IEEE 802.11 wireless devices via ifconfig has been committed to -current and -stable. It contains most of the functionality needed to configure an wireless device. Some missing features are being worked on including integrated support for DHCP so a single entry in /etc/rc.conf can be used to fully configure a wireless device on a DHCP lan and setting the CTS/RTS threshold. Currently the an(4) and wi(4) drivers are supported in -current and -stable with the awi(4) device supported in -current. Further work is needed to support Frequency Hopping devices such as ray(4).

 jailNG Robert Watson rwatson@FreeBSD.org

jailNG is a from-scratch rewrite of the popular jail(8) service, focussing on improved management functions, as well as more fine-grained configurability. An initial prototype has been written, based on explicitly named and configured jails, and work is proceeding on userland integration. Currently, it's not clear if the timeline for this will be 5.0-RELEASE, or 5.1-RELEASE.

 FreeBSD Java Project Greg Lewis glewis@eyesbeyond.com

The main development in the FreeBSD Java Project over the last month was the release of an initial "Developers Only" patchset for the JDK 1.3.1. Since that release progress had been made towards a much more useable alpha quality patchset which is likely to be turned into a port, as per the current JDK 1.2.2 patchset. This new patchset will feature a number of bugfixes, which essentially get the JDK to a working state for early adopters, and an initial implementation of "native threads" based on FreeBSD's userland pthreads. Unfortunately this implementation isn't fully functional, but is included in the hope of more getting more eyesballs on the code (particularly experience pthread programmers). We'd also like to welcome Fuyuhiko Maruyama-san as a new committer, the usual punishment for too many good patches.

 jpman project Japanese Man Page Project man-jp@jp.FreeBSD.org

We have been working to provide Japanese version of FreeBSD online manuals, since 1996. Currently, RELENG_4 manuals are based. Translated versions are placed on doc/ja_JP.eucJP/man and provided to users using ports/japanese/man-doc. Also, we discuss about related commands (e.g. ports/japanese/man and ports/japanese/groff).

 Kernel Summit - Usenix 2001 John Baldwin jhb@FreeBSD.org

The first FreeBSD kernel summit meeting was held June 29-30, 2001 in Boston, MA at the Usenix 2001 Annual Technical Conference. Links to a variety of files are posted on the web site.

Note: I (jhb) am still working on writing up a general summary of the meeting. When that is completed it will be posted here and mailed to the -hackers mailing list.

 KSE threading the kernel Julian Elischer julian@elischer.org

I'm working on multithreading the kernel. So far I have over 400KB of diffs relative to todays -current (I'm keeping my tree updated with changes as they occur rather than get hit with a big updte at the end).

I have split the proc structure and am changing most of the kernel to pass around a thread identifier instead of a proc structure.

The following interfaces have been changed so far:

I have still a lot of work to go with a lot of "dumb editing" (s/struct proc \*p/struct thread \*td/) usually I change a few items and then fix everything that breaks when I try compile it. I'd like to check it in on a branch so others can help the editing but haven't worked out the best way to do it yet.

I have implemented changes to the scheduler so that kse's are scheduled instead of processes, and threads sleep, letting the kse pick up a new thread. but it's not anywhere ready yet (heck it doesn't compile yet :-)

Note that I have not yet updated the document listed above.. everywhere it mentions "ksec" or "KSE-context", the code uses the word "thread". I will update it soon as Jason has sent me the source.

 FreeBSD Monthly Development Status Reports Robert Watson rwatson@FreeBSD.org> Chris Costello chris@FreeBSD.org

The FreeBSD Monthly Development Status Report aims to keep users and developers up-to-date on the latest goings-on in the FreeBSD project by providing summaries of each project and its status. At the time of this writing, the July 2001 status report is being prepared and is very near release. The FreeBSD Web site now has a Status Reports section, which, when the July 2001 report is released, will be updated to include a link to an HTML-ified version.

 NetBSD rc.d port Doug Barton dougb@FreeBSD.org Sheldon Hearn sheldonh@FreeBSD.org

The NetBSD rc.d port aims to improve the FreeBSD startup process by porting Luke Mewburn's rc.d work from NetBSD to FreeBSD. This will score FreeBSD startup and shutdown dependencies without losing the traditional and much loved - monolothic configuration file system.

+ monolothic configuration filesystem.

Luke Mewburn's USENIX paper and slides on the system as implemented in NetBSD are available here:

http://groups.yahoo.com/group/FreeBSD-rc/message/3

Interested parties are urged to study this material before joining the discussion list.

The intention at this stage is to decide on an approach that will ensure that the differences between the NetBSD rc.d system and the system as ported to FreeBSD will be kept to a minimum. This will probably involve discussions with Luke around those areas of the system that are identified as areas for potential improvement.

 Netgraph ATM Hartmut Brandt brandt@fokus.gmd.de

The goal of this project is the implementation of ATM signalling and other ATM protocols by means of the netgraph(4) framework. This should provide an easily extendable architecture for using ATM on FreeBSD. Currently the full UNI4.0 stack (except for the LIJ capability) has been implemented, including ILMI and a first version of the ATM Forum API for UNI. An implementation of Classical IP over ATM is also available. Drivers have been implemented for the Fore PCA200E and Fore HE-155 cards.

 network device cloning Brooks Davis brooks@FreeBSD.org

Network device cloning support has been imported from NetBSD. This allows virtual devices to be allocated on demand rather then being staticly allocated at compile time. Our implementation differs slightly from that of NetBSD's in that we allow both the creation of specific devices (i.e. gif0) and arbitrary devices instead of just allowing specific devices. Currently, the only device in the tree which has been converted is the gif(4) device which has been converted in both -current and -stable. Work is ongoing to convert all other virtual network devices with work in progress on faith, stf, and vlan interfaces. In general this conversion is accompanied by appropriate modifications to make these devices fully modular.

 Next Generation POSIX threads (NGPT) Arun Sharma arun@sharma.dhs.org

Porting NGPT (next generation pthreads) to FreeBSD

NGPT is an effort led by IBM engineers to implement MxN threads (also known as many user threads to one kernel thread mapping) on Linux. I have ported it to FreeBSD to use rfork(2).

The port is right here:

http://www.freebsd.org/cgi/query-pr.cgi?pr=29239

OLDCARD upgrade to support PCI cards Warner Losh imp@village.org

Funded by: Monzoon Networking, LLC

This month has been a month of conventration and consolidation. Much of the changes from current have been migrating into stable. I've improved power support, suspend/resume interactions, interrupt handling, and ability to work after windows/NEWCARD has run. Interrupt routing continues to be a locking issue for a complete MFC. Current patches are available at the above website. I'm racing to get this done before 4.4 is released.

 Open Runtime Platform (ORP) Arun Sharma arun@sharmas.dhs.org eGroups: ORP orp@egroups.com

Information on Intel ORP - a BSD licensed Java VM is right here:

http://www.intel.com/research/mrl/orp/

A FreeBSD patch has been tested to work with NGPT and submitted to the ORP project. The patch is available here:

http://www.sharma-home.net/~adsharma/projects/orp/orp-freebsd-1.0.5.patch.txt.gz

There are some issues to be ironed out to make it work with FreeBSD's default (user level) pthread implementation.

 OpenPackages

OpenPackages intends to create a software packaging system that will allow third-party programs to be installed, without operating system dependent changes, on as many platforms as are feasible. OpenPackages was originally based on code from the BSD ports systems, and has been improved and extended by developers of many heritages.

The OpenPackages Project is pleased to release the Milestone 2 codebase. This release contains a working package building system and a single test package. OP currently is known to build on certain instances of the following operating systems: FreeBSD, HP/UX, IRIX, Linux (Debian, Red Hat, Suse, Mandrake, TurboLinux, Caldera, etc.), NetBSD, OpenBSD, Solaris

 PAM Mark R V Murray mark@grondar.za

(First report)

Large cleanup and extension of FreeBSD PAM modules. All modules are to be documented, consistant in style (style(9) used) and as complete as possible WRT functionality. Mostly done.

 PowerPC Port Benno Rice benno@FreeBSD.org

We now have the rudiments of device support. We have a nexus driver for OpenFirmware machines, along with support for the Apple UniNorth PCI/AGP host bridge. I'm currently trying to get the USB hardware working so that I can get closer to having a console driver independant of OpenFirmware, then I'll be trying to get the system to get to single-user mode using NFS.

 PPP IPv6 Support Brian Somers brian@freebsd-services.com

Work has begun, but nothing has yet been committed. The NCP addresses used by ppp have been abstracted and initial support has been added to the filter set for ipv6 addresses. NCP negotiation hasn't yet been started.

 Porting ppp to hurd & linux Brian Somers brian@Awfulhak.org

Patches have been submitted to get ppp working under HURD, and mostly under Linux. There are GPL copyright problems that need to be addressed.

 pppoed Brian Somers brian@freebsd-services.com

Making pppoed function in a production environment. Most of the work is complete and committed. Additional work includes adding a -l option where ``-l label'' is shorthand for ``-e exec ppp -direct label'' and discovering why rogue child processes are being left around.

 PRFW - Hooks within the FreeBSD kernel Evan Sarmiento ems@open-root.org

PRFW is a set of hooks which I have integrated into the FreeBSD kernel. This allows modules to easily intercept system calls with less overhead. It also supports per-pid restrictions, which means, one process may not be able to use X function in Y manner, but another process may.

Progress: I was working on this in 4.3-RELEASE, but now I'm merging it into current. I will be submitting a patch to the mailing lists in about a week.

 SCSI Tape Support Matthew Jacob mjacob@feral.com

This driver is currently not working well under -current and is undergoing some work at this time. No major design or feature changes are planned. There was some notion of adding TapeAlert support, but HP supports that as a binary product via a user library and it was felt that it'd be more politically prudent to leave it alone.

 SMPng Peter Wemm peter@FreeBSD.org John Baldwin jhb@FreeBSD.org

Development

In the 'smpng' p4 branch there is code to make the ast() function loop to close the race when an AST is triggered while we are handling previously triggered AST's.

In the 'jhb_preemption' p4 branch work is being done to make the kernel fully preemptive. It is reportedly stable on UP x86, but SMP x86 locks up, UP alpha has problems during shutdown and can recurse indefinitely until it exhausts its stack.

Management

We are using a perforce repository for live development work, which can track multiple seperate long-lived works-in-progress and collaborate between multiple developers at the same time on the same change set.

FreeBSD-current is being imported into p4 hourly, for easy tracking of the moving -current tree.

I haven't written up a good primer yet, but we're able to open this up to the general developer community. NEWCARD work looks like it will be done here too. Perforce is ideal for tracking this sort of long-lived project without having to resort to passing patches around.

KSE work is now being checked into a kse p4 branch - thanks Julian!

KSE work is focusing on getting the main API changes into the base tree well before 5.0.

 SMPng mbuf allocator Bosko Milekic bmilekic@FreeBSD.org

mb_alloc is a specialized allocator for mbufs and mbuf clusters. It offers various important advantages over the old mbuf allocator, particularily for MP machines. Additionally, it is designed with the possibility of important future enchancements in mind.

The mb_alloc code has been committed to -CURRENT a month ago and appears to be holding up well. Prior to committing it, preliminary performance measurements were done merely to ensure that it is not significantly worse than the old allocator, even with Giant still in place. Results were promising [http://people.freebsd.org/~bmilekic/code/mb_alloc/results.html] - also see jlemon's results (link at the bottom of accompanying text). Since the commit, Matt Jacob has provided useful feedback and bugfixes. Work is now being done to re-enable mbtypes statistics and make appropriate changes to netstat(1) and systat(1).

 sparc64 port Jake Burkholder jake@freebsd.org

The sparc64 port has been committed to the FreeBSD repository. As such further development will occur in cvs, rather than as a separately maintained patch set. Significant progress has been made since the last status report, including; support for kernel debugging with ddb, much more complete pmap support, support for context switching and process creation, and filling out of important machine dependent data structures. Thomas Moestl has shown a strong interest in working on the port and is in the process of implementing support for saving and restoring a process's floating point context. I look forward to working with him and any other developers that happen to fall out of the wood works.

 FreeBSD/sparc64 kernel loader Robert Drehmel robert@ferrari.de

The sparc64 loader is functional enough to boot an ELF binary from an UFS filesystem using the existent openfirmware library, which has been revised to work flawlessly on 32-bit and 64-bit architectures. Support for netbooting and modules will be implemented next, followed by a better openfirmware mapping strategy.

 SYN cache implemetation for FreeBSD Jonathan Lemon jlemon@freebsd.org

This project brings a SYN cache implementation to FreeBSD, in order to make it more robust to DoS attacks. A SYN cookie approach was considered, but ultimately rejected becuase it does not conform to the TCP protocol. The SYN cache will work with T/TCP, IPV6 and IPSEC, and the size of each cache element is currently is less than 1/5th the size of a normal TCP control block.

 TrustedBSD Project Robert Watson rwatson@FreeBSD.org

It's been a busy month, with a number of relevant news items. Not least important is that NAI Labs was awarded a $1.2M contract from the US Defense Advanced Research Projects Agency (DARPA) to work on a variety of components relevant to the TrustedBSD Project, including support for pluggable security models, and supporting features such as improving the extended attributes - implementation, simple crypto support for swap and file systems, + implementation, simple crypto support for swap and filesystems, documentation, and much more.

On the features side, progress continues on Mandatory Access Control, object labeling, and improving the consistency of kernel access control mechanisms--in particular, with regard to inter-process authorization and credential management. Work has begun on porting LOMAC, NAI Labs' Low-Watermark Mandatory Access Control scheme, from Linux to FreeBSD, and it has been re-licensed under a BSD license. We hope to have an initial port complete in time for 5.0-RELEASE later this year.

 diff --git a/en/projects/libh.sgml b/en/projects/libh.sgml index 4fe791129d..8664f72de7 100644 --- a/en/projects/libh.sgml +++ b/en/projects/libh.sgml @@ -1,758 +1,758 @@ - + %includes; ]> &header;

Contents

Overview

Project Mailinglist:
freebsd-libh@FreeBSD.org
CVS repository
Libh is available through anonymous CVS pserver (empty password): 
 	  cvs -d :pserver:anonymous@usw4.FreeBSD.org:/home/libh/cvs

Project Status

Problem/Goal/Task Responsible Last updated Status
Find bugs in the UI backend alex 17 September 2001 In progress
Write a disk slice and label editor in TCL using libh's libraries alex 20 January 2002 Almost completed
Floppy/CDROM boot into a scriptable libh TCL interpreter antoine 20 January 2002 In progress
Write a "setup" utility for both, floppy and CDROM installation. alex 17 September 2001 In progress
Clean up make(1) build alex/antoine 27 September 2001 Done
I18N/Multiple language support Eric Buchanan 22 April 2001 Unknown
System configuration utility mike 17 September 2001 Unknown
Fix the package library alex 17 September 2001 Work started

Project Requirements

You'll need the following to run/test libh:

There is also port of libh available (misc/libh), which installs a snapshot of the libraries and TCL scripts. However, it's not for development.

What is libh?

The following is a mail from Jordan K. Hubbard, which describes what libh is, why it has been developed and what the plans are.

Fast jump to the part of the mail describing libh.

 
 From: Jordan Hubbard <jkh@winston.osd.bsdi.com>
 Subject: Installation and package tools document, version 1.0
 To: hackers@FreeBSD.ORG
 Date: Tue, 12 Sep 2000 15:29:48 -0700 (PDT)
 Message-Id: <200009122229.e8CMTmV12787@winston.osd.bsdi.com>
 
 Without a lot of preamble, let me just say that all that talk of
 FreeBSD needing a more active specifications and management process
 finally got me motivated into writing all this down.  This being
 version 1.0 of this document, I also expect it to go through multiple
 versions as I get feedback on it, so please consider it merely the
 start of an ongoing effort to write down all these installation and
 packaging thoughts which have been rattling around my head these past
 6 or so years.  See the Preface for more information, and thanks in
 advance for being willing to read through a 5300 word document. :-)
 
 - Jordan
 
 Title: FreeBSD installation and package tools, past, present and future
 Date: September 8th, 2000
 Author: Jordan K. Hubbard
 Version: 1.0
 
 Abstract:
 
 This document discusses FreeBSD's installation, configuration and
 package management tools from the perspective of where they are and
 where I think they need to go.
 
 Contents
 --------
 1. Preface
 
 2. History and current limitations
    2.1 The package tools
    2.2 Sysinstall
 
 3. The Future
    3.1 FreeBSD's distribution format
    3.2 User Interface
    3.3 Security
    3.4 Configuration and version control
    3.5 Installation scripting
 
 4. Appendix: Current efforts
    4.1 libh
    4.2 lizard
 
 
 1. Preface
 ----------
 
 There has been a lot of discussion throughout FreeBSD's history as to
 just what purpose sysinstall and the pkg_install suite were intended
 to achieve, what their shortcomings are and how we might move forward
 with a design document which breaks the various challenges into more
 manageable pieces which might be implemented by a number of different
 teams.
 
 It's long been my desire to sit down and do exactly that, a lack of
 time being my only excuse for not having done so long ago.  I'm also
 of the understanding that a new "open packages" effort was recently
 started by some of the people at Daemon News, a project with parallels
 to some of the existing efforts to get all the various open source
 projects to standardize on existing package formats like RPM, Debian
 packages, etc., and a good excuse for me to finally do this.
 
 I'm certainly all in favor of a standardization effort based around
 some viable and practical second-generation technology and can only
 hope that producing this document will in some way aid the design of a
 next-generation package and installation system.  Should such an
 effort ultimately prove itself attractive to a large segment of the
 open source community then all the better, but we have to start
 somewhere and that somewhere, for me at least, is FreeBSD.  The
 existing package systems (RPM, Deb, *BSD) all suffer from being
 first-generation efforts and, while quite mature, do not address a
 number of significant issues which I'll cover in this document.  I'll
 also document some of the design decisions which went into FreeBSD's
 current system, hopefully explaining some of the [mis]features which
 have confused newcomers to FreeBSD or caused them to wonder just why
 things were not done differently.
 
 
 2. History and current limitations
 ----------------------------------
 
 2.1 The package tools
 ---------------------
 
 The FreeBSD package tools, located in /usr/src/usr.sbin/pkg_install,
 were written in August of 1993 in response to several requirements
 that we had at the time.  Most significantly, it was not possible to
 easily track "extra software" that one might add to the system and
 conceivably wish to easily remove again, nor was it easy to see which
 versions of software had been installed on a given system for easier
 troubleshooting.  Finally, any specialized installation procedures for
 a given piece of software essentially had to be done manually by
 reading the README file (when available) accompanying the binary
 distribution tarball, assuming of course that anything other than
 sources which you needed to build yourself were available.
 
 After looking at the problem for awhile, I decided that the quickest
 and easiest solution would be to simply add a little extra "meta-data"
 to these existing binary tarballs, something which could then be
 executed and recorded for future reference by a package adding
 utility.  Thus were born the pkg_install utilities we have today.
 
 At the time, system administrators were also very mistrustful of
 pre-built binary distributions of software (not that many would
 actually read source code before building and installing binaries from
 it, but that's another story) so that's why I decided to use an
 existing archive format, namely gzipped tar files.  This approach
 allowed paranoid admins to easily extract a package manually and
 inspect it, it also allowing me to leverage our existing tools
 relatively easily (though one feature, --fast-read, did need to be
 added to tar so that individual items could be extracted more
 quickly).
 
 There were and are problems with this approach, however, the most
 significant being that tar files (especially gzipped ones) are NOT
 very amenable to random-access.  The directory structure of a tarfile
 is distributed, e.g. the file data is interleaved with the directory
 meta-data and, in order to get to a given item in a tarball,
 pkg_add(1) needs to read serially through the whole thing looking for
 it.  This can be an especially big problem when all it has to work
 with is a file handle and not an actual file, something which is the
 case when a package is coming directly from an FTP server or some
 other data source which offers only serial access to the bits.
 
 pkg_add "solves" this problem by first finding sufficient temporary
-space on one of the available file systems and then unpacking the
+space on one of the available filesystems and then unpacking the
 tarball to be extracted into a scratch directory.  After the tarball
 is extracted, pkg_add then reads through the "packing list" (one of
 the meta-data files) and follow its instructions to move only those
 parts of the unpacked tarball into place which are needed, thus
 skipping the meta-data files and any others which might be optional
 and not actually requested by the user.  During this process, it is
 then possible to run any custom installation scripts the package might
 have provided to ask the user configuration questions, do special
 permissions/conflict checks, and run through the package's list of
 dependencies on other packages to see if they should be somehow
 fetched and installed as well.
 
 All in all, it's a very general purpose and open-ended mechanism which
 many packages have used to good effect, but the temporary directory
 requirement would also turn around to bite me firmly on the ass when
 it came time to write sysinstall, which followed in April of 1995.
 
 
 2.2 Sysinstall
 --------------
 
 Sysinstall, located in /usr/src/release/sysinstall, was FreeBSD's
 first attempt at doing something more elegant and user-friendly than a
 simple shell script-based installation which merely asked questions in
 a fixed order and gave the user little opportunity to do different
 types of installation and configuration.  The "first draft" of
 sysinstall was actually meant to be little more than a prototype of
 the installer I really wanted to write, especially from the user
 interface perspective since it used something called dialog(3).  The
 dialog library began its life as a monolithic utility for writing
 semi-graphical shell scripts and was pressed, with great reluctance,
 into the duty of functioning as an interface library for C
 programmers.  At the time, this seemed the easiest course of action
 given that I wasn't overly keen on writing a new set of interface
 components in curses(3) and the dialog library provided some fairly
 colorful canned dialogs which looked, at least for the time,
 reasonably visually impressive.
 
 In retrospect, this was also one of my biggest mistakes given that
 dialog(3) is also extremely limited in the user-friendliness
 department and lacks features like the ability to put more than 2
 buttons into a dialog or a Yes/No dialog which had a selectable
 default (e.g. No).  The inability to put a "Back" button into various
 dialogs which could really use one or the necessity for asking only
 "positive" questions are outgrowths of those limitations and good
 examples of how an insufficiently powerful UI library can drive the
 utility-writer in undesirable but unavoidable directions.
 
 The dialog library also features checkbox/radio menus which use the
 spacebar and enter keys very, erm, creatively to essentially confuse
 the heck of out users who don't pay too much attention to the Usage
 instructions at the beginning and simply impulsively hit Enter through
 the whole installation.  Earlier versions of the library also
 completely lacked the idea of call-backs, so any form of real
 "dynamism" in a menu or dialog was pretty much out of the question.
 The things I had to do to this library in order to provide those
 features were so hideous that I'll probably go to a special
 programmer's hell when I die and be forced to do AI programming in
 RPG-II, or something, it also souring me on the idea of extending
 dialog(3) to the point where it might have actually made sysinstall
 less pathological in its interface behavior.
 
 The user interface library has also turned out to be not the least of
 sysinstall's design shortcomings.  Since it was, at least in my mind,
 a prototype, there wasn't a lot of attention put into the area of
 flexibility.  I provided for things like "Expert" and "Novice" (now
 less-insultingly named "Standard") installs, but I didn't really do
 much for people who wished to build many machines in a more
 assembly-line fashion or allow the user to save their answers to its
 questions for later "replay" into another installation session.
 Extending sysinstall also requires a knowledge of C programming (and
 the willingness to hack on a prototype) in order to customize it for
 other purposes, say a university environment where special course-ware
 might be part of the FreeBSD installation at the beginning of each
 semester.  It's nowhere near as easy as it should be and many have
 been impaled on sysinstall in their efforts to customize FreeBSD for
 their unique needs.
 
 An even more significant issue with sysinstall and FreeBSD's release
 methodology in general is the distribution format of FreeBSD itself
 and sysinstall's handling of packages, especially interactive ones.
 FreeBSD's release methodology has really not changed all that much in
 the last 8 years, the basic distribution format still being largely
 influenced by the size of a 3.5" floppy.  Each chunk of a FreeBSD
 distribution, e.g. the "bin" or "manpages" distributions, is nothing
 more than one big gzipped tarball which has been split into 240K
 chunks which can conveniently fit on floppies, 5 to a 5.25" floppy or
 6 to a 3.5" one.  Back in 1992, when we first started doing this,
 there were a lot of people doing floppy installs and CDs were still
 uncommon and/or expensive.  Sysinstall was therefore designed to take
 a lot of the hair out of the process by automagically gluing these
 240K chunks together as they came along, from whatever distribution
 medium was available, and feeding them to a background tar process
 which would simply extract them verbatim into a directory (usually,
 but not always, /).
 
 There are lots of problems with this, one being the fact that since a
 "distribution" is nothing more than a gzipped tarball split into
 pieces, there is none of the nifty meta-data which packages provide to
 say what has been installed, what dependencies it has, or any hooks
 for providing post-installation configuration opportunities.  Even
 component size information is a mystery, making sysinstall unable to
 predict when you've chosen more distribution data than will fit on a
 given filesystem, leading to occasionally unpleasant surprises during
 installation when something fills up and simply exlodes in a messy and
 unhelpful fashion.
 
 A bigger problem is the fuzzy and entirely undesirable dividing line
 between packages and distributions.  What should be a distribution and
 what should be a package?  Where does the ``base distribution'' stop
 and the ports/packages collection begin? How should one upgrade the
 respective bits?  Erasing this line of demarcation has proven to be
 one of the more annoying challenges in FreeBSD's release engineering
 process and I'll explain how and why later in this document.
 
 Finally, sysinstall simply represents a conglomeration of too many
 tasks.  It partitions your disk(s), it loads software, it asks you
 questions about your network interfaces, it sets up your ppp
 connection, etc etc.  It just tries to do too much in one place and
 that's a violation of the Unix Philosophy, where each component should
 do one easily recognizable task and no more than that, more complex
 tasks being achieved by putting such tools together.
 
 What we currently think of as sysinstall should essentially do nothing
 more than partition your disks and get a much fancier second-stage
 "configurator" onto the root partition before rebooting.  At that
 stage, the configurator can give the user the option of adding the
 other disks and chosing what kinds of software to put on them.  The
 scope of the configurator should be such that it becomes a
 general-purpose setup tool which can be used to manage all the
 hardware and software in the system on an ongoing basis, not simply
 run once and forgotten.
 
 
 3. The Future
 -------------
 
 3.1 FreeBSD's distribution format
 ---------------------------------
 
 As I mentioned in the history section, one of the more annoying
 problems with FreeBSD's current distribution format is the dividing
 line between distributions and packages.  There should really only be
 one type of "distribution format" and, of course, it should be the
 package (There Can Be Only One).  Achieving this means we're first
 going to have to grapple with several problems, however:
 
 First, eliminating the distribution format means either teaching the
 package tools how to deal with a split archive format (they currently
 do not) or divorcing ourselves forever from floppies as a distribution
 medium.  This is an issue which would seem an easy one to decide but
 invariably becomes Highly Religious(tm) every time it's brought up.
 In some dark corner of the world, there always seems to be somebody
 still installing FreeBSD via floppies and even some of the fortune 500
 folks can cite FreeBSD success stories where they resurrected some old
 386 box (with only a floppy drive and no networking/CD/...) and turned
 it into the star of the office/saved the company/etc etc.  That's not
 to say we can't still bite that particular bullet, just that it's not
 a decision which will go down easily with everyone and should be well
 thought-out.
 
 Second, there's the issue of packages currently requiring temporary
 space as part of their extraction method.  If we're going to have
 things like "bin" be a package, even if we split it up into
 subcomponents and make "bin" simply a package which contains a list of
 dependencies and nothing more (which is desirable), there are still
 going to be pieces which are non-extractable under the current scheme
 because the available disk space is too small to contain both the
 temporary copy and the final installed copy, which may not be on the
-same file system can cannot be simply moved into place.  Since we'd
+same filesystem can cannot be simply moved into place.  Since we'd
 also like to retain the ability to extract a package directly over a
 network connection and never have the temporary bits "hit the disk",
 this means that we're almost certainly going to have to go to a
 different archival format.  Fortunately, there are some existing
 formats to choose from which have a lot of the required features so we
 won't have to reinvent the wheel and come up with our own (yuck).  My
 current favorite is the Zip archive format.
 
 Zip is a popular archival format which gives us a wide variety of
 existing tools for creating, fixing and inspecting zip files.  The
 directory is also at the very beginning so we can quickly read it in
 and figure out where in the data stream/file we need to go to get a
 specific item.  Since the "configurator" stage of the installation
 will also be running after we've acquired a root partition and some
 swap space, it's also not inconceivable that we could buffer bits read
 over a network connection in memory so that even "seeking" out to the
 end of an archive file read from an FTP server socket would still
 allow us to move backwards in the archive for other contents.  The zip
 file format also allows for per-archive and per-file "comment" fields
 which can be used to store things like MD5 checksums, pgp signatures
 and all sorts of other potentially useful types of meta-data.  I'm not
 wedded to the zip file format, I simply find its combination of good
 compression and random-access (without having to decompress the entire
 archive) to be especially attractive for what we need to do.
 
 Finally, there's the issue of user interaction.  The bulk of
 sysinstall's hard-coded features do things like make user queries
 which could just as easily be part of a package's install-time
 configuration script.  Sysinstall, for example, allows you to specify
 which daemons will run at startup time even though this is only
 pertinent to the "bin" package which actually contains those daemons.
 Similarly, there have been security-related questions pertaining to
 the cryptography distributions which, even though the US crypto export
 and RSA issues have now been largely dealt with, may still be
 pertinent in other countries.  Clearly, such interaction should be
 part of the package installation procedure itself and sysinstall
 should be little more than a friendly wrapper for selecting which
 packages to install and running their installation procedures, and
 that brings us to the question of User Interface.
 
 
 3.2 User Interface
 ------------------
 
 As noted in the History section, one of the biggest problems with
 sysinstall is its user interface which could only be charitably
 described as Evil Incarnate.  The dialog(3) interface library, as I've
 already described, is insufficiently powerful to give the user a
 flexible and intuitive installation experience nor it does not take
 any real advantage of environments like the X Window System, should
 the user be running a configurator under such an environment.
 
 The package system also suffers significantly in the UI area since the
 pkg_add(1) utility has no idea as to whether it's running at the end
 of a pipe, as it currently does under sysinstall, or if it's got a
 real live user at the other end who's invoked it interactively from a
 shell.  This leads to real problems when a package suddenly decides it
 wants to talk to the user but is being run via a front-end which will
 react adversely (or not at all) to the sudden appearance of the
 package's own interaction dialogs.  This is not just a hypothetical
 situation but one which can, and currently does, happen whenever
 sysinstall's packages menu invokes a package which is interactive. The
 user dialogs all go to the 2nd VTY and leave the actual user somewhat
 mystified as to why the package installation has mysteriously "hung"
 on them as it waits for user input which never arrives.
 
 To effectively solve this problem, what is needed is a flexible (e.g.
 containing more basic "widgets" than canned dialogs) and generic UI
 library which provides front-end utilities like sysinstall and pkg_add
 with the ability to play traffic cop and direct all user interaction
 through a common interface. That might be something CUI based, like
 TurboVision (my current CUI favorite) or GUI based, like Qt/gtk, when
 running under X.  It might even be something which talks to a
 Java-enabled web browser at some point in the future - we really can't
 predict all the conceivable UI scenarios.  The package system would
 call into this library whenever it wanted to talk to the user, thus
 sharing the screen/display non-competitively with whatever utility
 invoked it.  It would be up to the outermost "caller" (be it pkg_add
 or sysinstall) to decide at initialization time just what kind of
 back-end UI to instantiate for the generic UI.
 
 Such an approach would allow us to write all of our configuration
 utilities and scripts in a UI-neutral fashion which allows us to take
 advantage of new UI technologies as they come along without having to
 go back and re-write all of those painstakingly crafted user dialogs.
 That's basically where 99% of all the work of crafting such user
 interfaces goes, and we certainly don't want to have to write two
 different interface definitions for CUI (serial console / remote
 installer) and GUI (X Desktop) based users.  There are some operating
 systems (that I won't mention) which sort of get away with this today,
 but FreeBSD has always been a strongly server-centric operating system
 and that means we really can't have a highly desktop-centric
 installer, we have to support the idea of installation on machines
 without graphics cards at all or even in situations where the user is
 visually handicapped and wishes to have a customized installer who's
 "interface" is a voice synthesizer.  All of this is possible when the
 UI library you write directly to makes no assumptions at all about
 what the ultimate rendering model is going to be, it simply thinks in
 terms of objects like "buttons" and "choice lists", leaving it up to
 the back-end layer to ultimately render the appropriate UI objects
 somehow.
 
 
 3.3 Security
 ------------
 
 A major failing of most package systems, ours included, is that a
 package's installation and configuration scripts can essentially be
 any type of executable at all.  While this does allow the package
 writer a great deal of flexibility in providing for a package's needs,
 and there are packages which do have highly specialized requirements,
 it also has a huge potential effect on security.
 
 Most packages are installed as root for a variety of reasons, some
 legitimate and some not, and the overall effect is that security is
 essentially an "opt-in" process for whomever creates or installs a
 package.  A package which is installed as root is a package which can
 be either intentionally or unintentionally lethal to a user's system,
 even a pgp-signed and triple-authenticated package being capable of
 completely destroying a user's system, and it's not hard to see how.
 
 Consider what might happen if an otherwise perfectly respectable
 package author, overly caffeinated and partially delirious at 4am,
 were to write: ``rm -rf /${MYTMPDIR}'' into a package's installation
 script as part of its clean-up procedure.  Let's also say that this
 removal operation is inside a failure-case check in the installation
 script and the author doesn't hit that case during their testing since
 they happen to drive the installation successfully each time.  Let's
 finally say that the actual name of the variable in question is
 "MYTEMPDIR" and the author, in a state of 4am dyslexia, does not spot
 this mistake.  You get the idea.
 
 Even if the package is pgp signed and the package author is your
 personal, trusted friend, you're still going to be wondering at all
 the sudden extra disk activity right after bombing out of his
 package's installation script and none of the conventional security
 practices have saved you from his mistake.  The author is most
 embarrassed, your system is most toast, and you can both chalk it up
 to another annoying conjunction of human and infra-structural
 stupidity.  Clearly, it would be desirable for a package which
 genuinely and truly needs to be root to do so in a manner which is in
 any way safer than it is now.
 
 One method I'm in favor of is to change a package's customization
 script(s) from being any arbitrary executable to being a very specific
 executable, namely a set of instructions in some tightly constrained
 scripting language.  My personal favorite is Secure TCL, a useful
 outgrowth of the enhancements done to TCL when it got stuffed into a
 web browser and suddenly needed to worry a lot more about security
 issues.  Secure TCL allows us to create highly restricted TCL
 environments which can be selectively "tightened" according to an
 administrator's own level of paranoia, allowing them to have a highly
 customizable and final say over what level of capability will be given
 to any package they install.
 
 Thus it would be possible, just to give an example, to restrict the
 ``file-access'' primitive to only returning a positive "It's OK to
 access this" indication for file names who's paths match "/etc/.*",
 "/usr/local/.*" or "/usr/X11R6/.*".  The ``file-create'', ``file-write''
 and ``file-remove'' primitives could, in turn, always validate their
 arguments against ``file-access'' before proceeding.  With a properly
 designed set of primitives, it would be thus possible to evolve
 mechanisms for "practical security", where potentially foot-shooting
 primitives can either be disallowed entirely, allowed to proceed only
 upon user confirmation or go completely unhindered, all according to
 the administrator's wishes.  With a little time, such package security
 tweaks would also begin to float around and come into the reach of less
 skilled administrators, just as standardized cisco access-lists for
 fire-walling are passed around today.
 
 It need not be TCL that is chosen for this purpose, naturally, it's
 simply my personal preference since I happen to already know and have
 working experience with TCL.  A language like Python or Ruby is also
 probably capable of doing the job just as well, it only being
 necessary for the interpreted language of choice to have some sort of
 reasonable security model and a comparatively small footprint.  I
 stipulate that the footprint needs to be small because any future
 system configurator and package infrastructure will need to be wrapped
 together to some extent, the resulting product being something we may
 wish to bootstrap off of comparatively small media.  A properly
 written package management system will be an indispensable piece of
 the installation process given that the pieces of the operating system
 will, of course, be packages.
 
 
 3.4 Configuration and version control
 -------------------------------------
 
 Ultimately, installing the "OS networking package" or the "Apache
 Server" package should be part of a seamless, "one piece",
 installation experience with a common and consistent UI.  The ability
 to leave "configurators" for each subsystem or tool behind should also
 be an integral part of the process, these later being runnable from a
 single front-end tool (let's call it ``setup'') which offers a
 properly organized menu/folder hierarchy for all the available tool
 configurators to drop themselves into.  None of this is rocket science
 and folks like Microsoft and Apple have been doing it for ages with
 their operating systems.  It's a workable model and, perhaps more
 importantly, it's now the most familiar model.
 
 Another nice thing about having a package install itself through a
 carefully controlled scripting language is that each mutagenic
 operation (say, a file overlay) can store "undo" information for
 itself if given enough available disk space.  Also imagine that all of
 the undo information for a given package, throughout its lineage, goes
 onto an "undo stack" for that package.  If necessary, the package can
 thus be "popped" back through its previous versions to test and see
 where and if a given problem (which may be noticed only months after
 the last upgrade) first appeared.  Since the changes would be stored
 as deltas, files which do not change would also appear only once and
 no space wasted in representing multiple redundant copies of those
 pieces of a package which don't change from version to version (like
 the docs :-).
 
 Making such a mechanism part of the basic infrastructure may strike
 some as an over-kill proposal, but I would also submit that the
 problem of upgrading packages and of having multiple active versions
 of a single package (like gtk or TCL) are significant issues which
 have received rather ad-hoc attention to date.  With the creative and
 automated use of symlinks and some filename hashing, I think we could
 come up with a mechanism which does for package version control what
 CVS does for software version control (though hopefully even less
 painfully :).
 
 A genuine database of some sort containing package version meta-data
 is also a requirement since, on a fully tricked-out system, many
 hundreds (if not thousands) of files might eventually be involved and
 keeping track of various their inter-relationships is not something
 you'd generally want to do with simplistic file structures (like
 /var/db/pkg) which require a lot of time to search and index.
 
 
 3.5 Installation scripting
 --------------------------
 
 Another subject I touched on earlier was the need for automated and/or
 highly customized installations since the needs of everyone installing
 FreeBSD aren't exactly identical.  Given access to a nice generic UI
 library, as described in section 3.2, and a powerful scripting
 language, as described in section 3.3, we could make what people
 currently regard as sysinstall a purely script-driven affair.  This
 will obviously make customization a lot easier since all anyone needs
 is a text-editor and a document of available primitives (which many
 would probably choose to learn simply by looking at the example
 installation anyway) in order to create a customized install and/or
 add their own questions to an existing package configurator.  I also
 doubt that most people would need to be able to do this, but for those
 very few that do, such flexibility can and will make the difference
 between getting FreeBSD into some highly customized environments or
 simply not making the grade.
 
 
 4. Appendix: Current efforts
 ----------------------------
 
 4.1. libh
 ---------
 
 The libh project is something I started over a year ago, with input
 from Mike Smith and the paid services of a Russian contract programmer
 named Eugene, to fulfill many of the goals expressed in this document.
 
 Unfortunately, managing a project of this complexity with a contractor
 many thousands of miles away and a personal schedule which allowed for
 very little interaction with him didn't prove to be a workable
 scenario and work was stopped while partially in progress.  Since that
 time, work on it has been taken over by Alexander Langer and a small
 group of volunteers.  A mailing list, freebsd-libh, can also be
 subscribed to via majordomo@freebsd.org, and the sources checked out
 via ``:pserver:anonymous@usw4.freebsd.org:/home/libh/cvs'' using
 anoncvs.
 
 The name ``libh'' is also something of a mystery to everyone but it
 nonetheless stuck as a working title.  It probably needs to be renamed
 to something sexier before this project can really succeed. :-)
 
 Roughly speaking, libh currently contains:
 
    A first cut at the generic UI library, as described in section 3.2,
    with back-end renderers for TurboVision and Qt currently being
    provided.  The generic UI API it provides is available for C, C++
    and TCL.
 
    A complete zip file-access library written for C, C++ and TCL as
    described in section 3.1.
 
    Much of the security infrastructure described in section 3.2 is
    also implemented, with enough currently done to make possible a
    prototype package creation/extraction system with some test
    packages available (and used as part of the regression-test suite).
 
    The package information database is also written, with APIs for C,
    C++ and TCL.  It provides for package conflict, upgrade and outdate
    checking.
 
 While libh does contain a lot of the code we might ultimately use, it
 should nonetheless be considered only one possible starting point for
 implementing what I've described in this document.  I certainly would
 be happy to see the time and investment in libh ultimately go to good
 use, of course, but I also wouldn't want it to stand in the way of any
 larger and more successful effort which chose a different scripting
 language or UI design, for example.
 
 
 4.2 lizard
 ----------
 
 Lizard is the installer currently bundled, albeit in highly modified
 form, with Caldera's OpenLinux distribution and made freely available
 in some of its earlier incarnations from ftp.caldera.com.  It has been
 suggested that a "Desktop version" of FreeBSD could be created using
 this technology as a stop-gap measure until libh or some similar
 project succeeded in solving the more complex set of issues I've
 outlined, that perhaps buying us a bit more time to "do things right"
 (in my highly prejudicial opinion :).  As far as I'm aware from my
 limited reading of the code, lizard is only applicable to graphical
 installations and does not make allowances for people installing via a
 serial console, hence its applicability to just a desktop-oriented
 product.  Still, it might be worth looking at by people who's
 interests lie solely in that direction.  Customization from the highly
 linux-centric environment lizard currently assumes is, of course,
 something else which would need to be grappled with as part of such an
 effort.
&footer; diff --git a/en/projects/projects.sgml b/en/projects/projects.sgml index 74ce5b43d7..677d979a0e 100644 --- a/en/projects/projects.sgml +++ b/en/projects/projects.sgml @@ -1,529 +1,529 @@ - + %includes; ]> &header;

In addition to the mainstream development path of FreeBSD, a number of developer groups are working on the cutting edge to expand FreeBSD's range of applications in new directions. Follow the links below to learn more about these exciting projects.

If you miss a project please send the URL and a short description (3-10 lines) to www@FreeBSD.ORG

In addition, some of these projects regularly submit status reports, which can be viewed on the status reports page.

Documentation

Applications

Networking

File system

Kernel, security

Device drivers

Architecture

Misc

&footer; diff --git a/en/releases/2.0.5R/notes.sgml b/en/releases/2.0.5R/notes.sgml index b2486d3993..9ea6786a1a 100644 --- a/en/releases/2.0.5R/notes.sgml +++ b/en/releases/2.0.5R/notes.sgml @@ -1,764 +1,764 @@ - + %includes; ]> - + &header; 
                                  RELEASE NOTES
                                     FreeBSD
                                  Release 2.0.5
 
 1. Technical overview
 ---------------------
 
 FreeBSD is a freely available, full source 4.4 BSD Lite based release
 for Intel i386/i486/Pentium (or compatible) based PC's.  It is based
 primarily on software from U.C. Berkeley's CSRG group, with some
 enhancements from NetBSD, 386BSD, and the Free Software Foundation.
 
 Since our release of FreeBSD 2.0 some 8 months ago, the performance,
 feature set, and stability of FreeBSD has improved dramatically.  The
 largest change is a revamped VM system with a merged VM/file buffer
 cache that not only increases performance, but reduces FreeBSD's
 memory footprint, making a 4MB configuration a more acceptable
 minimum.  Other enhancements include full NIS client and server
 support, transaction TCP support, dial-on-demand PPP, an improved SCSI
 subsystem, early ISDN support, support for FDDI and Fast Ethernet
 (100Mbit) adapters, improved support for the Adaptec 2940 (WIDE and
 narrow) and many hundreds of bug fixes.
 
 We've also taken the comments and suggestions of many of our users to
 heart and have attempted to provide what we hope is a more sane and
 easily understood installation process.  Your feedback on this
 (constantly evolving) process is especially welcome!
 
 In addition to the base distributions, FreeBSD offers a new ported
 software collection with some 270 commonly sought-after programs.  The
 list of ports ranges from http (WWW) servers, to games, languages,
 editors and almost everything in between.  The entire ports collection
 requires only 10MB of storage, all ports being expressed as "deltas"
 to their original sources.  This makes it much easier for us to update
 ports, and greatly reduces the disk space demands made by the older
 1.0 ports collection.  To compile a port, you simply change to the
 directory of the program you wish to install, type make and let the
 system do the rest.  The full original distribution for each port you
 build is retrieved dynamically off of CDROM or a local ftp site, so
 you need only enough disk space to build the ports you want.  (Almost)
 every port is also provided as a pre-compiled "package" which can be
 installed with a simple command (pkg_add) by those who do not wish to
 compile their own ports from source.  See the file:
         /usr/share/FAQ/Text/ports.FAQ
 for a more complete description of the ports collection.
 
 
 Since our first release of FreeBSD 1.0 nearly two years ago, FreeBSD
 has changed almost entirely.  A new port from the Berkeley 4.4 code
 base was done, which brought the legal status of the system out of the
 shadows with the blessing of Novell (the new owners of USL and UNIX).  The
 port to 4.4 has also brought in a host of new features, filesystems
 and enhanced driver support.  With our new unencumbered code base, we
 have every reason to hope that we'll be able to release quality
 operating systems without further legal encumbrance for some time to
 come!
 
 FreeBSD 2.0.5 represents the culmination of 2 years of work and many
 thousands of man hours put in by an international development team.
 We hope you enjoy it!
 
 A number of additional documents which you may find very helpful in
 the process of installing and using FreeBSD may also be found in
 the "FAQ" directory, either under /usr/share/FAQ on an installed
 system or at the top level of the CDROM or FTP distribution from
 where you're reading this file.  Please consult FAQ/Text/ROADMAP
 for a brief description of the resources provided by the FAQ directory.
 
 For a list of contributors and a general project description, please see
 the file "CONTRIB.FreeBSD" which should be bundled with your binary
 distribution.
 
 Also see the "REGISTER.FreeBSD" file for information on registering
 with the "Free BSD user counter".   This counter is for ALL freely
 available variants of BSD, not just FreeBSD, and we urge you to register
 yourself with it.
 
 The core of FreeBSD does not contain DES code which would inhibit its
 being exported outside the United States.  There is an add-on package
 to the core distribution, for use only in the United States, that
 contains the programs that normally use DES.  The auxiliary packages
 provided separately can be used by anyone.   A freely (from outside the
 U.S.) exportable European distribution of DES for our non-U.S. users also
 exists and is described in the FreeBSD FAQ.
 
 If password security for FreeBSD is all you need, and you have no
 requirement for copying encrypted passwords from different hosts
 (Suns, DEC machines, etc) into FreeBSD password entries, then
 FreeBSD's MD5 based security may be all you require!  We feel that our
 default security model is more than a match for DES, and without any
 messy export issues to deal with.  If you're outside (or even inside)
 the U.S., give it a try!
 
 
 1.1 What's new in 2.0.5?
 ------------------------
 
 The following features were added or substantially improved between
 the release of 2.0 and this 2.0.5 release.  In order to facilitate
 better communication, the person, or persons, responsible for each
 enhancement is noted.  Any questions regarding the new functionality
 should be directed to them first.
 
 KERNEL:
 
 Merged VM-File Buffer Cache
 ---------------------------
 A merged VM/buffer cache design greatly enhances overall system
 performance and makes it possible to do a number of more optimal
 memory allocation strategies that were not possible before.
 
 Owner:                  David Greenman (davidg@FreeBSD.org) and
                         John Dyson (dyson@implode.root.com)
 
 
 Network PCB hash optimization
 -----------------------------
 For systems with a great number of active TCP connections (WEB and ftp
 servers, for example), this greatly speeds up the lookup time required
 to match an incoming packet up to its associated connection.
 
 Owner:                  David Greenman (davidg@FreeBSD.org)
 
 
 Name cache optimization
 -----------------------
 The name-cache would cache all files of the same name to the same bucket,
 which would put for instance all ".." entries in the same bucket.  We added
 the parent directory version to frustrate the hash, and improved the 
 management of the cache in various other ways while we were at it.
 
 Owner:                  Poul-Henning Kamp (phk@FreeBSD.org)
                         David Greenman (davidg@FreeBSD.org)
 
 
 Less restrictive swap-spaces
 ----------------------------
 The need to compile the names of the swap devices into the kernel has been
 removed.  Now swapon will accept any block devices, up to the maximum
 number of swap devices configured in the kernel.
 
 Owner:                  Poul-Henning Kamp (phk@FreeBSD.org)
                         David Greenman (davidg@FreeBSD.org)
 
 
 Hard Wired SCSI Devices
 -----------------------
 Prior to 2.0.5, FreeBSD performed dynamic assignment of unit numbers
 to SCSI devices as they were probed, allowing a SCSI device failure to
 possibly change unit number assignment and prevent filesystems on
 still functioning disks from mounting.  Hard wiring allows static
 allocation of unit numbers (and hence device names) to scsi devices
 based on SCSI ID and bus.  SCSI configuration occurs in the kernel
 config file.  Samples of the configuration syntax can be found in the
 scsi(4)>
 man page or the LINT kernel config file.
 
 Owner:                  Peter Dufault (dufault@hda.com)
 Sources involved:       sys/scsi/* usr.sbin/config/*
 
 
 Slice Support
 -------------
 FreeBSD now supports a "slice" abstraction which makes it more
 completely interoperable with other operating system partitions.  This
 support will allow FreeBSD to inhabit DOS extended partitions.
 
 Owner:                  Bruce Evans (bde@FreeBSD.org)
 Sources involved:       sys/disklabel.h sys/diskslice.h sys/dkbad.h
                         kern/subr_diskslice.c kern/subr_dkbad.c
                         i386/isa/diskslice_machdep.c
                         i386/isa/wd.c scsi/sd.c dev/vn/vn.c
 
 
 Support for Ontrack Disk Manager Version 6.0
 --------------------------------------------
 Support has been added for disks which use Ontrack Disk Manager.  The
 fdisk program does NOT know about it however, so make all changes
 using the install program on the boot.flp or the Ontrack Disk Manager
 tool under DOS.
 
 Owner:                  Poul-Henning Kamp (phk@FreeBSD.org)
 
 
 Bad144 is back and working
 --------------------------
 Bad144 works again, though the semantics are slightly different than
 before in that the bad-spots are kept relative to the slice rather
 than absolute on the disk.
 
 Owner:                  Bruce Evans (bde@FreeBSD.org)
                         Poul-Henning Kamp (phk@FreeBSD.org)
 
 
 NEW DEVICE SUPPORT:
 
                         SCSI and CDROM Devices
 
 Matsushita/Panasonic (Creative) CD-ROM driver
 ---------------------------------------------
 The Matsushita/Panasonic CR-562 and CR-563 drives are now supported
 when connected to a Sound Blaster or 100% compatible host adapter.  Up
 to four host adapters are supported for a total of 16 CD-ROM drives.
 The audio functions are supported, along with access to the raw (2352 byte) 
 data frames of any compact disc.  Audio discs may be played using Karoke
 variable speed functions.
 
 Owner:                  Frank Durda IV   bsdmail@nemesis.lonestar.org
 Sources involved:       isa/matcd
 
 
 Adaptec 2742/2842/2940 SCSI driver
 ----------------------------------
 The original 274x/284x driver has evolved considerably since the 2.0
 release.  We now offer full support for the 2940 series as well as the
 Wide models of these cards.  The arbitration bug (as well as many
 others) that caused the driver problems with fast devices has been
 corrected and there is even experimental tagged queuing support
 (kernel option "AHC_TAGENABLE").  John Aycock has also released the
 sequencer code under a "Berkeley style" copyright making the driver
 entirely clean of the GPL.
 
 Owner:                  Justin Gibbs (gibbs@FreeBSD.org)
 Sources involved:       isa/aic7770.c pci/aic7870.c i386/scsi/*
                         sys/dev/aic7xxx/*
 
 
 NCR5380/NCR53400 SCSI ("ProAudio Spectrum") driver
 --------------------------------------------------
 Owner:                  core
 Submitted by:           Serge Vakulenko (vak@cronyx.ru)
 Sources involved:       isa/ncr5380.c
 
 
 Sony CDROM driver
 -----------------
 Owner:                  core
 Submitted by:           Mikael Hybsch (micke@dynas.se)
 Sources involved:       isa/scd.c
 
 
                         Serial Devices
 
 SDL Communications Riscom/8 Serial Board Driver
 -----------------------------------------------
 Owner:                  Andrey Chernov (ache@FreeBSD.org)
 Sources involved:       isa/rc.c isa/rcreg.h
 
 
 Cyclades Cyclom-y Serial Board Driver
 -------------------------------------
 Owner:                  Bruce Evans (bde@FreeBSD.org)
 Submitted by:           Andrew Werple (andrew@werple.apana.org.au) and
                         Heikki Suonsivu (hsu@cs.hut.fi)
 Obtained from:          NetBSD
 Sources involved:       isa/cy.c
 
 
 Cronyx/Sigma sync/async serial driver
 -------------------------------------
 Owner:                  core
 Submitted by:           Serge Vakulenko
 Sources involved:       isa/cronyx.c            
 
 
 
                         Networking
 
 Diskless booting
 ----------------
 Diskless booting in 2.0.5 is much improved.  The boot-program is in
 src/sys/i386/boot/netboot, and can be run from an MSDOS system or
 burned into an EPROM.  Local swapping is also possible.  WD, SMC, 3COM
 and Novell ethernet cards are currently supported.
 
 
 DEC DC21140 Fast Ethernet driver
 --------------------------------
 This driver supports any of the numerous NICs using the DC21140 chipset 
 including the 100Mb DEC DE-500-XA and SMC 9332.
 
 Owner:                  core
 Submitted by:           Matt Thomas (thomas@lkg.dec.com)
 Sources involved:       pci/if_de.c pci/dc21040.h
 
 
 DEC FDDI (DEFPA/DEFEA) driver
 -----------------------------
 Owner:                  core
 Submitted by:           Matt Thomas (thomas@lkg.dec.com)
 Sources involved:       pci/if_pdq.c pci/pdq.c pci/pdq_os.h pci/pdqreg.h
 
 
 3Com 3c505 (Etherlink/+) NIC driver
 -----------------------------------
 Owner:                  core
 Submitted by:           Dean Huxley (dean@fsa.ca)
 Obtained from:          NetBSD
 Sources involved:       isa/if_eg.c
 
 
 Fujitsu MB86960A family of NICs driver
 -------------------------------------
 Owner:                  core
 Submitted by:           M.S. (seki@sysrap.cs.fujitsu.co.jp)
 Sources involved:       isa/if_fe.c
 
 
 Intel EtherExpress driver
 -------------------------
 Owner:                  Rodney W. Grimes (rgrimes@FreeBSD.org)
 Sources involved:       isa/if_ix.c isa/if_ixreg.h
 
 
 3Com 3c589 driver
 -----------------
 Owner:                  core
 Submitted by:           "HOSOKAWA Tatsumi" (hosokawa@mt.cs.keio.ac.jp),
                         Seiji Murata (seiji@mt.cs.keio.ac.jp) and
                         Noriyuki Takahashi (hor@aecl.ntt.jp)
 Sources involved:       isa/if_zp.c
 
 
 IBM Credit Card Adapter driver
 ------------------------------
 Owner:                  core
 Submitted by:           "HOSOKAWA Tatsumi" (hosokawa@mt.cs.keio.ac.jp),
 Sources involved:       isa/pcic.c isa/pcic.h
 
 
 EDSS1 and 1TR6 ISDN interface driver
 ------------------------------------
 Owner:                  core
 Submitted by:           Dietmar Friede (dfriede@drnhh.neuhaus.de) and
                         Juergen Krause (jkr@saarlink.de)
 Sources involved:       gnu/isdn/*
 
 
                         Miscellaneous Drivers
 
 Joystick driver
 ---------------
 Owner:                  Jean-Marc Zucconi (jmz@FreeBSD.org)
 Sources involved:       isa/joy.c
 
 
 National Instruments "LabPC" driver
 -----------------------------------
 Owner:                  Peter Dufault (dufault@hda.com)
 Sources involved:       isa/labpc.c
 
 
 WD7000 driver
 -------------
 Owner:                  Olof Johansson (offe@ludd.luth.se)
 
 
 Pcvt Console driver
 -------------------
 Owner:                  Joerg Wunsch (joerg@FreeBSD.org)
 Submitted by:           Hellmuth Michaelis (hm@altona.hamburg.com)
 Sources involved:       isa/pcvt/* usr.sbin/pcvt/*
 
 
 BSD-audio emulator for VAT driver
 ---------------------------------
 Owner:                  Amancio Hasty (ahasty@FreeBSD.org) and
                         Paul Traina (pst@FreeBSD.org)
 Sources involved:       isa/sound/vat_audio.c isa/sound/vat_audioio.h
 
 
 National Instruments AT-GPIB and AT-GPIB/TNT GPIB driver
 --------------------------------------------------------
 Owner:                  core
 Submitted by:           Fred Cawthorne (fcawth@delphi.umd.edu)
 Sources involved:       isa/gpib.c isa/gpib.h isa/gpibreg.h
 
 
 Genius GS-4500 hand scanner driver
 ----------------------------------
 Owner:                  core
 Submitted by:           Gunther Schadow (gusw@fub46.zedat.fu-berlin.de)
 Sources involved:       isa/gsc.c isa/gscreg.h
 
 
 CORTEX-I Frame Grabber
 ----------------------
 Owner:                  core
 Submitted by:           Paul S. LaFollette, Jr.
 Sources involved:       isa/ctx.c isa/ctxreg.h
 
 
 Video Spigot video capture card
 -------------------------------
 Owner:                  Jim Lowe
 
 
 
 1.2 Experimental features
 -------------------------
 
-The unionfs and LFS file systems are known to be severely broken in
+The unionfs and LFS filesystems are known to be severely broken in
 2.0.5.  This is in part due to old bugs that we haven't had time to
-resolve yet and the need to update these file systems to deal with the
+resolve yet and the need to update these filesystems to deal with the
 new VM system.  We hope to address these issues in a later release of
 FreeBSD.
 
 FreeBSD now supports running iBCS2 compatible binaries (currently SCO
 UNIX 3.2.2 & 3.2.4 and ISC 2.2 COFF format are supported).  The iBCS2
 emulator is in its early stages, but it is functional, we haven't been
 able to do exhaustive testing (lack of commercial apps), but almost
 all of SCO's 3.2.2 binaries are working, so is an old INFORMIX-2.10
 for SCO. Further testing is necessary to complete this project. There
 is also work under way for ELF & XOUT loaders, and most of the svr4
 syscall wrappers have been written.
 
 FreeBSD also implements enough of its Linux compatibility that we
 can now run Linux DOOM!  See the ``xperimnt'' directory (on your local
 FTP server or CDROM) for full docs on how to set this up.
 
 Owner:                  Soren Schmidt (sos) & Sean Eric Fagan (sef)
 Sources involved:       sys/i386/ibcs2/* + misc kernel changes.
 
 
 2. Supported Configurations
 ---------------------------
 
 FreeBSD currently runs on a wide variety of ISA, VLB, EISA and PCI bus
 based PC's, ranging from 386sx to Pentium class machines (though the
 386sx is not recommended).  Support for generic IDE or ESDI drive
 configurations, various SCSI controller, network and serial cards is
 also provided.
 
 Following is a list of all disk controllers and ethernet cards currently
 known to work with FreeBSD.  Other configurations may very well work, and
 we have simply not received any indication of this.
 
 
 2.1. Disk Controllers
 ---------------------
 
 WD1003 (any generic MFM/RLL)
 WD1007 (any generic IDE/ESDI)
 WD7000
 IDE
 ATA
 
 Adaptec 152x series ISA SCSI controllers
 Adaptec 154x series ISA SCSI controllers
 Adaptec 174x series EISA SCSI controller in standard and enhanced mode.
 Adaptec 274X/284X/2940 (Narrow/Wide/Twin) series ISA/EISA/PCI SCSI controllers
 Adaptec AIC-6260 and AIC-6360 based boards, which includes
 the AHA-152x and SoundBlaster SCSI cards.
 
 ** Note: You cannot boot from the SoundBlaster cards as they have no
    on-board BIOS, which is necessary for mapping the boot device into the
    system BIOS I/O vectors.  They're perfectly usable for external tapes,
    CDROMs, etc, however.  The same goes for any other AIC-6x60 based card
    without a boot ROM.  Some systems DO have a boot ROM, which is generally
    indicated by some sort of message when the system is first powered up
    or reset.  Check your system/board documentation for more details.
 
 [Note that Buslogic was formerly known as "Bustec"]
 Buslogic 545S & 545c
 Buslogic 445S/445c VLB SCSI controller
 Buslogic 742A, 747S, 747c EISA SCSI controller.
 Buslogic 946c PCI SCSI controller
 Buslogic 956c PCI SCSI controller
 
 NCR 53C810 and 53C825 PCI SCSI controller.
 NCR5380/NCR53400 ("ProAudio Spectrum") SCSI controller. 
 
 DTC 3290 EISA SCSI controller in 1542 emulation mode.
 
 UltraStor 14F, 24F and 34F SCSI controllers.
 
 Seagate ST01/02 SCSI controllers.
 
 Future Domain 8xx/950 series SCSI controllers.
 
 With all supported SCSI controllers, full support is provided for
 SCSI-I & SCSI-II peripherals, including Disks, tape drives (including
 DAT) and CD ROM drives.
 
 The following CD-ROM type systems are supported at this time:
 (cd)    SCSI (also includes ProAudio Spectrum and SoundBlaster SCSI)
 (mcd)   Mitsumi proprietary interface 
 (matcd) Matsushita/Panasonic (Creative) proprietary interface
 (scd)   Sony proprietary interface
 
 Note: CD-Drives with IDE interfaces are not supported at this time.
 
 Some controllers have limitations with the way they deal with >16MB of
 memory, due to the fact that the ISA bus only has a DMA address space
 of 24 bits.  If you do your arithmetic, you'll see that this makes it
 impossible to do direct DMA to any address >16MB.  This limitation is
 even true of some EISA controllers (which are normally 32 bit) when
 they're configured to emulate an ISA card, which they then do in *all*
 respects.  This problem is avoided entirely by IDE controllers (which
 do not use DMA), true EISA controllers (like the UltraStor, Adaptec
 1742A or Adaptec 2742) and most VLB (local bus) controllers.  In the
 cases where it's necessary, the system will use "bounce buffers" to
 talk to the controller so that you can still use more than 16Mb of
 memory without difficulty.
 
 
 2.2. Ethernet cards
 -------------------
 
 SMC Elite 16 WD8013 ethernet interface, and most other WD8003E,
 WD8003EBT, WD8003W, WD8013W, WD8003S, WD8003SBT and WD8013EBT
 based clones.  SMC Elite Ultra is also supported.
 
 DEC EtherWORKS III NICs (DE203, DE204, and DE205)
 DEC EtherWORKS II NICs (DE200, DE201, DE202, and DE422)
 DEC DC21140 based NICs (SMC???? DE???)
 DEC FDDI (DEFPA/DEFEA) NICs
 
 Fujitsu MB86960A family of NICs
 
 Intel EtherExpress
 
 Isolan AT 4141-0 (16 bit)
 Isolink 4110     (8 bit)
 
 Novell NE1000, NE2000, and NE2100 ethernet interface.
 
 3Com 3C501 cards
 
 3Com 3C503 Etherlink II
 
 3Com 3c505 Etherlink/+
 
 3Com 3C507 Etherlink 16/TP
 
 3Com 3C509, 3C579, 3C589 (PCMCIA) Etherlink III
 
 Toshiba ethernet cards
 
 PCMCIA ethernet cards from IBM and National Semiconductor are also
 supported.
 
 
 2.3. Misc
 ---------
 
 AST 4 port serial card using shared IRQ.
 
 ARNET 8 port serial card using shared IRQ.
 
 BOCA ATIO66 6 port serial card using shared IRQ.
 
 Cyclades Cyclom-y Serial Board.
 
 STB 4 port card using shared IRQ.
 
 Mitsumi (all models) CDROM interface and drive.
 
 SDL Communications Riscom/8 Serial Board.
 
 SoundBlaster SCSI and ProAudio Spectrum SCSI CDROM interface and drive.
 
 Matsushita/Panasonic (Creative SoundBlaster) CDROM interface and drive.
 
 Adlib, SoundBlaster, SoundBlaster Pro, ProAudioSpectrum, Gravis UltraSound
 and Roland MPU-401 sound cards.
 
 FreeBSD currently does NOT support IBM's microchannel (MCA) bus, but
 support is apparently close to materializing.  Details will be posted
 as the situation develops.
 
 
 3. Obtaining FreeBSD
 --------------------
 
 You may obtain FreeBSD in a variety of ways:
 
 1. FTP/Mail
 
 You can ftp FreeBSD and any or all of its optional packages from
 `ftp.FreeBSD.org' - the official FreeBSD release site.
 
 For other locations that mirror the FreeBSD software see the file
 MIRROR.SITES.  Please ftp the distribution from the nearest site
 to you netwise.
 
 If you do not have access to the internet and electronic mail is your
 only recourse, then you may still fetch the files by sending mail to
 `ftpmail@decwrl.dec.com' - putting the keyword "help" in your message
 to get more information on how to fetch files from ftp.FreeBSD.org.
 Note: This approach will end up sending many *tens of megabytes*
 through the mail, and should only be employed as an absolute LAST
 resort!
 
 
 2. CDROM
 
 FreeBSD 2.0.5 may be ordered on CDROM from:
 
         Walnut Creek CDROM
         4041 Pike Lane, Suite D
         Concord CA  94520
         1-800-786-9907, +1-510-674-0783, +1-510-674-0821 (fax)
 
 Or via the internet from orders@cdrom.com or http://www.cdrom.com.
 Their current catalog can be obtained via ftp as:
         ftp://ftp.cdrom.com/cdrom/catalog.
 
 Cost per CD is $39.95, or $24.95 with a FreeBSD subscription.  With
 a subscription, you will automatically receive updates as they
 are released.  Your credit card will be billed when each disk is shipped
 and you may cancel your subscription at any time without further obligation.
 
 Walnut Creek CDROM also sells a full line of FreeBSD related merchandise such
 as T-shirts ($14.95, available in "child", Large and XL sizes), coffee mugs
 ($9.95), tattoos ($0.25 each) and posters ($3.00).
 
 Shipping (per order not per disc) is $5 in the US, Canada or
 Mexico and $9.00 overseas.  They accept Visa, Mastercard, Discover,
 American Express or checks in U.S. Dollars and ship COD within the
 United States.  California residents please add 8.25% sales tax.
 
 Should you be dissatisfied for any reason, the CD comes with an
 unconditional return policy.
 
 
 Reporting problems, making suggestions, submitting code
 -------------------------------------------------------
 
 Your suggestions, bug reports and contributions of code are always
 valued - please do not hesitate to report any problems you may find
 (preferably with a fix attached if you can!).
 
 The preferred method to submit bug reports from a machine with
 internet mail connectivity is to use the send-pr command.  Bug reports
 will be dutifully filed by our faithful bugfiler program and you can
 be sure that we'll do our best to respond to all reported bugs as soon
 as possible.
 
 If, for some reason, you are unable to use the send-pr command to
 submit a bug report, you can try to send it to:
 
                 bugs@FreeBSD.org
 
 
 Otherwise, for any questions or suggestions, please send mail to:
 
                 questions@FreeBSD.org
 
 Additionally, being a volunteer effort, we are always happy to have
 extra hands willing to help - there are already far more enhancements
 to be done than we can ever manage to do by ourselves!  To contact us
 on technical matters, or with offers of help, you may send mail to:
 
                 hackers@FreeBSD.org
 
 Since these mailing lists can experience significant amounts of
 traffic, if you have slow or expensive mail access and you are
 only interested in keeping up with significant FreeBSD events, you may
 find it preferable to subscribe to:
 
                 announce@FreeBSD.org
 
 
 All but the freebsd-bugs groups can be freely joined by anyone wishing
 to do so.  Send mail to MajorDomo@FreeBSD.org and include the keyword
 `help' on a line by itself somewhere in the body of the message.  This
 will give you more information on joining the various lists, accessing
 archives, etc.  There are a number of mailing lists targeted at
 special interest groups not mentioned here, so send mail to majordomo
 and ask about them!
 
 
 6. Acknowledgements
 -------------------
 
 FreeBSD represents the cumulative work of many dozens, if not
 hundreds, of individuals from around the world who have worked very
 hard to bring you this release.  It would be very difficult, if not
 impossible, to enumerate everyone who's contributed to FreeBSD, but
 nonetheless we shall try (in alphabetical order, of course). If your
 name is not mentioned, please be assured that its omission is entirely
 accidental.
 
 
 The Computer Systems Research Group (CSRG), U.C. Berkeley.
 
 Bill Jolitz, for his initial work with 386BSD.
 
 The FreeBSD Core Team
 (in alphabetical order by first name):
 
         Andreas Schulz <ats@FreeBSD.org>
         Andrey A. Chernov <ache@FreeBSD.org>
         Bruce Evans <bde@FreeBSD.org>
         David Greenman <davidg@FreeBSD.org>
         Garrett A. Wollman <wollman@FreeBSD.org>
         Gary Palmer <gpalmer@FreeBSD.org>
         Geoff Rehmet <csgr@FreeBSD.org>
         Jack Vogel <jackv@FreeBSD.org>
         John Dyson <dyson@FreeBSD.org>
         Jordan K. Hubbard <jkh@FreeBSD.org>
         Justin Gibbs <gibbs@FreeBSD.org>
         Paul Richards <paul@FreeBSD.org>
         Poul-Henning Kamp <phk@FreeBSD.org>
         Rich Murphey <rich@FreeBSD.org>
         Rodney W. Grimes <rgrimes@FreeBSD.org>
         Satoshi Asami <asami@FreeBSD.org>
         Søren Schmidt <sos@FreeBSD.org>
 
 Special mention to:
 
         Walnut Creek CDROM, without whose help (and continuing support)
         this release would never have been possible.
 
         Dermot McDonnell for his donation of a Toshiba XM3401B CDROM
         drive.
 
         Additional FreeBSD helpers and beta testers:
 
         J.T. Conklin                            Julian Elischer
         Frank Durda IV                          Peter Dufault
         Sean Eric Fagan                         Jeffrey Hsu
         Terry Lambert                           L Jonas Olsson
         Chris Provenzano                        Dave Rivers
         Guido van Rooij                         Steven Wallace
         Atsushi Murai                           Scott Mace
         Nate Williams
 
         And everyone at Montana State University for their initial support.
 
 
 Jordan would also like to give special thanks to Poul-Henning Kamp and
 Gary Palmer, both of whom put in long hours helping him to construct
 the new installation utility.  Poul, being a proud new father, was
 especially pressed for time and yet somehow managed to put in
 a significant amount of effort anyway.  This release could not have
 happened without him!  Thank you both!
 
 Thanks also to everyone else who helped, especially those not
 mentioned, and we sincerely hope you enjoy this release of FreeBSD!
 
 
                         The FreeBSD Core Team
 
 Id: RELNOTES.FreeBSD,v 1.7 1995/05/28 19:49:57 jkh Exp

Release Home &footer; diff --git a/en/releases/2.0/install.sgml b/en/releases/2.0/install.sgml index dfe3be99b0..1fdbc3ce1a 100644 --- a/en/releases/2.0/install.sgml +++ b/en/releases/2.0/install.sgml @@ -1,494 +1,494 @@ - + %includes; ]> &header; 
 Welcome to FreeBSD 2.0, the complete 4.4 BSD Lite based OS for Intel (or
 compatible) based PCs.
 
 There are several documents on the floppy and a couple of on-line help
 screens that will greatly assist you in installing your system as you go
 along.  Nonetheless, initial user testing has shown that some of the
 terminology used may be difficult for newcomers to UN*X to understand, so
 we've prepared this step-by-step guide explaining a typical installation.
 You may find it useful to print this out and keep it handy as you go
 through the installation, or at least read through it once carefully so
 that some of the prompts and questions you encounter do not come as
 complete surprises.
 
 Before you do anything, make two 1.44MB floppies from the two image files
 you'll find in the floppies/ directory - boot.flp and cpio.flp.  If you're
 reading this under DOS, you can do it in 1 easy step, or 3 in case this
 doesn't (for some weird reason) work:
 
 1. If you're reading this file after typing "go", simply ESC back out for
    a moment and select the "makeflp" batch file to make the two floppies.
    This will invoke the DOS formatter to format the floppies and then
    attempt to write the two disk images onto them.  If this doesn't work,
    follow steps 2 through 4:
 
 2. Use the DOS format command to format 2 NEW floppies.  A lot of problems
    have been caused by people using old and defective floppies, and much
    grief can often be saved by simply using new, or at least trusted,
    media.
 
 3. Insert the first floppy and type:
 
 		tools\dos-tool\rawrite floppies\boot.flp a:
 
 4. Insert the second floppy and type
 
 		tools\dos-tool\rawrite floppies\cpio.flp a:
 
 You're now prepared to boot from the boot floppy and begin the installation.
 
 
 The installation starts with the following screen:
 
   +-------------------------- Welcome to FreeBSD! ---------------------------+
   | Use ALT-F2 and ALT-F1 to toggle between debugging                        |
   | information screen (ALT-F2) or this dialog screen (ALT-F1)               |
   |                                                                          |
   | Please select one of the following options:                              |
   | +----------------------------------------------------------------------+ |
   | | 1. README               READ THIS FIRST.                             | |
   | | 2. Release Notes        Read the 2.0 Release Notes (recommended).    | |
   | | 3. Troubleshooting      Read this in case of trouble.                | |
   | | 4. Partitions and MBRs  Verbose description of how these work.       | |
   | | 5. COPYRIGHT            Read FreeBSD Copyright Information.          | |
   | | 6. Install              Proceed with full installation.              | |
   | | 7. Fixit                Repair existing installation (`fixit' mode). | |
   | | 8. Quit                 Don't do anything, just reboot.              | |
   | +----------------------------------------------------------------------+ |
   +--------------------------------------------------------------------------+
   |                          <  OK  >      <Cancel>                          |
   +--------------------------------------------------------------------------+
 
 
 You can move the arrow keys up and down to highlight the various options,
 selecting an option by hitting return when its line is highlighted.  You
 can also type the number of the option you want (1 - 7) and hit return.
 It's recommended that you read the README at a minimum, though the Release
 Notes are also helpful.  This may seem a like a lot to read, but if you are
 new to FreeBSD then these notes are invaluable for explaining the system
 and are highly recommended.
 
 When you're done reading docs, select Install (5) to proceed to the next
 screen.
 
 This next screen is the disk editor screen, which looks like this:
 
 ------------------------------------------------------------------------------
 FreeBSD 2.0-RELEASE Installation -- Diskspace editor
 
 Disks         Total   FreeBSD                    |You should now assign some
                                                  |space to root, swap, and
  0: sd0     2006 MB      0 MB                    |(optionally) /usr partitions
  1: sd1      496 MB      0 MB                    |Root (/) should be a minimum
                                                  |of 18MB with a 30MB /usr
 Filesystems  Type        Size  Action Mountpoint |or 50MB without a /usr.
                                                  |Swap space should be a
                                                  |minimum of 12MB or RAM * 2
                                                  |Be sure to also (A)ssign a
                                                  |mount point to each one or
                                                  |it will NOT be enabled.
                                                  |
                                                  |We suggest that you invoke
                                                  |(F)disk, (W)rite the bootcode
                                                  |then (D)isklabel your disk.
                                                  |If installing on a drive
                                                  |other than 0, also read the
                                                  |TROUBLESHOOTING doc first
 Commands available:
 (H)elp  (T)utorial  (F)disk  (D)isklabel  (P)roceed  (Q)uit
 
 Enter Command>
 
 ------------------------------------------------------------------------------
 
 As we can see, this system has two drives, sd0 and sd1.  On an IDE system,
 these would show up as "wd0" and "wd1" (or, on a single drive system, just
 sd0 or wd0).  We can see that neither of them has any space assigned to
 FreeBSD (they each show 0MB under the FreeBSD column), so we follow the
 instructions on the right hand side of the screen and invoke the (F)disk
 editor by typing `f':
 
 Enter Command> F
 
 We're now prompted with the drive number to (F)disk, so we enter 0 for
 the first drive:
 
 Enter number of disk to Fdisk> 0
 
 This now brings us to the FDISK editor screen, which looks like this:
 
 ------------------------------------------------------------------------------
 FreeBSD 2.0-RELEASE Installation -- Diskspace editor -- FDISK
 
 Disk: sd0   Geometry:  2006 Cyl * 32 Hd * 64 Sect = 2006Mb = 4108600 Sect
 
 1 Boot?=No    Type=Primary 'big' DOS (> 32MB)
   Phys=(c0/h1/s1..c299/h63/s32)   Sector=(32..614399)
   Size=300 MB, 299 Cylinders + 31 Tracks + 32 Sectors
 
 2 Unused
 
 
 3 Unused
 
 
 4 Unused
 
 
 Commands available:
 (H)elp   (T)utorial   (D)elete   (E)dit   (R)eread   (W)rite MBR   (Q)uit
 (U)se entire disk for FreeBSD   (G)eometry   Write MBR (B)ootcode
 Enter Command>
 
 ------------------------------------------------------------------------------
 
 We see that drive 0 has a DOS partition (also called a "slice" in FreeBSD
 parlance, to distinguish it from a FreeBSD partition) on it which is 300MB
 in size (don't worry if the numbers you see are much smaller than these - I
 have a pretty large 2.1GB disk! :-).  Let's also say we want to allocate
 the rest to FreeBSD, so to do this we want to (E)dit one of the existing
 slices.  We can see that 2, 3, and 4 are unused so let's pick the first
 unused one, which is 2 (if we wanted to replace an existing operating
 system slice with FreeBSD, we'd pick its number instead).  We first type
 `E' to edit a slice entry:
 
 Enter Command> E
 
 And we're prompted for a slice to edit.  We type 2:
 
 Edit which Slice> 2
 
 Now we're prompted for the size of the new slice, the default for which is
 all remaining space on the disk.  Let's say that we don't want to allocate
 ALL the space on the disk, but want to reserve 400MB for some other future
 OS.  The total amount of free space left is 1706MB, which is the default
 value selected for us, so we backspace over it and enter 1306:
 
 Size of slice in MB> 1306
 
 Now we're asked for the type of the slice.  The type is what tells the PC
 what sort of slice this is.  DOS primary slices are, for example, type 6.
 FreeBSD slices are type 0xa5 (hexadecimal).  If we wanted to reserve space
 at this time for some other type of OS like Linux or OS/2, and we knew
 their slice type (0x82 for Linux and 0x0A for OS/2, just in case you're
 interested), we could also do that from this editor, but we're only
 interested in FreeBSD for now so we accept the default.
 
 Type of slice (0xa5=FreeBSD)> 0xa5
 
 The next prompt asks if we want to make this slice bootable by
 default, which we do so we accept the default:
 
 Bootflag (0x80 for YES)> 0x80
 
 At this point we come back to the main screen, which now shows a new entry
 for slice 2:
 
 ------------------------------------------------------------------------------
 FreeBSD 2.0-RELEASE Installation -- Diskspace editor -- FDISK
 
 Disk: sd0   Geometry:  2006 Cyl * 32 Hd * 64 Sect = 2006Mb = 4108600 Sect
 
 1 Boot?=No    Type=Primary 'big' DOS (> 32MB)
   Phys=(c0/h1/s1..c299/h63/s32)   Sector=(32..614399)
   Size=300 MB, 299 Cylinders + 31 Tracks + 32 Sectors
 
 2 Boot?=Yes   Type=FreeBSD/NetBSD/386BSD
   Phys=(c300/h0/s1..c1023/h31/s0)   Sector=(614400..3289087)
   Size=1306 MB, 1306 Cylinders
 
 3 Unused
 
 
 
 4 Unused
 
 
 
 Commands available:
 (H)elp   (T)utorial   (D)elete   (E)dit   (R)eread   (W)rite MBR   (Q)uit
 (U)se entire disk for FreeBSD   (G)eometry   Write MBR (B)ootcode
 Enter Command>
 
 ------------------------------------------------------------------------------
 
 At this point we're happy with the slices on the first drive, so we type
 `w' to write the new information out.  It also prompts to make *sure* we
 really want to do this, so we backspace over the default of `N' and type
 `y'<return>.  And this point, we also can decide whether or not we want a
 "boot manager" installed.  A boot manager is a little utility that prompts
 you for the operating system you want to boot every time you reset or power
 on your PC, and can be a very handy way of sharing your computer between
 FreeBSD and some other OS, like Linux or DOS.  We decide that we want to
 have this feature, so we `b' to write the special MBR (B)ootcode out to the
 disk.  This does not harm any of the other operating systems on the disk,
 as it's written to a special area.  Now we exit this screen by typing `q',
 for (Q)uit.
 
 This brings us back to the main prompt.  If we wanted to allocate any
 additional slices on other drives, we also could re-invoke the (F)disk
 editor by typing `f' again and giving a different drive number at the
 prompt, but we'll assume for now that we've only got one disk and want to
 go on.  Typing `d' now enters the (D)isklabel screen, which prompts us for
 the drive to write a disklabel onto, like the FDISK editor.  We type `0'
 for the first drive and hit return.  This brings us to the DISKLABEL editor
 screen, which looks like this:
 
 ------------------------------------------------------------------------------
 FreeBSD 2.0-RELEASE Installation -- Diskspace editor -- DISKLABEL
 
 Part  Start       End    Blocks     MB  Type    Action  Mountpoint
 a         0         0         0      0  unused
 b         0         0         0      0  unused
 c   1433600   4108287   2674688   1306  unused          <Entire FreeBSD slice>
 d         0   4108599   4108600   2006  unused          <Entire Disk>
 e         0         0         0      0  unused
 f         0         0         0      0  unused
 g         0         0         0      0  unused
 h        32    614399    614368    300  MSDOS
 
 
 
 
 
 
 Total size:       2674688 blocks   1306Mb
 Space allocated:        0 blocks      0Mb
 
 Commands available:
 (H)elp  (T)utorial  (E)dit  (A)ssign  (D)elete  (R)eread  (W)rite  (Q)uit
 (P)reserve  (S)lice
 Enter Command>
 
 ------------------------------------------------------------------------------
 
 The BSD partitions, a - h, are FreeBSD's way of dividing up a physical
-slice into multiple file systems.  Every FreeBSD system should have, at
-minimum, a root file system and a swap partition allocated.  The root
-file system is called "/", and is generally put on partition `a' by
+slice into multiple filesystems.  Every FreeBSD system should have, at
+minimum, a root filesystem and a swap partition allocated.  The root
+filesystem is called "/", and is generally put on partition `a' by
 convention.  Swap partitions always go on `b', and the `c' and `d'
 partitions are special and point to the entire FreeBSD slice and the entire
 disk, respectively.  `c' and `d' cannot and should not be allocated to
-actual file systems.
+actual filesystems.
 
 We also see that partition h points conveniently to the DOS slice,
-which we can also assign to a location in our file system hierarchy
+which we can also assign to a location in our filesystem hierarchy
 to conveniently share files between FreeBSD and DOS.  More on this in 
 a moment.
 
-A typical file system layout might look like this:
+A typical filesystem layout might look like this:
 
 /	20MB
 swap	32MB
 /usr	120MB
 
-/, or the root file system, contains system files and some temporary space.
+/, or the root filesystem, contains system files and some temporary space.
 It should be at least 18MB in size, though a little extra doesn't hurt.
 Swap space is one of those "it never hurts to have too much" sorts of
 items, though if your system isn't too heavily used then it's probably not
 that important to have lots and lots of it.  A good rule of thumb for swap
 is that you want a minimum of 12MB of it, and the overall calculation
 should be the amount of memory you have multiplied by two.  That is to
 say that if you have 16MB of memory, then 32MB of swap is good.
 
 If you've got several drives, you can also allocate some swap on each one
 and spread the load out a little.  On my personal system, I've got 32MB of
 main memory and 64MB of swap on both drives for a total of 128MB of swap.
 This gives me 4X memory for total program swapping, which gives me the
 ability to run some pretty big programs!  Emacs and the X Window System, in
 particular, can be real swap hogs.
 
 In any case, we'll assume for the moment that we're still configuring the
 ideal system and we'll allocate 64MB of swap space, using the MEM * 2
 equation.  If you only had 8MB of memory, you'd allocate 16MB of swap
 instead.
 
-The second file system of importance is /usr, which contains further system
+The second filesystem of importance is /usr, which contains further system
 binaries and all of the bundled user binaries.  /usr should be at least
 80MB in size to hold all of the important binaries, though if you plan on
 having a big /usr/local or on loading the X Window System (also known as
 XFree86 3.1) distribution then you should either create separate
-file systems for them, or you should make /usr a lot bigger.
+filesystems for them, or you should make /usr a lot bigger.
 
 It's also possible to skip making /usr altogether and simply make a large
-root (/) file system.  Since /usr fits "underneath" /, a missing /usr won't
+root (/) filesystem.  Since /usr fits "underneath" /, a missing /usr won't
 cause any problems if / is large enough to hold the contents for both.  In
 any case, it's a user decision and tends to be driven by convention more
 than anything else.  For the purposes of this installation guide, we'll
 assume a 200MB /usr, 100MB of space allocated for local binaries, which
 we'll mount on /usr/local, and the rest for user home directories, which
 we'll mount on /usr/users.  Don't be put off by the size of these numbers!
 You can make a system fit into less space, but since we're dividing up the
 ideal 2GB dream disk, we might as well do it right! ;-)
 
 Getting back to the relevant part of the DISKLABEL screen again, we remember
 that it looked like this:
 
 Part  Start       End    Blocks     MB  Type    Action  Mountpoint
 a         0         0         0      0  unused
 b         0         0         0      0  unused
 c   1433600   4108287   2674688   1306  unused          <Entire FreeBSD slice>
 d         0   4108599   4108600   2006  unused          <Entire Disk>
 e         0         0         0      0  unused
 f         0         0         0      0  unused
 g         0         0         0      0  unused
 h        32    614399    614368    300  MSDOS
 
 So we'll first allocate some space on partition `a' for that root partition
 by typing `e', for (E)dit partition.  This asks us which partition we want
 to change the size of, so we type `a':
 
 Change size of which partition> a
 
 And it prompts us for the amount of space, so we'll pick 20MB for a nice
-comfortable root file system:
+comfortable root filesystem:
 
 Size of partition in MB> 20
 
 Now we see the display change to:
 
 Part  Start       End    Blocks     MB  Type    Action  Mountpoint
 a   1433600   1474559     40960     20  4.2BSD
 ...
 
 The system shows us where the partition starts and stops and indicates that
-it's a 4.2BSD file system, which is correct (it's really a 4.4 BSD file
+it's a 4.2BSD filesystem, which is correct (it's really a 4.4 BSD file
 system, in actuality, but the two are similar enough to share the same
 label).
 
 We do the same for swap by typing `e' again and modify the `b' partition
 by filling in 64 for the size, to allocate 64MB of swap.
 
 Finally, remembering that `c' and `d' are special, and not for our use, we
 change the size of `e' to 200 for our future /usr, `f' to 100 for our
 /usr/local, and `g' to the rest of the disk for /usr/users.  When we're
 done, the top of the disklabel screen should look like this:
 
 Part  Start       End    Blocks     MB  Type    Action  Mountpoint
 a   1433600   1474559     40960     20  4.2BSD
 b   1474560   1605631    131072     64  swap
 c   1433600   4108287   2674688   1306  unused          <Entire FreeBSD slice>
 d         0   4108599   4108600   2006  unused          <Entire Disk>
 e   1605632   2015231    409600    200  4.2BSD
 f   2015232   2220031    204800    100  4.2BSD
 g   2220032   4108287   1888256    922  4.2BSD
 h        32    614399    614368    300  MSDOS
 
 We left `h' alone, since we actually want to be able to share files with
 our DOS partition.  At this point, we want to type `w' for (W)rite to write
 out the new size information to disk.
 
-You probably also noticed by now that "/", "/usr" and the other file system
+You probably also noticed by now that "/", "/usr" and the other filesystem
 names we've been talking about don't appear anywhere in the above list.
 Where are they?  This brings us to the next stage, which is to (A)ssign the
-new partitions to actual file system mount points.  A file system in
+new partitions to actual filesystem mount points.  A filesystem in
 FreeBSD doesn't actually appear anywhere until we "mount" it someplace, a
 convention from the old days when disks were actually large removable packs
 that a system operator physically mounted on a large washing-machine sized
 disk drive spindle!  As you can see, not much has changed today! :-)
 
 We'll proceed then by starting at the top with the first partition and
-assigning it to the root file system (/) by typing `a', for (A)ssign, and
+assigning it to the root filesystem (/) by typing `a', for (A)ssign, and
 then typing `a' again, for partition a:
 
 Assign which partition> a
 
 When it asks us for the name of the mount point, we type /:
 
 Directory mountpoint> /
 
 And the display adjusts accordingly to show us the new state of affairs:
 
 Part  Start       End    Blocks     MB  Type    Action  Mountpoint
 a   1433600   1474559     40960     20  4.2BSD  newfs   /
 ..
 
 The Action field also now shows "newfs", which means that the partition
-will be created anew.  For root file systems, this is the default and cannot
+will be created anew.  For root filesystems, this is the default and cannot
 be changed, but other partitions can be optionally "Preserved" by typing
 `p' for (P)reserve.  There are very few situations in which we'd want to do
 this, but if, say, we were actually installing a disk from an older FreeBSD
 machine which we wanted to mount into our new system but NOT erase, we
 could do it this way.  For now, let's assume that this is a new
-installation and we want all the file systems to be created from scratch.
-We thus go through and assign the rest of the file systems to their
+installation and we want all the filesystems to be created from scratch.
+We thus go through and assign the rest of the filesystems to their
 respective /usr, /usr/local and /usr/users mountpoints.  We also assign the
 `b' partition, which doesn't take a mountpoint (and won't prompt for one
 when we (A)ssign it), but needs us to tell it that we're ready to use it
 for swap.
 
 When we're done, the top of the screen should look something like this:
 
 Part  Start       End    Blocks     MB  Type    Action  Mountpoint
 a   1433600   1474559     40960     20  4.2BSD  newfs   /
 b   1474560   1605631    131072     64  swap    swap    swap
 c   1433600   4108287   2674688   1306  unused          <Entire FreeBSD slice>
 d         0   4108599   4108600   2006  unused          <Entire Disk>
 e   1605632   2015231    409600    200  4.2BSD  newfs   /usr
 f   2015232   2220031    204800    100  4.2BSD  newfs	/usr/local
 g   2220032   4108287   1888256    922  4.2BSD  newfs	/usr/users
 h        32    614399    614368    300  MSDOS
 
 As a final bonus, we'll assign the DOS partition to be mounted on /dos.  We
 do this with (A)ssign as we did the others, and we also notice that the
 system is smart enough to see that it's not a FreeBSD partition and we
 DON'T want to newfs it, we want to simply mount it:
 
 h        32    614399    614368    300  MSDOS   mount   /dos
 
 At this point, our system is all set up and ready to go!
 
 We type `q' to go back to the main menu and then type `p' to (P)roceed to
 the next phase of installation.
 
 We're now given one last chance to back out of the install, and we hit
 return if we're sure, otherwise we type <Tab> to select "No" and hit return
 to consider our settings again before going on.
 
 The rest of the installation is pretty much self-explanatory.  After the
-file systems are initially created and populated, you'll be prompted to
+filesystems are initially created and populated, you'll be prompted to
 reboot from the hard disk.  Do so and provide the cpio floppy when asked.
 
 When the initial flurry of welcome and informational prompts has died down,
 you'll come to a screen asking you to load one or more distributions.  At
 the minimum, select "bindist" to load the basic system.  If you're loading
 from other than CDROM media, follow the appropriate paths through the
 installation process.
 
 If you're loading from CDROM, select CDROM as the media type and select the
 type of CDROM you've got (SCSI or Mitsumi).  When it asks you for an
 installation subdirectory, simply hit return if you've got the 2.0 CD from
 Walnut Creek CDROM.  You may select additional optional packages to load
 after the bindist extracts, provided that you've got the space for it.  Use
 the "?diskfree" menu option from time to time to keep an eye on your free
 space.  When you're done, you'll be asked a few more basic questions and
 then that's it!  You've got FreeBSD on your hard disk.
 
 If you should need to partition another drive or install other packages
 later, you may re-invoke the sysinstall program by typing /sbin/sysinstall.
 The same familiar prompts will then come up.
 
 Good luck!
 
 					Jordan Hubbard
 					for Walnut Creek CDROM
 					and the FreeBSD Project.

Release Home &footer; diff --git a/en/releases/2.0/notes.sgml b/en/releases/2.0/notes.sgml index 993ea9777b..eac2c159bd 100644 --- a/en/releases/2.0/notes.sgml +++ b/en/releases/2.0/notes.sgml @@ -1,657 +1,657 @@ - + %includes; ]> - + &header; 
 
                                  RELEASE NOTES
                                     FreeBSD
                                   Release 2.0
 
 1. Technical overview
 ---------------------
 
 FreeBSD is a freely available, full source 4.4 BSD Lite based release
 for Intel i386/i486/Pentium (or compatible) based PC's.  It is based
 primarily on software from U.C. Berkeley's CSRG group, with some
 enhancements from NetBSD, 386BSD, and the Free Software Foundation.
 
 Since our first release of FreeBSD 1.0 some 18 months ago, FreeBSD
 has changed almost entirely.  A new port from the Berkeley 4.4 code
 base was done, which brought the legal status of the system out of the
 shadows with the blessing of Novell (new owners of USL and UNIX).  The
 port to 4.4 has also brought in a host of new features, filesystems
 and enhanced driver support.  With our new unencumbered code base, we
 have every reason to hope that we'll be able to release quality
 operating systems without further legal encumbrance for some time to
 come!
 
 FreeBSD 2.0 represents the culmination of almost 2 years of work and
 many thousands of man hours put in by an international development team.
 We hope you enjoy it!
 
 Many packages have also been upgraded or added, such as XFree86 3.1,
 xview 3.2, elm, nntp, mh, InterViews and dozens of other miscellaneous
 utilities have been ported and are now available as add-ons.  See the
 ports collection (or the package collection) for a complete summary.
 
 For a list of contributors, please see the file "CONTRIB.FreeBSD",
 which should be bundled with your bindist distribution.
 
 Also see the new "REGISTER.FreeBSD" file for information on registering
 with the "Free BSD user counter".  We've also provided a list of who's
 responsible for what (so that you may query them directly) in the
 "ROSTER.FreeBSD" file; use of this file is encouraged to ensure faster
 resolution of any problems you may have!
 
 The core of FreeBSD does not contain DES code which would inhibit its
 being exported outside the United States.  There is an add-on package
 to the core distribution, for use only in the United States, that
 contains the programs that normally use DES.  The auxiliary packages
 provided separately can be used by anyone.   A freely (from outside the
 U.S.) exportable European distribution of DES for our non U.S. users also
 exists and is described in the FreeBSD FAQ.
 
 If password security for FreeBSD is all you need, and you have no
 requirement for copying encrypted passwords from different hosts (Suns,
 DEC machines, etc) into FreeBSD password entries, then FreeBSD's MD5
 based security may be all you require!  We feel that our default security
 model is more than a match for DES, and without any messy export issues
 to deal with.  If you're outside (or even inside) the U.S., give it a try!
 
 
 1.1 What's new in 2.0?
 ----------------------
 
 4.4 Lite
 --------
 As previously stated, this release is based entirely on CSRG's
 latest (and last) BSD release - 4.4 Lite.  This features a number
 of improvements over 4.2BSD (Net/2), not least of which are:
 
 o       Legal approval of Novell & U.C. Berkeley.  After the settlement
         of the longstanding lawsuit between USL/UCB/Novell/BSDI, all
         parties were (strongly) encouraged to move to 4.4 Lite in order
         to avoid future legal entanglements.  The fact that we've now done
         so should make this release much more attractive to potential
         commercial users.
 
 o       Many new filesystem types, such as stackable filesystems, union
         filesystems, "portals", kernfs, a simple log-structured filesystem, a
         new version of NFS (NQNFS), etc.  While some of these new filesystems
         are also rather unpolished and will require significant additional
         work to be truly robust, they're a good start.
 
 o       64bit offsets, allowing filesystems of up to 2^63 bytes in size.
 
 o       Further work towards full POSIX compliance.
 
 IP multicast support
 --------------------
 The IP multicast support has been upgraded from the woefully ancient
 1.x code in 4.4-Lite to the most current and up-to-date 3.3 release
 from Steve D. and Ajit.  The non-forwarding code is known to work (for
 some limited test cases).  The multicast forwarder and user-mode
 multicast routing process are known to compile, but have not been
 significantly tested (hopefully this will happen before 2.0 release).
 
 Owner:                  wollman
 Sources involved:       sys/netinet, usr.sbin/mrouted
 
 Loadable Kernel Modules
 -----------------------
 David Greenman incorporated NetBSD's port of Terry Lambert's loadable
 kernel module support.  Garrett Wollman wrote the support for loadable
-file systems, and Søren Schmidt did the same for loadable execution
+filesystems, and Søren Schmidt did the same for loadable execution
 classes.
 
 Owner:                  core
 Sources involved:       sys/kern, sbin/modload, sbin/modunload,
                         usr.bin/modstat
 
 
 Loadable filesystems
 --------------------
 Most filesystems are now dynamically loadable on demand, with the
 exception of the UFS family (FFS, LFS, and MFS).  With the exception
 of NFS, all such filesystems can be unloaded when all references are
 unmounted.  To support this functionality, the 
 
 getvfsbyname(3)
 
 family of functions has been added to the C library and the 
 lsvfs(1)
 
 command provides the same information at the shell level.  Be aware of
 the following current restrictions:
 
         - /usr/bin may not reside on a dynamically loaded filesystem.
         - There must be a writable /tmp directory available
           before filesystems are loaded (moving / to the top of your
           /etc/fstab file will accomplish this).
         - Some of the more esoteric filesystems simply don't work when loaded
           dynamically (though they often don't work "static", either.)
 
 Owner:                  wollman
 Sources involved:       sys/*fs, lkm/*fs, usr.bin/lsvfs, lib/libc/gen
 
 
 S/Key
 -----
 Since version 1.1.5, FreeBSD has supported the S/Key one time password
 scheme.  The version used is derived from the logdaemon package of Wietse
 Venema.
 Some of the features new in 2.0 are:
         - New access control table format to impose the use of S/Keys
           based on: hostname, ip address, port, username, group id.
         - S/Key support can be disabled by not having the access control
           table.
 The second item explains the absence of skey.access in the installed /etc.
 To enable S/Key support, create a file skey.access in /etc and fill it
 according to your needs. See also skey.
 access(5)
 and the example in
 /usr/share/examples/etc/skey.access.
 
 Owner:                  pst, guido
 Sources involved:       lib/libskey, usr.bin/key* (plus patches to others)
 
 
 TCP/IP over parallel (printer) port
 -----------------------------------
 You can now run TCP/IP over a standard LapLink(tm) cable, if both ends
 have an interrupt-driven printerport.  The interface is named "lp0"
 where '0' is the same as the lpt# unit number.  This is not compatible
 with PLIP.  If you run NFS, try setting MTU to 9180, otherwise leave
 it at 1500 unless you have a good reason to change it.  Speed varies
 with the CPU-type, with up to 70 kbyte/sec having been seen and 50
 kbyte/sec being the norm.
 
 Owner:                  phk
 Sources involved:       isa/lpt.c
 
 
 ProAudioSpectrum SCSI driver
 ----------------------------
 If you have a PAS board with a CD-ROM, and the MS-DOS driver is called
 TSLCDR.SYS, then the "pas" driver should work on your card.  You can
 attach disks, CDROMs and tapes, but due to the nature of the hardware
 involved, the transfer rate is limited to < 690 kbyte/sec.  For CD-ROM
 use, this is generally more than enough.
 
 Owner:                  phk
 Sources involved:       isa/pas.c
 
 
 Adaptec 2742/2842 SCSI driver
 -----------------------------
 Despite the non-cooperation of Adaptec in providing technical
 information, we now have a driver for the AHA-274x and AHA-284x
 series SCSI controller family.  This driver uses the GPL'd
 Linux sequencer code, so until we find an alternative, this
 will be part of the kernel that requires source code to be
 distributed with it at all times.  This shouldn't be a problem
 for any of FreeBSD's current users.
 
 Owner:                  gibbs
 Sources involved:       isa/aic7770.c sys/gnu/misc/*
 
 
 Gzip'd binaries
 ----------------
 We have an experimental implementation for direct execution of gzip'ed
 binaries in this release.  When enabled, it allows you to simply gzip
 your binaries, remove the '.gz' extension and make the file
 executable.  There is a big speed and memory consumption penalty for
 doing this, but for laptop users it may be worthwhile.  The maximum
 savings are generally around 10 Mb of disk space.
 
 Owner:                  phk
 Sources involved:       kern/imgact_gzip.c kern/inflate.c
 
 
 Diskless booting
 ----------------
 
 Diskless booting in 2.0 is much improved since 1.1.5.  The
 boot-program is in src/sys/i386/boot/netboot, and can be run from an
 MSDOS system or burned into an EPROM.  Local swapping is also
 possible.  WD, SMC, 3COM and Novell ethernet cards are currently
 supported.
 
 Owner:                  Martin Renters & phk
 Sources involved:       i386/boot/netboot, sys/nfs/nfs_vfsops.h
 
 
 Device configuration database
 -----------------------------
 The kernel now keeps better track of which device drivers are active and
 where the devices are attached; this information is made available to
 user programs via the new 
 sysctl(3)
 management interface.  Current
 applications include 
 lsdev(8),
 which lists the currently configured
 devices.  In the future, we expect to use this code to automatically
 generate a configuration file for you at installation time.
 
 Owner:                  wollman
 Sources involved:       sys/i386, sys/scsi, sys/kern/kern_devconf.c,
                         sys/sys/devconf.h, usr.sbin/lsdev
 
 
 Kernel management interface
 ---------------------------
 With 4.4-Lite, we now have a better management interface for the endless
 series of kernel variables and parameters which were previously manipulated
 by reading and writing /dev/kmem.  Many programs have been rewritten to
 use this interface, although many old-style programs still remain.  Some
 variables which were never accessible before are now available through
 the 
 sysctl(1)
 program.  In addition to the standard 4.4BSD MIB variables,
 we have added support for YP/NIS domains (kern.domainname), controlling
 the update daemon (kern.update), retrieving the OS release date
 (kern.osreldate), determining the name of the booted kernel (kern.bootfile),
 and checking for hardware floating-point support (hw.floatingpoint).
 We have also added support to make management queries of devices and
 filesystems.
 
 Owner:                  core
 Sources involved:       sys, usr.bin/sysctl
 
 
 iBCS2 support
 -------------
 FreeBSD now supports running iBCS2 compatible binaries (currently
 SCO UNIX 3.2.2 & 3.2.4 and ISC 2.2 COFF format are supported).
 The iBCS2 emulator is in its early stages, but it is functional, we
 haven't been able to do exhaustive testing (lack of commercial apps),
 but almost all of SCO's 3.2.2 binaries are working, so is an old
 INFORMIX-2.10 for SCO. Further testing is necessary to complete this
 project. There is also work under way for ELF & XOUT loaders, and
 most of the svr4 syscall wrappers have been written.
 
 Owner:                  Soren Schmidt (sos) & Sean Eric Fagan (sef)
 Sources involved:       sys/i386/ibcs2/* + misc kernel changes.
 
 
 2. Supported Configurations
 ---------------------------
 
 FreeBSD currently runs on a wide variety of ISA, VLB, EISA and PCI bus
 based PC's, ranging from 386sx to Pentium class machines (though the
 386sx is not recommended).  Support for generic IDE or ESDI drive
 configurations, various SCSI controller, network and serial cards is
 also provided.
 
 Following is a list of all currently known disk controllers and
 ethernet cards known to work with FreeBSD.  Other configurations may
 very well work, and we have simply not received any indication of
 this.
 
 
 2.1. Disk Controllers
 
 WD1003 (any generic MFM/RLL)
 WD1007 (any generic IDE/ESDI)
 [Note: the new Extended IDE controllers in newer PC's work, although no
 extended features are used.]
 
 Adaptec 152x series ISA SCSI controllers
 Adaptec 154x series ISA SCSI controllers
 Adaptec 174x series EISA SCSI controller in standard and enhanced mode.
 Adaptec 2742/2842 series ISA/EISA SCSI controllers
 Adaptec AIC-6260 and AIC-6360 based boards, which includes
 the AHA-152x and SoundBlaster SCSI cards.
 
 ** Note: You cannot boot from the Soundblaster cards
 as they have no on-board BIOS, which is necessary for mapping
 the boot device into the system BIOS I/O vectors.
 They're perfectly usable for external tapes, CDROMs, etc,
 however.  The same goes for any other AIC-6x60 based card
 without a boot ROM.  Some systems DO have a boot ROM, which
 is generally indicated by some sort of message when the system
 is first powered up or reset.  Check your system/board documentation
 for more details.
 
 [Note that Buslogic was formerly known as "Bustec"]
 Buslogic 545S & 545c
 Buslogic 445S/445c VLB SCSI controller
 Buslogic 742A, 747S, 747c EISA SCSI controller.
 Buslogic 946c PCI SCSI controller
 
 NCR 53C810 and 53C825 PCI SCSI controller.
 
 DTC 3290 EISA SCSI controller in 1542 emulation mode.
 
 UltraStor 14F, 24F and 34F SCSI controllers.
 
 Seagate ST01/02 SCSI controllers.
 
 Future Domain 8xx/950 series SCSI controllers.
 
 With all supported SCSI controllers, full support is provided for
 SCSI-I & SCSI-II peripherals, including Disks, tape drives (including
 DAT) and CD ROM drives.  Note: This and the mcd driver (Mitsumi CDROM
 interface card) are the only way a CD ROM drive may be currently
 attached to a FreeBSD system; we do not support SoundBlaster
 (non-SCSI) CDROM interface, or other "non-SCSI" adapters.  The
 ProAudio Spectrum SCSI and SoundBlaster SCSI controllers are
 supported.
 
 Some controllers have limitations with the way they deal with >16MB of
 memory, due to the fact that the ISA bus only has a DMA address space of
 24 bits.  If you do your arithmetic, you'll see that this makes it
 impossible to do direct DMA to any address >16MB.  This limitation is
 even true of some EISA controllers (which are normally 32 bit) when
 they're configured to emulate an ISA card, which they then do in *all*
 respects.  This problem is avoided entirely by IDE controllers (which do
 not use DMA), true EISA controllers (like the UltraStor or Adaptec
 1742A) and most VLB (local bus) controllers.  In the cases where it's
 necessary, the system will use "bounce buffers" to talk to the
 controller so that you can still use more than 16Mb of memory without
 difficulty.
 
 
 2.2. Ethernet cards
 
 SMC Elite 16 WD8013 ethernet interface, and most other WD8003E,
 WD8003EBT, WD8003W, WD8013W, WD8003S, WD8003SBT and WD8013EBT
 based clones.  SMC Elite Ultra is also supported.
 
 DEC EtherWORKS III NICs (DE203, DE204, and DE205)
 DEC EtherWORKS II NICs (DE200, DE201, DE202, and DE422)
 
 Isolan AT 4141-0 (16 bit)
 Isolink 4110     (8 bit)
 
 Novell NE1000, NE2000, and NE2100 ethernet interface.
 
 3Com 3C501 cards
 
 3Com 3C503 Etherlink II
 
 3Com 3C507 Etherlink 16/TP
 
 3Com 3C509 and 3C579 Etherlink III
 
 Toshiba ethernet cards
 
 PCMCIA ethernet cards from IBM and National Semiconductor are also
 supported.
 
 2.3. Misc
 
 AST 4 port serial card using shared IRQ.
 
 ARNET 8 port serial card using shared IRQ.
 
 BOCA ATIO66 6 port serial card using shared IRQ.
 
 STB 4 port card using shared IRQ.
 
 Mitsumi (all models) CDROM interface and drive.
 
 Soundblaster SCSI and ProAudio Spectrum SCSI CDROM interface and drive.
 
 Adlib, Soundblaster, Soundblaster Pro, ProAudioSpectrum, Gravis UltraSound
 and Roland MPU-401 sound cards.
 
 FreeBSD currently does NOT support IBM's microchannel (MCA) bus, but
 support is apparently close to materializing.  Details will be posted
 as the situation develops.
 
 
 3. Obtaining FreeBSD.
 ---------------------
 
 You may obtain FreeBSD in a variety of ways:
 
 1. FTP/Mail
 
 You can ftp FreeBSD and any or all of its optional packages from
 `freebsd.cdrom.com' - the official FreeBSD release site.
 
 For other locations that mirror the FreeBSD software see the file
 MIRROR.SITES.  Please ftp the distribution from the nearest site
 to you netwise.
 
 If you do not have access to the internet and electronic mail is your
 only recourse, then you may still fetch the files by sending mail to
 `ftpmail@decwrl.dec.com' - putting the keyword "help" in your message
 to get more information on how to fetch files from freebsd.cdrom.com.
 Note: This approach will end up sending many *tens of megabytes*
 through the mail, and should only be employed as an absolute LAST
 resort!
 
 
 2. CDROM
 
 FreeBSD 2.0 may be ordered on CDROM from:
 
         Walnut Creek CDROM
         4041 Pike Lane, Suite D
         Concord CA  94520
         1-800-786-9907, +1-510-674-0783, +1-510-674-0821 (fax)
 
 Or via the internet from orders@cdrom.com.  Their current catalog can
 be obtained via ftp as ftp.cdrom.com:/cdrom/catalog.
 
 Cost is $39.95.  Shipping (per order not per disc) is $5 in the US, Canada,
 or Mexico and $10.00 overseas.  They accept Visa, Mastercard, American
 Express, and ship COD to the United States.  California residents please
 add 8.25% sales tax.
 
 Should you be dissatisfied for any reason, the CD comes with an
 unconditional return policy.
 
 Note that Walnut Creek CDROM does NOT provide technical support for FreeBSD,
 you need to contact the FreeBSD team for that.  Please see section 5 for
 more information.
 
 
 4. Preparing for the installation.
 ----------------------------------
 
 1. Floppy Installation
 
 If you must install from floppy disks, either due to space constraints
 on your hard disk or just because you enjoy doing things the hard
 way, you must first prepare some floppies for the install.
 
 You will need either 10 1.44MB floppies or 12 1.2MB floppies to
 store just the bindist (binary distribution).  These *must* be
 formatted using MS-DOS, using either the FORMAT command in MS-DOS
 or the File Manager in Microsoft Windows to prepare the floppies
 (though factory preformatted floppies will also work well, provided
 that they haven't been previously used for something else).
 
 After you've formatted the floppy disks, you'll need to copy the
 files onto them.  There are 56 total files for the bindist itself,
 plus three small files (CKSUMS, do_cksum.sh, and extract.sh) for
 the install program to use.  ALL of these files must be copies onto
 the floppies.  Each of the bindist files are named "bindist.??",
 where the "??" is replaced by the letter sequence aa through cd.
 Copy these files onto the floppies, placing the three small install
 files onto the final floppy.  The order in which you copy the files
 to floppy is not important, but it makes labelling the disks easier
 if you go in some sort of alphabetical order.
 
 After you've done this, the floppy disks are ready for the install
 program to use.
 
 Later on, after you get the binary distribution installed and everything
 is going great, the same instructions will apply for the other
 distributions, such as the manpages distribution or the XFree86 distribution.
 The number of floppies required will, of course, change for bigger or
 smaller distributions.
 
 
 2. Hard Disk Installation
 
 To prepare for installation from an MS-DOS partition, you should simply
 copy the files from the distribution into a directory with the same
 name as the distribution.  For example, if you are preparing to
 install the bindist set, then make a directory on your C: drive named
 C:\BINDIST and copy the files there.  This will allow the installation
 program to find the files automatically.
 
 
 3. QIC/SCSI Tape Installation.
 
 Installing from tape is probably the easiest method, short of an
 on-line install using ftp or installing from a CDROM.  The installation
 program expects the files to be simply tar'red onto the tape, so after
 getting all of the files for distribution you're interested in, simply
 tar them onto the tape with something like:
 
         cd <where the *.?? files are>
         tar cvf /dev/rwt0 (or /dev/rst0) .
 
 from a directory with just the distribution files in it.  Make sure
 that you remember to put CKSUMS, do_cksum.sh, and extract.sh files
 in this directory as well!
 
 If you wish to install multiple *dist releases from one tape, do the
 following:
 
 1. cd to the parent directory of the distributions and put them on tape
    like so:
                 tar cvf /dev/rwt0 (or /dev/rst0) bindist srcdist ...
 
 2. Install the first distribution on the tape using the tape installation
    method as normal.  Afterwards, *do not* erase the contents of the temporary
    directory.  Get a shell with ESC-ESC and cd to the temporary directory
    yourself.  For each additional *dist you want to load, cd to its
    subdirectory and type `sh ./extract.sh'.
 
 
 5. Reporting problems, making suggestions, submitting code.
 -----------------------------------------------------------
 
 Your suggestions, bug reports and contributions of code are always
 valued - please do not hesitate to report any problems you may find
 (preferably with a fix attached if you can!).
 
 The preferred method to submit bug reports from a machine with internet
 mail connectivity is to use the send-pr command.  Bug reports will be
 dutifully filed by our faithful bugfiler program and you can be sure
 that we'll do our best to respond to all reported bugs as soon as
 possible.
 
 If, for some reason, you are unable to use the send-pr command to
 submit a bug report, you can try to send it to:
 
                 bugs@FreeBSD.org
 
 
 Otherwise, for any questions or suggestions, please send mail to:
 
                 questions@FreeBSD.org
 
 Additionally, being a volunteer effort, we are always happy to have
 extra hands willing to help - there are already far more enhancements
 to be done than we can ever manage to do by ourselves!  To contact us
 on technical matters, or with offers of help, you may send mail to:
 
                 hackers@FreeBSD.org
 
 Since these mailing lists can experience significant amounts of
 traffic, if you've got slow or expensive mail access and you're
 only interested in keeping up with significant FreeBSD events, you may
 find it preferable to subscribe to:
 
                 announce@FreeBSD.org
 
 
 All but the FreeBSD-bugs groups can be freely joined by anyone wishing
 to do so.  Send mail to MajorDomo@FreeBSD.org and include the keyword
 `help' on a line by itself somewhere in the body of the message.  This
 will give you more information on joining the various lists, accessing
 archives, etc.  There are a number of mailing lists targeted at
 special interest groups not mentioned here, so send mail to majordomo
 and ask about them!
 
 
 6. Acknowledgements
 -------------------
 
 FreeBSD represents the cumulative work of many dozens, if not
 hundreds, of individuals from around the world who have worked very
 hard to bring you this release.  It would be very difficult, if not
 impossible, to enumerate everyone who's contributed to FreeBSD, but
 nonetheless we shall try (in alphabetical order, of course). If your
 name is not mentioned, please be assured that its omission is entirely
 accidental.
 
 
 The Computer Systems Research Group (CSRG), U.C. Berkeley.
 
 Bill Jolitz, for his extensive work with 386BSD.
 
 The FreeBSD "core" team:
 
         Andrew A. Chernov
         John Dyson
         Bruce Evans
         David Greenman
         Rodney W. Grimes
         Jordan K. Hubbard
         Poul-Henning Kamp
         Rich Murphey
         Gary Palmer
         Geoff Rehmet
         Paul Richards
         Soren Schmidt
         Andreas Schulz
         Jack Vogel
         Garrett A. Wollman
 
 
 Special mention to:
 
         Robert Bruce and Jack Velte of Walnut Creek CDROM, without
         whose help (and continuing support) this release would never
         have been possible.
 
         Dermot McDonnell for his donation of a Toshiba XM3401B CDROM
         drive.
 
         The NetBSD group for their frequent assistance and commentary.
 
         Additional FreeBSD helpers and beta testers:
 
         J.T. Conklin                            Julian Elischer
         Sean Eric Fagan                         Jeffrey Hsu
         Terry Lambert                           L Jonas Olsson
         Chris Provenzano                        Dave Rivers
         Guido van Rooij                         Steven Wallace
         Atsushi Murai                           Scott Mace
         Andrew Moore                            Nate Williams
 
         And everyone at Montana State University for their initial support.
 
 
 Thanks to everyone, especially those not mentioned, and we sincerely
 hope you enjoy this release of FreeBSD!
 
 
                         The FreeBSD Core Team
 
 Id: RELNOTES.FreeBSD,v 1.21 1994/12/02 20:27:11 jkh Exp

Release Home &footer; diff --git a/en/releases/2.2.1R/notes.sgml b/en/releases/2.2.1R/notes.sgml index a265f80f8f..c6908d287e 100644 --- a/en/releases/2.2.1R/notes.sgml +++ b/en/releases/2.2.1R/notes.sgml @@ -1,549 +1,549 @@ - + %includes; ]> - + &header; 
 
                                  RELEASE NOTES
                              FreeBSD 2.2.1-RELEASE
 
 2.2.1 is a small incremental fix release to 2.2, primarily aimed at
 fixing:
 
 o Some recently discovered problems with the Adaptec 2940 driver
   which could cause instability in very heavily loaded systems (like news
   servers).
 
 o A bug which made the package installer fail from CDROM media.
 
 o Allow the Intel EtherExpress Pro/100B to work in full-duplex mode.
 
 Since the 2.2.1. release follows 2.2 by just over a week, other
 documentation still refers to this release as simply "2.2" since it is
 a complete *replacement* for 2.2.0-RELEASE, not simply another point
 release following it.
 
 For even more up-to-date releases along the RELENG_2_2 branch (which
 is now proceeding onwards toward release 2.2.5), please install from:
 
         ftp://releng22.FreeBSD.org/pub/FreeBSD/
 
 This is a snapshot made of RELENG_2_2 on a daily basis (and containing
 all the latest 2.2 fixes as of that date).
 
 
 1. What's new since 2.1.7
 -------------------------
 
 Lots of installation bugs fixed, more pc98 changes synchronized, geeze,
 what else?
 
 gdb 4.16 has been merged from -current, most of the third-party source
 now lives under /usr/src/contrib.
 
 Updated support for the DEC DEFPA/DEFEA FDDI hardware.
 
 The old ``HAVE_FPU'' Makefile option is now finally gone, the selection
 between the math library using the floating point emulator, and the
 version using the co-processor is now fully automatic.  This will speed
 up floating-point using programs on sites that didn't like to recompile
 their `libm' previously.
 
 Javier Martin Rueda's `ex' driver has been merged, bringing support
 for the Intel EtherExpress Pro/10 network cards.
 
 The Intel EtherExpress Pro/100B now works in full-duplex mode.
 
 The `de' driver now recognizes cards using the DE21140A chip, like the
 popular SMC9332BDT (10/100 Mbit/s) one.
 
 There's now a workaround for the brokenness of the frequently used
 CMD640 PCI IDE chip in the sources, albeit still disabled by default
 in 2.2.
 
 The number of EISA slots to probe is now a fully supported option,
 including the ability to save the value from a UserConfig session
 with 
 dset(8)>.
 This helps owners of HP NetServer LC machines to
 install the system on their hardware.
 
 Support for the SDL RISCom N2pci sync serial card.
 
 Support for Cyclades Cyclom-Y (multi-port async serial) PCI adaptors
 as well as multiple controllers and the 32-Y (if you are currently using
 the Cyclades serial adapter, you should re-make your /dev entries and
 remove the old ones).
 
 Updated support for ethernet adaptors which use the DEC DC21X4X chipset.
 
 Update to gcc 2.7.2.1 & add support for weak symbols.
 
 Many things moved/brought into /usr/src/contrib, updating and
 cleaning up the source tree accordingly.
 
 Support for compiled-in shared library ld paths.
 
 Update sgmlfmt to `instant'.
 
 Support for SNMP-style interface MIBs, including full RFC
 1650-compliant MIBs for the `de' (DEC 21x4x) and `ed' (SMC/WD/Novell)
 drivers.
 
 /stand/sysinstall moved even more towards becoming a more general
 system management tool.  You can actually add a new, from-scratch
 formatted disk with it now, from partition label to filesystem
 creation (though it still doesn't modify your /etc/fstab file to
 make it permanent).
 
 The syscons and psm drivers now have a new underlying shared keyboard
 driver, eliminating many of the previously existing problems with
 their mutual interaction.
 
 Syscons now supports cut & paste in textmode using the 
 moused(8)>
 utility.
 
 2.2 is the first release that includes full CD-R support for the
 Plasmon RF41xx, HP4020i, HP6020i, and Philips CDD2000 drives.  The
 driver is still under development (in particular to extend its
 usability for other devices), but it has been proved to be stable
 by now.
 
 Support for NFSv3 clients and servers went into the 2.2 sources
 shortly after branching off the 2.0.5/2.1.X tree.  There are also
 other options available with NFS, like the ability to turn an NFSv2
 server into asynchronous write mode (which is in violation of the
 specs, but has precedents e.g. in SGI Irix).
 
 Poul-Henning Kamp's phkmalloc replaced the old and blatant BSD
 malloc implementation.  This usually saves a lot of virtual memory
 for the clients, and offers some neat features like aborting the
 program on detected malloc abuses, or filling the malloced and/or
 freed area with junk in order to detect semantical problems in
 programs that use malloc.
 
 The `netatalk' implementation of AppleTalk has been integrated into
 the sources, most of the integration work courtesy Whistle Communic-
 ations Corp.
 
 The mount option `async' allows asynchronous metadata updates on UFS
-file systems, something that is the default e.g. on Linux' ext2fs.
+filesystems, something that is the default e.g. on Linux' ext2fs.
 This speeds up many i-node intensive filesystem operations (like
 rm -r) at the cost of an increased risk in case of a system crash.
 The installation itself makes use of this feature, and could be
 drastically accelerated by this.  (A bindist-only installation from a
 SCSI CD-ROM can now complete in less than 5 minutes on a fast
 machine!)
 
 The ATAPI CD-ROM support is now reported to work for quite an
 impressive number of drives.  In other words, all the drives that
 basically adhere to the ATAPI standard are likely to work.
 
 There are many new drivers available in the kernel, too many to keep
 them in mind.  Tekram supplied a driver for their DC390 and DC390T
 controllers.  These controllers are based on the AMD 53c974, and the
 driver is also able to handle other SCSI controllers based on that
 chip.  Of course, with Tekram being generous enough to support the
 FreeBSD project with their driver, we'd like to encourage you to buy
 their product.  The `ed' and `lnc' drivers now support auto-config-
 uration for the respective PCI ethernet cards, including many NE2000
 clones and the AMD PCnet chips.  The SDL RISCom N2 support is new, as
 well as the PCI version of the Cyclades driver.
 
 The Linux emulation is now fully functional, including ELF support.
 To make its use easier, there are even ports for the required shared
 libraries, and for the Slackware development environment.
 
 Along the same lines, the SysV COFF emulation (aka. SCO emulation) is
 reported to be working well now.
 
 FreeBSD also supports native ELF binaries, although it hasn't been
 decided yet whether, when, and how we might use this as the default
 binary format some day.
 
 A `brandelf' utility has been added to allow `branding' of non-shared
 linked ELF binaries where the kernel cannot guess which image activator
 (FreeBSD, Linux, maybe SysV some day) should be used.  This works around
 one major flaw in the ELF object format, the missing field to mark the
 ABI it belongs to.
 
 Support for APM BIOSes is now in a much better shape.
 
 The manual section 9 has been started, describing `official' kernel
 programming interfaces.  We are still seeking volunteers to document
 interfaces here!
 
 The kernel configuration option handling has been largely moved away
 from the old -D Makefile kludges, towards a system of "opt_foo.h"
 kernel include files, allowing Makefile dependencies to work again.
 We expect the old hack that blows the entire compile directory away
 on each run of 
 config(8)>
 to go away anytime soon.  Unless you're changing
 weird options, you might now consider using the -n option to 
 config(8)>,
 or setting the env variable NO_CONFIG_CLOBBER, if CPU time is costly for
 you.  See also the comments in the handbook about how it works.
 
 
 2. Supported Configurations
 ---------------------------
 
 FreeBSD currently runs on a wide variety of ISA, VLB, EISA and PCI bus
 based PC's, ranging from 386sx to Pentium class machines (though the
 386sx is not recommended).  Support for generic IDE or ESDI drive
 configurations, various SCSI controller, network and serial cards is
 also provided.
 
 What follows is a list of all peripherals currently known to work with
 FreeBSD.  Other configurations may also work, we have simply not as yet
 received confirmation of this.
 
 
 2.1. Disk Controllers
 ---------------------
 
 WD1003 (any generic MFM/RLL)
 WD1007 (any generic IDE/ESDI)
 IDE
 ATA
 
 Adaptec 1510 series ISA SCSI controllers (not for bootable devices)
 Adaptec 152x series ISA SCSI controllers
 Adaptec 1535 ISA SCSI controllers
 Adaptec 154x series ISA SCSI controllers
 Adaptec 174x series EISA SCSI controller in standard and enhanced mode.
 Adaptec 274X/284X/2940/3940 (Narrow/Wide/Twin) series ISA/EISA/PCI SCSI
 controllers.
 Adaptec AIC7850 on-board SCSI controllers.
 
 Adaptec AIC-6260 and AIC-6360 based boards, which includes the AHA-152x
 and SoundBlaster SCSI cards.
 
 ** Note: You cannot boot from the SoundBlaster cards as they have no
    on-board BIOS, such being necessary for mapping the boot device into the
    system BIOS I/O vectors.  They're perfectly usable for external tapes,
    CDROMs, etc, however.  The same goes for any other AIC-6x60 based card
    without a boot ROM.  Some systems DO have a boot ROM, which is generally
    indicated by some sort of message when the system is first powered up
    or reset, and in such cases you *will* also be able to boot from them.
    Check your system/board documentation for more details.
 
 Buslogic 545S & 545c
 Buslogic 445S/445c VLB SCSI controller
 Buslogic 742A, 747S, 747c EISA SCSI controller.
 Buslogic 946c PCI SCSI controller
 Buslogic 956c PCI SCSI controller
 
 SymBios (formerly NCR) 53C810, 53C825, 53c860 and 53c875 PCI SCSI
 controllers:
         ASUS SC-200
         Data Technology DTC3130 (all variants)
         NCR cards (all)
         Symbios cards (all)
         Tekram DC390W, 390U and 390F
         Tyan S1365
 
 Tekram DC390 and DC390T controllers (maybe other cards based on the
 AMD 53c974 as well).
 
 NCR5380/NCR53400 ("ProAudio Spectrum") SCSI controller. 
 
 DTC 3290 EISA SCSI controller in 1542 emulation mode.
 
 UltraStor 14F, 24F and 34F SCSI controllers.
 
 Seagate ST01/02 SCSI controllers.
 
 Future Domain 8xx/950 series SCSI controllers.
 
 WD7000 SCSI controller.
 
 With all supported SCSI controllers, full support is provided for
 SCSI-I & SCSI-II peripherals, including Disks, tape drives (including
 DAT and 8mm Exabyte) and CD ROM drives.
 
 The following CD-ROM type systems are supported at this time:
 (cd)    SCSI interface (also includes ProAudio Spectrum and
         SoundBlaster SCSI)
 (mcd)   Mitsumi proprietary interface (all models)
 (matcd) Matsushita/Panasonic (Creative SoundBlaster) proprietary
         interface (562/563 models)
 (scd)   Sony proprietary interface (all models)
 (wcd)   ATAPI IDE interface (experimental and should be considered ALPHA
         quality!).
 
 
 2.2. Ethernet cards
 -------------------
 
 Allied-Telesis AT1700 and RE2000 cards
 
 AMD PCnet/PCI (79c970 & 53c974 or 79c974)
 
 SMC Elite 16 WD8013 ethernet interface, and most other WD8003E,
 WD8003EBT, WD8003W, WD8013W, WD8003S, WD8003SBT and WD8013EBT
 based clones.  SMC Elite Ultra is also supported.
 
 DEC EtherWORKS III NICs (DE203, DE204, and DE205)
 DEC EtherWORKS II NICs (DE200, DE201, DE202, and DE422)
 DEC DC21040, DC21041, or DC21140 based NICs (SMC Etherpower 8432T, DE245, etc)
 DEC FDDI (DEFPA/DEFEA) NICs
 
 Fujitsu MB86960A/MB86965A
 
 HP PC Lan+ cards (model numbers: 27247B and 27252A).
 
 Intel EtherExpress (not recommended due to driver instability)
 Intel EtherExpress Pro/10
 Intel EtherExpress Pro/100B PCI Fast Ethernet
 
 Isolan AT 4141-0 (16 bit)
 Isolink 4110     (8 bit)
 
 Novell NE1000, NE2000, and NE2100 ethernet interface.
 
 3Com 3C501 cards
 
 3Com 3C503 Etherlink II
 
 3Com 3c505 Etherlink/+
 
 3Com 3C507 Etherlink 16/TP
 
 3Com 3C509, 3C579, 3C589 (PCMCIA), 3C590/592/595/900/905 PCI and EISA
 (Fast) Etherlink III / (Fast) Etherlink XL
 
 Toshiba ethernet cards
 
 PCMCIA ethernet cards from IBM and National Semiconductor are also
 supported.
 
 Note that NO token ring cards are supported at this time as we're
 still waiting for someone to donate a driver for one of them.  Any
 takers?
 
 
 2.3. Misc
 ---------
 
 AST 4 port serial card using shared IRQ.
 
 ARNET 8 port serial card using shared IRQ.
 ARNET (now Digiboard) Sync 570/i high-speed serial.
 
 Boca BB1004 4-Port serial card (Modems NOT supported)
 Boca IOAT66 6-Port serial card (Modems supported)
 Boca BB1008 8-Port serial card (Modems NOT supported)
 Boca BB2016 16-Port serial card (Modems supported)
 
 Cyclades Cyclom-y Serial Board.
 
 STB 4 port card using shared IRQ.
 
 SDL Communications Riscom/8 Serial Board.
 SDL Communications RISCom/N2 and N2pci high-speed sync serial boards.
 
 Stallion multiport serial boards: EasyIO, EasyConnection 8/32 & 8/64,
 ONboard 4/16 and Brumby.
 
 Adlib, SoundBlaster, SoundBlaster Pro, ProAudioSpectrum, Gravis UltraSound
 and Roland MPU-401 sound cards.
 
 Connectix QuickCam
 Matrox Meteor Video frame grabber
 Creative Labs Video Spigot frame grabber
 Cortex1 frame grabber
 
 HP4020i, Philips CDD2000 and PLASMON WORM (CDR) drives.
 
 PS/2 mice
 
 Standard PC Joystick
 
 X-10 power controllers
 
 GPIB and Transputer drivers.
 
 Genius and Mustek hand scanners.
 
 
 FreeBSD currently does NOT support IBM's microchannel (MCA) bus.
 
 
 3. Obtaining FreeBSD
 --------------------
 
 You may obtain FreeBSD in a variety of ways:
 
 3.1. FTP/Mail
 -------------
 
 You can ftp FreeBSD and any or all of its optional packages from
 `ftp.FreeBSD.org' - the official FreeBSD release site.
 
 For other locations that mirror the FreeBSD software see the file
 MIRROR.SITES.  Please ftp the distribution from the site closest (in
 networking terms) to you.  Additional mirror sites are always welcome!
 Contact freebsd-admin@FreeBSD.org for more details if you'd like to 
 become an official mirror site.
 
 If you do not have access to the Internet and electronic mail is your
 only recourse, then you may still fetch the files by sending mail to
 `ftpmail@decwrl.dec.com' - putting the keyword "help" in your message
 to get more information on how to fetch files using this mechanism.
 Please do note, however, that this will end up sending many *tens of
 megabytes* through the mail and should only be employed as an absolute
 LAST resort!
 
 
 3.2. CDROM
 ----------
 
 FreeBSD 2.1.7-RELEASE and 2.2-RELEASE CDs may be ordered on CDROM from:
 
         Walnut Creek CDROM
         4041 Pike Lane, Suite D
         Concord CA  94520
         1-800-786-9907, +1-510-674-0783, +1-510-674-0821 (fax)
 
 Or via the Internet from orders@cdrom.com or http://www.cdrom.com.
 Their current catalog can be obtained via ftp from:
         ftp://ftp.cdrom.com/cdrom/catalog.
 
 Cost per -RELEASE CD is $39.95 or $24.95 with a FreeBSD subscription.
 FreeBSD 3.0-SNAP CDs are $29.95 or $14.95 with a FreeBSD-SNAP subscription
 (-RELEASE and -SNAP subscriptions are entirely separate).  With a
 subscription, you will automatically receive updates as they are released.
 Your credit card will be billed when each disk is shipped and you may cancel
 your subscription at any time without further obligation.
 
 Shipping (per order not per disc) is $5 in the US, Canada or Mexico
 and $9.00 overseas.  They accept Visa, Mastercard, Discover, American
 Express or checks in U.S. Dollars and ship COD within the United
 States.  California residents please add 8.25% sales tax.
 
 Should you be dissatisfied for any reason, the CD comes with an
 unconditional return policy.
 
 
 4. Reporting problems, making suggestions, submitting code.
 -----------------------------------------------------------
 
 Your suggestions, bug reports and contributions of code are always
 valued - please do not hesitate to report any problems you may find
 (preferably with a fix attached, if you can!).
 
 The preferred method to submit bug reports from a machine with
 Internet mail connectivity is to use the send-pr command or use the CGI
 script at http://www.FreeBSD.org/send-pr.html.  Bug reports
 will be dutifully filed by our faithful bugfiler program and you can
 be sure that we'll do our best to respond to all reported bugs as soon
 as possible.  Bugs filed in this way are also visible on our WEB site
 in the support section and are therefore valuable both as bug reports
 and as "signposts" for other users concerning potential problems to
 watch out for.
 
 If, for some reason, you are unable to use the send-pr command to
 submit a bug report, you can try to send it to:
 
                 freebsd-bugs@FreeBSD.org
 
 Note that send-pr itself is a shell script that should be easy to move
 even onto a totally different system.  We much prefer if you could use
 this interface, since it make it easier to keep track of the problem
 reports.  However, before submitting, please try to make sure whether
 the problem might have already been fixed since.
 
 
 Otherwise, for any questions or suggestions, please send mail to:
 
                 freebsd-questions@FreeBSD.org
 
 
 Additionally, being a volunteer effort, we are always happy to have
 extra hands willing to help - there are already far more desired
 enhancements than we'll ever be able to manage by ourselves!  To
 contact us on technical matters, or with offers of help, please send
 mail to:
 
                 freebsd-hackers@FreeBSD.org
 
 
 Please note that these mailing lists can experience *significant*
 amounts of traffic and if you have slow or expensive mail access and
 are only interested in keeping up with significant FreeBSD events, you
 may find it preferable to subscribe instead to:
 
                 freebsd-announce@FreeBSD.org
 
 
 All but the freebsd-bugs groups can be freely joined by anyone wishing
 to do so.  Send mail to MajorDomo@FreeBSD.org and include the keyword
 `help' on a line by itself somewhere in the body of the message.  This
 will give you more information on joining the various lists, accessing
 archives, etc.  There are a number of mailing lists targeted at
 special interest groups not mentioned here, so send mail to majordomo
 and ask about them!
 
 
 5. Acknowledgements
 -------------------
 
 FreeBSD represents the cumulative work of many dozens, if not
 hundreds, of individuals from around the world who have worked very
 hard to bring you this release.  For a complete list of FreeBSD
 project staffers, please see:
 
         http://www.FreeBSD.org/handbook/staff.html
 
 or, if you've loaded the doc distribution:
 
         file:/usr/share/doc/handbook/staff.html
 
 Additional FreeBSD helpers and beta testers:
 
         Coranth Gryphon            Dave Rivers 
         Kaleb S. Keithley          Terry Lambert
         David Dawes                Don Lewis
 
 Special mention to:
 
         Walnut Creek CDROM, without whose help (and continuing support)
         this release would never have been possible.
 
         Dermot McDonnell for his donation of a Toshiba XM3401B CDROM
         drive.
 
         Chuck Robey for his donation of a floppy tape streamer for
         testing.
 
         Larry Altneu and Wilko Bulte for providing us with Wangtek
         and Archive QIC-02 tape drives for testing and driver hacking.
 
         CalWeb Internet Services for the loan of a P6/200 machine for
         speedy package building.
 
         Everyone at Montana State University for their initial support.
 
         And to the many thousands of FreeBSD users and testers all over the
         world, without whom this release simply would not have been possible.
 
 We sincerely hope you enjoy this release of FreeBSD!
 
                         The FreeBSD Project

Release Home &footer; diff --git a/en/releases/2.2.2R/notes.sgml b/en/releases/2.2.2R/notes.sgml index 56081784ac..b1040de4f1 100644 --- a/en/releases/2.2.2R/notes.sgml +++ b/en/releases/2.2.2R/notes.sgml @@ -1,563 +1,563 @@ - + %includes; ]> - + &header; 
                                  RELEASE NOTES
                               FreeBSD 2.2.2-RELEASE
 
 o For information about the layout of the release directory, see
   the ABOUT.TXT file.
 
 o For installation instructions, see the INSTALL.TXT and HARDWARE.TXT
   files.
 
 For the most up-to-date releases along the RELENG_2_2 branch (which
 is now proceeding onwards toward release 2.2.5), please install from:
 
         ftp://releng22.FreeBSD.org/pub/FreeBSD/
 
 
 0. What's new since 2.2.1
 -------------------------
 A number of bugs in the Adaptec 294x/394x (AHC) driver were fixed
 which could cause instability on heavily loaded systems.
 
 NFSv3 is now the default, with fall-back to NFSv2 occuring as necessary.
 
 An lchown() system call has been added for changing the ownership of symlinks.
 
 Login classes added for setting default user limits (see login.
 conf(5)).
 
 ftpd now supports virtual FTP hosting.
 
 Numerous security fixes (buffer overflows and other potential exploits fixed).
 
 Better build support for C++ libraries added.
 
 Support for the GLOBAL text/HTML source tag system added (man global).
 
 /etc/sysconfig now replaced by /etc/rc.conf - a more concise customization
 file with more knobs added.  Other things in /etc were also neatened
 up, /etc/netstart being replaced with /etc/rc.network
 
 User-mode ppp updated with various fixes and enhancements from 3.0-current.
 
 Texinfo documentation mechanisms cleaned up in source tree.
 
 
 1. What's new since 2.1.7
 -------------------------
 
 Lots of installation bugs fixed, more pc98 changes synchronized, geeze,
 what else?
 
 gdb 4.16 has been merged from -current, most of the third-party source
 now lives under /usr/src/contrib.
 
 Updated support for the DEC DEFPA/DEFEA FDDI hardware.
 
 The old ``HAVE_FPU'' Makefile option is now finally gone, the selection
 between the math library using the floating point emulator, and the
 version using the co-processor is now fully automatic.  This will speed
 up floating-point using programs on sites that didn't like to recompile
 their `libm' previously.
 
 Javier Martin Rueda's `ex' driver has been merged, bringing support
 for the Intel EtherExpress Pro/10 network cards.
 
 The Intel EtherExpress Pro/100B now works in full-duplex mode.
 
 The `de' driver now recognizes cards using the DE21140A chip, like the
 popular SMC9332BDT (10/100 Mbit/s) one.
 
 There's now a workaround for the brokenness of the frequently used
 CMD640 PCI IDE chip in the sources, albeit still disabled by default
 in 2.2.
 
 The number of EISA slots to probe is now a fully supported option,
 including the ability to save the value from a UserConfig session
 with 
 dset(8)>.
 This helps owners of HP NetServer LC machines to
 install the system on their hardware.
 
 Support for the SDL RISCom N2pci sync serial card.
 
 Support for Cyclades Cyclom-Y (multi-port async serial) PCI adaptors
 as well as multiple controllers and the 32-Y (if you are currently using
 the Cyclades serial adapter, you should re-make your /dev entries and
 remove the old ones).
 
 Updated support for ethernet adaptors which use the DEC DC21X4X chipset.
 
 Update to gcc 2.7.2.1 & add support for weak symbols.
 
 Many things moved/brought into /usr/src/contrib, updating and
 cleaning up the source tree accordingly.
 
 Support for compiled-in shared library ld paths.
 
 Update sgmlfmt to `instant'.
 
 Support for SNMP-style interface MIBs, including full RFC
 1650-compliant MIBs for the `de' (DEC 21x4x) and `ed' (SMC/WD/Novell)
 drivers.
 
 /stand/sysinstall moved even more towards becoming a more general
 system management tool.  You can actually add a new, from-scratch
 formatted disk with it now, from partition label to filesystem
 creation (though it still doesn't modify your /etc/fstab file to
 make it permanent).
 
 The syscons and psm drivers now have a new underlying shared keyboard
 driver, eliminating many of the previously existing problems with
 their mutual interaction.
 
 Syscons now supports cut & paste in textmode using the 
 moused(8)>
 utility.
 
 2.2 is the first release that includes full CD-R support for the
 Plasmon RF41xx, HP4020i, HP6020i, and Philips CDD2000 drives.  The
 driver is still under development (in particular to extend its
 usability for other devices), but it has been proved to be stable
 by now.
 
 Support for NFSv3 clients and servers went into the 2.2 sources
 shortly after branching off the 2.0.5/2.1.X tree.  There are also
 other options available with NFS, like the ability to turn an NFSv2
 server into asynchronous write mode (which is in violation of the
 specs, but has precedents e.g. in SGI Irix).
 
 Poul-Henning Kamp's phkmalloc replaced the old and blatant BSD
 malloc implementation.  This usually saves a lot of virtual memory
 for the clients, and offers some neat features like aborting the
 program on detected malloc abuses, or filling the malloced and/or
 freed area with junk in order to detect semantical problems in
 programs that use malloc.
 
 The `netatalk' implementation of AppleTalk has been integrated into
 the sources, most of the integration work courtesy Whistle Communic-
 ations Corp.
 
 The mount option `async' allows asynchronous metadata updates on UFS
-file systems, something that is the default e.g. on Linux' ext2fs.
+filesystems, something that is the default e.g. on Linux' ext2fs.
 This speeds up many i-node intensive filesystem operations (like
 rm -r) at the cost of an increased risk in case of a system crash.
 The installation itself makes use of this feature, and could be
 drastically accelerated by this.  (A bindist-only installation from a
 SCSI CD-ROM can now complete in less than 5 minutes on a fast
 machine!)
 
 The ATAPI CD-ROM support is now reported to work for quite an
 impressive number of drives.  In other words, all the drives that
 basically adhere to the ATAPI standard are likely to work.
 
 There are many new drivers available in the kernel, too many to keep
 them in mind.  Tekram supplied a driver for their DC390 and DC390T
 controllers.  These controllers are based on the AMD 53c974, and the
 driver is also able to handle other SCSI controllers based on that
 chip.  Of course, with Tekram being generous enough to support the
 FreeBSD project with their driver, we'd like to encourage you to buy
 their product.  The `ed' and `lnc' drivers now support auto-config-
 uration for the respective PCI ethernet cards, including many NE2000
 clones and the AMD PCnet chips.  The SDL RISCom N2 support is new, as
 well as the PCI version of the Cyclades driver.
 
 The Linux emulation is now fully functional, including ELF support.
 To make its use easier, there are even ports for the required shared
 libraries, and for the Slackware development environment.
 
 Along the same lines, the SysV COFF emulation (aka. SCO emulation) is
 reported to be working well now.
 
 FreeBSD also supports native ELF binaries, although it hasn't been
 decided yet whether, when, and how we might use this as the default
 binary format some day.
 
 A `brandelf' utility has been added to allow `branding' of non-shared
 linked ELF binaries where the kernel cannot guess which image activator
 (FreeBSD, Linux, maybe SysV some day) should be used.  This works around
 one major flaw in the ELF object format, the missing field to mark the
 ABI it belongs to.
 
 Support for APM BIOSes is now in a much better shape.
 
 The manual section 9 has been started, describing `official' kernel
 programming interfaces.  We are still seeking volunteers to document
 interfaces here!
 
 The kernel configuration option handling has been largely moved away
 from the old -D Makefile kludges, towards a system of "opt_foo.h"
 kernel include files, allowing Makefile dependencies to work again.
 We expect the old hack that blows the entire compile directory away
 on each run of 
 config(8)>
 to go away anytime soon.  Unless you're changing
 weird options, you might now consider using the -n option to 
 config(8)>,
 or setting the env variable NO_CONFIG_CLOBBER, if CPU time is costly for
 you.  See also the comments in the handbook about how it works.
 
 
 2. Supported Configurations
 ---------------------------
 
 FreeBSD currently runs on a wide variety of ISA, VLB, EISA and PCI bus
 based PC's, ranging from 386sx to Pentium class machines (though the
 386sx is not recommended).  Support for generic IDE or ESDI drive
 configurations, various SCSI controller, network and serial cards is
 also provided.
 
 What follows is a list of all peripherals currently known to work with
 FreeBSD.  Other configurations may also work, we have simply not as yet
 received confirmation of this.
 
 
 2.1. Disk Controllers
 ---------------------
 
 WD1003 (any generic MFM/RLL)
 WD1007 (any generic IDE/ESDI)
 IDE
 ATA
 
 Adaptec 1510 series ISA SCSI controllers (not for bootable devices)
 Adaptec 152x series ISA SCSI controllers
 Adaptec 1535 ISA SCSI controllers
 Adaptec 154x series ISA SCSI controllers
 Adaptec 174x series EISA SCSI controller in standard and enhanced mode.
 Adaptec 274X/284X/2940/3940 (Narrow/Wide/Twin) series ISA/EISA/PCI SCSI
 controllers.
 Adaptec AIC7850 on-board SCSI controllers.
 
 Adaptec AIC-6260 and AIC-6360 based boards, which includes the AHA-152x
 and SoundBlaster SCSI cards.
 
 ** Note: You cannot boot from the SoundBlaster cards as they have no
    on-board BIOS, such being necessary for mapping the boot device into the
    system BIOS I/O vectors.  They're perfectly usable for external tapes,
    CDROMs, etc, however.  The same goes for any other AIC-6x60 based card
    without a boot ROM.  Some systems DO have a boot ROM, which is generally
    indicated by some sort of message when the system is first powered up
    or reset, and in such cases you *will* also be able to boot from them.
    Check your system/board documentation for more details.
 
 Buslogic 545S & 545c
 Buslogic 445S/445c VLB SCSI controller
 Buslogic 742A, 747S, 747c EISA SCSI controller.
 Buslogic 946c PCI SCSI controller
 Buslogic 956c PCI SCSI controller
 
 SymBios (formerly NCR) 53C810, 53C825, 53c860 and 53c875 PCI SCSI
 controllers:
         ASUS SC-200
         Data Technology DTC3130 (all variants)
         NCR cards (all)
         Symbios cards (all)
         Tekram DC390W, 390U and 390F
         Tyan S1365
 
 Tekram DC390 and DC390T controllers (maybe other cards based on the
 AMD 53c974 as well).
 
 NCR5380/NCR53400 ("ProAudio Spectrum") SCSI controller. 
 
 DTC 3290 EISA SCSI controller in 1542 emulation mode.
 
 UltraStor 14F, 24F and 34F SCSI controllers.
 
 Seagate ST01/02 SCSI controllers.
 
 Future Domain 8xx/950 series SCSI controllers.
 
 WD7000 SCSI controller.
 
 With all supported SCSI controllers, full support is provided for
 SCSI-I & SCSI-II peripherals, including Disks, tape drives (including
 DAT and 8mm Exabyte) and CD ROM drives.
 
 The following CD-ROM type systems are supported at this time:
 (cd)    SCSI interface (also includes ProAudio Spectrum and
         SoundBlaster SCSI)
 (mcd)   Mitsumi proprietary interface (all models)
 (matcd) Matsushita/Panasonic (Creative SoundBlaster) proprietary
         interface (562/563 models)
 (scd)   Sony proprietary interface (all models)
 (wcd)   ATAPI IDE interface (experimental and should be considered ALPHA
         quality!).
 
 
 2.2. Ethernet cards
 -------------------
 
 Allied-Telesis AT1700 and RE2000 cards
 
 AMD PCnet/PCI (79c970 & 53c974 or 79c974)
 
 SMC Elite 16 WD8013 ethernet interface, and most other WD8003E,
 WD8003EBT, WD8003W, WD8013W, WD8003S, WD8003SBT and WD8013EBT
 based clones.  SMC Elite Ultra is also supported.
 
 DEC EtherWORKS III NICs (DE203, DE204, and DE205)
 DEC EtherWORKS II NICs (DE200, DE201, DE202, and DE422)
 DEC DC21040, DC21041, or DC21140 based NICs (SMC Etherpower 8432T, DE245, etc)
 DEC FDDI (DEFPA/DEFEA) NICs
 
 Fujitsu MB86960A/MB86965A
 
 HP PC Lan+ cards (model numbers: 27247B and 27252A).
 
 Intel EtherExpress (not recommended due to driver instability)
 Intel EtherExpress Pro/10
 Intel EtherExpress Pro/100B PCI Fast Ethernet
 
 Isolan AT 4141-0 (16 bit)
 Isolink 4110     (8 bit)
 
 Novell NE1000, NE2000, and NE2100 ethernet interface.
 
 3Com 3C501 cards
 
 3Com 3C503 Etherlink II
 
 3Com 3c505 Etherlink/+
 
 3Com 3C507 Etherlink 16/TP
 
 3Com 3C509, 3C579, 3C589 (PCMCIA), 3C590/592/595/900/905 PCI and EISA
 (Fast) Etherlink III / (Fast) Etherlink XL
 
 Toshiba ethernet cards
 
 PCMCIA ethernet cards from IBM and National Semiconductor are also
 supported.
 
 Note that NO token ring cards are supported at this time as we're
 still waiting for someone to donate a driver for one of them.  Any
 takers?
 
 
 2.3. Misc
 ---------
 
 AST 4 port serial card using shared IRQ.
 
 ARNET 8 port serial card using shared IRQ.
 ARNET (now Digiboard) Sync 570/i high-speed serial.
 
 Boca BB1004 4-Port serial card (Modems NOT supported)
 Boca IOAT66 6-Port serial card (Modems supported)
 Boca BB1008 8-Port serial card (Modems NOT supported)
 Boca BB2016 16-Port serial card (Modems supported)
 
 Cyclades Cyclom-y Serial Board.
 
 STB 4 port card using shared IRQ.
 
 SDL Communications Riscom/8 Serial Board.
 SDL Communications RISCom/N2 and N2pci high-speed sync serial boards.
 
 Stallion multiport serial boards: EasyIO, EasyConnection 8/32 & 8/64,
 ONboard 4/16 and Brumby.
 
 Adlib, SoundBlaster, SoundBlaster Pro, ProAudioSpectrum, Gravis UltraSound
 and Roland MPU-401 sound cards.
 
 Connectix QuickCam
 Matrox Meteor Video frame grabber
 Creative Labs Video Spigot frame grabber
 Cortex1 frame grabber
 
 HP4020i, Philips CDD2000 and PLASMON WORM (CDR) drives.
 
 PS/2 mice
 
 Standard PC Joystick
 
 X-10 power controllers
 
 GPIB and Transputer drivers.
 
 Genius and Mustek hand scanners.
 
 
 FreeBSD currently does NOT support IBM's microchannel (MCA) bus.
 
 
 3. Obtaining FreeBSD
 --------------------
 
 You may obtain FreeBSD in a variety of ways:
 
 3.1. FTP/Mail
 -------------
 
 You can ftp FreeBSD and any or all of its optional packages from
 `ftp.FreeBSD.org' - the official FreeBSD release site.
 
 For other locations that mirror the FreeBSD software see the file
 MIRROR.SITES.  Please ftp the distribution from the site closest (in
 networking terms) to you.  Additional mirror sites are always welcome!
 Contact freebsd-admin@FreeBSD.org for more details if you'd like to 
 become an official mirror site.
 
 If you do not have access to the Internet and electronic mail is your
 only recourse, then you may still fetch the files by sending mail to
 `ftpmail@ftpmail.vix.com' - putting the keyword "help" in your message
 to get more information on how to fetch files using this mechanism.
 Please do note, however, that this will end up sending many *tens of
 megabytes* through the mail and should only be employed as an absolute
 LAST resort!
 
 
 3.2. CDROM
 ----------
 
 FreeBSD 2.1.7-RELEASE and 2.2-RELEASE CDs may be ordered on CDROM from:
 
         Walnut Creek CDROM
         4041 Pike Lane, Suite D
         Concord CA  94520
         1-800-786-9907, +1-510-674-0783, +1-510-674-0821 (fax)
 
 Or via the Internet from orders@cdrom.com or http://www.cdrom.com.
 Their current catalog can be obtained via ftp from:
         ftp://ftp.cdrom.com/cdrom/catalog.
 
 Cost per -RELEASE CD is $39.95 or $24.95 with a FreeBSD subscription.
 FreeBSD 3.0-SNAP CDs are $29.95 or $14.95 with a FreeBSD-SNAP subscription
 (-RELEASE and -SNAP subscriptions are entirely separate).  With a
 subscription, you will automatically receive updates as they are released.
 Your credit card will be billed when each disk is shipped and you may cancel
 your subscription at any time without further obligation.
 
 Shipping (per order not per disc) is $5 in the US, Canada or Mexico
 and $9.00 overseas.  They accept Visa, Mastercard, Discover, American
 Express or checks in U.S. Dollars and ship COD within the United
 States.  California residents please add 8.25% sales tax.
 
 Should you be dissatisfied for any reason, the CD comes with an
 unconditional return policy.
 
 
 4. Reporting problems, making suggestions, submitting code.
 -----------------------------------------------------------
 
 Your suggestions, bug reports and contributions of code are always
 valued - please do not hesitate to report any problems you may find
 (preferably with a fix attached, if you can!).
 
 The preferred method to submit bug reports from a machine with
 Internet mail connectivity is to use the send-pr command or use the CGI
 script at http://www.FreeBSD.org/send-pr.html.  Bug reports
 will be dutifully filed by our faithful bugfiler program and you can
 be sure that we'll do our best to respond to all reported bugs as soon
 as possible.  Bugs filed in this way are also visible on our WEB site
 in the support section and are therefore valuable both as bug reports
 and as "signposts" for other users concerning potential problems to
 watch out for.
 
 If, for some reason, you are unable to use the send-pr command to
 submit a bug report, you can try to send it to:
 
                 freebsd-bugs@FreeBSD.org
 
 Note that send-pr itself is a shell script that should be easy to move
 even onto a totally different system.  We much prefer if you could use
 this interface, since it make it easier to keep track of the problem
 reports.  However, before submitting, please try to make sure whether
 the problem might have already been fixed since.
 
 
 Otherwise, for any questions or suggestions, please send mail to:
 
                 freebsd-questions@FreeBSD.org
 
 
 Additionally, being a volunteer effort, we are always happy to have
 extra hands willing to help - there are already far more desired
 enhancements than we'll ever be able to manage by ourselves!  To
 contact us on technical matters, or with offers of help, please send
 mail to:
 
                 freebsd-hackers@FreeBSD.org
 
 
 Please note that these mailing lists can experience *significant*
 amounts of traffic and if you have slow or expensive mail access and
 are only interested in keeping up with significant FreeBSD events, you
 may find it preferable to subscribe instead to:
 
                 freebsd-announce@FreeBSD.org
 
 
 All but the freebsd-bugs groups can be freely joined by anyone wishing
 to do so.  Send mail to MajorDomo@FreeBSD.org and include the keyword
 `help' on a line by itself somewhere in the body of the message.  This
 will give you more information on joining the various lists, accessing
 archives, etc.  There are a number of mailing lists targeted at
 special interest groups not mentioned here, so send mail to majordomo
 and ask about them!
 
 
 5. Acknowledgements
 -------------------
 
 FreeBSD represents the cumulative work of many dozens, if not
 hundreds, of individuals from around the world who have worked very
 hard to bring you this release.  For a complete list of FreeBSD
 project staffers, please see:
 
         http://www.FreeBSD.org/handbook/staff.html
 
 or, if you've loaded the doc distribution:
 
         file:/usr/share/doc/handbook/staff.html
 
 Additional FreeBSD helpers and beta testers:
 
         Coranth Gryphon            Dave Rivers 
         Kaleb S. Keithley          Terry Lambert
         David Dawes                Don Lewis
 
 Special mention to:
 
         Walnut Creek CDROM, without whose help (and continuing support)
         this release would never have been possible.
 
         Dermot McDonnell for his donation of a Toshiba XM3401B CDROM
         drive.
 
         Chuck Robey for his donation of a floppy tape streamer for
         testing.
 
         Larry Altneu and Wilko Bulte for providing us with Wangtek
         and Archive QIC-02 tape drives for testing and driver hacking.
 
         CalWeb Internet Services for the loan of a P6/200 machine for
         speedy package building.
 
         Everyone at Montana State University for their initial support.
 
         And to the many thousands of FreeBSD users and testers all over the
         world, without whom this release simply would not have been possible.
 
 We sincerely hope you enjoy this release of FreeBSD!
 
                         The FreeBSD Project

Release Home &footer; diff --git a/en/releases/2.2R/notes.sgml b/en/releases/2.2R/notes.sgml index 60413aca05..90e8b53c4d 100644 --- a/en/releases/2.2R/notes.sgml +++ b/en/releases/2.2R/notes.sgml @@ -1,518 +1,518 @@ - + %includes; ]> - + &header; 
                                  RELEASE NOTES
                               FreeBSD 2.2-RELEASE
 
 1. What's new since 2.1.7
 -------------------------
 
 Lots of installation bugs fixed, more pc98 changes syncronized, geeze,
 what else?
 
 gdb 4.16 has been merged from -current, most of the third-party source
 now lives under /usr/src/contrib.
 
 Updated support for the DEC DEFPA/DEFEA FDDI hardware.
 
 The old ``HAVE_FPU'' Makefile option is now finally gone, the selection
 between the math library using the floating point emulator, and the
 version using the co-processor is now fully automatic.  This will speed
 up floating-point using programs on sites that didn't like to recompile
 their `libm' previously.
 
 Javier Martin Rueda's `ex' driver has been merged, bringing support
 for the Intel EtherExpress Pro/10 network cards.
 
 The `de' driver now recognizes cards using the DE21140A chip, like the
 popular SMC9332BDT (10/100 Mbit/s) one.
 
 There's now a workaround for the brokeness of the frequently used
 CMD640 PCI IDE chip in the sources, albeit still disabled by default
 in 2.2.
 
 The number of EISA slots to probe is now a fully supported option,
 including the ability to save the value from a UserConfig session
 with 
 dset(8).  
 This helps owners of HP NetServer LC machines to
 install the system on their hardware.
 
 Support for the SDL RISCom N2pci sync serial card.
 
 Support for Cyclades Cyclom-Y (multi-port async serial) PCI adaptors
 as well as multiple controllers and the 32-Y (if you are currently using
 the Cyclades serial adapter, you should re-make your /dev entries and
 remove the old ones).
 
 Updated support for ethernet adaptors which use the DEC DC21X4X chipset.
 
 Update to gcc 2.7.2.1 & add support for weak symbols.
 
 Many things moved/brought into /usr/src/contrib, updating and
 cleaning up the source tree accordingly.
 
 Support for compiled-in shared library ld paths.
 
 Update sgmlfmt to `instant'.
 
 Support for SNMP-style interface MIBs, including full RFC
 1650-compliant MIBs for the `de' (DEC 21x4x) and `ed' (SMC/WD/Novell)
 drivers.
 
 /stand/sysinstall moved even more towards becoming a more general
 system management tool.
 
 The syscons and psm drivers now have a new underlying shared keyboard
 driver, eliminating many of the previously existing problems with
 their mutual interaction.
 
 Syscons now supports cut & paste in textmode using the 
 moused(8)
 utility.
 
 2.2 is the first release that includes full CD-R support for the
 Plasmon RF41xx, HP4020i, HP6020i, and Philips CDD2000 drives.  The
 driver is still under development (in particular to extend its
 usability for other devices), but it has been proved to be stable
 by now.
 
 Support for NFSv3 clients and servers went into the 2.2 sources
 shortly after branching off the 2.0.5/2.1.X tree.  There are also
 other options available with NFS, like the ability to turn an NFSv2
 server into asynchronous write mode (which is in violation of the
 specs, but has precedents e.g. in SGI Irix).
 
 Poul-Henning Kamp's phkmalloc replaced the old and blatant BSD
 malloc implementation.  This usually saves a lot of virtual memory
 for the clients, and offers some neat features like aborting the
 program on detected malloc abuses, or filling the malloced and/or
 freed area with junk in order to detect semantical problems in
 programs that use malloc.
 
 The `netatalk' implementation of AppleTalk has been integrated into
 the sources, most of the integration work courtesy Wistle Communic-
 ations Corp.
 
 The mount option `async' allows asynchronous metadata updates on UFS
-file systems, something that is the default e.g. on Linux' ext2fs.
+filesystems, something that is the default e.g. on Linux' ext2fs.
 This speeds up many i-node intensive filesystem operations (like
 rm -r) at the cost of an increased risk in case of a system crash.
 The installation itself makes use of this feature, and could be
 drastically accelerated by this.  (A bindist-only installation from a
 SCSI CD-ROM can now complete in less than 5 minutes on a fast
 machine!)
 
 The ATAPI CD-ROM support is now reported to work for quite an
 impressive number of drives.  In other words, all the drives that
 basically adhere to the ATAPI standard are likely to work.
 
 There are many new drivers available in the kernel, too many to keep
 them in mind.  Tekram supplied a driver for their DC390 and DC390T
 controllers.  These controllers are based on the AMD 53c974, and the
 driver is also able to handle other SCSI controllers based on that
 chip.  Of course, with Tekram being generous enough to support the
 FreeBSD project with their driver, we'd like to encourage you to buy
 their product.  The `ed' and `lnc' drivers now support auto-config-
 uration for the respective PCI ethernet cards, including many NE2000
 clones and the AMD PCnet chips.  The SDL RISCom N2 support is new, as
 well as the PCI version of the Cyclades driver.
 
 The Linux emulation is now fully functional, including ELF support.
 To make its use easier, there are even ports for the required shared
 libraries, and for the Slackware development environment.
 
 Along the same lines, the SysV COFF emulation (aka. SCO emulation) is
 reported to be working well now.
 
 FreeBSD also supports native ELF binaries, although it hasn't been
 decided yet whether, when, and how we might use this as the default
 binary format some day.
 
 A `brandelf' utility has been added to allow `branding' of non-shared
 linked ELF binaries where the kernel cannot guess which image activator
 (FreeBSD, Linux, maybe SysV some day) should be used.  This works around
 one major flaw in the ELF object format, the missing field to mark the
 ABI it belongs to.
 
 Support for APM BIOSes is now in a much better shape.
 
 The manual section 9 has been started, describing `official' kernel
 programming interfaces.  We are still seeking volunteers to document
 interfaces here!
 
 The kernel configuration option handling has been largely moved away
 from the old -D Makefile kludges, towards a system of "opt_foo.h"
 kernel include files, allowing Makefile dependencies to work again.
 We expect the old hack that blows the entire compile directory away
 on each run of 
 config(8)
 to go away anytime soon.  Unless you're changing
 weird options, you might now consider using the -n option to 
 config(8),
 or setting the env variable NO_CONFIG_CLOBBER, if CPU time is costly for
 you.  See also the comments in the handbook about how it works.
 
 
 2. Supported Configurations
 ---------------------------
 
 FreeBSD currently runs on a wide variety of ISA, VLB, EISA and PCI bus
 based PC's, ranging from 386sx to Pentium class machines (though the
 386sx is not recommended).  Support for generic IDE or ESDI drive
 configurations, various SCSI controller, network and serial cards is
 also provided.
 
 What follows is a list of all peripherals currently known to work with
 FreeBSD.  Other configurations may also work, we have simply not as yet
 received confirmation of this.
 
 
 2.1. Disk Controllers
 ---------------------
 
 WD1003 (any generic MFM/RLL)
 WD1007 (any generic IDE/ESDI)
 IDE
 ATA
 
 Adaptec 1510 series ISA SCSI controllers (not for bootable devices)
 Adaptec 152x series ISA SCSI controllers
 Adaptec 1535 ISA SCSI controllers
 Adaptec 154x series ISA SCSI controllers
 Adaptec 174x series EISA SCSI controller in standard and enhanced mode.
 Adaptec 274X/284X/2940/3940 (Narrow/Wide/Twin) series ISA/EISA/PCI SCSI
 controllers.
 Adaptec AIC7850 on-board SCSI controllers.
 
 Adaptec AIC-6260 and AIC-6360 based boards, which includes the AHA-152x
 and SoundBlaster SCSI cards.
 
 ** Note: You cannot boot from the SoundBlaster cards as they have no
    on-board BIOS, such being necessary for mapping the boot device into the
    system BIOS I/O vectors.  They're perfectly usable for external tapes,
    CDROMs, etc, however.  The same goes for any other AIC-6x60 based card
    without a boot ROM.  Some systems DO have a boot ROM, which is generally
    indicated by some sort of message when the system is first powered up
    or reset, and in such cases you *will* also be able to boot from them.
    Check your system/board documentation for more details.
 
 Buslogic 545S & 545c
 Buslogic 445S/445c VLB SCSI controller
 Buslogic 742A, 747S, 747c EISA SCSI controller.
 Buslogic 946c PCI SCSI controller
 Buslogic 956c PCI SCSI controller
 
 SymBios (formerly NCR) 53C810, 53C825, 53c860 and 53c875 PCI SCSI
 controllers:
 	ASUS SC-200
   	Data Technology DTC3130 (all variants)
 	NCR cards (all)
 	Symbios cards (all)
 	Tekram DC390W, 390U and 390F
 	Tyan S1365
 
 Tekram DC390 and DC390T controllers (maybe other cards based on the
 AMD 53c974 as well).
 
 NCR5380/NCR53400 ("ProAudio Spectrum") SCSI controller. 
 
 DTC 3290 EISA SCSI controller in 1542 emulation mode.
 
 UltraStor 14F, 24F and 34F SCSI controllers.
 
 Seagate ST01/02 SCSI controllers.
 
 Future Domain 8xx/950 series SCSI controllers.
 
 WD7000 SCSI controller.
 
 With all supported SCSI controllers, full support is provided for
 SCSI-I & SCSI-II peripherals, including Disks, tape drives (including
 DAT and 8mm Exabyte) and CD ROM drives.
 
 The following CD-ROM type systems are supported at this time:
 (cd)    SCSI interface (also includes ProAudio Spectrum and
         SoundBlaster SCSI)
 (mcd)   Mitsumi proprietary interface (all models)
 (matcd) Matsushita/Panasonic (Creative SoundBlaster) proprietary
         interface (562/563 models)
 (scd)   Sony proprietary interface (all models)
 (wcd)   ATAPI IDE interface (experimental and should be considered ALPHA
         quality!).
 
 
 2.2. Ethernet cards
 -------------------
 
 Allied-Telesis AT1700 and RE2000 cards
 
 AMD PCnet/PCI (79c970 & 53c974 or 79c974)
 
 SMC Elite 16 WD8013 ethernet interface, and most other WD8003E,
 WD8003EBT, WD8003W, WD8013W, WD8003S, WD8003SBT and WD8013EBT
 based clones.  SMC Elite Ultra is also supported.
 
 DEC EtherWORKS III NICs (DE203, DE204, and DE205)
 DEC EtherWORKS II NICs (DE200, DE201, DE202, and DE422)
 DEC DC21040, DC21041, or DC21140 based NICs (SMC Etherpower 8432T, DE245, etc)
 DEC FDDI (DEFPA/DEFEA) NICs
 
 Fujitsu MB86960A/MB86965A
 
 HP PC Lan+ cards (model numbers: 27247B and 27252A).
 
 Intel EtherExpress (not recommended due to driver instability)
 Intel EtherExpress Pro/10
 Intel EtherExpress Pro/100B PCI Fast Ethernet
 
 Isolan AT 4141-0 (16 bit)
 Isolink 4110     (8 bit)
 
 Novell NE1000, NE2000, and NE2100 ethernet interface.
 
 3Com 3C501 cards
 
 3Com 3C503 Etherlink II
 
 3Com 3c505 Etherlink/+
 
 3Com 3C507 Etherlink 16/TP
 
 3Com 3C509, 3C579, 3C589 (PCMCIA), 3C590/592/595/900/905 PCI and EISA
 (Fast) Etherlink III / (Fast) Etherlink XL
 
 Toshiba ethernet cards
 
 PCMCIA ethernet cards from IBM and National Semiconductor are also
 supported.
 
 Note that NO token ring cards are supported at this time as we're
 still waiting for someone to donate a driver for one of them.  Any
 takers?
 
 
 2.3. Misc
 ---------
 
 AST 4 port serial card using shared IRQ.
 
 ARNET 8 port serial card using shared IRQ.
 ARNET (now Digiboard) Sync 570/i high-speed serial.
 
 Boca BB1004 4-Port serial card (Modems NOT supported)
 Boca IOAT66 6-Port serial card (Modems supported)
 Boca BB1008 8-Port serial card (Modems NOT supported)
 Boca BB2016 16-Port serial card (Modems supported)
 
 Cyclades Cyclom-y Serial Board.
 
 STB 4 port card using shared IRQ.
 
 SDL Communications Riscom/8 Serial Board.
 SDL Communications RISCom/N2 and N2pci high-speed sync serial boards.
 
 Stallion multiport serial boards: EasyIO, EasyConnection 8/32 & 8/64,
 ONboard 4/16 and Brumby.
 
 Adlib, SoundBlaster, SoundBlaster Pro, ProAudioSpectrum, Gravis UltraSound
 and Roland MPU-401 sound cards.
 
 Connectix QuickCam
 Matrox Meteor Video frame grabber
 Creative Labs Video Spigot frame grabber
 Cortex1 frame grabber
 
 HP4020i, Philips CDD2000 and PLASMON WORM (CDR) drives.
 
 PS/2 mice
 
 Standard PC Joystick
 
 X-10 power controllers
 
 GPIB and Transputer drivers.
 
 Genius and Mustek hand scanners.
 
 
 FreeBSD currently does NOT support IBM's microchannel (MCA) bus.
 
 
 3. Obtaining FreeBSD
 --------------------
 
 You may obtain FreeBSD in a variety of ways:
 
 3.1. FTP/Mail
 -------------
 
 You can ftp FreeBSD and any or all of its optional packages from
 `ftp.FreeBSD.org' - the official FreeBSD release site.
 
 For other locations that mirror the FreeBSD software see the file
 MIRROR.SITES.  Please ftp the distribution from the site closest (in
 networking terms) to you.  Additional mirror sites are always welcome!
 Contact freebsd-admin@FreeBSD.org for more details if you'd like to 
 become an official mirror site.
 
 If you do not have access to the Internet and electronic mail is your
 only recourse, then you may still fetch the files by sending mail to
 `ftpmail@decwrl.dec.com' - putting the keyword "help" in your message
 to get more information on how to fetch files using this mechanism.
 Please do note, however, that this will end up sending many *tens of
 megabytes* through the mail and should only be employed as an absolute
 LAST resort!
 
 
 3.2. CDROM
 ----------
 
 FreeBSD 2.1.7-RELEASE and 2.2-RELEASE CDs may be ordered on CDROM from:
 
         Walnut Creek CDROM
         4041 Pike Lane, Suite D
         Concord CA  94520
         1-800-786-9907, +1-510-674-0783, +1-510-674-0821 (fax)
 
 Or via the Internet from orders@cdrom.com or http://www.cdrom.com.
 Their current catalog can be obtained via ftp from:
         ftp://ftp.cdrom.com/cdrom/catalog.
 
 Cost per -RELEASE CD is $39.95 or $24.95 with a FreeBSD subscription.
 FreeBSD 3.0-SNAP CDs are $29.95 or $14.95 with a FreeBSD-SNAP subscription
 (-RELEASE and -SNAP subscriptions are entirely separate).  With a
 subscription, you will automatically receive updates as they are released.
 Your credit card will be billed when each disk is shipped and you may cancel
 your subscription at any time without further obligation.
 
 Shipping (per order not per disc) is $5 in the US, Canada or Mexico
 and $9.00 overseas.  They accept Visa, Mastercard, Discover, American
 Express or checks in U.S. Dollars and ship COD within the United
 States.  California residents please add 8.25% sales tax.
 
 Should you be dissatisfied for any reason, the CD comes with an
 unconditional return policy.
 
 
 4. Reporting problems, making suggestions, submitting code.
 -----------------------------------------------------------
 
 Your suggestions, bug reports and contributions of code are always
 valued - please do not hesitate to report any problems you may find
 (preferably with a fix attached, if you can!).
 
 The preferred method to submit bug reports from a machine with
 Internet mail connectivity is to use the send-pr command or use the CGI
 script at http://www.FreeBSD.org/send-pr.html.  Bug reports
 will be dutifully filed by our faithful bugfiler program and you can
 be sure that we'll do our best to respond to all reported bugs as soon
 as possible.  Bugs filed in this way are also visible on our WEB site
 in the support section and are therefore valuable both as bug reports
 and as "signposts" for other users concerning potential problems to
 watch out for.
 
 If, for some reason, you are unable to use the send-pr command to
 submit a bug report, you can try to send it to:
 
                 freebsd-bugs@FreeBSD.org
 
 Note that send-pr itself is a shell script that should be easy to move
 even onto a totally different system.  We much prefer if you could use
 this interface, since it make it easier to keep track of the problem
 reports.  However, before submitting, please try to make sure whether
 the problem might have already been fixed since.
 
 
 Otherwise, for any questions or suggestions, please send mail to:
 
                 freebsd-questions@FreeBSD.org
 
 
 Additionally, being a volunteer effort, we are always happy to have
 extra hands willing to help - there are already far more desired
 enhancements than we'll ever be able to manage by ourselves!  To
 contact us on technical matters, or with offers of help, please send
 mail to:
 
                 freebsd-hackers@FreeBSD.org
 
 
 Please note that these mailing lists can experience *significant*
 amounts of traffic and if you have slow or expensive mail access and
 are only interested in keeping up with significant FreeBSD events, you
 may find it preferable to subscribe instead to:
 
                 freebsd-announce@FreeBSD.org
 
 
 All but the freebsd-bugs groups can be freely joined by anyone wishing
 to do so.  Send mail to MajorDomo@FreeBSD.org and include the keyword
 `help' on a line by itself somewhere in the body of the message.  This
 will give you more information on joining the various lists, accessing
 archives, etc.  There are a number of mailing lists targeted at
 special interest groups not mentioned here, so send mail to majordomo
 and ask about them!
 
 
 5. Acknowledgements
 -------------------
 
 FreeBSD represents the cumulative work of many dozens, if not
 hundreds, of individuals from around the world who have worked very
 hard to bring you this release.  For a complete list of FreeBSD
 project staffers, please see:
 
         http://www.FreeBSD.org/handbook/staff.html
 
 or, if you've loaded the doc distribution:
 
         file:/usr/share/doc/handbook/staff.html
 
 Additional FreeBSD helpers and beta testers:
 
         Coranth Gryphon            Dave Rivers 
         Kaleb S. Keithley          Terry Lambert
         David Dawes                Don Lewis
 
 Special mention to:
 
         Walnut Creek CDROM, without whose help (and continuing support)
         this release would never have been possible.
 
         Dermot McDonnell for his donation of a Toshiba XM3401B CDROM
         drive.
 
         Chuck Robey for his donation of a floppy tape streamer for
         testing.
 
         Larry Altneu and Wilko Bulte for providing us with Wangtek
         and Archive QIC-02 tape drives for testing and driver hacking.
 
 	CalWeb Internet Services for the loan of a P6/200 machine for
 	speedy package building.
 
         Everyone at Montana State University for their initial support.
 
         And to the many thousands of FreeBSD users and testers all over the
         world, without whom this release simply would not have been possible.
 
 We sincerely hope you enjoy this release of FreeBSD!
 
                         The FreeBSD Project

Release Home &footer; diff --git a/en/releases/3.3R/notes.sgml b/en/releases/3.3R/notes.sgml index d6c2fd8fe7..c897cddca9 100644 --- a/en/releases/3.3R/notes.sgml +++ b/en/releases/3.3R/notes.sgml @@ -1,689 +1,689 @@ - + %includes; ]> &header; 
 
                                  RELEASE NOTES
                               FreeBSD 3.3-RELEASE
 
 Welcome to 3.3-RELEASE, a full follow-on to 3.2-RELEASE released
 May 1999.  In the months since 3.2 was released, many bug fixes and
 general enhancements have been made to the system.  Please see relevant
 details below.
 
 Any installation failures or crashes should be reported by using the
 send-pr command (those preferring a WEB based interface can also see
 this page).
 
 For information about FreeBSD and the layout of the 3.3-RELEASE
 directory (especially if you're installing from floppies!), see
 ABOUT.TXT.  For installation instructions, see the INSTALL.TXT and
 HARDWARE.TXT files.
 
 Table of contents:
 ------------------
 1. What's new since 3.2-RELEASE
    1.1 KERNEL CHANGES
    1.2 SECURITY FIXES
    1.3 USERLAND CHANGES
 
 2. Supported Configurations
    2.1 Disk Controllers
    2.2 Ethernet cards
    2.3 ATM
    2.4 Misc
 
 3. Obtaining FreeBSD
    3.1 FTP/Mail
    3.3 CDROM
 
 4. Upgrading from previous releases of FreeBSD
 
 5. Reporting problems, making suggestions, submitting code
 6. Acknowledgements
 
 
 1. What's new since 3.2-RELEASE
 ---------------------------------
 
 1.1. KERNEL CHANGES
 -------------------
 The Berkeley Packet Filter (bpf) is enabled by default.  This is to allow
 DHCP supported installs.
 
 Linux mode has undergone significant bug fixes and improvements.
 
 The i386 bootstrap has been enhanced for some problematic systems.
 
 Driver support has been added for IEEE 802.11 PCMCIA wireless network
 adapters based on the Lucent Hermes chipset, including the Lucent
 WaveLAN/IEEE 802.11 and the Cabletron RoamAbout.  Both 2Mbps and
 6Mbps Turbo adapters are supported. [MERGED]
 
 Driver support has been added for PCI fast Ethernet cards based
 on the ADMtek Inc. AL981 Comet chipset.
 
 Driver support has been added for PCI fast Ethernet cards based
 on the LC82C115 'PNIC II' chipset.
 
 Driver support has been added for SysKonnect SK-984x PCI gigabit
 Ethernet adapters.
 
 Driver support has been added for Adaptec Duralink PCI Ethernet adapters
 based on the Adaptec AIC-6915 fast Ethernet controller.
 
 Driver support for M-systems DiskOnChip products integrated.
 
 Driver support has been added for the 3Com 3c905C-TX.
 
 Driver support has been added for the 3Com 3x574-TX 16-bit FastEtherlink
 PC-card support.
 
 Driver support has been added for the Compaq Smart Raid family of
 RAID controllers.
 
 Driver support for a number of Realtek and Avance Asound audio cards
 has been added.
 
 USB support has been improved.
 
 Major updates to the Vinum volume manager have been incorporated.
 [Though the new RAID-5 features should still be considered
 experimental since they are, well, new].
 
 A number of NFS problems have been fixed.
 
 APM support has been improved.  A kernel panic problem with an
 older APM BIOSes has been fixed.  Also, the suspend/standby
 transition is more robust.
 
 User- and group-based IPFW firewalling has been added.
 
 Support for probabilistic rule matching has been added to IPFW.
 
 IPFW logging is now dynamic. IPFW logging counts can be reset, and any
 given rule can be given an arbitrary logging limit.
 
 
 1.2. SECURITY FIXES
 -------------------
-A problem with file systems flags has been corrected.
+A problem with filesystems flags has been corrected.
 
 A problem with profil(2) remaining inactive after an exec call.
 
 A remotely exploitable root hole in amd (the automount daemon) has been
 fixed.
 
 The wu-ftpd port has been updated with the latest patches to prevent
 possible remote root exploits.
 
 The proftpd port has been updated with the latest patches to prevent
 possible remote root exploits.
 
 The samba port has been updated with the latest patches to prevent
 possible remote root exploits.
 
 The inn port has been updated to a new version that corrects some buffer
 overflows.
 
 Since FreeBSD 3.0 RELEASE, many minor problems with the network stack
 have been corrected which could have been exploited for denial of
 service attacks.
 
 
 1.3. USERLAND CHANGES
 ---------------------
 The support environment for Linux mode has finally been updated. The
 linux_lib and linux_devel ports are replaced by resp. linux_base and
 linux_devtools. These new ports are based on Red Hat 5.2 packages
 and include support for both glibc2 and libc5 based applications.
 
 Sysinstall now contains DHCP client support.
 
 TCP Wrapper support in inetd(8) is now controlled with command-line
 options and data-gram (UDP) services may be wrapped in addition to previously
 wrapped service types. Please see the manpage for details, since inetd
 run without command-line options will do no wrapping.
 
 ISC's DHCP client has been upgraded to version 2.0.
 
 Bison, the GNU parser generator, has been upgraded to version 1.28.
 
 The Advanced Power Management monitor daemon, apmd(8), has been added.
 This allows the user to select the APM events to be handled from
 userland and specify the commands for a given event.  This allows the
 APM behavior to be configured in a flexable manner.  Please see the
 manpage for details.
 
 
 2. Supported Configurations
 ---------------------------
 FreeBSD currently runs on a wide variety of ISA, VLB, EISA and PCI bus
 based PC's, ranging from 386sx to Pentium class machines (though the
 386sx is not recommended).  Support for generic IDE or ESDI drive
 configurations, various SCSI controller, network and serial cards is
 also provided.
 
 What follows is a list of all peripherals currently known to work with
 FreeBSD.  Other configurations may also work, we have simply not as yet
 received confirmation of this.
 
 
 2.1. Disk Controllers
 ---------------------
 WD1003 (any generic MFM/RLL)
 WD1007 (any generic IDE/ESDI)
 IDE
 ATA
 
 Adaptec 1535 ISA SCSI controllers
 Adaptec 154x series ISA SCSI controllers
 Adaptec 174x series EISA SCSI controller in standard and enhanced mode.
 Adaptec 274X/284X/2920C/294x/2950/3940/3950 (Narrow/Wide/Twin) series
 EISA/VLB/PCI SCSI controllers.
 Adaptec AIC7850, AIC7860, AIC7880, AIC789x, on-board SCSI controllers.
 
 AdvanSys SCSI controllers (all models).
 
 BusLogic MultiMaster controllers:
 
 [ Please note that BusLogic/Mylex "Flashpoint" adapters are NOT yet supported ]
 
 BusLogic MultiMaster "W" Series Host Adapters:
     BT-948, BT-958, BT-958D
 BusLogic MultiMaster "C" Series Host Adapters:
     BT-946C, BT-956C, BT-956CD, BT-445C, BT-747C, BT-757C, BT-757CD, BT-545C,
     BT-540CF
 BusLogic MultiMaster "S" Series Host Adapters:
     BT-445S, BT-747S, BT-747D, BT-757S, BT-757D, BT-545S, BT-542D, BT-742A,
     BT-542B
 BusLogic MultiMaster "A" Series Host Adapters:
     BT-742A, BT-542B
 
 AMI FastDisk controllers that are true BusLogic MultiMaster clones are also
 supported.
 
 DPT SmartCACHE Plus, SmartCACHE III, SmartRAID III, SmartCACHE IV and
 SmartRAID IV SCSI/RAID controllers are supported.  The DPT SmartRAID/CACHE V
 is not yet supported.
 
 SymBios (formerly NCR) 53C810, 53C810a, 53C815, 53C820, 53C825a,
 53C860, 53C875, 53C875j, 53C885, 53C895 and 53C896 PCI SCSI controllers:
         ASUS SC-200
         Data Technology DTC3130 (all variants)
         Diamond FirePort (all)
         NCR cards (all)
         Symbios cards (all)
         Tekram DC390W, 390U and 390F
         Tyan S1365
 
 
 QLogic 1020, 1040, 1040B, 1080 and 1240 SCSI Host Adapters.
 QLogic 2100 Fibre Channel Adapters (private loop only).
 
 DTC 3290 EISA SCSI controller in 1542 emulation mode.
 
 With all supported SCSI controllers, full support is provided for
 SCSI-I & SCSI-II peripherals, including hard disks, optical disks,
 tape drives (including DAT and 8mm Exabyte), medium changers, processor
 target devices and CDROM drives.  WORM devices that support CDROM commands
 are supported for read-only access by the CDROM driver.  WORM/CD-R/CD-RW
 writing support is provided by cdrecord, which is in the ports tree.
 
 The following CD-ROM type systems are supported at this time:
 (cd)    SCSI interface (also includes ProAudio Spectrum and
         SoundBlaster SCSI)
 (matcd) Matsushita/Panasonic (Creative SoundBlaster) proprietary
         interface (562/563 models)
 (scd)   Sony proprietary interface (all models)
 (wcd)   ATAPI IDE interface
 
 The following drivers were supported under the old SCSI subsystem, but are
 NOT YET supported under the new CAM SCSI subsystem:
 
   Tekram DC390 and DC390T controllers (maybe other cards based on the
   AMD 53c974 as well).
 
   NCR5380/NCR53400 ("ProAudio Spectrum") SCSI controller. 
 
   UltraStor 14F, 24F and 34F SCSI controllers.
 
   Seagate ST01/02 SCSI controllers.
 
   Future Domain 8xx/950 series SCSI controllers.
 
   WD7000 SCSI controller.
 
   Adaptec 1510 series ISA SCSI controllers (not for bootable devices)
   Adaptec 152x series ISA SCSI controllers
   Adaptec AIC-6260 and AIC-6360 based boards, which includes the AHA-152x
   and SoundBlaster SCSI cards.
 
   [ Note:  There is work-in-progress to port the AIC-6260/6360 and
     UltraStor drivers to the new CAM SCSI framework, but no estimates on
     when or if they will be completed. ]
 
 Unmaintained drivers, they might or might not work for your hardware:
 
   Floppy tape interface (Colorado/Mountain/Insight)
 
   (mcd)   Mitsumi proprietary CD-ROM interface (all models)
 
 2.2. Ethernet cards
 -------------------
 
 Adaptec Duralink PCI fast Ethernet adapters based on the Adaptec
 AIC-6915 fast Ethernet controller chip, including the following:
   ANA-62011 64-bit single port 10/100-BaseTX adapter
   ANA-62022 64-bit dual port 10/100-BaseTX adapter
   ANA-62044 64-bit quad port 10/100-BaseTX adapter
   ANA-69011 32-bit single port 10/100-BaseTX adapter
   ANA-62020 64-bit single port 100-BaseFX adapter
 
 Allied-Telesis AT1700 and RE2000 cards
 
 Alteon Networks PCI gigabit Ethernet NICs based on the Tigon 1 and Tigon 2
 chipsets, including the following:
   Alteon AceNIC (Tigon 1 and 2)
   3Com 3c985-SX (Tigon 1 and 2)
   Netgear GA620 (Tigon 2)
   Silicon Graphics Gigabit Ethernet
   DEC/Compaq EtherWORKS 1000
   NEC Gigabit Ethernet
 
 AMD PCnet/PCI (79c970 & 53c974 or 79c974)
 
 SMC Elite 16 WD8013 Ethernet interface, and most other WD8003E,
 WD8003EBT, WD8003W, WD8013W, WD8003S, WD8003SBT and WD8013EBT
 based clones.  SMC Elite Ultra.  SMC Etherpower II.
 
 RealTek 8129/8139 fast Ethernet NICs including the following:
   Allied Telesyn AT2550
   Allied Telesyn AT2500TX
   Genius GF100TXR (RTL8139)
   NDC Communications NE100TX-E
   OvisLink LEF-8129TX
   OvisLink LEF-8139TX
   Netronix Inc. EA-1210 NetEther 10/100
   KTX-9130TX 10/100 Fast Ethernet
   Accton "Cheetah" EN1027D (MPX 5030/5038; RealTek 8139 clone?)
   SMC EZ Card 10/100 PCI 1211-TX
 
 Lite-On 82c168/82c169 PNIC fast Ethernet NICs including the following:
   LinkSys EtherFast LNE100TX
   NetGear FA310-TX Rev. D1
   Matrox FastNIC 10/100
   Kingston KNE110TX
 
 Macronix 98713, 98713A, 98715, 98715A and 98725 fast Ethernet NICs
   NDC Communications SFA100A (98713A)
   CNet Pro120A (98713 or 98713A)
   CNet Pro120B (98715)
   SVEC PN102TX (98713)
 
 Macronix/Lite-On PNIC II LC82C115 fast Ethernet NICs including the following:
   LinkSys EtherFast LNE100TX Version 2
 
 Winbond W89C840F fast Ethernet NICs including the following:
   Trendware TE100-PCIE
 
 VIA Technologies VT3043 "Rhine I" and VT86C100A "Rhine II" fast Ethernet
 NICs including the following:
   Hawking Technologies PN102TX
   D-Link DFE530TX
 
 SysKonnect SK-984x PCI gigabit Ethernet cards including the following:
   SK-9841 1000baseLX single mode fiber, single port
   SK-9842 1000baseSX multi-mode fiber, single port
   SK-9843 1000baseLX single mode fiber, dual port
   SK-9844 1000baseSX multi-mode fiber, dual port
   
 Texas Instruments ThunderLAN PCI NICs, including the following:
   Compaq Netelligent 10, 10/100, 10/100 Proliant, 10/100 Dual-Port
   Compaq Netelligent 10/100 TX Embedded UTP, 10 T PCI UTP/Coax, 10/100 TX UTP
   Compaq NetFlex 3P, 3P Integrated, 3P w/ BNC
   Olicom OC-2135/2138, OC-2325, OC-2326 10/100 TX UTP
   Racore 8165 10/100-BaseTX
   Racore 8148 10-BaseT/100-BaseTX/100-BaseFX multi-personality
 
 ADMtek Inc. AL981-based PCI fast Ethernet NICs
 
 ASIX Electronics AX88140A PCI NICs, including the following:
   Alfa Inc. GFC2204
   CNet Pro110B
 
 DEC EtherWORKS III NICs (DE203, DE204, and DE205)
 DEC EtherWORKS II NICs (DE200, DE201, DE202, and DE422)
 DEC DC21040, DC21041, or DC21140 based NICs (SMC Etherpower 8432T, DE245, etc)
 DEC FDDI (DEFPA/DEFEA) NICs
 
 Fujitsu MB86960A/MB86965A
 
 HP PC Lan+ cards (model numbers: 27247B and 27252A).
 
 Intel EtherExpress 16
 Intel EtherExpress Pro/10
 Intel EtherExpress Pro/100B PCI Fast Ethernet
 
 Isolan AT 4141-0 (16 bit)
 Isolink 4110     (8 bit)
 
 Novell NE1000, NE2000, and NE2100 Ethernet interface.
 
 PCI network cards emulating the NE2000: RealTek 8029, NetVin 5000,
 Winbond W89C940, Surecom NE-34, VIA VT86C926.
 
 3Com 3C501 cards
 
 3Com 3C503 Etherlink II
 
 3Com 3c505 Etherlink/+
 
 3Com 3C507 Etherlink 16/TP
 
 3Com 3C509, 3C579, 3C589 (PCMCIA), 3C590/592/595/900/905/905B/905C PCI
 and EISA (Fast) Etherlink III / (Fast) Etherlink XL
 
 3Com 3c980/3c980B Fast Etherlink XL server adapter
 
 3Com 3cSOHO100-TX OfficeConnect adapter
 
 Toshiba Ethernet cards
 
 Crystal Semiconductor CS89x0-based NICs, including:
   IBM Etherjet ISA
 
 PCMCIA Etherjet cards from IBM and National Semiconductor are also
 supported.
 
 Note that NO token ring cards are supported at this time as we're
 still waiting for someone to donate a driver for one of them.  Any
 takers?
 
 2.3 ATM
 -------
 
    o ATM Host Interfaces
         - FORE Systems, Inc. PCA-200E ATM PCI Adapters
         - Efficient Networks, Inc. ENI-155p ATM PCI Adapters
 
    o ATM Signaling Protocols
         - The ATM Forum UNI 3.1 signaling protocol
         - The ATM Forum UNI 3.0 signaling protocol
         - The ATM Forum ILMI address registration
         - FORE Systems's proprietary SPANS signaling protocol
         - Permanent Virtual Channels (PVCs)
 
    o IETF "Classical IP and ARP over ATM" model
         - RFC 1483, "Multi-protocol Encapsulation over ATM Adaptation Layer 5"
         - RFC 1577, "Classical IP and ARP over ATM"
         - RFC 1626, "Default IP MTU for use over ATM AAL5"
         - RFC 1755, "ATM Signaling Support for IP over ATM"
         - RFC 2225, "Classical IP and ARP over ATM"
         - RFC 2334, "Server Cache Synchronization Protocol (SCSP)"
         - Internet Draft draft-ietf-ion-scsp-atmarp-00.txt,
                 "A Distributed ATMARP Service Using SCSP"
 
    o ATM Sockets interface
 
 2.4. Misc
 ---------
 
 AST 4 port serial card using shared IRQ.
 
 ARNET 8 port serial card using shared IRQ.
 ARNET (now Digiboard) Sync 570/i high-speed serial.
 
 Boca BB1004 4-Port serial card (Modems NOT supported)
 Boca IOAT66 6-Port serial card (Modems supported)
 Boca BB1008 8-Port serial card (Modems NOT supported)
 Boca BB2016 16-Port serial card (Modems supported)
 
 Comtrol Rocketport card.
 
 Cyclades Cyclom-y Serial Board.
 
 STB 4 port card using shared IRQ.
 
 SDL Communications Riscom/8 Serial Board.
 SDL Communications RISCom/N2 and N2pci high-speed sync serial boards.
 
 Stallion multi-port serial boards: EasyIO, EasyConnection 8/32 & 8/64,
 ONboard 4/16 and Brumby.
 
 Specialix SI/XIO/SX ISA, EISA and PCI serial expansion cards/modules.
 
 Adlib, SoundBlaster, SoundBlaster Pro, ProAudioSpectrum, Gravis UltraSound
 and Roland MPU-401 sound cards. (snd driver)
 
 Most ISA audio codecs manufactured by Crystal Semiconductors, OPTi, Creative
 Labs, Avance, Yamaha and ENSONIQ. (pcm driver)
 
 Connectix QuickCam
 Matrox Meteor Video frame grabber
 Creative Labs Video Spigot frame grabber
 Cortex1 frame grabber
 Hauppauge Wincast/TV boards (PCI)
 STB TV PCI
 Intel Smart Video Recorder III
 Various Frame grabbers based on Brooktree Bt848 / Bt878 chip.
 
 HP4020, HP6020, Philips CDD2000/CDD2660 and Plasmon CD-R drives.
 
 PS/2 mice
 
 Standard PC Joystick
 
 X-10 power controllers
 
 GPIB and Transputer drivers.
 
 Genius and Mustek hand scanners.
 
 Xilinx XC6200 based reconfigurable hardware cards compatible with
 the HOT1 from Virtual Computers (www.vcc.com)
 
 Support for Dave Mills experimental Loran-C receiver.
 
 Lucent Technologies WaveLAN/IEEE 802.11 PCMCIA and ISA standard speed
 (2Mbps) and turbo speed (6Mbps) wireless network adapters and work-a-likes
 (NCR WaveLAN/IEEE 802.11, Cabletron RoamAbout 802.11 DS). Note: the
 ISA versions of these adapters are actually PCMCIA cards combined with
 an ISA to PCMCIA bridge card, so both kinds of devices work with
 the same driver.
 
 FreeBSD currently does NOT support IBM's microchannel (MCA) bus.
 
 3. Obtaining FreeBSD
 --------------------
 
 You may obtain FreeBSD in a variety of ways:
 
 3.1. FTP/Mail
 -------------
 
 You can ftp FreeBSD and any or all of its optional packages from
 `ftp.FreeBSD.org' - the official FreeBSD release site.
 
 For other locations that mirror the FreeBSD software see the file
 MIRROR.SITES.  Please ftp the distribution from the site closest (in
 networking terms) to you.  Additional mirror sites are always welcome!
 Contact freebsd-admin@FreeBSD.org for more details if you'd like to 
 become an official mirror site.
 
 If you do not have access to the Internet and electronic mail is your
 only recourse, then you may still fetch the files by sending mail to
 `ftpmail@ftpmail.vix.com' - putting the keyword "help" in your message
 to get more information on how to fetch files using this mechanism.
 Please do note, however, that this will end up sending many *tens of
 megabytes* through the mail and should only be employed as an absolute
 LAST resort!
 
 
 3.2. CDROM
 ----------
 
 FreeBSD 3.3-RELEASE CDs may be ordered on CDROM from:
 
         Walnut Creek CDROM
         4041 Pike Lane, Suite F
         Concord CA  94520
         1-800-786-9907, +1-925-674-0783, +1-925-674-0821 (FAX)
 
 Or via the Internet from orders@cdrom.com or http://www.cdrom.com.
 Their current catalog can be obtained via ftp from:
 
         ftp://ftp.cdrom.com/cdrom/catalog
 
 Cost per -RELEASE CD is $39.95 or $24.95 with a FreeBSD subscription.
 FreeBSD SNAPshot CDs, when available, are $39.95 or $14.95 with a
 FreeBSD-SNAP subscription (-RELEASE and -SNAP subscriptions are entirely
 separate).  With a subscription, you will automatically receive updates as
 they are released.  Your credit card will be billed when each disk is
 shipped and you may cancel your subscription at any time without further
 obligation.
 
 Shipping (per order not per disc) is $5 in the US, Canada or Mexico
 and $9.00 overseas.  They accept Visa, Mastercard, Discover, American
 Express or checks in U.S. Dollars and ship COD within the United
 States.  California residents please add 8.25% sales tax.
 
 Should you be dissatisfied for any reason, the CD comes with an
 unconditional return policy.
 
 
 4. Upgrading from previous releases of FreeBSD
 ----------------------------------------------
 
 If you're upgrading from a previous release of FreeBSD, most likely
 it's 2.2.x or 2.1.x (in some lesser number of cases) and some of the
 following issues may affect you, depending of course on your chosen
 method of upgrading.  There are two popular ways of upgrading
 FreeBSD distributions:
 
         o Using sources, via /usr/src
         o Using sysinstall's (binary) upgrade option.
 
 In the case of using sources, there are simply two targets you need to
 be aware of: The standard ``upgrade'' target, which will upgrade a 2.x
 or 3.0 system to 3.3 and the ``world'' target, which will take an
 already upgraded system and keep it in sync with whatever changes have
 happened since the initial upgrade.
 
 In the case of using the binary upgrade option, the system will go
 straight to 3.3/ELF but also populate the /<basepath>/lib/aout
 directories for backwards compatibility with older binaries.
 
 In either case, going to ELF will mean that you'll have somewhat
 smaller binaries and access to a lot more compiler goodies which have
 been already been ported to other ELF environments (our older and
 somewhat crufty a.out format being largely unsupported by most other
 software projects).  Those who wish to retain access to the older
 a.out dynamic executables should be sure and install the compat22
 distribution. Notice that the a.out libraries won't be accessible
 until the system is rebooted, which may cause trouble with certain
 a.out packages.
 
 Also, do not use install disks or sysinstall from previous versions,
 as version 3.1 introduced a new bootstrapping procedure, requiring
 new boot blocks to be installed (because of elf kernels), and version
 3.2 has further modifications to the bootstrapping procedure.
 
 [ other important upgrading notes should go here]
 
 
 5. Reporting problems, making suggestions, submitting code.
 -----------------------------------------------------------
 Your suggestions, bug reports and contributions of code are always
 valued - please do not hesitate to report any problems you may find
 (preferably with a fix attached, if you can!).
 
 The preferred method to submit bug reports from a machine with
 Internet mail connectivity is to use the send-pr command or use the CGI
 script at http://www.FreeBSD.org/send-pr.html.  Bug reports
 will be dutifully filed by our faithful bugfiler program and you can
 be sure that we'll do our best to respond to all reported bugs as soon
 as possible.  Bugs filed in this way are also visible on our WEB site
 in the support section and are therefore valuable both as bug reports
 and as "signposts" for other users concerning potential problems to
 watch out for.
 
 If, for some reason, you are unable to use the send-pr command to
 submit a bug report, you can try to send it to:
 
                 freebsd-bugs@FreeBSD.org
 
 Note that send-pr itself is a shell script that should be easy to move
 even onto a totally different system.  We much prefer if you could use
 this interface, since it make it easier to keep track of the problem
 reports.  However, before submitting, please try to make sure whether
 the problem might have already been fixed since.
 
 
 Otherwise, for any questions or tech support issues, please send mail to:
 
                 freebsd-questions@FreeBSD.org
 
 
 Additionally, being a volunteer effort, we are always happy to have
 extra hands willing to help - there are already far more desired
 enhancements than we'll ever be able to manage by ourselves!  To
 contact us on technical matters, or with offers of help, please send
 mail to:
 
                 freebsd-hackers@FreeBSD.org
 
 
 Please note that these mailing lists can experience *significant*
 amounts of traffic and if you have slow or expensive mail access and
 are only interested in keeping up with significant FreeBSD events, you
 may find it preferable to subscribe instead to:
 
                 freebsd-announce@FreeBSD.org
 
 
 All of the mailing lists can be freely joined by anyone wishing
 to do so.  Send mail to MajorDomo@FreeBSD.org and include the keyword
 `help' on a line by itself somewhere in the body of the message.  This
 will give you more information on joining the various lists, accessing
 archives, etc.  There are a number of mailing lists targeted at
 special interest groups not mentioned here, so send mail to majordomo
 and ask about them!
 
 
 6. Acknowledgments
 -------------------
 
 FreeBSD represents the cumulative work of many dozens, if not
 hundreds, of individuals from around the world who have worked very
 hard to bring you this release.  For a complete list of FreeBSD
 project staffers, please see:
 
         http://www.FreeBSD.org/handbook/staff.html
 
 or, if you've loaded the doc distribution:
 
         file:/usr/share/doc/handbook/staff.html
 
 
 Special mention to:
 
         The donors listed at http://www.FreeBSD.org/handbook/donors.html
 
         And to the many thousands of FreeBSD users and testers all over the
         world, without whom this release simply would not have been possible.
 
 We sincerely hope you enjoy this release of FreeBSD!
 
                         The FreeBSD Project

Release Home &footer; diff --git a/en/releases/4.4R/relnotes-alpha.html b/en/releases/4.4R/relnotes-alpha.html index 97732ccffd..86cd2f6954 100644 --- a/en/releases/4.4R/relnotes-alpha.html +++ b/en/releases/4.4R/relnotes-alpha.html @@ -1,1374 +1,1374 @@ FreeBSD 4.4-RELEASE alpha Release Notes

FreeBSD 4.4-RELEASE alpha Release Notes

The FreeBSD Project

Copyright © 2000, 2001 by The FreeBSD Documentation Project

1 Introduction

This document contains the release notes for FreeBSD 4.4-RELEASE on the alpha hardware platform. It describes new features of FreeBSD that have been added (or changed) since 4.3-RELEASE.

This distribution of FreeBSD 4.4-RELEASE is a release distribution. It can be found at ftp://ftp.FreeBSD.org/pub/FreeBSD/ or any of its mirrors. More information on obtaining this (or other) release distributions of FreeBSD can be found in the ``Obtaining FreeBSD'' appendix to the FreeBSD Handbook.

2 What's New

$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v 1.22.2.86.2.1 2001/09/14 19:35:01 bmah Exp $

This section describes the most user-visible new or changed features in FreeBSD since 4.3-RELEASE.

Many additional changes were made to FreeBSD that are not listed here for lack of space. For example, documentation was corrected and improved, minor bugs were fixed, insecure coding practices were audited and corrected, and source code was cleaned up.

The release notes items are organized into three different sections. Section 2.1 lists recent changes to the FreeBSD kernel. Security fixes, including those pertaining to security advisories, are listed in Section 2.2. Finally, Section 2.3 covers changes to FreeBSD userland applications included in the base system.

2.1 Kernel Changes

The O_DIRECT flag has been added to open(2) and fcntl(2). Specifying this flag for open files will attempt to minimize the cache effects of reading and writing.

An orm(4) device has been added to claim the option ROMs in the ISA memory I/O space, to prevent other drivers from mistakenly assigning addresses that conflict with these ROMs.

The out-of-swap process termination code now begins killing processes earlier to avoid deadlocks; it now also takes into account the swap space used by processes when computing the process sizes.

Network device cloning has been implemented, and the gif(4) device has been modified to take advantage of it. Thus, instead of specifying how many gif(4) interfaces are available in kernel configuration files, ifconfig(8)'s create option should be used when another device instance is desired.

Two new ddb(4) commands, hwatch and dhwatch, have been introduced. Analogous to watch and dwatch, they install hardware watchpoints (as opposed to software watchpoints) if supported by the architecture.

A nmdm(4) null-modem terminal driver has been added.

The stl(4) driver now supports the PCI and ISA EasyIO multi-port serial cards from Stallion Technologies based on the Signetics SC26C194/8 Intelligent Quad/Octal UART.

The maxusers kernel configuration parameter is now a boot-time tunable variable. The kernel parameters derived from maxusers are now also tunables and can be overridden at boot-time. The hz parameter is also now a tunable.

A long standing bug in the FreeBSD boot from CDROM has been fixed. This means that machines like the AlphaServer 1200 can now be booted from the installation and fixit CDROMs.

2.1.1 Processor/Motherboard Support

Because of space constraints on the boot floppy, support for DEC3000 TurboChannel-based machines has been removed from the installation kernel. For the same reason, the following device drivers are no longer present in the installation kernel: ncr(4), sa(4), amr(4), plip(4), le(4), pcn(4), wx(4), and sl(4). Note that most if not all Symbios adapters are covered by the new sym(4) driver.

Whitebox (NT-only) AlphaServer 530x machines are now supported by FreeBSD. FreeBSD is, as always, booted from SRM, not from AlphaBIOS. Make sure your SCSI adapters are on hose 0 for use with FreeBSD.

2.1.2 Network Interface Support

The fxp(4) driver now requires a device miibus entry in the kernel configuration file.

The wx(4) driver now supports the Intel PRO1000-F and PRO1000-T (10/100/1000) adapters.

The an(4) driver now supports the Cisco Aironet 350 series of adaptors and has received a few bug fixes; promiscuous mode now works, and it can be configured before being brought up.

The xl(4) driver now supports reception of VLAN tagged frames (on the ``Cyclone'' or newer chipsets).

The ti(4) driver correctly masks VLAN tags.

Added the nge(4) driver, which supports PCI Gigabit Ethernet adapters based on the National Semiconductor DP83820 and DP83821 Gigabit Ethernet controller chips, including the D-Link DGE-500T, SMC EZ Card 1000 (SMC9462TX), Asante FriendlyNet GigaNIC 1000TA and 1000TPC and Addtron AEG320T. This driver supports transmit and receive checksum offloading.

The lge(4) driver has been added to support the Level 1 LXT1001 NetCellerator Gigabit Ethernet controller chip. This device is used on some fiber optic GigE cards from SMC, D-Link and Addtron. Jumbograms and TCP/IP checksum offload on receive are supported, although hardware VLAN filtering is not.

The tx(4) driver now supports the fiber-optic SMC 9432FTX NICs.

The ed(4) driver now has support for D-Link DL10022 chips, necessary for the NetGear FA-410TX and other cards. As a result, device miibus is required in kernel configurations using the ed(4) driver.

The txp(4) driver has been added to support NICs based on the 3Com 3XP Typhoon/Sidewinder (3CR990) chipset.

2.1.3 Network Protocols

TCP now has RFC 1323 extensions enabled by default in rc.conf(5).

RFC 1323 and RFC 1644 TCP extensions are now disabled for a connection in progress if no response has been received by the third SYN segment sent. This behavior tries to work around (very old) terminal servers with buggy VJ header compression implementations.

The TCP_RESTRICT_RST kernel option has been removed. Similar functionality can be achieved with the net.inet.tcp.blackhole sysctl variable.

The TCP implementation no longer requires the allocation of a TCP template structure for each connection; this should reduce the buffer usage on large systems handling many connections.

A new sysctl net.inet.ip.check_interface, which is off by default, causes IP to verify that an incoming packet arrives on an interface that has an address matching the packet's destination address.

A new options RANDOM_IP_ID kernel option causes the ID field of IP packets to be randomized. This closes a minor information leak which allows a remote observer to determine the rate at which the machine is generating packets, since the default behavior is to increment a counter for each packet sent.

2.1.4 Disks and Storage

The ata(4) driver again has write-caching enabled by default.

The wd(4) compatibility devices were removed from the ata(4) driver.

Access to the floppy drive on the AlphaServer DS10 and AlphaServer DS20 is broken. On the DS10, various errors are reported; on the DS20, the machine locks up.

2.1.5 Filesystems

A simple hash-based lookup optimization for large directories called dirhash has been added. Conditional on the UFS_DIRHASH kernel option, it improves the speed of operations on very large directories at the expense of some memory.

2.1.6 PCCARD Support

On many modern hosts, PCCARD devices can be configured to route their interrupts via either the ISA or PCI interrupt paths. The pcic(4) driver has been updated to support both interrupt paths (formerly, only routing via ISA was supported). In most cases, configuration of PCMCIA devices in laptops is simpler and more flexible. In addition, various Cardbus bridge PCI cards (such as those used by Orinoco PCI NICs) are now supported. Some hosts may experience problems, such as hangs or panics, with PCI interrupt routing; they can frequently be made to work by forcing the older-style ISA interrupt routing. The following lines, placed in /boot/loader.conf, may fix the problem:

     hw.pcic.intr_path="1"
     hw.pcic.irq="0"

When installing FreeBSD on such a system, typing the following lines to the boot loader may be helpful in starting up FreeBSD for the first time:

     ok set hw.pcic.intr_path="1"
     ok set hw.pcic.irq="0"


PCCARD ejection can sometimes result in a hang; a workaround for these cases is to perform a:

     # pccardc power 0 slot

2.1.7 Multimedia Support

2.1.8 Contributed Software

IPFilter has been updated to 3.4.20.

2.1.8.2 KAME

The IPv6 stack is now based on a snapshot based on the KAME Project's IPv6 snapshot as of 28 May, 2001. Most of the items listed in this section are a result of this import. Section 2.3.1.2 lists userland updates to the KAME IPv6 stack.

gif(4) is now based on RFC 2893, rather than RFC 1933. The IFF_LINK2 interface flag can be used to control ingress filtering.

IPSec has received some enhancements, including the ability to use the Rijndael and SHA2 algorithms. IPSec RC5 support has been removed due to patent issues.

stf(4) now conforms to RFC 3056; the IFF_LINK2 interface flag can be used to control ingress filtering.

IPv6 has better checking of illegal addresses (such as loopback addresses) on physical networks.

The IPV6_V6ONLY socket option is now completely supported. The kernel's default behavior with respect to this option is controlled by the net.inet6.ip6.v6only sysctl variable.

RFC 3041 (Privacy Extensions for Stateless Address Autoconfiguration) is now supported. It can be enabled via the net.inet6.ip6.use_tempaddr sysctl variable.

2.2 Security-Related Changes

The security fix mentioned in security advisory FreeBSD-SA-01:39, which governs initial sequence number generation for TCP connections, has raised some possible compatibility issues. To mitigate this effect, the fix can now be enabled or disabled using the net.inet.tcp.tcp_seq_genscheme sysctl variable.

A vulnerability in the fts(3) routines (used by applications for recursively traversing a filesystem) could allow a program to operate on files outside the intended directory hierarchy. This bug has been fixed (see security advisory FreeBSD-SA-01:40).

portmap(8) is now turned off by default, although it will be started automatically on machines that enable NFS serving, NIS services, or amd(8) through rc.conf(5).

A flaw allowed some signal handlers to remain in effect in a child process after being exec-ed from its parent. This allowed an attacker to execute arbitrary code in the context of a setuid binary. This flaw has been corrected (see security advisory FreeBSD-SA-01:42).

A remote buffer overflow in tcpdump(1) has been fixed (see security advisory FreeBSD-SA-01:48).

A remote buffer overflow in telnetd(8) has been fixed (see security advisory FreeBSD-SA-01:49).

The new net.inet.ip.maxfragpackets and net.inet.ip6.maxfragpackets sysctl variables limit the amount of memory that can be consumed by IPv4 and IPv6 packet fragments, which defends against some denial of service attacks (see security advisory FreeBSD-SA-01:52).

The number of ``security profiles'' available in sysinstall(8) for new installations has been reduced to two.

All services in inetd.conf are now disabled by default for new installations. sysinstall(8) gives the option of enabling or disabling inetd(8) on new installations, as well as editing inetd.conf.

A flaw in the implementation of the ipfw(8) me rules on point-to-point links has been corrected. Formerly, me filter rules would match the remote IP address of a point-to-point interface in addition to the intended local IP address (see security advisory FreeBSD-SA-01:53).

A vulnerability in procfs(5), which could allow a process to read sensitive information from another process's memory space, has been closed (see security advisory FreeBSD-SA-01:55).

The PARANOID hostname checking in tcp_wrappers now works as advertised (see security advisory FreeBSD-SA-01:56).

A local root exploit in sendmail(8) has been closed (see security advisory FreeBSD-SA-01:57).

A remote root vulnerability in lpd(8) has been closed (see security advisory FreeBSD-SA-01:58).

A race condition in rmuser(8) that briefly exposed a world-readable /etc/master.passwd has been fixed (see security advisory FreeBSD-SA-01:59).

All non-root-owned binaries in standard system paths now have the schg flag set to prevent exploit vectors when run by cron(8), by root, or by a user other then the one owning the binary. In addition, uustat(1) is now run via /etc/periodic/daily/410.status-uucp as uucp, not root.

A security hole in the form of a buffer overflow in the semop(2) system call has been closed.

2.3 Userland Changes

ip6fw(8) now has the ability to use a preprocessor and use the -q (quiet) flag when reading from a file.

ping(8) now supports a -m option to set the TTL of outgoing packets.

ln(1) now takes a -h flag to avoid following a target that is a link, with a -n flag for compatibility with other implementations.

find(1) now has the -anewer, -cnewer, -mnewer, -okdir, and -newer[acm][acmt] primaries for comparisons of file timestamps.

The performance of the ELF dynamic linker has been improved.

ifconfig(8) can now accept addresses in slash/CIDR notation.

c89(1) has been converted from a shell script to a binary executable, fixing some minor bugs.

vidcontrol(1) now supports a -p option to take a snapshot of a syscons(4) video buffer. These snapshots can be manipulated by the graphics/scr2png utility in the Ports Collection.

vidcontrol(1) now allows the user to omit the font size specification when loading a font, and has some better error-handling.

telnet(1) now supports a -u flag to allow connections to UNIX-domain (AF_UNIX) sockets.

newfs(8) now takes a -U option to enable softupdates on a new filesystem.

libcrypt now has support for Blowfish password hashing.

Ukrainian language support has been added to the FreeBSD console.

savecore(8) now works correctly on machines with 2 GB or more of RAM.

The syntax of inetd(8)'s support for faithd(8) is now compatible with that of other BSDs.

The ident protocol support in inetd(8) has been cleaned up and updated.

inetd(8) now has the ability to manage UNIX-domain sockets.

The resolver(3) in FreeBSD now implements EDNS0 support, which will be necessary when working with IPv6 transport-ready resolvers/DNS servers.

df(1) now takes a -l option to only display information about locally-mounted filesystems.

whois(1) now directs queries for IP addresses to ARIN. If a query to ARIN references APNIC or RIPE, the appropriate server will also be queried, provided that the -Q option is not specified.

The -T option to dump(8) no longer swallows an extra argument.

dump(8) has a new -D option, allowing the path to the /etc/dumpdates file to be changed.

libfetch now has support for a HTTP_USER_AGENT environment variable.

The getprogname(3) and setprogname(3) library functions have been added to manipulate the name of the current program. They are used by error-reporting routines to produce consistent output.

xargs(1) now supports a -J replstr option that allows the user to tell xargs(1) to insert the data read from standard input at a specific point in the command line arguments, rather than at the end.

ifconfig(8) now has support for setting parameters for IEEE 802.11 wireless network devices. wi(4) and an(4) devices are supported.

ifconfig(8) no longer displays the list of supported media by default. Instead it displays it when the -m option is given.

lpd(8) now takes two new options: -c will log all connection errors to syslogd(8), while -W will allow connections from non-reserved ports.

lpc(8) has been improved; lpc clean is now somewhat safer, and a new lpc tclean command has been added to check to see what files would be removed by lpc clean.

du(1) now takes a -I command-line flag to ignore/skip files and subdirectories matching a specified shell-glob mask.

growfs(8), a utility for growing FFS filesystems, has been added. ffsinfo(8), a utility for dump all the meta-information of an existing filesystem, has also been added.

mail(1) now takes a -E flag to avoid sending messages with empty bodies.

vidcontrol(1) now supports a -C option to clear the history buffer for a given tty, as well as a -h option to set the size of the history buffer.

last(1) now implements a -d option that provides a ``snapshot'' of who was logged in at a particular date and time.

libcrypt and libdescrypt have been unified to provide a configurable password authentication hash library. Both the md5 and des hash methods are provided unless the des hash is specifically compiled out.

install(1) has a number of new features, including the -b and -B options for backing up existing target files and the -S option for ``safe'' (atomic copy) operation. The -c (copy) flag is now the default, and the -D (debugging) flag has been withdrawn. install(1) now issues a warning if -d (create directories) and -C (copy changed files only) are used together.

The FreeBSD Makefile infrastructure now supports the WARNS directive from NetBSD. This directive controls the addition of compiler warning flags to CFLAGS in a relatively compiler-neutral manner.

A new fsck_msdosfs(8) utility has been added to check the consistency of MS-DOS filesystems.

The kldconfig(8) utility has been added to make it easier to manipulate the kernel module search path.

moused(8) now takes a -a option to control mouse acceleration.

The tcpmssfixup ppp(8) option now adjusts the maximum receive segment size of incoming TCP SYN segments as well as outgoing TCP SYN segments.

sysctl(8) now supports a -N option to print out variable names only.

sysctl(8) has replaced the -A and -X options with -ao and -ax respectively; the former options are now deprecated. The -w flag is deprecated as well; it is not needed to determine the user's intentions.

cdcontrol(1) now supports next and prev commands to skip forwards or backwards a specified number of tracks while playing an audio CD.

col(1) now takes a -p flag to force unknown control sequences to be passed through unchanged.

tmpnam(3) will now use the TMPDIR environment variable, if set, to specify the location of temporary files.

rc(8) now deletes all non-directory files in /var/run and /var/spool/lock at boot time.

fmtcheck(3), a function for checking consistency of format string arguments, has been added.

apmd(8) now has the ability to monitor battery levels and execute commands based on percentage or minutes of battery life remaining via the apm_battery configuration directive. See the commented-out examples in /etc/apmd.conf for the syntax.

pppd(8) (the control program for kernel-level PPP) is now installed mode 4550 and root:dialer, rather than mode 4555 (in other words, it is no longer world-executable). Users of pppd(8) may need to change their group settings.

sysinstall(8) reports - /: write failed, file system is + /: write failed, filesystem is full when navigating the menus. These messages do not affect the operation of sysinstall(8) or the actual installation process and can safely be ignored.

savecore(8) now works correctly on Alpha machines.

2.3.1 Contributed Software

BIND is now built with the NOADDITIONAL flag, which causes named(8) to operate in a more consistent fashion for certain common misconfigurations.

BIND has been updated to 8.2.4-REL.

Binutils have been upgraded to 2.11.2.

bzip2 1.0.1 has been imported; this brings the bzip2(1) program and the libbz2 library to the base system.

The ee(1) Easy Editor has been updated to 1.4.2.

file has been updated to 3.36.

gcc(1) now supports the environment variable GCC_OPTIONS, which can hold a set of default options for GCC.

GNATS has been updated to 3.113.

groff and its related utilities have been updated to FSF version 1.17.2. This import brings in a new mdoc(7) macro package (sometimes referred to as mdocNG), which removes many of the limitations of its predecessor.

libpcap has been updated to 0.6.2.

OpenSSL has been upgraded to 0.9.6a.

sendmail and associated utilities have been upgraded to version 8.11.6. See /usr/src/contrib/sendmail/RELEASE_NOTES for more information.

traceroute(8) now takes its default maximum TTL value from the net.inet.ip.ttl sysctl variable.

tcpdump has been updated to 3.6.3.

2.3.1.1 CVSup

CVSup, a frequently used utility in the FreeBSD Ports Collection, was formerly installable using several ports and packages. The net/cvsup-bin and net/cvsupd-bin ports/packages are no longer necessary or available; the net/cvsup port should be used instead.

CVSup has been updated to 16.1_3, which is available in the FreeBSD Ports Collection as net/cvsup. This update fixes a long-standing (but only recently encountered) bug which affects the timestamps on all files after Sun Sep 9 01:46:40 UTC 2001 (1,000,000,000 seconds after the UNIX epoch).

2.3.1.2 KAME

The IPv6 stack is now based on a snapshot based on the KAME Project's IPv6 snapshot as of 28 May, 2001. Most of the items listed in this section are a result of this import. Section 2.1.8.2 lists kernel updates to the KAME IPv6 stack.

faithd(8) now supports a configuration file for access control.

ifconfig(8) can now perform the functions of gifconfig(8).

ifconfig(8) can now perform the functions of prefix(8). prefix(8) is now a shell script for partial backwards compatibility.

ndp(8) now implements garbage collection for stale NDP entries, as described in RFC 2461 (Neighbor Discovery for IP Version 6 (IPv6)).

pim6dd(8) and pim6sd(8) have been removed due to restrictive licensing conditions. These programs are available in the ports collection as net/pim6dd and net/pim6sd.

route6d(8) now supports an -n flag to avoid updating the kernel forwarding table.

The -R (router renumbering) option to rtadvd(8) is currently ignored.

2.3.2 Ports/Packages Collection

pkg_version(1) now takes a -s flag to limit its operation to ports/packages matching a given string.

3 Upgrading from previous releases of FreeBSD

If you're upgrading from a previous release of FreeBSD, most likely it's 4.X and there may be some issues affecting you, depending of course on your chosen method of upgrading. There are two popular ways of upgrading FreeBSD distributions:

  • Using sources, via /usr/src

  • Using the binary upgrade option of sysinstall(8).



Please read the INSTALL.TXT file for more information, preferably before beginning an upgrade. If you are upgrading from source, please be sure to read /usr/src/UPDATING as well.

Finally, if you want to use one of various means to track the -STABLE or -CURRENT branches of FreeBSD, please be sure to consult the ``-CURRENT vs. -STABLE'' section of the FreeBSD Handbook.

This file, and other release-related documents, can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/.

For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

All users of FreeBSD 4-STABLE should subscribe to the <stable@FreeBSD.org> mailing list.

For questions about this documentation, e-mail <doc@FreeBSD.org>.



diff --git a/en/releases/5.0R/DP1/installation-alpha.html b/en/releases/5.0R/DP1/installation-alpha.html index e82c8dfda1..4f9f4d7265 100644 --- a/en/releases/5.0R/DP1/installation-alpha.html +++ b/en/releases/5.0R/DP1/installation-alpha.html @@ -1,2269 +1,2269 @@ FreeBSD/alpha 5.0-DP1 Installation Instructions

FreeBSD/alpha 5.0-DP1 Installation Instructions

The FreeBSD Project

Copyright © 2000, 2001, 2002 by The FreeBSD Documentation Project

This article gives some brief instructions on installing FreeBSD/alpha 5.0-DP1, with particular emphasis given to obtaining a FreeBSD distribution. Some notes on troubleshooting and frequently-asked questions are also given.

1 Installing FreeBSD

This section documents the process of installing a new distribution of FreeBSD. These instructions pay particular emphasis to the process of obtaining the FreeBSD 5.0-DP1 distribution and to beginning the installation procedure. The ``Installing FreeBSD'' chapter of the FreeBSD Handbook provides more in-depth information about the installation program itself, including a guided walkthrough with screenshots.

If you are upgrading from a previous release of FreeBSD, please see Section 3 for instructions on upgrading.

1.1 Getting Started

Probably the most important pre-installation step that can be taken is that of reading the various instruction documents provided with FreeBSD. A roadmap of documents pertaining to this release of FreeBSD can be found in README.TXT, which can usually be found in the same location as this file; most of these documents, such as the release notes and the hardware compatibility list, are also accessible in the Documentation menu of the installer.

Note that on-line versions of the FreeBSD FAQ and Handbook are also available from the FreeBSD Project Web site, if you have an Internet connection.

This collection of documents may seem daunting, but the time spent reading them will likely be saved many times over. Being familiar with what resources are available can also be helpful in the event of problems during installation.

The best laid plans sometimes go awry, so if you run into trouble take a look at Section 4, which contains valuable troubleshooting information. You should also read an updated copy of ERRATA.TXT before installing, since this will alert you to any problems which have reported in the interim for your particular release.

Important: While FreeBSD does its best to safeguard against accidental loss of data, it's still more than possible to wipe out your entire disk with this installation if you make a mistake. Please do not proceed to the final FreeBSD installation menu unless you've adequately backed up any important data first.

1.2 Hardware Requirements

FreeBSD for the Alpha/AXP supports the platforms described in HARDWARE.TXT.

You will need a dedicated disk for FreeBSD/alpha. It is not possible to share a disk with another operating system at this time. This disk will need to be attached to a SCSI controller which is supported by the SRM firmware or an IDE disk assuming the SRM in your machine supports booting from IDE disks.

Your root filesystem MUST be the first partition (partition a) on the disk to be bootable.

You will need the SRM console firmware for your platform. In some cases, it is possible to switch between AlphaBIOS (or ARC) firmware and SRM. In others it will be necessary to download new firmware from the vendor's Web site.

If you are not familiar with configuring hardware for FreeBSD, you should be sure to read the HARDWARE.TXT file; it contains important information on what hardware is supported by FreeBSD.

1.3 Floppy Disk Image Instructions

Depending on how you choose to install FreeBSD, you may need to create a set of floppy disks (usually two) to begin the installation process. This section briefly describes how to create these disks, either from a CDROM installation or from the Internet. Note that in the common case of installing FreeBSD from CDROM, on a machine that supports bootable CDROMs, the steps outlined in this section will not be needed and can be skipped.

For a normal CDROM or network installation, all you need to copy onto actual floppies from the floppies/ directory are the kern.flp and mfsroot.flp images (for 1.44MB floppies).

Getting these images over the network is easy. Simply fetch the release/floppies/kern.flp and release/floppies/mfsroot.flp files from ftp://current.FreeBSD.org/pub/FreeBSD/ or one of the many mirrors listed at FTP Sites section of the Handbook, or on the http://www.freebsdmirrors.org/ Web pages.

Get two blank, freshly formatted floppies and image copy kern.flp onto one and mfsroot.flp onto the other. These images are not DOS files. You cannot simply copy them to a DOS or UFS floppy as regular files, you need to ``image'' copy them to the floppy with fdimage.exe under DOS (see the tools directory on your CDROM or FreeBSD FTP mirror) or the dd(1) command in UNIX.

For example, to create the kernel floppy image from DOS, you'd do something like this:

     C> fdimage kern.flp a:

Assuming that you'd copied fdimage.exe and kern.flp into a directory somewhere. You would do the same for mfsroot.flp, of course.

If you're creating the boot floppy from a UNIX machine, you may find that:

     # dd if=floppies/kern.flp of=/dev/rfd0

or

     # dd if=floppies/kern.flp of=/dev/floppy

work well, depending on your hardware and operating system environment (different versions of UNIX have different names for the floppy drive).

If you're on an alpha machine that can network-boot its floppy images or you have a 2.88MB or LS-120 floppy capable of taking a 2.88MB image on an x86 machine, you may wish to use the single (but twice as large) boot.flp image. It contains the contents of kern.flp and mfsroot.flp on a single floppy. This file should also be used as the boot file for those mastering ``El Torito'' bootable CD images. See the mkisofs(8) command for more information.

1.4 Installing FreeBSD from CDROM or the Internet

The easiest type of installation is from CDROM. If you have a supported CDROM drive and a FreeBSD installation CDROM, you can boot FreeBSD directly from the CDROM. Insert the CDROM into the drive and type the following command to start the installation (substituting the name of the appropriate CDROM drive if necessary):

     >>>boot dka0

Alternatively you can boot the installation from floppy disk. You should start the installation by building a set of FreeBSD boot floppies from the files floppies/kern.flp and floppies/mfsroot.flp using the instructions found in Section 1.3. From the SRM console prompt (>>>), just insert the kern.flp floppy and type the following command to start the installation:

     >>>boot dva0

Insert the mfsroot.flp floppy when prompted and you will end up at the first screen of the install program.

1.5 Detail on various installation types

Once you've gotten yourself to the initial installation screen somehow, you should be able to follow the various menu prompts and go from there. If you've never used the FreeBSD installation before, you are also encouraged to read some of the documentation in the Documentation submenu as well as the general ``Usage'' instructions on the first menu.

Note: If you get stuck at a screen, press the F1 key for online documentation relevant to that specific section.

If you've never installed FreeBSD before, or even if you have, the ``Standard'' installation mode is the most recommended since it makes sure that you'll visit all the various important checklist items along the way. If you're much more comfortable with the FreeBSD installation process and know exactly what you want to do, use the ``Express'' or ``Custom'' installation options. If you're upgrading an existing system, use the ``Upgrade'' option.

The FreeBSD installer supports the direct use of floppy, DOS, tape, CDROM, FTP, NFS and UFS partitions as installation media; further tips on installing from each type of media are listed below.

Once the install procedure has finished, you will be able to start FreeBSD/alpha by typing something like this to the SRM prompt:

     >>>boot dkc0

This instructs the firmware to boot the specified disk. To find the SRM names of disks in your machine, use the show device command:

     >>>show device
     dka0.0.0.4.0               DKA0           TOSHIBA CD-ROM XM-57  3476
     dkc0.0.0.1009.0            DKC0                       RZ1BB-BS  0658
     dkc100.1.0.1009.0          DKC100             SEAGATE ST34501W  0015
     dva0.0.0.0.1               DVA0
     ewa0.0.0.3.0               EWA0              00-00-F8-75-6D-01
     pkc0.7.0.1009.0            PKC0                  SCSI Bus ID 7  5.27
     pqa0.0.0.4.0               PQA0                       PCI EIDE
     pqb0.0.1.4.0               PQB0                       PCI EIDE

This example is from a Digital Personal Workstation 433au and shows three disks attached to the machine. The first is a CDROM called dka0 and the other two are disks and are called dkc0 and dkc100 respectively.

You can specify which kernel file to load and what boot options to use with the -file and -flags options, for example:

     >>> boot -file kernel.old -flags s

To make FreeBSD/alpha boot automatically, use these commands:

     >>> set boot_osflags a
     >>> set bootdef_dev dkc0
     >>> set auto_action BOOT

1.5.1 Installing from a Network CDROM

If you simply wish to install from a local CDROM drive then see Section 1.4. If you don't have a CDROM drive on your system and wish to use a FreeBSD distribution CD in the CDROM drive of another system to which you have network connectivity, there are also several ways of going about it:

  • If you would be able to FTP install FreeBSD directly from the CDROM drive in some FreeBSD machine, it's quite easy: You simply add the following line to the password file (using the vipw(8) command):

         ftp:*:99:99::0:0:FTP:/cdrom:/sbin/nologin

    On the machine on which you are running the install, go to the Options menu and set Release Name to any. You may then choose a Media type of FTP and type in ftp://machine after picking ``URL'' in the ftp sites menu.

    Warning: This may allow anyone on the local network (or Internet) to make ``anonymous FTP'' connections to this machine, which may not be desirable.

  • If you would rather use NFS to export the CDROM directly to the machine(s) you'll be installing from, you need to first add an entry to the /etc/exports file (on the machine with the CDROM drive). The example below allows the machine ziggy.foo.com to mount the CDROM directly via NFS during installation:

         /cdrom          -ro             ziggy.foo.com

    The machine with the CDROM must also be configured as an NFS server, of course, and if you're not sure how to do that then an NFS installation is probably not the best choice for you unless you're willing to read up on rc.conf(5) and configure things appropriately. Assuming that this part goes smoothly, you should be able to enter: cdrom-host:/cdrom as the path for an NFS installation when the target machine is installed, e.g. wiggy:/cdrom.

1.5.2 Installing from Floppies

If you must install from floppy disks, either due to unsupported hardware or just because you enjoy doing things the hard way, you must first prepare some floppies for the install.

First, make your boot floppies as described in Section 1.3.

Second, peruse Section 2 and pay special attention to the ``Distribution Format'' section since it describes which files you're going to need to put onto floppy and which you can safely skip.

Next you will need, at minimum, as many 1.44MB floppies as it takes to hold all files in the bin (binary distribution) directory. If you're preparing these floppies under DOS, then these floppies must be formatted using the MS-DOS FORMAT command. If you're using Windows, use the Windows File Manager format command.

Important: Frequently, floppy disks come ``factory preformatted''. While convenient, many problems reported by users in the past have resulted from the use of improperly formatted media. Re-format them yourself, just to make sure.

If you're creating the floppies from another FreeBSD machine, a format is still not a bad idea though you don't need to put a DOS filesystem on each floppy. You can use the disklabel(8) and newfs(8) commands to put a UFS filesystem on a floppy, as the following sequence of commands illustrates:

     # fdformat -f 1440 fd0.1440
     # disklabel -w -r fd0.1440 floppy3
     # newfs -t 2 -u 18 -l 1 -i 65536 /dev/fd0

After you've formatted the floppies for DOS or UFS, you'll need to copy the files onto them. The distribution files are split into chunks conveniently sized so that 5 of them will fit on a conventional 1.44MB floppy. Go through all your floppies, packing as many files as will fit on each one, until you've got all the distributions you want packed up in this fashion. Each distribution should go into its own subdirectory on the floppy, e.g.: a:\bin\bin.inf, a:\bin\bin.aa, a:\bin\bin.ab, ...

Important: The bin.inf file also needs to go on the first floppy of the bin set since it is read by the installation program in order to figure out how many additional pieces to look for when fetching and concatenating the distribution. When putting distributions onto floppies, the distname.inf file must occupy the first floppy of each distribution set. This is also covered in README.TXT.

Once you come to the Media screen of the install, select ``Floppy'' and you'll be prompted for the rest.

1.5.4 Installing from QIC/SCSI Tape

When installing from tape, the installation program expects the files to be simply tar'ed onto it, so after fetching all of the files for the distributions you're interested in, simply use tar(1) to get them onto the tape with a command something like this:

     # cd /where/you/have/your/dists
     # tar cvf /dev/rsa0 dist1 .. dist2

When you go to do the installation, you should also make sure that you leave enough room in some temporary directory (which you'll be allowed to choose) to accommodate the full contents of the tape you've created. Due to the non-random access nature of tapes, this method of installation requires quite a bit of temporary storage. You should expect to require as much temporary storage as you have stuff written on tape.

Note: When going to do the installation, the tape must be in the drive before booting from the boot floppies. The installation ``probe'' may otherwise fail to find it.

Now create a boot floppy as described in Section 1.3 and proceed with the installation.

1.5.5 Installing over a Network using FTP or NFS

After making the boot floppies as described in the first section, you can load the rest of the installation over a network using one of 3 types of connections: serial port, parallel port, or Ethernet.

1.5.5.1 Serial Port

SLIP support is rather primitive, and is limited primarily to hard-wired links, such as a serial cable running between two computers. The link must be hard-wired because the SLIP installation doesn't currently offer a dialing capability. If you need to dial out with a modem or otherwise dialog with the link before connecting to it, then I recommend that the PPP utility be used instead.

If you're using PPP, make sure that you have your Internet Service Provider's IP address and DNS information handy as you'll need to know it fairly early in the installation process. You may also need to know your own IP address, though PPP supports dynamic address negotiation and may be able to pick up this information directly from your ISP if they support it.

You will also need to know how to use the various ``AT commands'' for dialing out with your particular brand of modem as the PPP dialer provides only a very simple terminal emulator.

1.5.5.2 Parallel Port

If a hard-wired connection to another FreeBSD or Linux machine is available, you might also consider installing over a ``laplink'' style parallel port cable. The data rate over the parallel port is much higher than what is typically possible over a serial line (up to 50k/sec), thus resulting in a quicker installation. It's not typically necessary to use ``real'' IP addresses when using a point-to-point parallel cable in this way and you can generally just use RFC 1918 style addresses for the ends of the link (e.g. 10.0.0.1, 10.0.0.2, etc).

Important: If you use a Linux machine rather than a FreeBSD machine as your PLIP peer, you will also have to specify link0 in the TCP/IP setup screen's ``extra options for ifconfig'' field in order to be compatible with Linux's slightly different PLIP protocol.

1.5.5.3 Ethernet

FreeBSD supports many common Ethernet cards; a table of supported cards is provided as part of the FreeBSD Hardware Notes (see HARDWARE.TXT in the Documentation menu on the boot floppy or the top level directory of the CDROM). If you are using one of the supported PCMCIA Ethernet cards, also be sure that it's plugged in before the laptop is powered on. FreeBSD does not, unfortunately, currently support ``hot insertion'' of PCMCIA cards during installation.

You will also need to know your IP address on the network, the netmask value for your subnet and the name of your machine. Your system administrator can tell you which values are appropriate to your particular network setup. If you will be referring to other hosts by name rather than IP address, you'll also need a name server and possibly the address of a gateway (if you're using PPP, it's your provider's IP address) to use in talking to it. If you want to install by FTP via an HTTP proxy (see below), you will also need the proxy's address.

If you do not know the answers to these questions then you should really probably talk to your system administrator first before trying this type of installation. Using a randomly chosen IP address or netmask on a live network is almost guaranteed not to work, and will probably result in a lecture from said system administrator.

Once you have a network connection of some sort working, the installation can continue over NFS or FTP.

1.5.5.4 NFS installation tips

NFS installation is fairly straight-forward: Simply copy the FreeBSD distribution files you want onto a server somewhere and then point the NFS media selection at it.

If this server supports only ``privileged port'' access (this is generally the default for Sun and Linux workstations), you will need to set this option in the Options menu before installation can proceed.

If you have a poor quality Ethernet card which suffers from very slow transfer rates, you may also wish to toggle the appropriate Options flag.

In order for NFS installation to work, the server must also support ``subdir mounts'', e.g. if your FreeBSD distribution directory lives on wiggy:/usr/archive/stuff/FreeBSD, then wiggy will have to allow the direct mounting of /usr/archive/stuff/FreeBSD, not just /usr or /usr/archive/stuff.

In FreeBSD's /etc/exports file this is controlled by the -alldirs option. Other NFS servers may have different conventions. If you are getting Permission Denied messages from the server then it's likely that you don't have this properly enabled.

1.5.5.5 FTP Installation tips

FTP installation may be done from any mirror site containing a reasonably up-to-date version of FreeBSD. A full menu of reasonable choices for almost any location in the world is provided in the FTP site menu during installation.

If you are installing from some other FTP site not listed in this menu, or you are having troubles getting your name server configured properly, you can also specify your own URL by selecting the ``URL'' choice in that menu. A URL can contain a hostname or an IP address, so something like the following would work in the absence of a name server:

     ftp://216.66.64.162/pub/FreeBSD/releases/alpha/4.2-RELEASE

There are three FTP installation modes you can use:

  • FTP: This method uses the standard ``Active'' mode for transfers, in which the server initiates a connection to the client. This will not work through most firewalls but will often work best with older FTP servers that do not support passive mode. If your connection hangs with passive mode, try this one.

  • FTP Passive: This sets the FTP "Passive" mode which prevents the server from opening connections to the client. This option is best for users to pass through firewalls that do not allow incoming connections on random port addresses.

  • FTP via an HTTP proxy: This option instructs FreeBSD to use HTTP to connect to a proxy for all FTP operations. The proxy will translate the requests and send them to the FTP server. This allows the user to pass through firewalls that do not allow FTP at all, but offer an HTTP proxy. You must specify the hostname of the proxy in addition to the FTP server.

    In the rare case that you have an FTP proxy that does not go through HTTP, you can specify the URL as something like:

         ftp://foo.bar.com:port/pub/FreeBSD

    In the URL above, port is the port number of the proxy FTP server.



1.5.6 Tips for Serial Console Users

If you'd like to install FreeBSD on a machine using just a serial port (e.g. you don't have or wish to use a VGA card), please follow these steps:

  1. Connect some sort of ANSI (vt100) compatible terminal or terminal emulation program to the COM1 port of the PC you are installing FreeBSD onto.

  2. Unplug the keyboard (yes, that's correct!) and then try to boot from floppy or the installation CDROM, depending on the type of installation media you have, with the keyboard unplugged.

  3. If you don't get any output on your serial console, plug the keyboard in again and wait for some beeps. If you are booting from the CDROM, proceed to step 5 as soon as you hear the beep.

  4. For a floppy boot, the first beep means to remove the kern.flp floppy and insert the mfsroot.flp floppy, after which you should press Enter and wait for another beep.

  5. Hit the space bar, then enter

         boot -h

    and you should now definitely be seeing everything on the serial port. If that still doesn't work, check your serial cabling as well as the settings on your terminal emulation program or actual terminal device. It should be set for 9600 baud, 8 bits, no parity.

1.6 Question and Answer Section for Alpha/AXP Architecture Users

1.6.1. Can I boot from the ARC or Alpha BIOS Console?
1.6.2. Help! I have no space! Do I need to delete everything first?
1.6.3. Can I mount my Compaq Tru64 or VMS extended partitions?
1.6.4. What about support for Compaq Tru64 (OSF/1) binaries?
1.6.5. What about support for Linux binaries?
1.6.6. What about support for NT Alpha binaries?

1.6.1. Can I boot from the ARC or Alpha BIOS Console?

No. FreeBSD, like Compaq Tru64 and VMS, will only boot from the SRM console.

1.6.2. Help! I have no space! Do I need to delete everything first?

Unfortunately, yes.

1.6.3. Can I mount my Compaq Tru64 or VMS extended partitions?

No, not at this time.

1.6.4. What about support for Compaq Tru64 (OSF/1) binaries?

FreeBSD can run Tru64 applications very well using the emulators/osf1_base port/package.

1.6.5. What about support for Linux binaries?

FreeBSD can run AlphaLinux binaries with the assistance of the emulators/linux_base port/package.

1.6.6. What about support for NT Alpha binaries?

FreeBSD is not able to run NT applications natively, although it has the ability to mount NT partitions.

2 Distribution Format

A typical FreeBSD distribution directory looks something like this:

     ERRATA.HTM      README.TXT      compat1x        dict            manpages
     ERRATA.TXT      RELNOTES.HTM    compat20        doc             packages
     HARDWARE.HTM    RELNOTES.TXT    compat21        docbook.css     ports
     HARDWARE.TXT    XF86336         compat22        floppies        proflibs
     INSTALL.HTM     bin             compat3x        games           src
     INSTALL.TXT     catpages        compat4x        info            tools
     README.HTM      cdrom.inf       crypto          kernel

If you want to do a CDROM, FTP or NFS installation from this distribution directory, all you need to do is make the 1.44MB boot floppies from the floppies directory (see Section 1.3 for instructions on how to do this), boot them and follow the instructions. The rest of the data needed during the installation will be obtained automatically based on your selections. If you've never installed FreeBSD before, you also want to read the entirety of this document (the installation instructions) file.

If you're trying to do some other type of installation or are merely curious about how a distribution is organized, what follows is a more thorough description of each item in more detail:

  1. The *.TXT and *.HTM files contain documentation (for example, this document is contained in both INSTALL.TXT and INSTALL.HTM) and should be read before starting an installation. The *.TXT files are plain text, while the *.HTM files are HTML files that can be read by almost any Web browser. Some distributions may contain documentation in other formats as well, such as PDF or PostScript.

  2. docbook.css is a Cascading Style Sheet (CSS) file used by some Web browsers for formatting the HTML documentation.

  3. The XF86336 directory contains the XFree86 project's 3.3.6 release and consists of a series of gzip'd tar files which contain each component of the XFree86 distribution.

  4. The bin, catpages, crypto, dict, doc, games, info, manpages, proflibs, and src directories contain the primary distribution components of FreeBSD itself and are split into smaller files for easy packing onto floppies (should that be necessary).

  5. The compat1x, compat20, compat21, compat22, compat3x, and compat4x directories contain distributions for compatibility with older releases and are distributed as single gzip'd tar files - they can be installed during release time or later by running their install.sh scripts.

  6. The floppies/ subdirectory contains the floppy installation images; further information on using them can be found in Section 1.3.

  7. The packages and ports directories contain the FreeBSD Packages and Ports Collections. Packages may be installed from the packages directory by running the command:

         #/stand/sysinstall configPackages

    Packages can also be installed by feeding individual filenames in packages/ to the pkg_add(1) command.

    The Ports Collection may be installed like any other distribution and requires about 100MB unpacked. More information on the ports collection may be obtained from http://www.FreeBSD.org/ports/ or locally from /usr/share/doc/handbook if you've installed the doc distribution.

  8. Last of all, the tools directory contains various DOS tools for discovering disk geometries, installing boot managers and the like. It is purely optional and provided only for user convenience.



A typical distribution directory (for example, the info distribution) looks like this internally:

     CHECKSUM.MD5    info.ab         info.ad         info.inf        install.sh
     info.aa         info.ac         info.ae         info.mtree

The CHECKSUM.MD5 file contains MD5 signatures for each file, should data corruption be suspected, and is purely for reference. It is not used by the actual installation and does not need to be copied with the rest of the distribution files. The info.a* files are split, gzip'd tar files, the contents of which can be viewed by doing:

     # cat info.a* | tar tvzf -

During installation, they are automatically concatenated and extracted by the installation procedure.

The info.inf file is also necessary since it is read by the installation program in order to figure out how many pieces to look for when fetching and concatenating the distribution. When putting distributions onto floppies, the .inf file must occupy the first floppy of each distribution set!

The info.mtree file is another non-essential file which is provided for user reference. It contains the MD5 signatures of the unpacked distribution files and can be later used with the mtree(8) program to verify the installation permissions and checksums against any possible modifications to the file. When used with the bin distribution, this can be an excellent way of detecting trojan horse attacks on your system.

Finally, the install.sh file is for use by those who want to install the distribution after installation time. To install the info distribution from CDROM after a system was installed, for example, you'd do:

     # cd /cdrom/info
     # sh install.sh

3 Upgrading FreeBSD

These instructions describe a procedure for doing a binary upgrade from an older version of FreeBSD.

Warning: While the FreeBSD upgrade procedure does its best to safeguard against accidental loss of data, it is still more than possible to wipe out your entire disk with this installation! Please do not accept the final confirmation request unless you have adequately backed up any important data files.

Important: These notes assume that you are using the version of sysinstall(8) supplied with the version of FreeBSD to which you intend to upgrade. Using a mismatched version of sysinstall(8) is almost guaranteed to cause problems and has been known to leave systems in an unusable state. The most commonly made mistake in this regard is the use of an old copy of sysinstall(8) from an existing installation to upgrade to a newer version of FreeBSD. This is not recommended.

3.1 Introduction

The upgrade procedure replaces distributions selected by the user with those corresponding to the new FreeBSD release. It preserves standard system configuration data, as well as user data, installed packages and other software.

Administrators contemplating an upgrade are encouraged to study this section in its entirety before commencing an upgrade. Failure to do so may result in a failed upgrade or loss of data.

3.1.1 Upgrade Overview

Upgrading of a distribution is performed by extracting the new version of the component over the top of the previous version. Files belonging to the old distribution are not deleted.

System configuration is preserved by retaining and restoring the previous version of the following files:

Xaccel.ini, XF86Config, adduser.conf, aliases, aliases.db, amd.map, crontab, csh.cshrc, csh.login, csh.logout, cvsupfile, dhclient.conf, disktab, dm.conf, dumpdates, exports, fbtab, fstab, ftpusers, gettytab, gnats, group, hosts, hosts.allow, hosts.equiv, hosts.lpd, inetd.conf, kerberosIV, localtime, login.access, login.conf, mail, mail.rc, make.conf, manpath.config, master.passwd, modems, motd, namedb, networks, newsyslog.conf, nsmb.conf, nsswitch.conf, pam.conf, passwd, periodic, ppp, printcap, profile, pwd.db, rc.conf, rc.conf.local, rc.firewall, rc.local, remote, resolv.conf, rmt, sendmail.cf, sendmail.cw, services, shells, skeykeys, spwd.db, ssh, syslog.conf, ttys, uucp

The versions of these files which correspond to the new version are moved to /etc/upgrade/. The system administrator may peruse these new versions and merge components as desired. Note that many of these files are interdependent, and the best merge procedure is to copy all site-specific data from the current files into the new.

During the upgrade procedure, the administrator is prompted for a location into which all files from /etc/ are saved. In the event that local modifications have been made to other files, they may be subsequently retrieved from this location.

3.2 Procedure

This section details the upgrade procedure. Particular attention is given to items which substantially differ from a normal installation.

3.2.1 Backup

User data and system configuration should be backed up before upgrading. While the upgrade procedure does its best to prevent accidental mistakes, it is possible to partially or completely destroy data and configuration information.

3.2.2 Mount Filesystems

The disklabel editor is entered with the nominated disk's filesystem devices listed. Prior to commencing the upgrade, the administrator should make a note of the device names and corresponding mountpoints. These mountpoints should be entered here. Do notset the ``newfs flag'' for any filesystems, as this will cause data loss.

3.2.3 Select Distributions

When selecting distributions, there are no constraints on which must be selected. As a general rule, the bin distribution should be selected for an update, and the man distribution if manpages are already installed. Other distributions may be selected beyond those originally installed if the administrator wishes to add additional functionality.

3.2.4 After Installation

Once the installation procedure has completed, the administrator is prompted to examine the new configuration files. At this point, checks should be made to ensure that the system configuration is valid. In particular, the /etc/rc.conf and /etc/fstab files should be checked.

3.3 Upgrading from Source Code

Those interested in an upgrade method that allows more flexibility and sophistication should take a look at The Cutting Edge in the FreeBSD Handbook. This procedure involves rebuilding all of FreeBSD from source code. It requires reliable network connectivity, extra disk space, and time, but has advantages for networks and other more complex installations. This is roughly the same procedure as is used for track the -STABLE or -CURRENT development branches.

/usr/src/UPDATING contains important information on updating a FreeBSD system from source code. It lists various issues resulting from changes in FreeBSD that may affect an upgrade.

4 Troubleshooting

4.1 Repairing an Existing FreeBSD Installation

FreeBSD features a ``Fixit'' option in the top menu of the boot floppy. To use it, you will also need either a fixit.flp image floppy, generated in the same fashion as the boot floppy, or the ``live filesystem'' CDROM; typically the second CDROM in a multi-disc FreeBSD distribution.

To invoke fixit, simply boot the kern.flp floppy, choose the ``Fixit'' item and insert the fixit floppy or CDROM when asked. You will then be placed into a shell with a wide variety of commands available (in the /stand and /mnt2/stand directories) for checking, - repairing and examining file systems and their contents. + repairing and examining filesystems and their contents. Some UNIX administration experience is required to use the fixit option.

4.2 Common Installation Problems, Q&A

4.2.1. I go to boot from the hard disk for the first time after installing FreeBSD, the kernel loads and probes my hardware, but stops with messages like:
4.2.2. I go to boot from the hard disk for the first time after installing FreeBSD, but the Boot Manager prompt just prints F? at the boot menu each time but the boot won't go any further.

4.2.1. I go to boot from the hard disk for the first time after installing FreeBSD, the kernel loads and probes my hardware, but stops with messages like:

     changing root device to wd1s1a panic: cannot mount root

What is wrong? What can I do?

What is this bios_drive:interface(unit,partition)kernel_name thing that is displayed with the boot help?

There is a longstanding problem in the case where the boot disk is not the first disk in the system. The BIOS uses a different numbering scheme to FreeBSD, and working out which numbers correspond to which is difficult to get right.

In the case where the boot disk is not the first disk in the system, FreeBSD can need some help finding it. There are two common situations here, and in both of these cases, you need to tell FreeBSD where the root filesystem is. You do this by specifying the BIOS disk number, the disk type and the FreeBSD disk number for that type.

The first situation is where you have two IDE disks, each configured as the master on their respective IDE busses, and wish to boot FreeBSD from the second disk. The BIOS sees these as disk 0 and disk 1, while FreeBSD sees them as wd0 and wd2.

FreeBSD is on BIOS disk 1, of type wd and the FreeBSD disk number is 2, so you would say:

     1:wd(2,a)kernel

Note that if you have a slave on the primary bus, the above is not necessary (and is effectively wrong).

The second situation involves booting from a SCSI disk when you have one or more IDE disks in the system. In this case, the FreeBSD disk number is lower than the BIOS disk number. If you have two IDE disks as well as the SCSI disk, the SCSI disk is BIOS disk 2, type da and FreeBSD disk number 0, so you would say:

     2:da(0,a)kernel

To tell FreeBSD that you want to boot from BIOS disk 2, which is the first SCSI disk in the system. If you only had one IDE disk, you would use '1:' instead.

Once you have determined the correct values to use, you can put the command exactly as you would have typed it in the /boot.config file using a standard text editor. Unless instructed otherwise, FreeBSD will use the contents of this file as the default response to the boot: prompt.

4.2.2. I go to boot from the hard disk for the first time after installing FreeBSD, but the Boot Manager prompt just prints F? at the boot menu each time but the boot won't go any further.

The hard disk geometry was set incorrectly in the Partition editor when you installed FreeBSD. Go back into the partition editor and specify the actual geometry of your hard disk. You must reinstall FreeBSD again from the beginning with the correct geometry.

If you are failing entirely in figuring out the correct geometry for your machine, here's a tip: Install a small DOS partition at the beginning of the disk and install FreeBSD after that. The install program will see the DOS partition and try to infer the correct geometry from it, which usually works.

The following tip is no longer recommended, but is left here for reference:

If you are setting up a truly dedicated FreeBSD server or workstation where you don't care for (future) compatibility with DOS, Linux or another operating system, you've also got the option to use the entire disk (`A' in the partition editor), selecting the non-standard option where FreeBSD occupies the entire disk from the very first to the very last sector. This will leave all geometry considerations aside, but is somewhat limiting unless you're never going to run anything other than FreeBSD on a disk.

4.3 Known Hardware Problems, Q&A

Note: Please send hardware tips for this section to Jordan K. Hubbard .

4.3.1. The mcd(4) driver keeps thinking that it has found a device and this stops my Intel EtherExpress card from working.
4.3.2. FreeBSD claims to support the 3Com PCMCIA card, but my card isn't recognized when it's plugged into my laptop.
4.3.3. FreeBSD finds my PCMCIA network card, but no packets appear to be sent even though it claims to be working.
4.3.4. The system finds my ed(4) network card, but I keep getting device timeout errors.
4.3.5. I have a Matsushita/Panasonic drive but it isn't recognized by the system.
4.3.6. I booted the install floppy on my IBM ThinkPad (tm) laptop, and the keyboard is all messed up.
4.3.7. When I try to boot the install floppy, I see the following message and nothing seems to be happening. I cannot enter anything from the keyboard either.
4.3.8. I have a Matsushita/Panasonic CR-522, a Matsushita/Panasonic CR-523 or a TEAC CD55a drive, but it is not recognized even when the correct I/O port is set.
4.3.9. I'm trying to install from a tape drive but all I get is something like this on the screen:
4.3.10. I've installed FreeBSD onto my system, but it hangs when booting from the hard drive with the message:
4.3.11. My system can not find my Intel EtherExpress 16 card.
4.3.12. When installing on an EISA HP Netserver, my on-board AIC-7xxx SCSI controller isn't detected.
4.3.13. I have a Panasonic AL-N1 or Rios Chandler Pentium machine and I find that the system hangs before ever getting into the installation now.
4.3.14. I have this CMD640 IDE controller that is said to be broken.
4.3.15. On a Compaq Aero notebook, I get the message ``No floppy devices found! Please check ...'' when trying to install from floppy.
4.3.16. When I go to boot my Intel AL440LX (``Atlanta'') -based system from the hard disk the first time, it stops with a Read Error message.
4.3.17. When installing on an Dell Poweredge XE, Dell proprietary RAID controller DSA (Dell SCSI Array) isn't recognized.
4.3.18. My Ethernet adapter is detected as an AMD PCnet-FAST (or similar) but it doesn't work. (Eg. onboard Ethernet on IBM Netfinity 5xxx or 7xxx)
4.3.19. I have an IBM EtherJet PCI card, it is detected by the fxp(4) driver correctly, but the lights on the card don't come on and it doesn't connect to the network.
4.3.20. When I configure the network during installation on an IBM Netfinity 3500, the system freezes.
4.3.21. When I install onto a drive managed by a Mylex PCI RAID controller, the system fails to boot (eg. with a read error message).

4.3.1. The mcd(4) driver keeps thinking that it has found a device and this stops my Intel EtherExpress card from working.

Use the UserConfig utility (see HARDWARE.TXT) and disable the probing of the mcd0 and mcd1 devices. Generally speaking, you should only leave the devices that you will be using enabled in your kernel.

4.3.2. FreeBSD claims to support the 3Com PCMCIA card, but my card isn't recognized when it's plugged into my laptop.

There are a couple of possible problems. First of all, FreeBSD does not support multi-function cards, so if you have a combo Ethernet/modem card (such as the 3C562), it won't work. The default driver for the 3C589 card was written just like all of the other drivers in FreeBSD, and depend on the card's own configuration data stored in NVRAM to work. You must correctly configure FreeBSD's driver to match the IRQ, port, and IOMEM stored in NVRAM.

Unfortunately, the only program capable of reading them is the 3COM supplied DOS program. This program must be run on a absolutely clean system (no other drivers must be running), and the program will whine about CARD-Services not being found, but it will continue. This is necessary to read the NVRAM values. You want to know the IRQ, port, and IOMEM values (the latter is called the CIS tuple by 3COM). The first two can be set in the program, the third is un-settable, and can only be read. Once you have these values, set them in UserConfig and your card will be recognized.

4.3.3. FreeBSD finds my PCMCIA network card, but no packets appear to be sent even though it claims to be working.

Many PCMCIA cards have the ability to use either the 10-Base2 (BNC) or 10-BaseT connectors for connecting to the network. The driver is unable to ``auto-select'' the correct connector, so you must tell it which connector to use. In order to switch between the two connectors, the link flags must be set. Depending on the model of the card, -link0 link1 or -link0 -link1 will choose the correct network connector. You can set these in sysinstall(8) by using the Extra options to ifconfig: field in the network setup screen.

4.3.4. The system finds my ed(4) network card, but I keep getting device timeout errors.

Your card is probably on a different IRQ from what is specified in the kernel configuration. The ed driver does not use the `soft' configuration by default (values entered using EZSETUP in DOS), but it will use the software configuration if you specify ? in the IRQ field of your kernel config file.

Either move the jumper on the card to a hard configuration setting (altering the kernel settings if necessary), or specify the IRQ as -1 in UserConfig or ? in your kernel config file. This will tell the kernel to use the soft configuration.

Another possibility is that your card is at IRQ 9, which is shared by IRQ 2 and frequently a cause of problems (especially when you have a VGA card using IRQ 2!). You should not use IRQ 2 or 9 if at all possible.

4.3.5. I have a Matsushita/Panasonic drive but it isn't recognized by the system.

Make certain that the I/O port that the matcd(4) driver is set to is correct for the host interface card you have. (Some SoundBlaster DOS drivers report a hardware I/O port address for the CD-ROM interface that is 0x10 lower than it really is.)

If you are unable to determine the settings for the card by examining the board or documentation, you can use UserConfig to change the 'port' address (I/O port) to -1 and start the system. This setting causes the driver to look at a number of I/O ports that various manufacturers use for their Matsushita/Panasonic/Creative CD-ROM interfaces. Once the driver locates the address, you should run UserConfig again and specify the correct address. Leaving the 'port' parameter set to -1 increases the amount of time that it takes the system to boot, and this could interfere with other devices.

The double-speed Matsushita CR-562 and CR-563 are the only drives that are supported.

4.3.6. I booted the install floppy on my IBM ThinkPad (tm) laptop, and the keyboard is all messed up.

Older IBM laptops use a non-standard keyboard controller, so you must tell the keyboard driver (atkbd0) to go into a special mode which works on the ThinkPads. Change the atkbd0 'Flags' to 0x4 in UserConfig and it should work fine. (Look in the Input Menu for 'Keyboard'.)

4.3.7. When I try to boot the install floppy, I see the following message and nothing seems to be happening. I cannot enter anything from the keyboard either.

     Keyboard: no

Due to lack of space, full support for old XT/AT (84-key) keyboards is no longer available in the bootblocks. Some notebook computers may also have this type of keyboard. If you are still using this kind of hardware, you will see the above message appears when you boot from the CD-ROM or an install floppy.

As soon as you see this message, hit the space bar, and you will see the prompt:

     >> FreeBSD/i386 BOOT
     Default: x:xx(x,x)/boot/loader 
     boot:

Then enter -Dh, and things should proceed normally.

4.3.8. I have a Matsushita/Panasonic CR-522, a Matsushita/Panasonic CR-523 or a TEAC CD55a drive, but it is not recognized even when the correct I/O port is set.

These CD-ROM drives are currently not supported by FreeBSD. The command sets for these drives are not compatible with the double-speed CR-562 and CR-563 drives.

The single-speed CR-522 and CR-523 drives can be identified by their use of a CD-caddy.

4.3.9. I'm trying to install from a tape drive but all I get is something like this on the screen:

     sa0(aha0:1:0) NOT READY csi 40,0,0,0

There's a limitation in the current sysinstall(8) that the tape must be in the drive while sysinstall(8) is started or it won't be detected. Try again with the tape in the drive the whole time.

4.3.10. I've installed FreeBSD onto my system, but it hangs when booting from the hard drive with the message:

     Changing root to /dev/da0a

his problem may occur in a system with a 3com 3c509 Ethernet adapter. The ep(4) device driver appears to be sensitive to probes for other devices that also use address 0x300. Boot your FreeBSD system by power cycling the machine (turn off and on). At the Boot: prompt specify the -c. This will invoke UserConfig (see Section 4.1 above). Use the disable command to disable the device probes for all devices at address 0x300 except the ep0 driver. On exit, your machine should successfully boot FreeBSD.

4.3.11. My system can not find my Intel EtherExpress 16 card.

You must set your Intel EtherExpress 16 card to be memory mapped at address 0xD0000, and set the amount of mapped memory to 32K using the Intel supplied softset.exe program.

4.3.12. When installing on an EISA HP Netserver, my on-board AIC-7xxx SCSI controller isn't detected.

This is a known problem, and will hopefully be fixed in the future. In order to get your system installed at all, boot with the -c option into UserConfig, but don't use the pretty visual mode but the plain old CLI mode. Type:

     eisa 12
     quit

at the prompt. (Instead of `quit', you might also type `visual', and continue the rest of the configuration session in visual mode.) While it's recommended to compile a custom kernel, dset now also understands to save this value.

Refer to the FAQ topic 3.16 for an explanation of the problem, and for how to continue. Remember that you can find the FAQ on your local system in /usr/share/doc/FAQ, provided you have installed the `doc' distribution.

4.3.13. I have a Panasonic AL-N1 or Rios Chandler Pentium machine and I find that the system hangs before ever getting into the installation now.

Your machine doesn't like the new i586_copyout and i586_copyin code for some reason. To disable this, boot the installation boot floppy and when it comes to the very first menu (the choice to drop into kernel UserConfig mode or not) choose the command-line interface (``expert mode'') version and type the following at it:

     flags npx0 1

Then proceed normally to boot. This will be saved into your kernel, so you only need to do it once.

4.3.14. I have this CMD640 IDE controller that is said to be broken.

Yes, it is. FreeBSD does not support this controller except through the legacy wdc driver.

4.3.15. On a Compaq Aero notebook, I get the message ``No floppy devices found! Please check ...'' when trying to install from floppy.

With Compaq being always a little different from other systems, they do not announce their floppy drive in the CMOS RAM of an Aero notebook. Therefore, the floppy disk driver assumes there is no drive configured. Go to the UserConfig screen, and set the Flags value of the fdc0 device to 0x1. This pretends the existence of the first floppy drive (as a 1.44 MB drive) to the driver without asking the CMOS at all.

4.3.16. When I go to boot my Intel AL440LX (``Atlanta'') -based system from the hard disk the first time, it stops with a Read Error message.

There appears to be a bug in the BIOS on at least some of these boards, this bug results in the FreeBSD bootloader thinking that it is booting from a floppy disk. This is only a problem if you are not using the BootEasy boot manager. Slice the disk in ``compatible''mode and install BootEasy during the FreeBSD installation to avoid the bug, or upgrade the BIOS (see Intel's web site for details).

4.3.17. When installing on an Dell Poweredge XE, Dell proprietary RAID controller DSA (Dell SCSI Array) isn't recognized.

Configure the DSA to use AHA-1540 emulation using EISA configuration utility. After that FreeBSD detects the DSA as an Adaptec AHA-1540 SCSI controller, with irq 11 and port 340. Under emulation mode system will use DSA RAID disks, but you cannot use DSA-specific features such as watching RAID health.

4.3.18. My Ethernet adapter is detected as an AMD PCnet-FAST (or similar) but it doesn't work. (Eg. onboard Ethernet on IBM Netfinity 5xxx or 7xxx)

The lnc(4) driver is currently faulty, and will often not work correctly with the PCnet-FAST and PCnet-FAST+. You need to install a different Ethernet adapter.

4.3.19. I have an IBM EtherJet PCI card, it is detected by the fxp(4) driver correctly, but the lights on the card don't come on and it doesn't connect to the network.

We don't understand why this happens. Neither do IBM (we asked them). The card is a standard Intel EtherExpress Pro/100 with an IBM label on it, and these cards normally work just fine. You may see these symptoms only in some IBM Netfinity servers. The only solution is to install a different Ethernet adapter.

4.3.20. When I configure the network during installation on an IBM Netfinity 3500, the system freezes.

There is a problem with the onboard Ethernet in the Netfinity 3500 which we have not been able to identify at this time. It may be related to the SMP features of the system being misconfigured. You will have to install another Ethernet adapter and avoid attempting to configure the onboard adapter at any time.

4.3.21. When I install onto a drive managed by a Mylex PCI RAID controller, the system fails to boot (eg. with a read error message).

There is a bug in the Mylex driver which results in it ignoring the ``8GB'' geometry mode setting in the BIOS. Use the 2GB mode instead.

This file, and other release-related documents, can be downloaded from ftp://current.FreeBSD.org/pub/FreeBSD/.

For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

All users of FreeBSD 5-CURRENT should subscribe to the <current@FreeBSD.org> mailing list.

For questions about this documentation, e-mail <doc@FreeBSD.org>.



diff --git a/en/releases/5.0R/DP1/installation-i386.html b/en/releases/5.0R/DP1/installation-i386.html index b9bdae7a7e..e34d1c11cf 100644 --- a/en/releases/5.0R/DP1/installation-i386.html +++ b/en/releases/5.0R/DP1/installation-i386.html @@ -1,2287 +1,2287 @@ FreeBSD/i386 5.0-DP1 Installation Instructions

FreeBSD/i386 5.0-DP1 Installation Instructions

The FreeBSD Project

Copyright © 2000, 2001, 2002 by The FreeBSD Documentation Project

This article gives some brief instructions on installing FreeBSD/i386 5.0-DP1, with particular emphasis given to obtaining a FreeBSD distribution. Some notes on troubleshooting and frequently-asked questions are also given.

1 Installing FreeBSD

This section documents the process of installing a new distribution of FreeBSD. These instructions pay particular emphasis to the process of obtaining the FreeBSD 5.0-DP1 distribution and to beginning the installation procedure. The ``Installing FreeBSD'' chapter of the FreeBSD Handbook provides more in-depth information about the installation program itself, including a guided walkthrough with screenshots.

If you are upgrading from a previous release of FreeBSD, please see Section 3 for instructions on upgrading.

1.1 Getting Started

Probably the most important pre-installation step that can be taken is that of reading the various instruction documents provided with FreeBSD. A roadmap of documents pertaining to this release of FreeBSD can be found in README.TXT, which can usually be found in the same location as this file; most of these documents, such as the release notes and the hardware compatibility list, are also accessible in the Documentation menu of the installer.

Note that on-line versions of the FreeBSD FAQ and Handbook are also available from the FreeBSD Project Web site, if you have an Internet connection.

This collection of documents may seem daunting, but the time spent reading them will likely be saved many times over. Being familiar with what resources are available can also be helpful in the event of problems during installation.

The best laid plans sometimes go awry, so if you run into trouble take a look at Section 4, which contains valuable troubleshooting information. You should also read an updated copy of ERRATA.TXT before installing, since this will alert you to any problems which have reported in the interim for your particular release.

Important: While FreeBSD does its best to safeguard against accidental loss of data, it's still more than possible to wipe out your entire disk with this installation if you make a mistake. Please do not proceed to the final FreeBSD installation menu unless you've adequately backed up any important data first.

1.2 Hardware Requirements

FreeBSD for the IA-32 requires a 386 or better processor to run (sorry, there is no support for 286 processors) and at least 5 megs of RAM to install and 4 megs of RAM to run. You will need at least 100MB of free hard drive space for the most minimal installation. See below for ways of shrinking existing DOS partitions in order to install FreeBSD.

If you are not familiar with configuring hardware for FreeBSD, you should be sure to read the HARDWARE.TXT file; it contains important information on what hardware is supported by FreeBSD.

1.3 Floppy Disk Image Instructions

Depending on how you choose to install FreeBSD, you may need to create a set of floppy disks (usually two) to begin the installation process. This section briefly describes how to create these disks, either from a CDROM installation or from the Internet. Note that in the common case of installing FreeBSD from CDROM, on a machine that supports bootable CDROMs, the steps outlined in this section will not be needed and can be skipped.

For a normal CDROM or network installation, all you need to copy onto actual floppies from the floppies/ directory are the kern.flp and mfsroot.flp images (for 1.44MB floppies).

Getting these images over the network is easy. Simply fetch the release/floppies/kern.flp and release/floppies/mfsroot.flp files from ftp://current.FreeBSD.org/pub/FreeBSD/ or one of the many mirrors listed at FTP Sites section of the Handbook, or on the http://www.freebsdmirrors.org/ Web pages.

Get two blank, freshly formatted floppies and image copy kern.flp onto one and mfsroot.flp onto the other. These images are not DOS files. You cannot simply copy them to a DOS or UFS floppy as regular files, you need to ``image'' copy them to the floppy with fdimage.exe under DOS (see the tools directory on your CDROM or FreeBSD FTP mirror) or the dd(1) command in UNIX.

For example, to create the kernel floppy image from DOS, you'd do something like this:

     C> fdimage kern.flp a:

Assuming that you'd copied fdimage.exe and kern.flp into a directory somewhere. You would do the same for mfsroot.flp, of course.

If you're creating the boot floppy from a UNIX machine, you may find that:

     # dd if=floppies/kern.flp of=/dev/rfd0

or

     # dd if=floppies/kern.flp of=/dev/floppy

work well, depending on your hardware and operating system environment (different versions of UNIX have different names for the floppy drive).

1.4 Installing FreeBSD from CDROM or the Internet

The easiest type of installation is from CDROM. If you have a supported CDROM drive and a FreeBSD installation CDROM, there are 2 ways of starting the installation from it:

  • If your system supports bootable CDROM media (usually an option which can be selectively enabled in the controller's setup menu or in the PC BIOS for some systems) and you have it enabled, FreeBSD supports the ``El Torito'' bootable CD standard. Simply put the installation CD in your CDROM drive and boot the system to begin installation.

  • Build a set of FreeBSD boot floppies from the floppies/ directory in every FreeBSD distribution. Either simply use the makeflp.bat script from DOS or read Section 1.3 for more information on creating the bootable floppies under different operating systems. Then you simply boot from the first floppy and you should soon be in the FreeBSD installation.



If you don't have a CDROM (or your computer does not support booting from CDROM) and would like to simply install over the net using PPP, SLIP or a dedicated connection. You should start the installation by building a set of FreeBSD boot floppies from the files floppies/kern.flp and floppies/mfsroot.flp using the instructions found in Section 1.3. Restart your computer using the kern.flp disk; when prompted, insert the mfsroot.flp disk. Then, please go to Section 1.5.5 for additional tips on installing via FTP or NFS.

1.5 Detail on various installation types

Once you've gotten yourself to the initial installation screen somehow, you should be able to follow the various menu prompts and go from there. If you've never used the FreeBSD installation before, you are also encouraged to read some of the documentation in the Documentation submenu as well as the general ``Usage'' instructions on the first menu.

Note: If you get stuck at a screen, press the F1 key for online documentation relevant to that specific section.

If you've never installed FreeBSD before, or even if you have, the ``Standard'' installation mode is the most recommended since it makes sure that you'll visit all the various important checklist items along the way. If you're much more comfortable with the FreeBSD installation process and know exactly what you want to do, use the ``Express'' or ``Custom'' installation options. If you're upgrading an existing system, use the ``Upgrade'' option.

The FreeBSD installer supports the direct use of floppy, DOS, tape, CDROM, FTP, NFS and UFS partitions as installation media; further tips on installing from each type of media are listed below.

1.5.1 Installing from a Network CDROM

If you simply wish to install from a local CDROM drive then see Section 1.4. If you don't have a CDROM drive on your system and wish to use a FreeBSD distribution CD in the CDROM drive of another system to which you have network connectivity, there are also several ways of going about it:

  • If you would be able to FTP install FreeBSD directly from the CDROM drive in some FreeBSD machine, it's quite easy: You simply add the following line to the password file (using the vipw(8) command):

         ftp:*:99:99::0:0:FTP:/cdrom:/sbin/nologin

    On the machine on which you are running the install, go to the Options menu and set Release Name to any. You may then choose a Media type of FTP and type in ftp://machine after picking ``URL'' in the ftp sites menu.

    Warning: This may allow anyone on the local network (or Internet) to make ``anonymous FTP'' connections to this machine, which may not be desirable.

  • If you would rather use NFS to export the CDROM directly to the machine(s) you'll be installing from, you need to first add an entry to the /etc/exports file (on the machine with the CDROM drive). The example below allows the machine ziggy.foo.com to mount the CDROM directly via NFS during installation:

         /cdrom          -ro             ziggy.foo.com

    The machine with the CDROM must also be configured as an NFS server, of course, and if you're not sure how to do that then an NFS installation is probably not the best choice for you unless you're willing to read up on rc.conf(5) and configure things appropriately. Assuming that this part goes smoothly, you should be able to enter: cdrom-host:/cdrom as the path for an NFS installation when the target machine is installed, e.g. wiggy:/cdrom.

1.5.2 Installing from Floppies

If you must install from floppy disks, either due to unsupported hardware or just because you enjoy doing things the hard way, you must first prepare some floppies for the install.

First, make your boot floppies as described in Section 1.3.

Second, peruse Section 2 and pay special attention to the ``Distribution Format'' section since it describes which files you're going to need to put onto floppy and which you can safely skip.

Next you will need, at minimum, as many 1.44MB floppies as it takes to hold all files in the bin (binary distribution) directory. If you're preparing these floppies under DOS, then these floppies must be formatted using the MS-DOS FORMAT command. If you're using Windows, use the Windows File Manager format command.

Important: Frequently, floppy disks come ``factory preformatted''. While convenient, many problems reported by users in the past have resulted from the use of improperly formatted media. Re-format them yourself, just to make sure.

If you're creating the floppies from another FreeBSD machine, a format is still not a bad idea though you don't need to put a DOS filesystem on each floppy. You can use the disklabel(8) and newfs(8) commands to put a UFS filesystem on a floppy, as the following sequence of commands illustrates:

     # fdformat -f 1440 fd0.1440
     # disklabel -w -r fd0.1440 floppy3
     # newfs -t 2 -u 18 -l 1 -i 65536 /dev/fd0

After you've formatted the floppies for DOS or UFS, you'll need to copy the files onto them. The distribution files are split into chunks conveniently sized so that 5 of them will fit on a conventional 1.44MB floppy. Go through all your floppies, packing as many files as will fit on each one, until you've got all the distributions you want packed up in this fashion. Each distribution should go into its own subdirectory on the floppy, e.g.: a:\bin\bin.inf, a:\bin\bin.aa, a:\bin\bin.ab, ...

Important: The bin.inf file also needs to go on the first floppy of the bin set since it is read by the installation program in order to figure out how many additional pieces to look for when fetching and concatenating the distribution. When putting distributions onto floppies, the distname.inf file must occupy the first floppy of each distribution set. This is also covered in README.TXT.

Once you come to the Media screen of the install, select ``Floppy'' and you'll be prompted for the rest.

1.5.3 Installing from a DOS partition

To prepare for installation from an MS-DOS partition you should simply copy the files from the distribution into a directory called FREEBSD on the Primary DOS partition (C:). For example, to do a minimal installation of FreeBSD from DOS using files copied from the CDROM, you might do something like this:

     C:\> MD C:\FREEBSD
     C:\> XCOPY /S E:\BIN C:\FREEBSD\BIN

Assuming that E: was where your CD was mounted.

For as many distributions as you wish to install from DOS (and you have free space for), install each one in a directory under C:\FREEBSD - the BIN dist is only the minimal requirement.

Once you've copied the directories, you can simply launch the installation from floppies as normal and select ``DOS'' as your media type when the time comes.

1.5.4 Installing from QIC/SCSI Tape

When installing from tape, the installation program expects the files to be simply tar'ed onto it, so after fetching all of the files for the distributions you're interested in, simply use tar(1) to get them onto the tape with a command something like this:

     # cd /where/you/have/your/dists
     # tar cvf /dev/rsa0 dist1 .. dist2

When you go to do the installation, you should also make sure that you leave enough room in some temporary directory (which you'll be allowed to choose) to accommodate the full contents of the tape you've created. Due to the non-random access nature of tapes, this method of installation requires quite a bit of temporary storage. You should expect to require as much temporary storage as you have stuff written on tape.

Note: When going to do the installation, the tape must be in the drive before booting from the boot floppies. The installation ``probe'' may otherwise fail to find it.

Now create a boot floppy as described in Section 1.3 and proceed with the installation.

1.5.5 Installing over a Network using FTP or NFS

After making the boot floppies as described in the first section, you can load the rest of the installation over a network using one of 3 types of connections: serial port, parallel port, or Ethernet.

1.5.5.1 Serial Port

SLIP support is rather primitive, and is limited primarily to hard-wired links, such as a serial cable running between two computers. The link must be hard-wired because the SLIP installation doesn't currently offer a dialing capability. If you need to dial out with a modem or otherwise dialog with the link before connecting to it, then I recommend that the PPP utility be used instead.

If you're using PPP, make sure that you have your Internet Service Provider's IP address and DNS information handy as you'll need to know it fairly early in the installation process. You may also need to know your own IP address, though PPP supports dynamic address negotiation and may be able to pick up this information directly from your ISP if they support it.

You will also need to know how to use the various ``AT commands'' for dialing out with your particular brand of modem as the PPP dialer provides only a very simple terminal emulator.

1.5.5.2 Parallel Port

If a hard-wired connection to another FreeBSD or Linux machine is available, you might also consider installing over a ``laplink'' style parallel port cable. The data rate over the parallel port is much higher than what is typically possible over a serial line (up to 50k/sec), thus resulting in a quicker installation. It's not typically necessary to use ``real'' IP addresses when using a point-to-point parallel cable in this way and you can generally just use RFC 1918 style addresses for the ends of the link (e.g. 10.0.0.1, 10.0.0.2, etc).

Important: If you use a Linux machine rather than a FreeBSD machine as your PLIP peer, you will also have to specify link0 in the TCP/IP setup screen's ``extra options for ifconfig'' field in order to be compatible with Linux's slightly different PLIP protocol.

1.5.5.3 Ethernet

FreeBSD supports many common Ethernet cards; a table of supported cards is provided as part of the FreeBSD Hardware Notes (see HARDWARE.TXT in the Documentation menu on the boot floppy or the top level directory of the CDROM). If you are using one of the supported PCMCIA Ethernet cards, also be sure that it's plugged in before the laptop is powered on. FreeBSD does not, unfortunately, currently support ``hot insertion'' of PCMCIA cards during installation.

You will also need to know your IP address on the network, the netmask value for your subnet and the name of your machine. Your system administrator can tell you which values are appropriate to your particular network setup. If you will be referring to other hosts by name rather than IP address, you'll also need a name server and possibly the address of a gateway (if you're using PPP, it's your provider's IP address) to use in talking to it. If you want to install by FTP via an HTTP proxy (see below), you will also need the proxy's address.

If you do not know the answers to these questions then you should really probably talk to your system administrator first before trying this type of installation. Using a randomly chosen IP address or netmask on a live network is almost guaranteed not to work, and will probably result in a lecture from said system administrator.

Once you have a network connection of some sort working, the installation can continue over NFS or FTP.

1.5.5.4 NFS installation tips

NFS installation is fairly straight-forward: Simply copy the FreeBSD distribution files you want onto a server somewhere and then point the NFS media selection at it.

If this server supports only ``privileged port'' access (this is generally the default for Sun and Linux workstations), you will need to set this option in the Options menu before installation can proceed.

If you have a poor quality Ethernet card which suffers from very slow transfer rates, you may also wish to toggle the appropriate Options flag.

In order for NFS installation to work, the server must also support ``subdir mounts'', e.g. if your FreeBSD distribution directory lives on wiggy:/usr/archive/stuff/FreeBSD, then wiggy will have to allow the direct mounting of /usr/archive/stuff/FreeBSD, not just /usr or /usr/archive/stuff.

In FreeBSD's /etc/exports file this is controlled by the -alldirs option. Other NFS servers may have different conventions. If you are getting Permission Denied messages from the server then it's likely that you don't have this properly enabled.

1.5.5.5 FTP Installation tips

FTP installation may be done from any mirror site containing a reasonably up-to-date version of FreeBSD. A full menu of reasonable choices for almost any location in the world is provided in the FTP site menu during installation.

If you are installing from some other FTP site not listed in this menu, or you are having troubles getting your name server configured properly, you can also specify your own URL by selecting the ``URL'' choice in that menu. A URL can contain a hostname or an IP address, so something like the following would work in the absence of a name server:

     ftp://216.66.64.162/pub/FreeBSD/releases/i386/4.2-RELEASE

There are three FTP installation modes you can use:

  • FTP: This method uses the standard ``Active'' mode for transfers, in which the server initiates a connection to the client. This will not work through most firewalls but will often work best with older FTP servers that do not support passive mode. If your connection hangs with passive mode, try this one.

  • FTP Passive: This sets the FTP "Passive" mode which prevents the server from opening connections to the client. This option is best for users to pass through firewalls that do not allow incoming connections on random port addresses.

  • FTP via an HTTP proxy: This option instructs FreeBSD to use HTTP to connect to a proxy for all FTP operations. The proxy will translate the requests and send them to the FTP server. This allows the user to pass through firewalls that do not allow FTP at all, but offer an HTTP proxy. You must specify the hostname of the proxy in addition to the FTP server.

    In the rare case that you have an FTP proxy that does not go through HTTP, you can specify the URL as something like:

         ftp://foo.bar.com:port/pub/FreeBSD

    In the URL above, port is the port number of the proxy FTP server.



1.5.6 Tips for Serial Console Users

If you'd like to install FreeBSD on a machine using just a serial port (e.g. you don't have or wish to use a VGA card), please follow these steps:

  1. Connect some sort of ANSI (vt100) compatible terminal or terminal emulation program to the COM1 port of the PC you are installing FreeBSD onto.

  2. Unplug the keyboard (yes, that's correct!) and then try to boot from floppy or the installation CDROM, depending on the type of installation media you have, with the keyboard unplugged.

  3. If you don't get any output on your serial console, plug the keyboard in again and wait for some beeps. If you are booting from the CDROM, proceed to step 5 as soon as you hear the beep.

  4. For a floppy boot, the first beep means to remove the kern.flp floppy and insert the mfsroot.flp floppy, after which you should press Enter and wait for another beep.

  5. Hit the space bar, then enter

         boot -h

    and you should now definitely be seeing everything on the serial port. If that still doesn't work, check your serial cabling as well as the settings on your terminal emulation program or actual terminal device. It should be set for 9600 baud, 8 bits, no parity.

1.6 Question and Answer Section for IA-32 Architecture Users

1.6.1. Help! I have no space! Do I need to delete everything first?
1.6.2. Can I use compressed DOS filesystems from FreeBSD?
1.6.3. Can I mount my DOS extended partitions?
1.6.4. Can I run DOS binaries under FreeBSD?

1.6.1. Help! I have no space! Do I need to delete everything first?

If your machine is already running DOS and has little or no free space available for FreeBSD's installation, all is not lost! You may find the FIPS utility, provided in the tools/ subdirectory on the FreeBSD CDROM or on the various FreeBSD ftp sites, to be quite useful.

FIPS allows you to split an existing DOS partition into two pieces, preserving the original partition and allowing you to install onto the second free piece. You first ``defrag'' your DOS partition, using the DOS 6.xx DEFRAG utility or the Norton Disk Tools, then run FIPS. It will prompt you for the rest of the information it needs. Afterwards, you can reboot and install FreeBSD on the new partition. Also note that FIPS will create the second partition as a ``clone'' of the first, so you'll actually see that you now have two DOS Primary partitions where you formerly had one. Don't be alarmed! You can simply delete the extra DOS Primary partition (making sure it's the right one by examining its size).

FIPS does NOT currently work with FAT32 or VFAT style partitions as used by newer versions of Windows 95. To split up such a partition, you will need a commercial product such as Partition Magic. Sorry, but this is just the breaks if you've got a Windows partition hogging your whole disk and you don't want to reinstall from scratch.

1.6.2. Can I use compressed DOS filesystems from FreeBSD?

No. If you are using a utility such as Stacker(tm) or DoubleSpace(tm), FreeBSD will only be able to use whatever portion of the filesystem you leave uncompressed. The rest of the filesystem will show up as one large file (the stacked/dblspaced file!). Do not remove that file as you will probably regret it greatly!

It is probably better to create another uncompressed DOS extended partition and use this for communications between DOS and FreeBSD if such is your desire.

1.6.3. Can I mount my DOS extended partitions?

Yes. DOS extended partitions are mapped in at the end of the other ``slices'' in FreeBSD, e.g. your D: drive might be /dev/da0s5, your E: drive /dev/da0s6, and so on. This example assumes, of course, that your extended partition is on SCSI drive 0. For IDE drives, substitute ad for da appropriately. You otherwise mount extended partitions exactly like you would mount any other DOS drive, e.g.:

     # mount -t msdos /dev/da0s5 /dos_d

1.6.4. Can I run DOS binaries under FreeBSD?

Ongoing work with BSDI's doscmd(1) utility will suffice in many cases, though it still has some rough edges. If you're interested in working on this, please send mail to the FreeBSD-emulation mailing list and indicate that you're interested in joining this ongoing effort!

The emulators/pcemu port/package in the FreeBSD Ports Collection which emulates an 8088 and enough BIOS services to run DOS text mode applications. It requires the X Window System (XFree86) to operate.

2 Distribution Format

A typical FreeBSD distribution directory looks something like this:

     ERRATA.HTM      README.TXT      compat1x        dict            manpages
     ERRATA.TXT      RELNOTES.HTM    compat20        doc             packages
     HARDWARE.HTM    RELNOTES.TXT    compat21        docbook.css     ports
     HARDWARE.TXT    XF86336         compat22        floppies        proflibs
     INSTALL.HTM     bin             compat3x        games           src
     INSTALL.TXT     catpages        compat4x        info            tools
     README.HTM      cdrom.inf       crypto          kernel

If you want to do a CDROM, FTP or NFS installation from this distribution directory, all you need to do is make the 1.44MB boot floppies from the floppies directory (see Section 1.3 for instructions on how to do this), boot them and follow the instructions. The rest of the data needed during the installation will be obtained automatically based on your selections. If you've never installed FreeBSD before, you also want to read the entirety of this document (the installation instructions) file.

If you're trying to do some other type of installation or are merely curious about how a distribution is organized, what follows is a more thorough description of each item in more detail:

  1. The *.TXT and *.HTM files contain documentation (for example, this document is contained in both INSTALL.TXT and INSTALL.HTM) and should be read before starting an installation. The *.TXT files are plain text, while the *.HTM files are HTML files that can be read by almost any Web browser. Some distributions may contain documentation in other formats as well, such as PDF or PostScript.

  2. docbook.css is a Cascading Style Sheet (CSS) file used by some Web browsers for formatting the HTML documentation.

  3. The XF86336 directory contains the XFree86 project's 3.3.6 release and consists of a series of gzip'd tar files which contain each component of the XFree86 distribution.

  4. The bin, catpages, crypto, dict, doc, games, info, manpages, proflibs, and src directories contain the primary distribution components of FreeBSD itself and are split into smaller files for easy packing onto floppies (should that be necessary).

  5. The compat1x, compat20, compat21, compat22, compat3x, and compat4x directories contain distributions for compatibility with older releases and are distributed as single gzip'd tar files - they can be installed during release time or later by running their install.sh scripts.

  6. The floppies/ subdirectory contains the floppy installation images; further information on using them can be found in Section 1.3.

  7. The packages and ports directories contain the FreeBSD Packages and Ports Collections. Packages may be installed from the packages directory by running the command:

         #/stand/sysinstall configPackages

    Packages can also be installed by feeding individual filenames in packages/ to the pkg_add(1) command.

    The Ports Collection may be installed like any other distribution and requires about 100MB unpacked. More information on the ports collection may be obtained from http://www.FreeBSD.org/ports/ or locally from /usr/share/doc/handbook if you've installed the doc distribution.

  8. Last of all, the tools directory contains various DOS tools for discovering disk geometries, installing boot managers and the like. It is purely optional and provided only for user convenience.



A typical distribution directory (for example, the info distribution) looks like this internally:

     CHECKSUM.MD5    info.ab         info.ad         info.inf        install.sh
     info.aa         info.ac         info.ae         info.mtree

The CHECKSUM.MD5 file contains MD5 signatures for each file, should data corruption be suspected, and is purely for reference. It is not used by the actual installation and does not need to be copied with the rest of the distribution files. The info.a* files are split, gzip'd tar files, the contents of which can be viewed by doing:

     # cat info.a* | tar tvzf -

During installation, they are automatically concatenated and extracted by the installation procedure.

The info.inf file is also necessary since it is read by the installation program in order to figure out how many pieces to look for when fetching and concatenating the distribution. When putting distributions onto floppies, the .inf file must occupy the first floppy of each distribution set!

The info.mtree file is another non-essential file which is provided for user reference. It contains the MD5 signatures of the unpacked distribution files and can be later used with the mtree(8) program to verify the installation permissions and checksums against any possible modifications to the file. When used with the bin distribution, this can be an excellent way of detecting trojan horse attacks on your system.

Finally, the install.sh file is for use by those who want to install the distribution after installation time. To install the info distribution from CDROM after a system was installed, for example, you'd do:

     # cd /cdrom/info
     # sh install.sh

3 Upgrading FreeBSD

These instructions describe a procedure for doing a binary upgrade from an older version of FreeBSD.

Warning: While the FreeBSD upgrade procedure does its best to safeguard against accidental loss of data, it is still more than possible to wipe out your entire disk with this installation! Please do not accept the final confirmation request unless you have adequately backed up any important data files.

Important: These notes assume that you are using the version of sysinstall(8) supplied with the version of FreeBSD to which you intend to upgrade. Using a mismatched version of sysinstall(8) is almost guaranteed to cause problems and has been known to leave systems in an unusable state. The most commonly made mistake in this regard is the use of an old copy of sysinstall(8) from an existing installation to upgrade to a newer version of FreeBSD. This is not recommended.

3.1 Introduction

The upgrade procedure replaces distributions selected by the user with those corresponding to the new FreeBSD release. It preserves standard system configuration data, as well as user data, installed packages and other software.

Administrators contemplating an upgrade are encouraged to study this section in its entirety before commencing an upgrade. Failure to do so may result in a failed upgrade or loss of data.

3.1.1 Upgrade Overview

Upgrading of a distribution is performed by extracting the new version of the component over the top of the previous version. Files belonging to the old distribution are not deleted.

System configuration is preserved by retaining and restoring the previous version of the following files:

Xaccel.ini, XF86Config, adduser.conf, aliases, aliases.db, amd.map, crontab, csh.cshrc, csh.login, csh.logout, cvsupfile, dhclient.conf, disktab, dm.conf, dumpdates, exports, fbtab, fstab, ftpusers, gettytab, gnats, group, hosts, hosts.allow, hosts.equiv, hosts.lpd, inetd.conf, kerberosIV, localtime, login.access, login.conf, mail, mail.rc, make.conf, manpath.config, master.passwd, modems, motd, namedb, networks, newsyslog.conf, nsmb.conf, nsswitch.conf, pam.conf, passwd, periodic, ppp, printcap, profile, pwd.db, rc.conf, rc.conf.local, rc.firewall, rc.local, remote, resolv.conf, rmt, sendmail.cf, sendmail.cw, services, shells, skeykeys, spwd.db, ssh, syslog.conf, ttys, uucp

The versions of these files which correspond to the new version are moved to /etc/upgrade/. The system administrator may peruse these new versions and merge components as desired. Note that many of these files are interdependent, and the best merge procedure is to copy all site-specific data from the current files into the new.

During the upgrade procedure, the administrator is prompted for a location into which all files from /etc/ are saved. In the event that local modifications have been made to other files, they may be subsequently retrieved from this location.

3.2 Procedure

This section details the upgrade procedure. Particular attention is given to items which substantially differ from a normal installation.

3.2.1 Backup

User data and system configuration should be backed up before upgrading. While the upgrade procedure does its best to prevent accidental mistakes, it is possible to partially or completely destroy data and configuration information.

3.2.2 Mount Filesystems

The disklabel editor is entered with the nominated disk's filesystem devices listed. Prior to commencing the upgrade, the administrator should make a note of the device names and corresponding mountpoints. These mountpoints should be entered here. Do notset the ``newfs flag'' for any filesystems, as this will cause data loss.

3.2.3 Select Distributions

When selecting distributions, there are no constraints on which must be selected. As a general rule, the bin distribution should be selected for an update, and the man distribution if manpages are already installed. Other distributions may be selected beyond those originally installed if the administrator wishes to add additional functionality.

3.2.4 After Installation

Once the installation procedure has completed, the administrator is prompted to examine the new configuration files. At this point, checks should be made to ensure that the system configuration is valid. In particular, the /etc/rc.conf and /etc/fstab files should be checked.

3.3 Upgrading from Source Code

Those interested in an upgrade method that allows more flexibility and sophistication should take a look at The Cutting Edge in the FreeBSD Handbook. This procedure involves rebuilding all of FreeBSD from source code. It requires reliable network connectivity, extra disk space, and time, but has advantages for networks and other more complex installations. This is roughly the same procedure as is used for track the -STABLE or -CURRENT development branches.

/usr/src/UPDATING contains important information on updating a FreeBSD system from source code. It lists various issues resulting from changes in FreeBSD that may affect an upgrade.

4 Troubleshooting

4.1 Repairing an Existing FreeBSD Installation

FreeBSD features a ``Fixit'' option in the top menu of the boot floppy. To use it, you will also need either a fixit.flp image floppy, generated in the same fashion as the boot floppy, or the ``live filesystem'' CDROM; typically the second CDROM in a multi-disc FreeBSD distribution.

To invoke fixit, simply boot the kern.flp floppy, choose the ``Fixit'' item and insert the fixit floppy or CDROM when asked. You will then be placed into a shell with a wide variety of commands available (in the /stand and /mnt2/stand directories) for checking, - repairing and examining file systems and their contents. + repairing and examining filesystems and their contents. Some UNIX administration experience is required to use the fixit option.

4.2 Common Installation Problems, Q&A

4.2.1. I go to boot from the hard disk for the first time after installing FreeBSD, the kernel loads and probes my hardware, but stops with messages like:
4.2.2. I go to boot from the hard disk for the first time after installing FreeBSD, but the Boot Manager prompt just prints F? at the boot menu each time but the boot won't go any further.

4.2.1. I go to boot from the hard disk for the first time after installing FreeBSD, the kernel loads and probes my hardware, but stops with messages like:

     changing root device to wd1s1a panic: cannot mount root

What is wrong? What can I do?

What is this bios_drive:interface(unit,partition)kernel_name thing that is displayed with the boot help?

There is a longstanding problem in the case where the boot disk is not the first disk in the system. The BIOS uses a different numbering scheme to FreeBSD, and working out which numbers correspond to which is difficult to get right.

In the case where the boot disk is not the first disk in the system, FreeBSD can need some help finding it. There are two common situations here, and in both of these cases, you need to tell FreeBSD where the root filesystem is. You do this by specifying the BIOS disk number, the disk type and the FreeBSD disk number for that type.

The first situation is where you have two IDE disks, each configured as the master on their respective IDE busses, and wish to boot FreeBSD from the second disk. The BIOS sees these as disk 0 and disk 1, while FreeBSD sees them as wd0 and wd2.

FreeBSD is on BIOS disk 1, of type wd and the FreeBSD disk number is 2, so you would say:

     1:wd(2,a)kernel

Note that if you have a slave on the primary bus, the above is not necessary (and is effectively wrong).

The second situation involves booting from a SCSI disk when you have one or more IDE disks in the system. In this case, the FreeBSD disk number is lower than the BIOS disk number. If you have two IDE disks as well as the SCSI disk, the SCSI disk is BIOS disk 2, type da and FreeBSD disk number 0, so you would say:

     2:da(0,a)kernel

To tell FreeBSD that you want to boot from BIOS disk 2, which is the first SCSI disk in the system. If you only had one IDE disk, you would use '1:' instead.

Once you have determined the correct values to use, you can put the command exactly as you would have typed it in the /boot.config file using a standard text editor. Unless instructed otherwise, FreeBSD will use the contents of this file as the default response to the boot: prompt.

4.2.2. I go to boot from the hard disk for the first time after installing FreeBSD, but the Boot Manager prompt just prints F? at the boot menu each time but the boot won't go any further.

The hard disk geometry was set incorrectly in the Partition editor when you installed FreeBSD. Go back into the partition editor and specify the actual geometry of your hard disk. You must reinstall FreeBSD again from the beginning with the correct geometry.

If you are failing entirely in figuring out the correct geometry for your machine, here's a tip: Install a small DOS partition at the beginning of the disk and install FreeBSD after that. The install program will see the DOS partition and try to infer the correct geometry from it, which usually works.

The following tip is no longer recommended, but is left here for reference:

If you are setting up a truly dedicated FreeBSD server or workstation where you don't care for (future) compatibility with DOS, Linux or another operating system, you've also got the option to use the entire disk (`A' in the partition editor), selecting the non-standard option where FreeBSD occupies the entire disk from the very first to the very last sector. This will leave all geometry considerations aside, but is somewhat limiting unless you're never going to run anything other than FreeBSD on a disk.

4.3 Known Hardware Problems, Q&A

Note: Please send hardware tips for this section to Jordan K. Hubbard .

4.3.1. The mcd(4) driver keeps thinking that it has found a device and this stops my Intel EtherExpress card from working.
4.3.2. FreeBSD claims to support the 3Com PCMCIA card, but my card isn't recognized when it's plugged into my laptop.
4.3.3. FreeBSD finds my PCMCIA network card, but no packets appear to be sent even though it claims to be working.
4.3.4. The system finds my ed(4) network card, but I keep getting device timeout errors.
4.3.5. I have a Matsushita/Panasonic drive but it isn't recognized by the system.
4.3.6. I booted the install floppy on my IBM ThinkPad (tm) laptop, and the keyboard is all messed up.
4.3.7. When I try to boot the install floppy, I see the following message and nothing seems to be happening. I cannot enter anything from the keyboard either.
4.3.8. I have a Matsushita/Panasonic CR-522, a Matsushita/Panasonic CR-523 or a TEAC CD55a drive, but it is not recognized even when the correct I/O port is set.
4.3.9. I'm trying to install from a tape drive but all I get is something like this on the screen:
4.3.10. I've installed FreeBSD onto my system, but it hangs when booting from the hard drive with the message:
4.3.11. My system can not find my Intel EtherExpress 16 card.
4.3.12. When installing on an EISA HP Netserver, my on-board AIC-7xxx SCSI controller isn't detected.
4.3.13. I have a Panasonic AL-N1 or Rios Chandler Pentium machine and I find that the system hangs before ever getting into the installation now.
4.3.14. I have this CMD640 IDE controller that is said to be broken.
4.3.15. On a Compaq Aero notebook, I get the message ``No floppy devices found! Please check ...'' when trying to install from floppy.
4.3.16. When I go to boot my Intel AL440LX (``Atlanta'') -based system from the hard disk the first time, it stops with a Read Error message.
4.3.17. When installing on an Dell Poweredge XE, Dell proprietary RAID controller DSA (Dell SCSI Array) isn't recognized.
4.3.18. My Ethernet adapter is detected as an AMD PCnet-FAST (or similar) but it doesn't work. (Eg. onboard Ethernet on IBM Netfinity 5xxx or 7xxx)
4.3.19. I have an IBM EtherJet PCI card, it is detected by the fxp(4) driver correctly, but the lights on the card don't come on and it doesn't connect to the network.
4.3.20. When I configure the network during installation on an IBM Netfinity 3500, the system freezes.
4.3.21. When I install onto a drive managed by a Mylex PCI RAID controller, the system fails to boot (eg. with a read error message).

4.3.1. The mcd(4) driver keeps thinking that it has found a device and this stops my Intel EtherExpress card from working.

Use the UserConfig utility (see HARDWARE.TXT) and disable the probing of the mcd0 and mcd1 devices. Generally speaking, you should only leave the devices that you will be using enabled in your kernel.

4.3.2. FreeBSD claims to support the 3Com PCMCIA card, but my card isn't recognized when it's plugged into my laptop.

There are a couple of possible problems. First of all, FreeBSD does not support multi-function cards, so if you have a combo Ethernet/modem card (such as the 3C562), it won't work. The default driver for the 3C589 card was written just like all of the other drivers in FreeBSD, and depend on the card's own configuration data stored in NVRAM to work. You must correctly configure FreeBSD's driver to match the IRQ, port, and IOMEM stored in NVRAM.

Unfortunately, the only program capable of reading them is the 3COM supplied DOS program. This program must be run on a absolutely clean system (no other drivers must be running), and the program will whine about CARD-Services not being found, but it will continue. This is necessary to read the NVRAM values. You want to know the IRQ, port, and IOMEM values (the latter is called the CIS tuple by 3COM). The first two can be set in the program, the third is un-settable, and can only be read. Once you have these values, set them in UserConfig and your card will be recognized.

4.3.3. FreeBSD finds my PCMCIA network card, but no packets appear to be sent even though it claims to be working.

Many PCMCIA cards have the ability to use either the 10-Base2 (BNC) or 10-BaseT connectors for connecting to the network. The driver is unable to ``auto-select'' the correct connector, so you must tell it which connector to use. In order to switch between the two connectors, the link flags must be set. Depending on the model of the card, -link0 link1 or -link0 -link1 will choose the correct network connector. You can set these in sysinstall(8) by using the Extra options to ifconfig: field in the network setup screen.

4.3.4. The system finds my ed(4) network card, but I keep getting device timeout errors.

Your card is probably on a different IRQ from what is specified in the kernel configuration. The ed driver does not use the `soft' configuration by default (values entered using EZSETUP in DOS), but it will use the software configuration if you specify ? in the IRQ field of your kernel config file.

Either move the jumper on the card to a hard configuration setting (altering the kernel settings if necessary), or specify the IRQ as -1 in UserConfig or ? in your kernel config file. This will tell the kernel to use the soft configuration.

Another possibility is that your card is at IRQ 9, which is shared by IRQ 2 and frequently a cause of problems (especially when you have a VGA card using IRQ 2!). You should not use IRQ 2 or 9 if at all possible.

4.3.5. I have a Matsushita/Panasonic drive but it isn't recognized by the system.

Make certain that the I/O port that the matcd(4) driver is set to is correct for the host interface card you have. (Some SoundBlaster DOS drivers report a hardware I/O port address for the CD-ROM interface that is 0x10 lower than it really is.)

If you are unable to determine the settings for the card by examining the board or documentation, you can use UserConfig to change the 'port' address (I/O port) to -1 and start the system. This setting causes the driver to look at a number of I/O ports that various manufacturers use for their Matsushita/Panasonic/Creative CD-ROM interfaces. Once the driver locates the address, you should run UserConfig again and specify the correct address. Leaving the 'port' parameter set to -1 increases the amount of time that it takes the system to boot, and this could interfere with other devices.

The double-speed Matsushita CR-562 and CR-563 are the only drives that are supported.

4.3.6. I booted the install floppy on my IBM ThinkPad (tm) laptop, and the keyboard is all messed up.

Older IBM laptops use a non-standard keyboard controller, so you must tell the keyboard driver (atkbd0) to go into a special mode which works on the ThinkPads. Change the atkbd0 'Flags' to 0x4 in UserConfig and it should work fine. (Look in the Input Menu for 'Keyboard'.)

4.3.7. When I try to boot the install floppy, I see the following message and nothing seems to be happening. I cannot enter anything from the keyboard either.

     Keyboard: no

Due to lack of space, full support for old XT/AT (84-key) keyboards is no longer available in the bootblocks. Some notebook computers may also have this type of keyboard. If you are still using this kind of hardware, you will see the above message appears when you boot from the CD-ROM or an install floppy.

As soon as you see this message, hit the space bar, and you will see the prompt:

     >> FreeBSD/i386 BOOT
     Default: x:xx(x,x)/boot/loader 
     boot:

Then enter -Dh, and things should proceed normally.

4.3.8. I have a Matsushita/Panasonic CR-522, a Matsushita/Panasonic CR-523 or a TEAC CD55a drive, but it is not recognized even when the correct I/O port is set.

These CD-ROM drives are currently not supported by FreeBSD. The command sets for these drives are not compatible with the double-speed CR-562 and CR-563 drives.

The single-speed CR-522 and CR-523 drives can be identified by their use of a CD-caddy.

4.3.9. I'm trying to install from a tape drive but all I get is something like this on the screen:

     sa0(aha0:1:0) NOT READY csi 40,0,0,0

There's a limitation in the current sysinstall(8) that the tape must be in the drive while sysinstall(8) is started or it won't be detected. Try again with the tape in the drive the whole time.

4.3.10. I've installed FreeBSD onto my system, but it hangs when booting from the hard drive with the message:

     Changing root to /dev/da0a

his problem may occur in a system with a 3com 3c509 Ethernet adapter. The ep(4) device driver appears to be sensitive to probes for other devices that also use address 0x300. Boot your FreeBSD system by power cycling the machine (turn off and on). At the Boot: prompt specify the -c. This will invoke UserConfig (see Section 4.1 above). Use the disable command to disable the device probes for all devices at address 0x300 except the ep0 driver. On exit, your machine should successfully boot FreeBSD.

4.3.11. My system can not find my Intel EtherExpress 16 card.

You must set your Intel EtherExpress 16 card to be memory mapped at address 0xD0000, and set the amount of mapped memory to 32K using the Intel supplied softset.exe program.

4.3.12. When installing on an EISA HP Netserver, my on-board AIC-7xxx SCSI controller isn't detected.

This is a known problem, and will hopefully be fixed in the future. In order to get your system installed at all, boot with the -c option into UserConfig, but don't use the pretty visual mode but the plain old CLI mode. Type:

     eisa 12
     quit

at the prompt. (Instead of `quit', you might also type `visual', and continue the rest of the configuration session in visual mode.) While it's recommended to compile a custom kernel, dset now also understands to save this value.

Refer to the FAQ topic 3.16 for an explanation of the problem, and for how to continue. Remember that you can find the FAQ on your local system in /usr/share/doc/FAQ, provided you have installed the `doc' distribution.

4.3.13. I have a Panasonic AL-N1 or Rios Chandler Pentium machine and I find that the system hangs before ever getting into the installation now.

Your machine doesn't like the new i586_copyout and i586_copyin code for some reason. To disable this, boot the installation boot floppy and when it comes to the very first menu (the choice to drop into kernel UserConfig mode or not) choose the command-line interface (``expert mode'') version and type the following at it:

     flags npx0 1

Then proceed normally to boot. This will be saved into your kernel, so you only need to do it once.

4.3.14. I have this CMD640 IDE controller that is said to be broken.

Yes, it is. FreeBSD does not support this controller except through the legacy wdc driver.

4.3.15. On a Compaq Aero notebook, I get the message ``No floppy devices found! Please check ...'' when trying to install from floppy.

With Compaq being always a little different from other systems, they do not announce their floppy drive in the CMOS RAM of an Aero notebook. Therefore, the floppy disk driver assumes there is no drive configured. Go to the UserConfig screen, and set the Flags value of the fdc0 device to 0x1. This pretends the existence of the first floppy drive (as a 1.44 MB drive) to the driver without asking the CMOS at all.

4.3.16. When I go to boot my Intel AL440LX (``Atlanta'') -based system from the hard disk the first time, it stops with a Read Error message.

There appears to be a bug in the BIOS on at least some of these boards, this bug results in the FreeBSD bootloader thinking that it is booting from a floppy disk. This is only a problem if you are not using the BootEasy boot manager. Slice the disk in ``compatible''mode and install BootEasy during the FreeBSD installation to avoid the bug, or upgrade the BIOS (see Intel's web site for details).

4.3.17. When installing on an Dell Poweredge XE, Dell proprietary RAID controller DSA (Dell SCSI Array) isn't recognized.

Configure the DSA to use AHA-1540 emulation using EISA configuration utility. After that FreeBSD detects the DSA as an Adaptec AHA-1540 SCSI controller, with irq 11 and port 340. Under emulation mode system will use DSA RAID disks, but you cannot use DSA-specific features such as watching RAID health.

4.3.18. My Ethernet adapter is detected as an AMD PCnet-FAST (or similar) but it doesn't work. (Eg. onboard Ethernet on IBM Netfinity 5xxx or 7xxx)

The lnc(4) driver is currently faulty, and will often not work correctly with the PCnet-FAST and PCnet-FAST+. You need to install a different Ethernet adapter.

4.3.19. I have an IBM EtherJet PCI card, it is detected by the fxp(4) driver correctly, but the lights on the card don't come on and it doesn't connect to the network.

We don't understand why this happens. Neither do IBM (we asked them). The card is a standard Intel EtherExpress Pro/100 with an IBM label on it, and these cards normally work just fine. You may see these symptoms only in some IBM Netfinity servers. The only solution is to install a different Ethernet adapter.

4.3.20. When I configure the network during installation on an IBM Netfinity 3500, the system freezes.

There is a problem with the onboard Ethernet in the Netfinity 3500 which we have not been able to identify at this time. It may be related to the SMP features of the system being misconfigured. You will have to install another Ethernet adapter and avoid attempting to configure the onboard adapter at any time.

4.3.21. When I install onto a drive managed by a Mylex PCI RAID controller, the system fails to boot (eg. with a read error message).

There is a bug in the Mylex driver which results in it ignoring the ``8GB'' geometry mode setting in the BIOS. Use the 2GB mode instead.

This file, and other release-related documents, can be downloaded from ftp://current.FreeBSD.org/pub/FreeBSD/.

For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

All users of FreeBSD 5-CURRENT should subscribe to the <current@FreeBSD.org> mailing list.

For questions about this documentation, e-mail <doc@FreeBSD.org>.



diff --git a/en/releases/5.0R/DP1/installation-sparc64.html b/en/releases/5.0R/DP1/installation-sparc64.html index 787cbae22a..abb82d6cb6 100644 --- a/en/releases/5.0R/DP1/installation-sparc64.html +++ b/en/releases/5.0R/DP1/installation-sparc64.html @@ -1,846 +1,846 @@ FreeBSD/sparc64 5.0-CURRENT Installation Instructions

FreeBSD/sparc64 5.0-CURRENT Installation Instructions

The FreeBSD Project

Copyright © 2000, 2001, 2002 by The FreeBSD Documentation Project

This article gives some brief instructions on installing FreeBSD/sparc64 5.0-CURRENT. Please keep in mind that this port is a work in progress, and as such, the installation procedure is much more involved than for FreeBSD/i386 or FreeBSD/alpha.

1 Installing FreeBSD

This text describes how to install and boot the sparc64 port. Users of this port are encouraged to subscribe to the FreeBSD SPARC porting mailing list .

Warning: The kernel and userland binaries mentioned below are highly experimental (for example, the kernel contains some ATA changes and EEPROM handling code which could potentially be dangerous). Unless you know what you are doing and are willing to cope with any damage that might arise, you should probably not be trying this.

Unlike FreeBSD/i386 or FreeBSD/alpha, there is no version of sysinstall(8) for FreeBSD/sparc64. The installation procedure consists of loading a kernel (either from CDROM or the network) onto the sparc64 machine, with a root filesystem on CDROM or exported via NFS. The utilities on the root filesystem can then be used to partition the local disk on the sparc64 machine and optionally to copy the FreeBSD distribution to the local disk to make a stand-alone machine.

1.1 Preparation

Currently, there are two ways to install FreeBSD/sparc64 on a new machine. By far the easier of the two is to install from CDROM; this method allows you to install FreeBSD without any dependencies on any other computers.

If installing from CDROM is impossible or undesirable, the alternative is to install over the network. This requires another machine, suitably configured, to serve - the boot loader, kernel, and root file system to the new + the boot loader, kernel, and root filesystem to the new machine, via a combination of RARP, TFTP, and either BOOTP or DHCP. This netboot server can be another FreeBSD machine, but is not required to be.

You will need to decide which of these methods you want to use for installation, as this will determine the set of files you need to download (if any), as well as the steps required to do the installation.

1.1.1 Downloading Required Files

This section describes the files you will need for a FreeBSD/sparc64 installation. The links in this document point to the main FreeBSD FTP server. Please use a mirror site instead if possible.

Important: The URLs in this section are provisional and subject to change. Please see the archives of the FreeBSD SPARC porting mailing list for the most recent locations of files. This notice will be removed when more permanent URLs have been determined.

1.1.1.1 Required Files for CDROM Installation

If you want to do a CDROM installation, an ISO image with a snapshot of FreeBSD/sparc64 can be found at ftp://ftp.FreeBSD.org/pub/FreeBSD/development/sparc64/. This file can be used to create a bootable CDROM which contains everything necessary to boot and load at least a minimal FreeBSD installation.

1.1.1.2 Required Files for Network Installation

For a network installation, you will need several files. First, you will need to download a FreeBSD/sparc64 loader for tftpd(8) to serve to your sparc64 client. The loader will use either TFTP or NFS to retrieve the FreeBSD kernel from the netboot server. There is a separate loader for each of these methods (i.e. a loader for TFTP and a loader for NFS). You should download one of the following files, as appropriate:

A network installation also requires a kernel to be served to the netboot client. A suitable kernel can be found at ftp://ftp.FreeBSD.org/pub/FreeBSD/development/sparc64/.

Finally, you will need a tar(1) archive which contains the binaries and configuration files from the base system. This file is available from ftp://ftp.FreeBSD.org/pub/FreeBSD/development/sparc64/distrib.tar.gz.

1.1.2 Getting to the PROM Prompt

Most sparc64 systems are set up to boot automatically from disk. To install FreeBSD, you need to boot over the network or from a CDROM, which requires you to break into the PROM (OpenFirmware).

To do this, reboot the system, and wait until the boot message appears. It depends on the model, but should look about like:

     Sun Blade 100 (UltraSPARC-IIe), Keyboard Present
     Copyright 1998-2001 Sun Microsystems, Inc.  All rights reserved.
     OpenBoot 4.2, 128 MB memory installed, Serial #51090132.
     Ethernet address 0:3:ba:b:92:d4, Host ID: 830b92d4.

If your system proceeds to boot from disk at this point, you need to press L1+A or Stop+A on the keyboard, or send a BREAK over the serial console (using for example ~# in tip(1) or cu(1)) to get to the PROM prompt. It looks like this:

     ok         (1)                        
     ok {0}     (2)
(1)
This is the prompt used on systems with just one CPU.
(2)
This is the prompt used on SMP systems, the digit indicates the number of the active CPU.

1.2 Installing from CDROM

Place the CDROM into your drive, and break into the PROM as described above. On the PROM prompt, type boot cdrom. The system should boot into single-user mode now, and you can create the disk label and install the base system archive as described in Section 1.4 and Section 1.5.

1.3 Installing over the Network

1.3.1 Configuring the Netboot Server

A FreeBSD/sparc64 kernel is booted by having the firmware retrieve and execute a loader, which in turn fetches and executes the actual kernel. For this boot process, you need to set up rarpd(8) and tftpd(8) (for the firmware) and bootpd(8) (for the loader) on another networked system. The loader can fetch a kernel using TFTP or NFS. All of this is covered in detail below.

1.3.1.1 rarpd

You need to add the Ethernet address of your FreeBSD/sparc64 system to /etc/ethers on the netboot server. An entry looks like:

     0:3:ba:b:92:d4 your.host.name

The Ethernet address is usually displayed in the boot message.

Make sure your.host.name is in /etc/hosts or has a valid DNS entry (or use an IP address). Then, start rarpd(8) on a network interface that is on the same subnet as the FreeBSD/sparc64 system.

1.3.1.2 tftpd

Activate tftpd(8) in your inetd(8) configuration by uncommenting the following line in /etc/inetd.conf:

     tftp dgram udp  wait nobody /usr/libexec/tftpd tftpd /tftpboot

Copy the unpacked loader to your /tftpboot directory, and name it with the FreeBSD/sparc64 host's IP address in upper-case hexadecimal notation without dots (or use appropriately-named symbolic links). For example, your setup may look like this, for an IP address of 192.168.0.16:

       lrwx------  1 tmm users       9 Jul 24 17:05 /tftpboot/C0A80010 -> boot/loader
       -rw-r--r--  1 tmm users 1643021 Oct 20 18:04 /tftpboot/boot/loader

If you have trouble booting, it is very helpful to use tcpdump(1) to monitor the TFTP requests. This will allow you to see the file name you need to use for the loader. Error replies by the TFTP server are most often due to incorrect file permissions.

1.3.1.3 Setting up bootpd/dhcpd

You can use either BOOTP or DHCP (both not both) to provide some parameters to the boot loader, such as a machine's IP address. If you are using another FreeBSD machine as a netboot server, the BOOTP functionality is provided by bootpd(8), which is a part of the FreeBSD base system. Several DHCP servers are provided in the FreeBSD Ports Collection.

If you are going to use bootpd(8), create entries for your FreeBSD/sparc64 system in the server's /etc/bootptab (see bootptab(5) for more details):

     .default:\
       :bf="kernel":dn=local:ds=name-server-ip-address:\
       :gw=gateway-ip-address:ht=ether:hd="/tftpboot/boot/kernel":hn:\
       :sa="tftp-server-ip-address":\
       :rp="tftp-server-ip-address:nfs-root-directory":\
       :sm=ip-netmask
     
     name-of-the-entry:\
       ha=sparc64-ethernet-address:ip=sparc64-ip-address:tc=.default

The Ethernet address must be the same as the one in the TFTP example above, but it is specified hexadecimal notation without colons (for the example above, this would be 0003ba0b92d4). NFS/TFTP specific entries can be omitted if the given method is not used. The strings given in the hd and bf properties are concatenated to give the boot file name. If your kernel is named differently or you use another directory, change these values as required. If you are booting using NFS, remove the bf and hd settings (or change them to specify the directory and file inside the NFS root hierarchy in which the kernel will reside). The name of the host entry is conventionally the host name without the domain appended.

For a DHCP server, add an entry similar to the following to your dhcpd.conf file. An example entry for ISC DHCP version 2 (available in the FreeBSD Ports Collection as net/isc-dhcp2) is shown below:

     host name-of-entry {
       hardware ethernet sparc64-ethernet-address;
       option host-name "sparc64-fully-qualified-domain-name";
       fixed-address sparc64-ip-address;
       always-reply-rfc1048 on;
       filename "kernel";
       option root-path "tftp-server-ip-address:nfs-root-directory";
     }

The filename option corresponds to the concatenation of hd and bf in /etc/bootptab. The Ethernet address is specified in hexadecimal with colons, just like in the rarpd(8) example above. options root-path corresponds to rp in /etc/bootptab. If the name given in option host-name is resolvable, i.e. has a DNS entry or is associated with an address in /etc/hosts, the fixed-address specification can be omitted.

1.3.2 Loading the Kernel

With the daemons on the netboot server configured, the next step is to copy the kernel (obtained during the steps of Section 1.1.1) to an appropriate directory. There are two ways of retrieving a kernel over the network: TFTP and NFS. (You specified one of these two alternatives by picking a loader.)

For both TFTP and NFS, the loader will use the parameters that it obtained via BOOTP or DHCP to find the kernel.

1.3.2.1 Loading the Kernel over TFTP

Place the kernel in the directory you specified using bf and hd in the /etc/bootptab or the filename parameter to dhcpd.conf.

1.3.2.2 Loading the Kernel over NFS

Export the directory that was specified by the rp property in /etc/bootptab or the root-path parameter in dhcpd.conf (see exports(5)). Copy the kernel to the directory you specified using bf and hd in the /etc/bootptab or the filename parameter to dhcpd.conf.

1.3.3 Loading the Base System to the Netboot Server

You must extract the base system distribution image to the NFS root directory specified either by the rp option in /etc/bootptab or the root-path option in dhcpd.conf. This directory tree will become the sparc64's root filesystem once the kernel is booted. Besides providing a normal userland environment, it also contains all of the necessary utilities for you to install the distribution on the sparc64 client's local disk.

Using whatever editing tools you have on the netboot server, you probably will want to edit the sparc64's /etc/fstab and /etc/rc.conf and set a root password.

1.3.4 Booting

If all goes well, you can now boot the FreeBSD on your sparc64 machine by dropping into the PROM prompt as described in Section 1.1.2. Now, just type boot net and the system should boot. Specifically, the loader is retrieved via TFTP, it then does a BOOTP request and will proceed to load the kernel (either using TFTP or NFS, depending on your choice of loader). Then, it should wait 10 seconds for user input and proceed to execute the kernel.

If something does not work in between, and you suspect TFTP/NFS/BOOTP problems, Ethereal (available in the FreeBSD Ports Collection as net/ethereal) is usually helpful. The most common problems are related to bad file permissions. Also note that rarpd(8) will not answer to packets under some circumstances, refer to the manual page for details.

1.4 Creating a Disk Label

The kernel supports the Sun disk label format, so you can label the disks you want to use with FreeBSD from Solaris.

FreeBSD disk labels must currently be created by hand, as sysinstall(8) is not yet available on FreeBSD/sparc64. Please refer to the FreeBSD Handbook for more information about labels and special partitions.

On FreeBSD/sparc64, a Sun compatibility label is embedded in the FreeBSD label; this is needed for the PROM to boot from disk. This imposes an additional restriction on the disk label format: partitions are required to start on a cylinder boundary.

To create a disk label, the following procedure is the easiest:

  1. Run disklabel -w -r device auto to create a basic disk label. The third argument you need specify here is just the name of the device, not the complete path to the device node (e.g. ad0 for the first ATA disk).

  2. Use disklabel -e device to open an editor in which you can edit the disk label. The information presented to you should look like:

         # /dev/ad6c:
     type: unknown
     disk: amnesiac
     label:
     flags:
     bytes/sector: 512
     sectors/track: 63
     tracks/cylinder: 16
     sectors/cylinder: 1008
     cylinders: 79780
     sectors/unit: 80418240
     rpm: 3600
     interleave: 1
     trackskew: 0
     cylinderskew: 0
     headswitch: 0           # milliseconds
     track-to-track seek: 0  # milliseconds
     drivedata: 0
     
     8 partitions:
     #        size   offset    fstype   [fsize bsize bps/cpg]
       c: 80418240        0    unused        0     0         # (Cyl.    0 - 79779)

    You can now add new partitions in the same format as the already present line. Using * in the offset field makes the procedure easier; please refer to the disklabel(8) manual page for more information.

    To make sure the restriction mentioned above is met, the size of each partition must be a multiple of the number of sectors per cylinder as shown in the information that is presented in the editor (1008 in the example above).

    When you are done, save your changes and quit the editor. This will cause the disk label to be written.

    Warning: This procedure will overwrite any disk label that may be already present on the disk. Any existing filesystems on this disk must have their respective partition entries in the old and new label match exactly, or they will be lost.

  3. Use disklabel -B if you want to make the disk bootable for FreeBSD/sparc64.

    Warning: Using disklabel -B on a disk will overwrite any preexisting boot block, so it will likely render any other operating system installed on the same disk unbootable.

    If you do not want to overwrite the boot block, it is possible to load the loader via TFTP as described above, but have it boot the kernel from disk. This requires a special loader binary, which is available at ftp://ftp.FreeBSD.org/pub/FreeBSD/development/sparc64/loader-ufs.gz

1.5 Creating the Root Fileystem

If you want to boot from a local disk, you will need - to create a root file system to hold the base system + to create a root filesystem to hold the base system binaries and configuration files (and optionally other - file systems mounted in places such as /usr and /var).

The kernel contains support for Sun disklabels, so you can use Solaris disks, which may even be prepared using newfs under Solaris. NetBSD - disk labels and file systems are also usable from + disk labels and filesystems are also usable from FreeBSD.

Warning: Do not run Solaris fsck on file systems modified by + "APPLICATION">fsck on filesystems modified by FreeBSD. Doing so will damage the file permissions.

-

To create file systems and to install the base system, +

To create filesystems and to install the base system, boot from CDROM or via NFS and create a disk label as described in Section 1.4.

When booting the first time and you have not entered your root partition into /etc/fstab yet, you may need to specify your root partition on the mountroot prompt when booting (use a format like ufs:diskpartition, i.e. leave the slice specification out). If the kernel does - automatically attempt to boot from another file system, + automatically attempt to boot from another filesystem, press a key other than Enter on the loader prompt:

     Hit [Enter] to boot immediately, or any other key for command prompt.

Then, boot the kernel using boot -a -s, which will cause the kernel to ask you for the root partition and then boot into single-user mode. - Once the root file system has been entered into /etc/fstab, it should be automatically mounted as / on the next boot.

If you are booting over the network (via NFS), the above BOOTP entries should suffice to have the kernel find and mount the root filesystem via NFS.

1.6 Installing the Base System

If you booted the kernel from the network, you downloaded a tar(1) archive with the base system and exported it from the netboot server via NFS. You can unpack this same archive to your local disk to create a stand-alone system (remember to copy the kernel over as well).

If you booted from CDROM, the same archive is available in /root/ on the CDROM.

Before booting the system stand-alone, you will want to edit /etc/fstab and /etc/rc.conf and set a root password.

Note that some programs from the base system may not be present in the archive, or may not work properly yet.

This file, and other release-related documents, can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/development/sparc64/.

For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

All users of FreeBSD 5-CURRENT should subscribe to the <current@FreeBSD.org> mailing list.

For questions about this documentation, e-mail <doc@FreeBSD.org>.



diff --git a/en/releases/5.0R/DP1/relnotes-alpha.html b/en/releases/5.0R/DP1/relnotes-alpha.html index d37f04f27a..5462baff1e 100644 --- a/en/releases/5.0R/DP1/relnotes-alpha.html +++ b/en/releases/5.0R/DP1/relnotes-alpha.html @@ -1,5039 +1,5039 @@ FreeBSD/alpha 5.0-DP1 Release Notes

FreeBSD/alpha 5.0-DP1 Release Notes

The FreeBSD Project

Copyright © 2000, 2001, 2002 by The FreeBSD Documentation Project

$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v 1.299 2002/03/13 05:41:41 bmah Exp $

The release notes for FreeBSD 5.0-DP1 contain a summary of the changes made in the FreeBSD base system since 4.0-RELEASE. Both changes for kernel and userland are listed, as well as applicable security advisories that were issued since the last release. Some brief remarks on upgrading are also presented.

Table of Contents
1 Introduction
2 What's New
2.1 Kernel Changes
2.1.1 Processor/Motherboard Support
2.1.2 Bootloader Changes
2.1.3 Network Interface Support
2.1.4 Network Protocols
2.1.5 Disks and Storage
2.1.6 Filesystems
2.1.7 PCCARD Support
2.1.8 Multimedia Support
2.1.9 Contributed Software
2.2 Security-Related Changes
2.3 Userland Changes
2.3.1 Contributed Software
2.3.2 Ports/Packages Collection
3 Upgrading from previous releases of FreeBSD

1 Introduction

This document contains the release notes for FreeBSD 5.0-DP1 on the Alpha/AXP hardware platform. It describes new features of FreeBSD that have been added (or changed) since 4.0-RELEASE. It also provides some notes on upgrading from previous versions of FreeBSD.

The snapshot distribution to which these release notes apply represents a point along the 5-CURRENT development branch between 4.0-RELEASE and the future 5.0-RELEASE. Some pre-built, binary snapshot distributions along this branch can be found at ftp://current.FreeBSD.org/pub/FreeBSD/.

2 What's New

This section describes the most user-visible new or changed features in FreeBSD since 4.0-RELEASE. Typical release note items document new drivers or hardware support, new commands or options, major bugfixes, or contributed software upgrades. Security advisories issued after 4.0-RELEASE are also listed. In general, changes described here are unique to the 5-CURRENT branch unless specifically marked as [MERGED] features.

Many additional changes were made to FreeBSD that are not listed here for lack of space. For example, documentation was corrected and improved, minor bugs were fixed, insecure coding practices were audited and corrected, and source code was cleaned up.

2.1 Kernel Changes

The agp(4) driver for AGP devices has been added. [MERGED]

A new ddb(4) command show pcpu lists some of the per-CPU data.

Two new ddb(4) commands, hwatch and dhwatch, have been introduced. Analogous to watch and dwatch, they install hardware watchpoints (as opposed to software watchpoints) if supported by the architecture. [MERGED]

devfs(5), which allows entries in the /dev directory to be built automatically and supports more flexible attachment of devices, has been largely reworked. devfs(5) is now enabled by default and can be disabled by the NODEVFS kernel option.

The dgm driver has been removed in favor of the digi driver.

A new digi driver has been added to support PCI Xr-based and ISA Xem Digiboard cards. A new digictl(8) program is (mainly) used to re-initialize cards that have external port modules attached such as the PC/Xem.

An eaccess(2) system call has been added, similar to access(2) except that the former uses effective credentials rather than real credentials.

Each jail(2) environment can now run under its own securelevel.

The tunable sysctl variables for jail(2) have moved from jail.* to the security.* hierarchy. Other security-related sysctl variables have moved from kern.security.* to security.*.

The kern.maxvnodes limit now properly limits the number of vnodes in use. Previously only vnodes with no cached pages could be freed; this could allow the number of vnodes to grow without limit on large-memory machines accessing many small files. A vnlru kernel thread helps to flush and reuse vnodes. [MERGED]

The kernel message buffer is now accessible by the (machine-independent) kern.msgbuf sysctl variable; dmesg(8) no longer needs to be SGID kmem. [MERGED]

The kqueue(2) event notification facility was added to the FreeBSD kernel. This is a new interface which is able to replace poll(2)/ select(2), offering improved performance, as well as the ability to report many different types of events. Support for monitoring changes in sockets, pipes, fifos, and files are present, as well as for signals and processes. [MERGED]

The labpc(4) driver has been removed due to ``bitrot''.

The loader and kernel linker now look for files named linker.hints in each directory with KLDs for a module name and version to KLD filename mapping. The new kldxref(8) utility is used to generate these files.

Linux emulation now supports the kernel functionality required by the emulators/linux_base-7 (RedHat 7.X emulation) port. [MERGED]

Linux emulation now requires options SYSVSEM in the kernel configuration. [MERGED]

lomac(4), a Low-Watermark Mandatory Access Control security facility, has been added as a kernel module. It provides a drop-in security mechanism in addition to the traditional UID-based security facilities, requiring no additional configuration from the administrator. Work on this feature was sponsored by DARPA and NAI Labs.

The maxusers kernel configuration parameter is now a boot-time tunable variable. The kernel parameters derived from maxusers are now also tunables and can be overridden at boot-time. The hz parameter is also now a tunable. [MERGED]

Specifying a value of 0 for the maxusers kernel configuration parameter will now cause an appropriate value to be calculated at boot-time (between 32 and 384, depending on the amount of memory present). This value is now the default for all GENERIC kernels. [MERGED]

A MAXMEM kernel option, along with the hw.physmem loader tunable, can be used to artificially reduce the memory size of a machine for testing (or other purposes). [MERGED]

The kernel configuration parameters MAXTSIZ, DFLDSIZ, MAXDSIZ, DFLSSIZ, MAXSSIZ, and SGROWSIZ are all loader tunables (kern.maxtsiz, kern.maxdfldsiz, etc.). [MERGED]

A nmdm(4) null-modem terminal driver has been added. [MERGED]

The O_DIRECT flag has been added to open(2) and fcntl(2). Specifying this flag for open files will attempt to minimize the cache effects of reading and writing. [MERGED]

An orm(4) device has been added to claim the option ROMs in the ISA memory I/O space, to prevent other drivers from mistakenly assigning addresses that conflict with these ROMs. [MERGED]

POSIX.1b Shared Memory Objects are now supported. The implementation uses regular files, but automatically enables the MAP_NOSYNC flag when they are mmap(2)-ed. [MERGED]

Replaced the PQ_*CACHE options with a single PQ_CACHESIZE option to be set to the cache size in kilobytes. The old options are still supported for backwards compatibility. [MERGED]

The random(4) device has been rewritten to use the Yarrow algorithm. It harvests entropy from a variety of interrupt sources, including the console devices, Ethernet and point-to-point network interfaces, and mass-storage devices. Entropy from the random(4) device is now periodically saved to files in /var/db/entropy, as well as at shutdown time. The semantics of /dev/random have changed; it never blocks waiting for entropy bits but generates a stream of pseudo-random data and now behaves exactly as /dev/urandom.

A new kernel option, options REGRESSION, enables interfaces and functionality intended for use during correctness and regression testing.

The snp(4) device is no longer static and can now be compiled as a module. [MERGED]

The syscons(4) driver now supports keyboard-controlled pasting, by default bound to Shift-Insert.

Support for USB devices was added to the GENERIC kernel and to the installation programs to support USB devices out of the box. Note that SRM does not support USB devices at the moment, so you must still use an AT keyboard if you are not using a serial console. [MERGED]

The USER_LDT kernel option is now activated by default.

A VESA S3 linear framebuffer driver has been added.

Write combining for crashdumps has been implemented. This feature is useful when write caching is disabled on both SCSI and IDE disks, where large memory dumps could take up to an hour to complete. [MERGED]

Extremely large swap areas (>67 GB) no longer panic the system.

Support for threads under Linux emulation has been added.

The buildkernel target now gets the name of the configuration(s) to build from the KERNCONF variable, not KERNEL. It is no longer required, in some cases, for a buildworld to precede a buildkernel. (The buildworld is still required when upgrading across major releases, across binutil updates and when config(8) changes version.) [MERGED]

The out-of-swap process termination code now begins killing processes earlier to avoid deadlocks; it now also takes into account the swap space used by processes when computing the process sizes. [MERGED]

Linker sets are now self-contained; gensetdefs(8) is unnecessary and has been removed.

Numerous SMP-friendly changes have been made to the kernel's mbuf allocator.

Network device cloning has been implemented, and the gif(4) device has been modified to take advantage of it. Thus, instead of specifying how many gif(4) interfaces are available in kernel configuration files, ifconfig(8)'s create option should be used when another device instance is desired. [MERGED]

It is now possible to hardwire kernel environment variables (such as tuneables) at compile-time using config(8)'s ENV directive.

Idle zeroing of pages can be enabled with the vm.zeroidle_enable sysctl variable.

Coredumps of large processes (or of a large number of processes) no longer lock up the machine for long periods of time. [MERGED]

The kernel is now aware of the concept that there are smaller units of scheduling than a process (but only one thread per process is allowed at this time).

The kernel now has support for multiple low-level console devices. The new conscontrol(8) utility helps to manage the different consoles.

The console driver has gained support for TGA-based display adapters.

The kernel on the installation CDs is now separated from the mfsroot image. This permits the use of a full kernel when installing from CD on machines that support CD booting (instead of the stripped-down kernel used on floppies). [MERGED]

The system load average computation now adds some jitter to the timing of samples, in order to avoid synchronization with processes that run periodically. [MERGED]

If a debugging kernel with modules is being built (i.e. using makeoptions DEBUG=-g), the modules will now be built with debugging support as well, for completeness. A side effect of this change is that modules built and installed with debugging kernels will now occupy more space on disk than they did previously. [MERGED]

The kernel dump device can now be set via the dumpdev loader tunable. As a result, it is now possible to obtain crash dumps from panics during the late stages of kernel initialization (before the system enters into single-user mode). [MERGED]

2.1.1 Processor/Motherboard Support

SMP support has been largely reworked, incorporating code from BSD/OS 5.0. One of the main features of SMPng (``SMP Next Generation'') is to allow more processes to run in kernel, without the need for spin locks that can dramatically reduce the efficiency of multiple processors. Interrupt handlers now have contexts associated with them that allow them to be blocked, which reduces the need to lock out interrupts.

AlphaServer 1200 (``Tincup'') has been tested and works OK. Currently it does not want to boot from CD or floppy but a transplanted disk that was installed on another Alpha works well. [MERGED]

The API UP1100 mainboard has been verified to work.

The API CS20 1U high server has been verified to work.

The DEC3000 series support has been removed from the mfsroot floppy image so that it fits on a 1.44 Mbyte floppy again. As the DEC3000 is currently only usable diskless this should not cause any problems.

Support for AlphaServer 2100A (``Lynx'') has been added.

Kernel code has been added that allows older generation Alpha CPUs (EV4 and EV5) to emulate instructions of the newer Alpha CPU generations. This enables the use of binary-only programs like Adobe Acrobat 4 on EV4 and EV5.

SMP support for the Alpha is now operational.

Support for the following hardware has been removed from the installation kernel to make it fit on a 1.44MB floppy again: Multia, NoName, PC64, EB64, Aspen Alpine, sa (SCSI tape), amr, parallel port support, vx (3c590, 3c595), pcn (AMD Am79C97x PCI 10/100), sf (Adaptec AIC-6915), sis (SiS 900/SiS 7016), ste (Sundance ST201 (D-Link DFE-550TX)), wb (Winbond W89C840F).

2.1.2 Bootloader Changes

The FreeBSD boot loader is now capable of booting from filesystems with block sizes larger than 8K. [MERGED]

The kernel and modules have been moved to the directory /boot/kernel, so they can be easily manipulated together. The boot loader has been updated to make this change as seamless as possible.

2.1.3 Network Interface Support

The an(4) driver for Cisco Aironet cards now supports Wired Equivalent Privacy (WEP) encryption, settable via ancontrol(8). [MERGED]

The an(4) driver now supports the Cisco Aironet 350 series of adaptors. [MERGED]

The an(4) driver now supports ``monitor'' mode, settable via the -M option to ancontrol(8). [MERGED]

The an(4) driver now supports Cisco LEAP, as well as the ``Home'' WEP key. The Linux Aironet utilities are now supported under emulation. [MERGED]

The dc(4) driver now supports NICs based on the Xircom 3201 and Conexant LANfinity RS7112 chips.

The dc(4) driver now has support for VLANs. [MERGED]

The de(4) driver now performs round-robin arbitration between the transmit and receive units of the 21143, instead of giving priority to the receive unit. This gives a 10-15% performance improvement in the forwarding rate under heavy load. [MERGED]

The ed(4) driver is now supported.

A bug in the ed(4) driver that could cause panics with very short packets and BPF or bridging active has been fixed. [MERGED]

The ed(4) driver now has support for D-Link DL10022 chips, necessary for the NetGear FA-410TX and other cards. As a result, device miibus is required in kernel configurations using the ed(4) driver. [MERGED]

The faith(4) device is now loadable, unloadable, and clonable. [MERGED]

The fpa(4) driver now supports Digital's DEFPA FDDI adaptors on the Alpha. [MERGED]

The fxp(4) driver now requires a device miibus entry in the kernel configuration file. [MERGED]

The fxp(4) driver now contains a workaround for PCI protocol violations caused by defects in some systems based on the Intel ICH2/ICH2-M chip. The workaround is to rewrite the EEPROM on the interface to disable Dynamic Standby Mode; once the EEPROM is rewritten, the system needs to be rebooted for the new settings to take effect. [MERGED]

The fxp(4) driver now supports Intel's loadable microcode to implement receive-side interrupt coalescing and packet bundling, on NICs that support these features. This support can be activated by the use of the link0 option to ifconfig(8). [MERGED]

The gx(4) driver has been added to support NICs based on the Intel 82542 and 82543 Gigabit Ethernet controller chips. Both fiber and copper variants of the cards are supported. Both boards support VLAN tagging/insertion, and the 82543 additionally supports TCP/IP checksum offload. [MERGED]

The lge(4) driver has been added to support the Level 1 LXT1001 NetCellerator Gigabit Ethernet controller chip. This device is used on some fiber optic GigE cards from SMC, D-Link and Addtron. Jumbograms and TCP/IP checksum offload on receive are supported, although hardware VLAN filtering is not. [MERGED]

Added the nge(4) driver, which supports PCI Gigabit Ethernet adapters based on the National Semiconductor DP83820 and DP83821 Gigabit Ethernet controller chips, including the D-Link DGE-500T, SMC EZ Card 1000 (SMC9462TX), Asante FriendlyNet GigaNIC 1000TA and 1000TPC and Addtron AEG320T. This driver supports transmit and receive checksum offloading. [MERGED]

The pcn(4) driver, which supports the AMD PCnet/FAST, PCnet/FAST+, PCnet/FAST III, PCnet/PRO, PCnet/Home, and HomePNA adapters, has been added. Although these cards are already supported by the lnc(4) driver, the pcn(4) driver runs these chips in 32-bit mode and uses the RX alignment feature to achieve zero-copy receive. This driver is also machine-independent, so it will work on both the i386 and Alpha platforms. The lnc(4) driver is still needed to support non-PCI cards. [MERGED]

The ray(4) driver, which supports the Webgear Aviator wireless network cards, has been committed. The operation of ray(4) interfaces can be modified by raycontrol(8). [MERGED]

Added support for PCI Ethernet adapters based on the SiS 900 and SiS 7016 Fast Ethernet controller chips (for example, as seen on the SiS 635 and 735 motherboard chipsets), as well as the National Semiconductor DP83815 chipset (including the NetGear FA311-TX and FA312-TX) in the form of the sis(4) driver. This device has support for VLANs. [MERGED]

The stf(4) device is now clonable.

The tap(4) driver, a virtual Ethernet device driver for bridged configurations, has been added. This device is clonable. [MERGED]

The ti(4) driver now supports the Alteon AceNIC 1000baseT Gigabit Ethernet and Netgear GA620T 1000baseT Gigabit cards. [MERGED]

The ti(4) driver correctly masks VLAN tags. [MERGED]

The txp(4) driver has been added to support NICs based on the 3Com 3XP Typhoon/Sidewinder (3CR990) chipset. [MERGED]

vlan(4) devices are now loadable, unloadable, and clonable. [MERGED]

The wi(4) driver now has support for Prism II and Prism 2.5-based NICs. 104/128-bit WEP now works on Prism cards. [MERGED]

The xl(4) driver now supports the 3Com 3C556 and 3C556B MiniPCI adapters used on some laptops. [MERGED]

The xl(4) driver now supports reception of VLAN tagged frames (on the ``Cyclone'' or newer chipsets). [MERGED]

The xl(4) driver now supports send- and receive-side TCP/IP checksum offloading for NICs implementing this feature, such as the 3C905B, 3C905C, and 3C980C. [MERGED]

A bug in the xl(4) driver, related to statistics overflow interrupt handling, was causing slowdowns at medium to high packet rates; this has been fixed. [MERGED]

The per-interface ifnet structure now has the ability to indicate a set of capabilities supported by a network interface, and which ones are enabled. ifconfig(8) has support for querying these capabilities. [MERGED]

Performance with hosts having a large number of IP aliases has been improved, by replacing the per-interface if_inaddr linear list with a hash table. [MERGED]

Network devices now automatically appear as special files in /dev/net. Interface hardware ioctls (not protocol or routing) can be performed on these devices. The SIOCGIFCONF ioctl may be performed on the special /dev/network node.

Selected network drivers now implement a semi-polling mode, which makes systems much more resilient to attacks and overloads. To enable polling, the following options are required in a kernel configuration file:

     options DEVICE_POLLING
     options HZ=1000 # not compulsory but strongly recommended
The kern.polling.enable sysctl variable will then activate polling mode; with the kern.polling.user_frac sysctl indicating the percentage of CPU time to be reserved for userland. The devices initially supporting polling are dc(4), fxp(4), and sis(4). More details can be found in the polling(4) manual page. [MERGED]

2.1.4 Network Protocols

accept_filter(9), a kernel feature to reduce overheads when accepting and reading new connections on listening sockets, has been added. [MERGED]

The proxy modifier to arp(8)'s -d option has been renamed to pub, for consistency with the -s option. The only keyword has been added to the -s and -S flags, to be used in creating ``proxy-only'' published entries. [MERGED]

The read timeout feature of bpf(4) now works more correctly with select(2)/ poll(2), and therefore with pthreads. [MERGED]

bridge(4) and dummynet(4) have received some enhancements and bug fixes, and are now loadable modules. [MERGED]

bridge(4) now has better support for multiple, fully-independent bridging clusters, and is much more stable in the presence of dynamic attachments and detatchments. Full support for VLANs is also supported. [MERGED]

ICMP ECHO and TSTAMP replies are now rate limited. TCP RSTs generated due to packets sent to open and unopen ports are now limited by separate counters. Each rate limiting queue now has its own description.

ICMP UNREACH_FILTER_PROHIB messages can now RST TCP connections in the SYN_SENT state if the correct sequence numbers are sent back, as controlled by the net.inet.tcp.icmp_may_rst sysctl.

IP multicast now works on VLAN devices. Several other bugs in the VLAN code have also been fixed.

A bug in the IPSec processing for IPv4, which caused the inbound SPD checks to be ignored, has been fixed. [MERGED]

ipfw(4) now filters correctly in the presence of ECN bits in TCP segments. [MERGED]

A new ng_eth(4) netgraph node allows Ethernet type packets to be filtered to different hooks depending on ethertype.

The ng_gif(4) and ng_gif_demux(4) netgraph nodes, for operating on gif(4) devices, have been added.

The ng_ip_input(4) netgraph node, for queueing IP packets into the main IP input processing code, has been added.

The ng_mppc(4) and ng_bridge(4) node types have been added to the netgraph(4) subsystem. The ng_ether(4) node is now dynamically loadable. Miscellaneous bug fixes and enhancements have also been made. [MERGED]

A new netgraph node type ng_one2many(4) for multiplexing and demultiplexing packets over multiple links has been added. [MERGED]

A new sysctl net.inet.ip.check_interface, which is on by default, causes IP to verify that an incoming packet arrives on an interface that has an address matching the packet's destination address. [MERGED]

A new sysctl net.link.ether.inet.log_arp_wrong_iface has been added to control the suppression of logging when ARP replies arrive on the wrong interface. [MERGED]

A new options RANDOM_IP_ID kernel option causes the ID field of IP packets to be randomized. This closes a minor information leak which allows a remote observer to determine the rate at which the machine is generating packets, since the default behavior is to increment a counter for each packet sent. [MERGED]

SLIP has been removed from the mfsroot floppy image.

TCP has received some bug fixes for its delayed ACK behavior. [MERGED]

TCP now supports the NewReno modification to the TCP Fast Recovery algorithm. This behavior can be controlled via the net.inet.tcp.newreno sysctl variable. [MERGED]

TCP now uses a more aggressive timeout for initial SYN segments; this allows initial connection attempts to be dropped much faster. [MERGED]

The TCP_COMPAT_42 kernel option has been removed. [MERGED]

The TCP_RESTRICT_RST kernel option has been removed. Similar functionality can be achieved with the net.inet.tcp.blackhole sysctl variable. [MERGED]

TCP now has RFC 1323 extensions enabled by default in rc.conf(5). [MERGED]

RFC 1323 and RFC 1644 TCP extensions are now disabled for a connection in progress if no response has been received by the third SYN segment sent. This behavior tries to work around (very old) terminal servers with buggy VJ header compression implementations. [MERGED]

The TCP implementation no longer requires the allocation of a TCP template structure for each connection; this should reduce the buffer usage on large systems handling many connections. [MERGED]

TCP's default buffer sizes, controlled by the net.inet.tcp.sendspace and net.inet.tcp.recvspace sysctl variables, have been increased to 32K and 64K respectively. Previously, the default for both buffer sizes was 16K. To try to avoid increasing congestion, the default value for net.inet.tcp.local_slowstart_flightsize has been changed from infinity to 4. [MERGED]

Note: On busy hosts, the new larger buffer sizes may require manually increasing the NMBCLUSTERS parameter, either in the kernel configuration file or via the kern.ipc.nmbclusters loader tunable. netstat -mb can be used to monitor the state of mbuf clusters.



TCP now supports RFC 1948 (Defending Against Sequence Number Attacks). This functionality is controlled by the net.inet.tcp.strict_rfc1948 and net.inet.tcp.isn_reseed_interval sysctl variables. [MERGED]

The TCP implementation in FreeBSD now implements a cache of outstanding, received SYN segments. Incoming SYN segments now cause entries to be placed in the cache until the TCP three-way handshake is complete, at which point, memory is allocated for the connection as usual. In addition, all TCP Initial Sequence Numbers (ISNs) are used as cookies, allowing entries in the cache to be dropped, but still have their corresponding ACKs accepted later. The combination of the so-called ``syncache'' and ``syncookies'' features makes a host much more resistant to TCP-based Denial of Service attacks. Work on this feature was sponsored by DARPA and NAI Labs. [MERGED]

A bug in the TCP implementation, which could cause connections to stall if a sender saw a zero-sized window, has been corrected. [MERGED]

The TCP implementation now properly ignores packets addressed to IP-layer broadcast addresses. [MERGED]

2.1.5 Disks and Storage

The ahc(4) driver has received numerous updates, bugfixes, and enhancements. Among various improvements are improved compatibility with chips in ``RAID Port'' mode and systems with AAA and/or ARO cards installed, as well as performance improvements. Some bugs were also fixed, including a rare hang on Ultra2/U160 controllers. [MERGED]

The ata(4) driver now has support for ATA100 controllers. In addition, it now supports the ServerWorks ROSB4 ATA33 chipset, the CMD 648 ATA66 and CMD 649 ATA100 chipsets, and the Cyrix 5530. [MERGED]

To provide more flexible configuration, the various options for the ata(4) driver are now boot loader tunables, rather than kernel configure-time options. [MERGED]

The ata(4) driver now has support for tagged queuing, which is enabled by the hw.ata.tags loader tunable. [MERGED]

The ata(4) driver now has support for ATA ``pseudo'' RAID controllers as the Promise Fasttrak and HighPoint HPT370 controllers. [MERGED]

The ata(4) driver now supports a wider variety of SiS chipsets, as listed in the Hardware Notes. [MERGED]

The ata(4) driver now has support for rebuilding failed drives in a RAID1 configuration, under control of atacontrol(8)

The BurnProof(TM) feature, for applicable ATAPI CD-ROM burners, is now supported. [MERGED]

The ata(4) driver now has support for 48-bit addressing. Devices larger than 137GB are now supported. [MERGED]

The ata(4) driver now contains fixes for some data corruption problems on systems using the VIA 82C686B Southbridge chip. [MERGED]

The CAM error recovery code has been updated.

The cd(4) driver now has support for write operations. This allows writing to DVD-RAM, PD and similar drives that probe as CD devices. Note that change affects only random-access writeable devices, not sequential-only writeable devices such as CD-R drives, which are supported by cdrecord(1) (a part of sysutils/cdrtools in the Ports Collection. [MERGED]

The fdc(4) floppy disk has undergone a number of enhancements. Density selection for common settings is now automatic; the driver is also much more flexible in setting the densities of various subdevices.

The ida disk driver now has crashdump support. [MERGED]

A bug that made certain CDROM drives fail to attach when connected to a SCSI card driven by isp(4) has been fixed. [MERGED]

The isp(4) driver is now proactive about discovering Fibre Channel topology changes.

The isp(4) driver now supports target mode for Qlogic SCSI cards, including Ultra2 and Ultra3 and dual bus cards.

The isp(4) driver now supports the Qlogic 2300 and 2312 Optical Fibre Channel PCI cards. [MERGED]

md(4), the memory disk device, has had the functionality of vn(4) incorporated into it. md(4) devices can now be configured by mdconfig(8). vn(4) has been removed. The Memory Filesystem (MFS) has also been removed.

Some problems in sa(4) error handling have been fixed, including the ``tape drive spinning indefinitely upon mt(1) stat'' problem.

The vinum(4) volume manager has received some bug fixes and enhancements.

The wd(4) compatibility devices were removed from the ata(4) driver. [MERGED]

2.1.6 Filesystems

Support for named extended attributes was added to the FreeBSD kernel. This allows the kernel, and appropriately privileged userland processes, to tag files and directories with attribute data. Extended attributes were added to support the TrustedBSD Project, in particular ACLs, capability data, and mandatory access control labels (see /usr/src/sys/ufs/ufs/README.extattr for details).

Due to a licensing change, softupdates have been integrated into the main portion of the kernel source tree. As a consequence, softupdates are now available with the GENERIC kernel. [MERGED]

A filesystem snapshot capability has been added to FFS. Details can be found in /usr/src/sys/ufs/ffs/README.snapshot.

Softupdates for FFS have received some bug fixes and enhancements.

When running with softupdates, statfs(2) and df(1) will track the number of blocks and files that are committed to being freed.

A bug in FFS that could cause superblock corruption on very large filesystems has been corrected. [MERGED]

The Inode Filesystem (IFS) has been added; more information can be found in /usr/src/sys/ufs/ifs/README.

The ISO-9660 filesystem now has a hook that supports a loadable character conversion routine. The sysutils/cd9660_unicode port contains a set of common conversions.

kernfs(5) is obsolete and has been retired.

A bug in the NFS client that caused bogus access times with O_EXCL|O_CREAT opens was fixed. [MERGED]

A new NFS hash function (based on the Fowler/Noll/Vo hash algorithm) has been implemented to improve NFS performance by increasing the efficiency of the nfsnode hash tables. [MERGED]

Client-side NFS locks have been implemented.

The client-side and server-side of the NFS code in the kernel used to be intertwined in various complex ways. They have been split apart for ease of maintenance and further development.

-

Support for file system Access Control Lists (ACLs) +

Support for filesystem Access Control Lists (ACLs) has been introduced, allowing more fine-grained control of discretionary access control on files and directories. This support was integrated from the TrustedBSD Project. More details can be found in /usr/src/sys/ufs/ufs/README.acls.

The directory layout preference algorithm for FFS (dirprefs) has been changed. Rather than scattering directory blocks across a disk, it attempts to group related directory blocks together. Operations traversing large directory hierarchies, such as the FreeBSD Ports tree, have shown marked speedups. This change is transparent and automatic for new directories. [MERGED]

For consistency, the fdesc, fifo, null, msdos, portal, umap, and union filesystems have been renamed to fdescfs, fifofs, msdosfs, nullfs, portalfs, umapfs, and unionfs. Where applicable, modules and mount_* programs have been renamed. Compatibility ``glue'' has been added to mount(8) so that msdos filesystem entries in fstab(5) will work without changes.

pseudofs, a pseudo-filesystem framework, has been added. linprocfs(5) and procfs(5) have been modified to use pseudofs.

A simple hash-based lookup optimization for large directories called dirhash has been added. Conditional on the UFS_DIRHASH kernel option (enabled by default in the GENERIC kernel), it improves the speed of operations on very large directories at the expense of some memory. [MERGED]

The virtual memory subsystem now backs UFS directory memory requirements by default (this behavior is controlled via the vfs.vmiodirenable sysctl variable). [MERGED]

A bug that prevented the root filesystem from being mounted from a SCSI CDROM has been fixed (ATAPI CDROMs were always supported). [MERGED]

A number of bugs in the filesystem code, discovered through the use of the fsx filesystem test tool, have been fixed. Under certain circumstances (primarily related to use of NFS), these bugs could cause data corruption or kernel panics. [MERGED]

Network filesystems (such as NFS and smbfs filesystems) listed in /etc/fstab can now be properly mounted during startup initialization; their mounts are deferred until after the network is initialized.

2.1.7 PCCARD Support

On many modern hosts, PCCARD devices can be configured to route their interrupts via either the ISA or PCI interrupt paths. The pcic(4) driver has been updated to support both interrupt paths (formerly, only routing via ISA was supported). [MERGED] In most cases, configuration of PCMCIA devices in laptops is simpler and more flexible. In addition, various Cardbus bridge PCI cards (such as those used by Orinoco PCI NICs) are now supported. Some hosts may experience problems, such as hangs or panics, with PCI interrupt routing; they can frequently be made to work by forcing the older-style ISA interrupt routing. The following lines, placed in /boot/loader.conf, may fix the problem:

     hw.pcic.intr_path="1"
       hw.pcic.irq="0"

When installing FreeBSD on such a system, typing the following lines to the boot loader may be helpful in starting up FreeBSD for the first time:

     ok set hw.pcic.intr_path="1"
     ok set hw.pcic.irq="0"


2.1.8 Multimedia Support

     snd_maestro3_load="YES"

The bktr(4) driver has been updated to 2.18. This update provides a number of new features. New tuner types have been added, and improvements to the KLD module and to memory allocation have been made. Bugs in devfs(5) when unloading and reloading have been fixed. Support for new Hauppauge Model 44xxx WinTV Cards (the ones with no audio mux) has been added. [MERGED]

When sound modules are built, one can now load all the drivers and infrastructure by kldload snd. [MERGED]

A new API has been added for sound cards with hardware volume control.

2.1.9 Contributed Software

The Forth Inspired Command Language (FICL) used in the boot loader has been updated to 2.05.

Support for Advanced Configuration and Power Interface (ACPI), a multi-vendor standard for configuration and power management, has been added. This functionality has been provided by the Intel ACPI Component Architecture project, as of the ACPI CA 20020308 snapshot. Some backward compatability for applications using the older APM standard has been provided.

2.1.9.1 IPFilter

IPFilter has been updated to 3.4.20. [MERGED]

IPFilter now supports IPv6. [MERGED]

2.1.9.3 KAME

The IPv6 stack is now based on a snapshot based on the KAME Project's IPv6 snapshot as of 28 May, 2001. Most of the items listed in this section are a result of this import. Section 2.3.1.3 lists userland updates to the KAME IPv6 stack. [MERGED]

gif(4) is now based on RFC 2893, rather than RFC 1933. The IFF_LINK2 interface flag can be used to control ingress filtering. [MERGED]

IPSec has received some enhancements, including the ability to use the Rijndael and SHA2 algorithms. IPSec RC5 support has been removed due to patent issues. [MERGED]

stf(4) now conforms to RFC 3056; the IFF_LINK2 interface flag can be used to control ingress filtering. [MERGED]

IPv6 has better checking of illegal addresses (such as loopback addresses) on physical networks. [MERGED]

The IPV6_V6ONLY socket option is now completely supported. The kernel's default behavior with respect to this option is controlled by the net.inet6.ip6.v6only sysctl variable. [MERGED]

RFC 3041 (Privacy Extensions for Stateless Address Autoconfiguration) is now supported. It can be enabled via the net.inet6.ip6.use_tempaddr sysctl variable. [MERGED]

2.2 Security-Related Changes

sysinstall(8) now allows the user to select one of two ``security profiles'' at install-time. These profiles enable different levels of system security by enabling or disabling various system services in rc.conf(5) on new installs. [MERGED]

A bug in which malformed ELF executable images can hang the system has been fixed (see security advisory FreeBSD-SA-00:41). [MERGED]

A security hole in Linux emulation was fixed (see security advisory FreeBSD-SA-00:42). [MERGED]

String-handling library calls in many programs were fixed to reduce the possibility of buffer overflow-related exploits. [MERGED]

TCP now uses stronger randomness in choosing its initial sequence numbers (see security advisory FreeBSD-SA-00:52). [MERGED]

Several buffer overflows in tcpdump(1) were corrected (see security advisory FreeBSD-SA-00:61). [MERGED]

A security hole in top(1) was corrected (see security advisory FreeBSD-SA-00:62). [MERGED]

A potential security hole caused by an off-by-one-error in gethostbyname(3) has been fixed (see security advisory FreeBSD-SA-00:63). [MERGED]

A potential buffer overflow in the ncurses(3) library, which could cause arbitrary code to be run from within systat(1), has been corrected (see security advisory FreeBSD-SA-00:68). [MERGED]

A vulnerability in telnetd(8) that could cause it to consume large amounts of server resources has been fixed (see security advisory FreeBSD-SA-00:69). [MERGED]

The nat deny_incoming command in ppp(8) now works correctly (see security advisory FreeBSD-SA-00:70). [MERGED]

A vulnerability in csh(1)/ tcsh(1) temporary files that could allow overwriting of arbitrary user-writable files has been closed (see security advisory FreeBSD-SA-00:76). [MERGED]

The ssh(1) binary is no longer SUID root by default. [MERGED]

Some fixes were applied to the Kerberos IV implementation related to environment variables, a possible buffer overrun, and overwriting ticket files. [MERGED]

telnet(1) now does a better job of sanitizing its environment. [MERGED]

Several vulnerabilities in procfs(5) were fixed (see security advisory FreeBSD-SA-00:77). [MERGED]

A bug in OpenSSH in which a server was unable to disable ssh-agent(1) or X11Forwarding was fixed (see security advisory FreeBSD-SA-01:01). [MERGED]

A bug in ipfw(8) and ip6fw(8) in which inbound TCP segments could incorrectly be treated as being part of an established connection has been fixed (see security advisory FreeBSD-SA-01:08). [MERGED]

A bug in crontab(1) that could allow users to read any file on the system in valid crontab(5) syntax has been fixed (see security advisory FreeBSD-SA-01:09). [MERGED]

A vulnerability in inetd(8) that could allow read-access to the initial 16 bytes of wheel-accessible files has been fixed (see security advisory FreeBSD-SA-01:11). [MERGED]

A bug in periodic(8) that used insecure temporary files has been corrected (see security advisory FreeBSD-SA-01:12). [MERGED]

A bug in sort(1) in which an attacker might be able to cause it to abort processing has been fixed (see security advisory FreeBSD-SA-01:13). [MERGED]

OpenSSH now has code to prevent (instead of just mitigating through connection limits) an attack that can lead to guessing the server key (not host key) by regenerating the server key when an RSA failure is detected (see security advisory FreeBSD-SA-01:24). [MERGED]

A number of programs have had output formatting strings corrected so as to reduce the risk of vulnerabilities. [MERGED]

A number of programs that use temporary files now do so more securely. [MERGED]

A bug in ICMP that could cause an attacker to disrupt TCP and UDP ``sessions'' has been corrected. [MERGED]

A bug in timed(8), which caused it to crash if send certain malformed packets, has been corrected (see security advisory FreeBSD-SA-01:28). [MERGED]

A bug in rwhod(8), which caused it to crash if send certain malformed packets, has been corrected (see security advisory FreeBSD-SA-01:29). [MERGED]

A security hole in FreeBSD's FFS and EXT2FS implementations, which allowed a race condition that could cause users to have unauthorized access to data, has been fixed (see security advisory FreeBSD-SA-01:30). [MERGED]

A remotely-exploitable vulnerability in ntpd(8) has been closed (see security advisory FreeBSD-SA-01:31). [MERGED]

A security hole in IPFilter's fragment cache has been closed (see security advisory FreeBSD-SA-01:32). [MERGED]

Buffer overflows in glob(3), which could cause arbitrary code to be run on an FTP server, have been closed. In addition, to prevent some forms of DOS attacks, glob(3) allows specification of a limit on the number of pathname matches it will return. ftpd(8) now uses this feature (see security advisory FreeBSD-SA-01:33). [MERGED]

Initial sequence numbers in TCP are more thoroughly randomized (see security advisory FreeBSD-SA-01:39). Due to some possible compatibility issues, the behavior of this security fix can be enabled or disabled via the net.inet.tcp.tcp_seq_genscheme sysctl variable.[MERGED]

A vulnerability in the fts(3) routines (used by applications for recursively traversing a filesystem) could allow a program to operate on files outside the intended directory hierarchy. This bug has been fixed (see security advisory FreeBSD-SA-01:40). [MERGED]

FreeBSD's TCP implementation has been made more resistant to SYN floods, by eliminating the RST segment normally sent when removing a connection from the listen queue.

OpenSSH now switches to the user's UID before attempting to unlink the authentication forwarding file, nullifying the effects of a race.

A flaw allowed some signal handlers to remain in effect in a child process after being exec-ed from its parent. This allowed an attacker to execute arbitrary code in the context of a setuid binary. This flaw has been corrected (see security advisory FreeBSD-SA-01:42). [MERGED]

A remote buffer overflow in tcpdump(1) has been fixed (see security advisory FreeBSD-SA-01:48). [MERGED]

A remote buffer overflow in telnetd(8) has been fixed (see security advisory FreeBSD-SA-01:49). [MERGED]

The new net.inet.ip.maxfragpackets and net.inet.ip6.maxfragpackets sysctl variables limit the amount of memory that can be consumed by IPv4 and IPv6 packet fragments, which defends against some denial of service attacks (see security advisory FreeBSD-SA-01:52). [MERGED]

All services in inetd.conf are now disabled by default for new installations. sysinstall(8) gives the option of enabling or disabling inetd(8) on new installations, as well as editing inetd.conf. [MERGED]

A flaw in the implementation of the ipfw(8) me rules on point-to-point links has been corrected. Formerly, me filter rules would match the remote IP address of a point-to-point interface in addition to the intended local IP address (see security advisory FreeBSD-SA-01:53). [MERGED]

A vulnerability in procfs(5), which could allow a process to read sensitive information from another process's memory space, has been closed (see security advisory FreeBSD-SA-01:55). [MERGED]

The PARANOID hostname checking in tcp_wrappers now works as advertised (see security advisory FreeBSD-SA-01:56). [MERGED]

A local root exploit in sendmail(8) has been closed (see security advisory FreeBSD-SA-01:57). [MERGED]

A remote root vulnerability in lpd(8) has been closed (see security advisory FreeBSD-SA-01:58). [MERGED]

A race condition in rmuser(8) that briefly exposed a world-readable /etc/master.passwd has been fixed (see security advisory FreeBSD-SA-01:59). [MERGED]

A vulnerability in UUCP has been closed (see security advisory FreeBSD-SA-01:62). All non-root-owned binaries in standard system paths now have the schg flag set to prevent exploit vectors when run by cron(8), by root, or by a user other then the one owning the binary. In addition, uustat(1) is now run via /etc/periodic/daily/410.status-uucp as uucp, not root. In FreeBSD -CURRENT, UUCP has since been moved to the Ports Collection and no longer a part of the base system. [MERGED]

A security hole in the form of a buffer overflow in the semop(2) system call has been closed. [MERGED]

A security hole in OpenSSH, which could allow users to execute code with arbitrary privileges if UseLogin yes was set, has been closed. Note that the default value of this setting is UseLogin no. (See security advisory FreeBSD-SA-01:63.) [MERGED]

The use of an insecure temporary directory by pkg_add(1) could permit a local attacker to modify the contents of binary packages while they were being installed. This hole has been closed. (See security advisory FreeBSD-SA-02:01.) [MERGED]

A race condition in pw(8), which could expose the contents of /etc/master.passwd, has been eliminated. (See security advisory FreeBSD-SA-02:02.) [MERGED]

A bug in k5su(8) could have allowed a process that had given up superuser privileges to regain them. This bug has been fixed. (See security advisory FreeBSD-SA-02:07.) [MERGED]

An ``off-by-one'' bug has been fixed in OpenSSH's multiplexing code. This bug could have allowed an authenticated remote user to cause sshd(8) to execute arbitrary code with superuser privileges, or allowed a malicious SSH server to execute arbitrary code on the client system with the privileges of the client user. (See security advisory FreeBSD-SA-02:13.) [MERGED]

A programming error in zlib could result in attempts to free memory multiple times. The malloc(3)/ free(3) routines used in FreeBSD are not vulnerable to this error, but applications receiving specially-crafted blocks of invalid compressed data could be made to function incorrectly or abort. This zlib bug has been fixed. For a workaround and solutions, see security advisory FreeBSD-SA-02:18. [MERGED]

2.3 Userland Changes

If the first argument to ancontrol(8) or wicontrol(8) doesn't start with a -, it is assumed to be an interface.

apmd(8) now has the ability to monitor battery levels and execute commands based on percentage or minutes of battery life remaining via the apm_battery configuration directive. See the commented-out examples in /etc/apmd.conf for the syntax. [MERGED]

arp(8) now prints the applicable interface name for each ARP entry. [MERGED]

arp(8) now prints [fddi] or [atm] tags for addresses on interfaces of those types.

atacontrol(8) has been added to control various aspects of the ata(4) driver.

burncd(8) now supports a -m option for multisession mode (the default behavior now is to close disks as single-session). A -l option to take a list of image files from a filename was also added; - can be used as a filename for stdin. [MERGED]

burncd(8) now supports Disk At Once (DAO) mode, selectable via the -d flag.

burncd(8) now has the ability to write VCDs/SVCDs.

c89(1) has been converted from a shell script to a binary executable, fixing some minor bugs. [MERGED]

cat(1) now has the ability to read from UNIX-domain sockets. [MERGED]

cdcontrol(1) now supports a cdid command, which calculates and displays the CD serial number, using the same algorithm used by the CDDB database. [MERGED]

cdcontrol(1) now uses the CDROM environment variable to pick a default device. [MERGED]

cdcontrol(1) now supports next and prev commands to skip forwards or backwards a specified number of tracks while playing an audio CD. [MERGED]

chflags(1) has moved from /usr/bin to /bin.

chio(1) now has the ability to specify elements by volume tag instead of by their physical location as well as the ability to return an element to its previous location. [MERGED]

chmod(1) now supports a -h for changing the mode of a symbolic link.

chown(8) now correctly follows symbolic links named as command line arguments if run without -R. [MERGED]

chown(8) no longer takes . as a user/group delimeter. This change was made to support usernames containing a ..

Use of the CSMG_* macros no longer require inclusion of <sys/param.h>

col(1) now takes a -p flag to force unknown control sequences to be passed through unchanged. [MERGED]

The compat3x distribution has been updated to include libraries present in FreeBSD 3.5.1-RELEASE. [MERGED]

A compat4x distribution has been added for compatibility with FreeBSD 4-STABLE.

config(8) is now better about converting various warnings that should have been errors into actual fatal errors with an exit code. This ensures that make buildkernel doesn't quietly ignore them and build a bogus kernel without a human to read the errors. [MERGED]

A number of buffer overflows in config(8) have been fixed. [MERGED]

ctags(1) no longer creates a corrupt tags file if the source file used // (C++-style) comments. [MERGED]

The daemon(8) program, a command-line interface to daemon(3), has been added. It detaches itself from its controlling terminal and executes a program specified on the command line. This allows the user to run an arbitrary program as if it were written to be a daemon.

devinfo, a simple tool to print the device tree and resource usage by devices, has been added.

df(1) now takes a -l option to only display information about locally-mounted filesystems. [MERGED]

disklabel(8) now supports partition sizes expressed in kilobytes, megabytes, or gigabytes, in addition to sectors. [MERGED]

dmesg(8) now has a -a option to show the entire message buffer, including syslogd(8) records and /dev/console output. [MERGED]

du(1) now takes a -I command-line flag to ignore/skip files and subdirectories matching a specified shell-glob mask. [MERGED]

dump(8) now supports inheritance of the nodump flag down a hierarchy. [MERGED]

The -T option to dump(8) no longer swallows an extra argument. [MERGED]

dump(8) has a new -D option, allowing the path to the /etc/dumpdates file to be changed. [MERGED]

dump(8) now supplies progress information in its process title, useful for monitoring automated backups. [MERGED]

dump(8) now supports a new -S to allow it to just print out the dump size estimates and exit.

edquota(8) now takes a -f option to allow limiting the prototype quota distribution (specified with -p) to a single filesystem. [MERGED]

/etc/rc.firewall and /etc/rc.firewall6 will no longer add their own hardcoded rules in the cases of a rules file in the firewall_type variable or a non-existent firewall type. (The motivation for this change is to avoid acting on assumptions about a site's firewall policies.) In addition, the closed firewall type now works as documented in the rc.firewall(8) manual page. [MERGED]

The functionality of /etc/security has been been moved into a set of scripts under the periodic(8) framework, to make local customization easier and more maintainable. These scripts now reside in /etc/periodic/security/. [MERGED]

fbtab(5) now accepts glob matching patterns for target devices, not just individual devices and directories.

fdread(1), a program to read data from floppy disks, has been added. It is a counterpart to fdwrite(1) and is designed to provide a means of recovering at least some data from bad media, and to obviate for a complex invocation of dd(1).

find(1) now takes the -empty flag, which returns true if a file or directory is empty. [MERGED]

find(1) now takes the -iname and -ipath primaries for case-insensitive matches, and the -regexp and -iregexp primaries for regular-expression matches. The -E flag now enables extended regular expressions. [MERGED]

find(1) now has the -anewer, -cnewer, -mnewer, -okdir, and -newer[acm][acmt] primaries for comparisons of file timestamps. The latter primaries can be specified with various units of time. [MERGED]

finger(1) now has the ability to support fingering aliases, via the finger.conf(5) file. [MERGED]

finger(1) now has support for a .pubkey file.

fmt(1) has been rewritten; the rewrite fixes a number of bugs compared to its prior behavior. [MERGED]

fmtcheck(3), a function for checking consistency of format string arguments, has been added. [MERGED]

fsck(8) wrappers have been imported; this feature provides infrastructure for fsck(8) to work on different types of filesystems (analogous to mount(8)).

The behavior of fsck(8) when dealing with various passes (a la /etc/fstab) has been modified to accommodate multiple-disk filesystems.

fsck(8) now has support for foreground (-F) and background (-B) checks. Traditionally, fsck(8) is invoked before the filesystems are mounted and all checks are done to completion at that time. If background checking is available, fsck(8) is invoked twice. It is first invoked at the traditional time, before the filesystems are mounted, with the -F flag to do checking on all the filesystems that cannot do background checking. It is then invoked a second time, after the system has completed going multiuser, with the -B flag to do checking on all the filesystems that can do background checking. Unlike the foreground checking, the background checking is started asynchronously so that other system activity can proceed even on the filesystems that are being checked. Boot-time enabling of this feature is controlled by the background_fsck option in rc.conf(5).

Shortly after the receipt of a SIGINFO signal (normally control-T from the controlling tty), fsck_ffs(8) will now output a line indicating the current phase number and progress information relevant to the current phase. [MERGED]

fsck_ffs(8) now supports background filesystem checks to mounted FFS filesystems with the -B option (softupdates must be enabled on these filesystems). The -F flag now determines whether a specified filesystem needs foreground checking.

A new fsck_msdosfs(8) utility has been added to check the consistency of MS-DOS filesystems. [MERGED]

ftpd(8) now supports a -r flag for read-only mode and a -E flag to disable EPSV. It also has some fixes to reduce information leakage and the ability to specify compile-time port ranges. [MERGED]

ftpd(8) now supports -o and -O options to disable the RETR command; the former for everybody, and the latter only for guest users. Coupled with -A and appropriate file permissions, these can be used to create a relatively safe anonymous FTP drop box for others to upload to.

The getprogname(3) and setprogname(3) library functions have been added to manipulate the name of the current program. They are used by error-reporting routines to produce consistent output. [MERGED]

gprof(1) now has a -K option to enable dynamic symbol resolution from the currently-running kernel. With this change, properly-compiled KLD modules are now able to be profiled.

growfs(8), a utility for growing FFS filesystems, has been added. ffsinfo(8), a utility for dump all the meta-information of an existing filesystem, has also been added. [MERGED]

The groups(1) and whoami(1) shell scripts are now unnecessary; their functionality has been completely folded into id(1). [MERGED]

The ibcs2(8), linux(8), osf1(8), and svr4(8) scripts, whose sole purpose was to load emulation kernel modules, have been removed. The kernel module system will automatically load them as needed to fulfill dependencies.

indent(1) has gained some new formatting options. [MERGED]

ifconfig(8) command can set the link-layer address of an interface using the lladdr parameter. [MERGED]

ifconfig(8) can now accept addresses in slash/CIDR notation. [MERGED]

ifconfig(8) now has support for setting parameters for IEEE 802.11 wireless network devices. wi(4) and an(4) devices are supported, and partial support is provided for awi(4) devices. [MERGED]

ifconfig(8) no longer displays the list of supported media by default. Instead it displays it when the -m flag is given. [MERGED]

The syntax of inetd(8)'s support for faithd(8) is now compatible with that of other BSDs. [MERGED]

The ident protocol support in inetd(8) has been cleaned up and updated. [MERGED]

inetd(8) now has the ability to manage UNIX-domain sockets. [MERGED]

install(1) has a number of new features, including the -b and -B options for backing up existing target files and the -S option for ``safe'' (atomic copy) operation. The -c (copy) flag is now the default, and the -D (debugging) flag has been withdrawn. install(1) now issues a warning if -d (create directories) and -C (copy changed files only) are used together. [MERGED]

IP Filter is now supported by the rc.conf(5) boot-time configuration and initialization. [MERGED]

ipfstat(8) now supports the -t option to turn on a top(1)-like display. [MERGED]

ipfw(8) will now avoid the display of dynamic firewall rules unless the -d flag is passed to it. The -e option lists expired dynamic rules. [MERGED]

ipfw(8) has a new feature (me) that allows for packet matching on interfaces with dynamically-changing IP addresses. [MERGED]

ipfw(8) has a new limit type of firewall rule, which limits the number of sessions between address pairs. [MERGED]

ipfw(8) filter rules can now match on the value of the IPv4 precedence field.

ip6fw(8) now has the ability to use a preprocessor and use the -q (quiet) flag when reading from a file. [MERGED]

kenv(1), a command to dump the kernel environment, has been added. [MERGED]

keyinfo(1) is now a C program, rather than a Perl script. [MERGED]

killall(1) is now a C program, rather than a Perl script. As a result, its -m option now uses the regular expression syntax of regex(3), rather than that of perl(1). [MERGED]

killall(1) now allows non-root users to kill SUID root processes that they started, the same as the Perl version did. [MERGED]

The kldconfig(8) utility has been added to make it easier to manipulate the kernel module search path. [MERGED]

last(1) now implements a -d that provides a ``snapshot'' of who was logged in at a particular date and time. [MERGED]

last(1) now supports a -y flag, which causes the year to be included in the session start time.

The lastlogin(8) utility, which prints the last login time of each user, has been imported from NetBSD. [MERGED]

ldconfig(8) now checks directory ownerships and permissions for greater security; these checks can be disabled with the -i flag. [MERGED]

ldd(1) can now be used on shared libraries, in addition to executables. [MERGED]

ldd(1) now supports a -a flag to list all the objects that are needed by each loaded object.

libc is now thread-safe by default; libc_r contains only thread functions.

libcrypt and libdescrypt have been unified to provide a configurable password authentication hash library. Both the md5 and des hash methods are provided unless the des hash is specifically compiled out. [MERGED]

libcrypt now has support for Blowfish password hashing. [MERGED]

libstand now has support for filesystems containing bzip2-compressed files. [MERGED]

libstand now has support for overwriting the contents of a file on a UFS filesystem (it cannot expand or truncate files because the filesystem may be dirty or inconsistent).

The default TCP port range used by libfetch for passive FTP retrievals has changed; this affects the behavior of fetch(1), which has gained the -U option to restore the old behavior. [MERGED]

libfetch now has support for an authentication callback. [MERGED]

libfetch now has support for a HTTP_USER_AGENT environment variable. [MERGED]

libgmp has been superceded by libmp.

The functions from libposix1e have been integrated into libc.

ln(1) now takes an -i option to request user confirmation before overwriting an existing file. [MERGED]

ln(1) now takes a -h flag to avoid following a target that is a link, with a -n flag for compatibility with other implementations. [MERGED]

logger(1) can now send messages directly to a remote syslog. [MERGED]

login(1) now exports environment variables set by PAM modules. [MERGED]

lpc(8) has been improved; lpc clean is now somewhat safer, and a new lpc tclean command has been added to check to see what files would be removed by lpc clean. [MERGED]

lpd(8) now takes two new options: -c will log all connection errors to syslogd(8), while -W will allow connections from non-reserved ports. [MERGED]

lpd(8) now has some support for o-type print-file actions in its control files, which allows printing of PostScript files generated by MacOS 10.1. [MERGED]

lpr(1), lpq(1), and lpd(8) have received a few minor enhancements. [MERGED]

Catching up with most other network utilities in the base system, lpr(1), lpd(8), syslogd(8), and logger(1) are now all IPv6-capable. [MERGED]

lprm - now works for remote printer queues. [MERGED]

ls(1) can produce colorized listings with the -G flag (and appropriate terminal support). The CLICOLOR environment variable can be set to enable colorized listings by default. [MERGED]

mail(1) now takes a -E flag to avoid sending messages with empty bodies. [MERGED]

make(1) has gained the :C/// (regular expression substitution), :L (lowercase), and :U (uppercase) variable modifiers. These were added to reduce the differences between the FreeBSD and OpenBSD/NetBSD make(1) programs. [MERGED]

Bugs in make(1), among which include broken null suffix behavior, bad assumptions about current directory permissions, and potential buffer overflows, have been fixed. [MERGED]

The new CPUTYPE make.conf variable controls the compilation of processor-specific optimizations in various pieces of code such as OpenSSL. [MERGED]

The FreeBSD Makefile infrastructure now supports the WARNS directive from NetBSD. This directive controls the addition of compiler warning flags to CFLAGS in a relatively compiler-neutral manner. [MERGED]

man(1) is no longer installed SUID man, in order to reduce vulnerabilities associated with generating ``catpages'' (preformatted manual pages cached for repeated viewing). As a result, man(1) can no longer create system catpages on a regular user's behalf. It is still able to do so if the user has write permissions to the directory holding catpages (e.g. a user's own manpages) or if the running user is root.

The mdmfs(8) command has been added; it is a wrapper around mdconfig(8), disklabel(8), newfs(8), and mount(8) that mimics the command line option set of the deprecated mount_mfs(8).

mergemaster(8) now sources an /etc/mergemaster.rc file and also prompts the user to run recommended commands (such as newaliases) as needed. [MERGED]

moused(8) now takes a -a option to control mouse acceleration. [MERGED]

mtree(8) now includes support for a file that lists pathnames to be excluded when creating and verifying prototypes. This makes it easier to use mtree(8) as a part of an intrusion-detection system. [MERGED]

natd(8) now supports a -log_ipfw_denied option to log packets that cannot be re-injected because they are blocked by ipfw(8) rules. [MERGED]

The ``in use'' percentage metric displayed by netstat(1) now really reflects the percentage of network mbufs used. [MERGED]

netstat(1) now has a -W flag that tells it not to truncate addresses, even if they're too long for the column they're printed in. [MERGED]

netstat(1) now keeps track of input and output packets on a per-address basis for each interface. [MERGED]

netstat(1) now has a -z flag to reset statistics. [MERGED]

netstat(1) now has a -S flag to print address numerically but port names symbolically. [MERGED]

newfs(8) now implements write combining, which can make creation of new filesystems up to seven times faster. [MERGED]

newfs(8) now takes a -U option to enable softupdates on a new filesystem. [MERGED]

The default number of cylinders per group in newfs(8) is now computed to be the maximum allowable given the current filesystem parameters. It can be overridden with the -c option. Formerly, the default was fixed at 16. This change leads to better fsck(8) performance and reduced fragmentation. [MERGED]

The default block and fragment sizes for new filesystems created by newfs(8) are now 16384 and 2048 bytes, respectively (the old defaults were 8192 and 1024 bytes). This change generally provides increased performance, at the expense of some wasted disk space. [MERGED]

newsyslog(8) now has the ability to compress log files using bzip2(1). [MERGED]

NFS now works over IPv6.

ngctl(8) now supports a write command to send a data packet down a given hook. [MERGED]

nl(1), a line numbering filter program, has been added. [MERGED]

nsswitch support has been merged from NetBSD. By creating an nsswitch.conf(5) file, FreeBSD can be configured so that various databases such as passwd(5) and group(5) can be looked up using flat files, NIS, or Hesiod. The old hosts.conf file is no longer used.

PAM support has been added for account management and sessions.

PAM configuration is now specified by files in /etc/pam.d/, rather than a single /etc/pam.conf file. /etc/pam.d/README has more details.

A number of new PAM modules have been added.

passwd(1) and pw(8) now select the password hash algorithm at run time. See the passwd_format attribute in /etc/login.conf. [MERGED]

pax(1) has received a number of enhancements, including cpio(1) functionality, tar(1) compatibility enhancements, -z and -Z flags for gzip(1) and compress(1) functionality, and a number of bug fixes.

pciconf(8) now supports a -v option to display the vendor/device information of configured devices, in conjunction with the -l option. The default vendor/device database can be found at /usr/share/misc/pci_vendors. [MERGED]

The behavior of periodic(8) is now controlled by /etc/defaults/periodic.conf and /etc/periodic.conf. [MERGED]

ping(8) now supports a -m option to set the TTL of outgoing packets. [MERGED]

ping(8) now supports a -A option to beep when packets are lost. [MERGED]

Userland ppp(8) has received a number of updates and bug fixes. [MERGED]

ppp(8) has gained the tcpmssfixup option, which adjusts outgoing and incoming TCP SYN packets so that the maximum receive segment size is no larger than allowed by the interface MTU. [MERGED]

ppp(8) now supports IPv6.

pppd(8) (the control program for kernel-level PPP) is now installed mode 4550 and root:dialer, rather than mode 4555 (in other words, it is no longer world-executable). Users of pppd(8) may need to change their group settings. [MERGED]

The -W option to ps(1) (to extract information from a specified swap device) has been useless for some time; it has been removed. [MERGED]

pwd(1) can now double as realpath(1), a program to resolve pathnames to their underlying physical paths. [MERGED]

The pseudo-random number generator implemented by rand(3) has been improved to provide less biased results.

rc(8) now has an framework for handling dependencies between rc.conf(5) variables. [MERGED]

rc(8) now deletes all non-directory files in /var/run and /var/spool/lock at boot time. [MERGED]

rcmd(3) now supports the use of the RSH environment variable to specify a program to use other than rsh(1) for remote execution. As a result, programs such as dump(8), can use ssh(1) for remote transport.

rdist(1) has been retired from the base system, but is still available from FreeBSD Ports Collection as net/44bsd-rdist.

The resolver(3) in FreeBSD now implements EDNS0 support, which will be necessary when working with IPv6 transport-ready resolvers/DNS servers. [MERGED]

The rfork_thread(3) library call has been added as a helper function to rfork(2). Using this function should avoid the need to implement complex stack swap code. [MERGED]

The -v option to rm(1) now displays the entire pathname of a file being removed.

route(8) is now more verbose when changing indirect routes, in the case of a gateway route that is the same route as the one being modified. [MERGED]

route(8) now uses host/bits syntax instead of net/bits syntax, for compatibility with netstat(1). [MERGED]

route(8) can now create ``proxy only'' published ARP entries. [MERGED]

The route(8) add command now supports the -ifp and -ifa modifiers. [MERGED]

rpcbind(8) has replaced portmap(8).

rpcgen(1) now uses /usr/bin/cpp (as on NetBSD), not /usr/libexec/cpp.

rpc.lockd(8) has been imported from NetBSD. This daemon provides support for servicing client NFS locks.

The performance of the ELF dynamic linker rtld(1) has been improved. [MERGED]

RSA Security has waived all patent rights to the RSA algorithm. As a result, the native OpenSSL implementation of the RSA algorithm is now activated by default, and the security/rsaref port and the librsaUSA and librsaINTL libraries are no longer required for USA and non-USA residents respectively. [MERGED]

rtld(1) will now print the names of all objects that cause each object to be loaded, if the LD_TRACE_LOADED_OBJECTS_ALL environment variable is defined.

savecore(8) now supports a -k option to prevent clearing a crash dump after saving it. It also attempts to avoid writing large stretches of zeros to crash dump files to save space and time. [MERGED]

savecore(8) now works correctly on machines with 2 GB or more of RAM. [MERGED]

sed(1) now takes a -E option for extended regular expression support. [MERGED]

send-pr(1) now takes a -a option to include a file into the Fix: section of a problem report. [MERGED]

The setfacl(1) and getfacl(1) commands - have been added to manage file system Access Control + have been added to manage filesystem Access Control Lists.

setproctitle(3) has been moved from libutil to libc. [MERGED]

sh(1) now implements test as a built-in command for improved efficiency. [MERGED]

sh(1) no longer implements printf as a built-in command because it was considered less valuable compared to the other built-in commands (this functionality is, of course, still available through the printf(1) executable).

sockstat(1) now has -c and -l flags for listing connected and listening sockets, respectively. [MERGED]

split(1) now has the ability to split a file longer than 2GB. [MERGED]

In preparation for meeting SUSv2/POSIX <sys/select.h> requirements, struct selinfo and related functions have been moved to <sys/selinfo.h>.

The strnstr(3) and strcasestr(3) variants of strstr(3) have been implemented. [MERGED]

stty(1) now has support for an erase2 control character, so that, for example, both the Delete and Backspace keys can be used to erase characters. [MERGED]

style.perl(7), a style guide for Perl code in the FreeBSD base system, has been added. [MERGED]

su(1) now uses PAM for authentication.

Boot-time syscons(4) configuration was moved to a machine-independent /etc/rc.syscons. [MERGED]

sysctl(8) now supports a -N option to print out variable names only. [MERGED]

sysctl(8) has replaced the -A and -X options with -ao and -ax respectively; the former options are now deprecated. The -w option is deprecated as well; it is not needed to determine the user's intentions. [MERGED]

sysctl(8) now supports a -e option to separate variable names and values by = rather than :. This feature is useful for producing output that can be fed back to sysctl(8). [MERGED]

sysinstall(8) now properly preserves /etc/mail during a binary upgrade. [MERGED]

sysinstall(8) now uses some more intuitive defaults thanks to some new dialog support functions. [MERGED]

The default root partition in sysinstall(8) is now 100MB on the i386 and 120MB on the Alpha.

sysinstall(8) now lives in /usr/sbin, which simplifies the installation process. The sysinstall(8) manpage is also installed in a more consistent fashion now.

sysinstall(8) now has the ability to load KLDs as a part of the installation. [MERGED]

When run from the installation media, sysinstall(8) will automatically load any device drivers found in the /stand/modules directory of the mfsroot floppy or filesystem image. Note that any drivers so loaded will not appear in the kernel's boot messages; the sysinstall(8) debugging screen will provide additional information. [MERGED]

sysinstall(8) now enables Soft Updates by default on all filesystems it creates, except for the root filesystem. [MERGED]

sysinstall(8) has received updates for its ``auto'' partitioning mode which provide more reasonable defaults for the sizes of partitions that are created; auto-sized partitions can now also recover the space that becomes available when other partitions are deleted. [MERGED]

syslogd(8) can take a -n option to disable DNS queries for every request. [MERGED]

syslogd(8) now supports a LOG_CONSOLE facility (disabled by default), which can be used to log /dev/console output. [MERGED]

syslogd(8) now has the ability to bind to a specific address (as opposed to using every available one) via the -b option. [MERGED]

syslogd(8) now accepts a -c flag to disable repeated line compression. [MERGED]

tail(1) now has the ability to work on files longer than 2GB. [MERGED]

tar(1) now supports the TAR_RSH variable, principally to enable the use of ssh(1) as a transport. [MERGED]

telnet(1) now does autologin and encryption by default; a new -y option turns off encryption.

telnet(1) now supports a -u flag to allow connections to UNIX-domain (AF_UNIX) sockets. [MERGED]

tftpd(8) now takes the -c and -C options, which allow the server to chroot(2) based on the IP address of the connecting client. tftp(1) and tftpd(8) can now transfer files larger than 65535 blocks. [MERGED]

tftpd(8) now supports RFC 2349 (TFTP Timeout Interval and Transfer Size Options); this feature is required by some firmware like EFI boot managers (at least on HP i2000 Itanium servers) in order to boot an image using TFTP.

timed(8) now works on the alpha.

A version of Transport Independent RPC (TI-RPC) has been imported.

tmpnam(3) will now use the TMPDIR environment variable, if set, to specify the location of temporary files. [MERGED]

tip(1) has been updated from OpenBSD, and has the ability to act as a cu(1) substitute.

top(1) will now use the full width of its tty.

touch(1) now takes a -h option to operate on a symbolic link, rather than what the link points to.

The truncate(1) utility, which truncates or extends the length of files, has been added. [MERGED]

Ukrainian language support has been added to the FreeBSD console. [MERGED]

UUCP has been removed from the base system. It can be found in the Ports Collection, in net/freebsd-uucp.

units(1) has received some updates and bugfixes. [MERGED]

usbdevs(8) now supports a -d flag to show the device driver associated with each device.

uudecode(1) now accepts a -o option to set its output file.

vidcontrol(1) now accepts a -g parameter to select custom text geometry in the VESA_800x600 raster text mode. [MERGED]

vidcontrol(1) now allows the user to omit the font size specification when loading a font, and has some better error-handling. [MERGED]

vidcontrol(1) now supports a -p option to take a snapshot of a syscons(4) video buffer. These snapshots can be manipulated by the graphics/scr2png utility in the Ports Collection. [MERGED]

vidcontrol(1) now supports a -C option to clear the history buffer for a given tty, as well as a -h option to set the size of the history buffer. [MERGED]

The default stripe size in vinum(8) has been changed from 256KB to 279KB, to spread out superblocks more evenly between stripes.

wall(1) now supports a -g flag to write a message to all users of a given group. [MERGED]

watch(8) now takes a -f option to specify a snp(4) device to use. [MERGED]

which(1) is now a C program, rather than a Perl script.

whois(1) now directs queries for IP addresses to ARIN. If a query to ARIN references APNIC or RIPE, the appropriate server will also be queried, provided that the -Q option is not specified. [MERGED]

whois(1) supports a -c option to specify a country code to help direct queries towards a particular whois server. [MERGED]

xargs(1) now supports a -J replstr option that allows the user to tell xargs(1) to insert the data read from standard input at a specific point in the command line arguments rather than at the end. [MERGED]

The compiler chain now uses the FSF-supplied C/C++ runtime initialization code. This change brings about better compatibility with code generated from the various egcs and gcc ports, as well as the stock public FSF source. [MERGED]

The threads library has gained some signal handling changes, bug fixes, and performance enhancements (including zero system call thread switching). gdb(1) thread support has been updated to match these changes. [MERGED]

Significant additions have been made to internationalization support; FreeBSD now has complete locale support for the LC_MONETARY, LC_NUMERIC, and LC_MESSAGES categories. A number of applications have been updated to take advantage of this support.

Locale names have been changed to improve compatibility with the names used by X11R6, as well as a number of other UNIX versions. As an example, the en_US.ISO_8859-1 locale name has been changed to en_US.ISO8859-1. Entries in /etc/locale.alias provide backward compatibility. [MERGED]

/usr/src/share/examples/BSD_daemon/ now contains a scalable Beastie graphic. [MERGED]

As part of an ongoing process, many manual pages were improved, both in terms of their formatting markup and in their content. [MERGED]

2.3.1 Contributed Software

am-utils has been updated to 6.0.7.

awk from Bell Labs (variously known as ``BWK awk'' or ``The One True AWK'') has been imported. It is available as awk on the sparc64 architecture, and nawk on other architectures.

bc has been updated from 1.04 to 1.06. [MERGED]

The ISC library from the BIND distribution is now built as libisc. [MERGED]

BIND is now built with the NOADDITIONAL flag, which causes named(8) to operate in a more consistent fashion for certain common misconfigurations. [MERGED]

BIND has been updated to 8.3.1-REL. [MERGED]

Binutils has been updated to 2.12.0.

bzip2 1.0.2 has been imported; this brings the bzip2(1) program and the libbz2 library to the base system. [MERGED]

The ee(1) Easy Editor has been updated to 1.4.2. [MERGED]

file has been updated to 3.37.

gcc has been updated to 2.95.3. [MERGED]

gcc(1) now uses a unified libgcc rather than a separate one for threaded and non-threaded programs. /usr/lib/libgcc_r.a can be removed. [MERGED]

gcc(1) now supports the environment variable GCC_OPTIONS, which can hold a set of default options for GCC. [MERGED]

GNATS has been updated to 3.113. [MERGED]

GNU awk has been updated to 3.1.0. It is available as gawk on the sparc64 architecture, and as awk on other architectures.

gperf has been updated to 2.7.2.

groff and its related utilities have been updated to FSF version 1.17.2. This import brings in a new mdoc(7) macro package (sometimes referred to as mdocNG), which removes many of the limitations of its predecessor. [MERGED]

Heimdal has been updated to 0.3f.

The version of IPFilter provided with FreeBSD now includes the ipfs(8) program, which allows state information created for NAT entries and stateful rules to be saved to disk and restored after a reboot. Boot-time configuration of these features is supported by rc.conf(5). [MERGED]

The ISC DHCP client has been updated to 3.0.1RC6.

Kerberos IV has been updated to 1.0.5. [MERGED]

The more(1) command has been replaced by less(1), although it can still be run as more. [MERGED] Version 371 of less has been imported.

libpcap has been updated to 0.6.2. [MERGED]

libreadline has been updated to 4.2.

libz has been updated to 1.1.4.

lint has been updated to snapshot of NetBSD lint(1) as of 3 March 2002.

lukemftp (the FTP client from NetBSD) has replaced the FreeBSD ftp(1) program. Among its new features are more automation methods, better standards compliance, transfer rate throttling, and a customizable command-line prompt. Some environment variables and command-line arguments have changed.

The FTP daemon from NetBSD, otherwise known as lukemftpd, has been imported and is available as lukemftpd(8).

ncurses has been updated to 5.2-20010512.

The NTP suite of programs has been updated to 4.1.0. [MERGED]

OpenPAM (``Centaury'' release) has been imported, replacing Linux-PAM.

The OPIE one-time-password suite has been updated to 2.32. [MERGED] It has completely replaced the functionality of S/Key.

Perl has been updated to version 5.6.0.

routed(8) has been updated to version 2.22. [MERGED]

tcpdump has been updated to 3.6.3. [MERGED]

The csh(1) shell has been replaced by tcsh(1), although it can still be run as csh. tcsh has been updated to version 6.11. [MERGED]

The contributed version of tcp_wrappers now includes the tcpd(8) helper daemon. While not strictly necessary in a standard FreeBSD installation (because inetd(8) already incorporates this functionality), this may be useful for inetd(8) replacements such as xinetd.

top has been updated to version 3.5b12.

traceroute(8) now takes its default maximum TTL value from the net.inet.ip.ttl sysctl variable. [MERGED]

The timezone database has been updated to the tzdata2001d release. [MERGED]

2.3.1.1 CVS

cvs has been updated to 1.11.1p1. [MERGED]

The default value for cvs(1)'s CVS_RSH variable is now ssh, rather than rsh. [MERGED]

cvs(1) now supports a -T option to update a sandbox's CVS/Template file from the repository. [MERGED]

cvs(1) diff now supports the -j option to perform differences against a revision relative to a branch tag. [MERGED]

2.3.1.2 CVSup

CVSup, a frequently used utility in the FreeBSD Ports Collection, was formerly installable using several ports and packages. The net/cvsup-bin and net/cvsupd-bin ports/packages are no longer necessary or available; the net/cvsup port should be used instead. [MERGED]

CVSup has been updated to 16.1_3, which is available in the FreeBSD Ports Collection as net/cvsup. This update fixes a long-standing (but only recently encountered) bug which affects the timestamps on all files after Sun Sep 9 01:46:40 UTC 2001 (1,000,000,000 seconds after the UNIX epoch). [MERGED]

2.3.1.3 KAME

The IPv6 stack is now based on a snapshot based on the KAME Project's IPv6 snapshot as of 28 May, 2001. Most of the items listed in this section are a result of this import. Section 2.1.9.3 lists kernel updates to the KAME IPv6 stack. [MERGED]

faithd(8) now supports a configuration file for access control. [MERGED]

ifconfig(8) can now perform the functions of gifconfig(8). [MERGED]

ifconfig(8) can now perform the functions of prefix(8). prefix(8) is now a shell script for partial backwards compatibility. [MERGED]

ndp(8) now implements garbage collection for stale NDP entries, as described in RFC 2461 (Neighbor Discovery for IP Version 6 (IPv6)). [MERGED]

pim6dd(8) and pim6sd(8) have been removed due to restrictive licensing conditions. These programs are available in the ports collection as net/pim6dd and net/pim6sd. [MERGED]

route6d(8) now supports an -n flag to avoid updating the kernel forwarding table. [MERGED]

The -R (router renumbering) option to rtadvd(8) is currently ignored. [MERGED]

2.3.1.4 OpenSSH

OpenSSH has been updated to 2.9, which provides support for the SSH2 protocol (now the default) and DSA keys. ssh-add(1) and ssh-agent(1) can now handle DSA keys, with support for authentication forwarding. OpenSSH users in the USA no longer need to rely on the restrictively-licensed RSAREF toolkit which is required to handle RSA keys. Among other new features: A client and server for sftp has been added. scp(1) can now handle files larger than 2 GBytes. A limit on the number of outstanding, unauthenticated connections in sshd(8) has been added. Support has been added for the Rijndael encryption algorithm. Rekeying of existing sessions is now supported, and an experimental SOCKS4 proxy has been added to ssh(1).

OpenSSH can now authenticate using OPIE passwords in SSH1 mode. Support is not yet available in SSH2 mode. [MERGED]

PAM support for OpenSSH has been added.

A long-standing bug in OpenSSH, which sometimes resulted in a dropped session when an X11-forwarded client was closed, was fixed.

Kerberos compatibility has been added to OpenSSH. [MERGED]

OpenSSH has been modified to be more resistant to traffic analysis by requiring that ``non-echoed'' characters are still echoed back in a null packet, as well as by padding passwords sent so as not to hint at password lengths. [MERGED]

sshd(8) is now enabled by default on new installs. [MERGED]

sshd(8) X11Forwarding is now turned on by default on the server (any risk is to the client, where it is already disabled by default). [MERGED]

In /etc/ssh/sshd_config, the ConnectionsPerPeriod parameter has been deprecated in favor of MaxStartups. [MERGED]

OpenSSH now has a VersionAddendum configuration setting for sshd(8) to allow changing the part of the OpenSSH version string after the main version number.

2.3.1.5 OpenSSL

OpenSSL has been updated to 0.9.6c.

OpenSSL now has support for machine-dependent ASM optimizations, activated by the new MACHINE_CPU and/or CPUTYPE make.conf variables. [MERGED]

2.3.1.6 sendmail

sendmail has been updated from version 8.9.3 to version 8.12.2. Important changes include: sendmail(8) is no longer installed as a set-user-ID root binary (now set-group-ID smmsp); new default file locations (see /usr/src/contrib/sendmail/cf/README); newaliases(1) is limited to root and trusted users; STARTTLS encryption; and the MSA port (587) is turned on by default. See /usr/src/contrib/sendmail/RELEASE_NOTES for more information. [MERGED]

mail.local(8) is no longer installed as a set-user-ID binary. If you are using a /etc/mail/sendmail.cf from the default sendmail.cf included with FreeBSD any time after 3.1.0, you are fine. If you are using a hand-configured sendmail.cf and mail.local for delivery, check to make sure the F=S flag is set on the Mlocal line. Those with .mc files who need to add the flag can do so by adding the following line to their .mc file and regenerating the sendmail.cf file:

     MODIFY_MAILER_FLAGS(`LOCAL',`+S')dnl

Note that FEATURE(`local_lmtp') already does this. [MERGED]

The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY commands. [MERGED]

vacation(1) has been updated to use the version included with sendmail. [MERGED]

The sendmail configuration building tools are installed in /usr/share/sendmail/cf/. [MERGED]

New make.conf options: SENDMAIL_MC and SENDMAIL_ADDITIONAL_MC. See /usr/share/examples/etc/make.conf for more information. [MERGED]

/etc/mail/Makefile now supports: the new SENDMAIL_MC make.conf option; the ability to build .cf files from .mc files; generalized map rebuilding; rebuilding the aliases file; and the ability to stop, start, and restart sendmail. [MERGED]

The smmsp and mailnull users have been added to /etc/master.passwd. In the absence of a confDEF_USER_ID setting, by default, sendmail will use the mailnull user for extra security. Previously, if the mailnull user did not exist, the daemon user was used. This change may generate some permissions issues when mailing to files or to programs (such as mail/majordomo). [MERGED] The previous behavior can be restored by adding the following line to a system's *.mc configuration file:

     define(`confDEF_USER_ID', `daemon')


2.3.2 Ports/Packages Collection

BSDPAN, a collection of modules that provides tighter integration of Perl into the FreeBSD Ports Collection, has been added.

pkg_create(1) and pkg_add(1) can now work with packages that have been compressed using bzip2(1). pkg_add(1) will use the PACKAGEROOT environment variable to determine a mirror site for new packages. [MERGED]

pkg_create(1) now records dependencies in dependency order rather than in the order specified on the command line. This improves the functioning of pkg_add -r. [MERGED]

pkg_create(1) now supports a -b to create a package file from a locally-installed package. [MERGED]

When requested to delete multiple packages, pkg_delete(1) will now attempt to remove them in dependency order rather than the order specified on the command line. [MERGED]

pkg_delete(1) now can perform glob/regexp matching of package names. In addition, it supports a -a option for removing all packages and a -i option for rm(1)-style interactive confirmation. [MERGED]

pkg_delete(1) now supports a -r option for recursive package removal. [MERGED]

pkg_info(1) now supports globbing against names of installed packages. The -G option disables this behavior, and the -x option causes regular expression matching instead of shell globbing. [MERGED]

pkg_info(1) can now accept a -g flag for verifying an installed package against its recorded checksums (to see if it's been modified post-installation). Naturally, this mechanism is only as secure as the contents of /var/db/pkg if it's to be used for auditing purposes. [MERGED]

pkg_sign(1) and pkg_check(1) have been added to digitally sign and verify the signatures on binary package files. [MERGED]

pkg_update(1), a utility to update installed packages and update their dependencies, has been added. [MERGED]

pkg_version(1) now has a version number comparison routine that corresponds to the Porters Handbook. It also has a -t option for testing address comparisons. [MERGED]

pkg_version(1) now takes a -s flag to limit its operation to ports/packages matching a given string. [MERGED]

Version numbers of installed packages have a new (backward-compatible) syntax, which supports the PORTREVISION and PORTEPOCH variables in Ports Collection Makefiles. These changes help keep track of changes in the ports collection entries such as security patches or FreeBSD-specific updates, which aren't reflected in the original, third-party software distributions. pkg_version(1) can now compare these new-style version numbers. [MERGED]

To improve performance and disk utilization, the ``ports skeletons'' in the FreeBSD Ports Collection have been restructured. Installed ports and packages should not be affected. [MERGED]

All packages and ports now contain an ``origin'' directive, which makes it easier for programs such as pkg_version(1) to determine the directory from which a package was built. [MERGED]

3 Upgrading from previous releases of FreeBSD

If you're upgrading from a previous release of FreeBSD, you generally will have three options:

  • Using the binary upgrade option of sysinstall(8). This option is perhaps the quickest, although it presumes that your installation of FreeBSD uses no special compilation options.

  • Performing a complete reinstall of FreeBSD. Technically, this is not an upgrading method, and in any case is usually less convenient than a binary upgrade, in that it requires you to manually backup and restore the contents of /etc. However, it may be useful in cases where you want (or need) to change the partitioning of your disks.

  • From source code in /usr/src. This route is more flexible, but requires more disk space, time, and more technical expertise. Upgrading from very old versions of FreeBSD may be problematic; in cases like this, it is usually more effective to perform a binary upgrade or a complete reinstall.



Please read the INSTALL.TXT file for more information, preferably before beginning an upgrade. If you are upgrading from source, please be sure to read /usr/src/UPDATING as well.

Finally, if you want to use one of various means to track the -STABLE or -CURRENT branches of FreeBSD, please be sure to consult the ``-CURRENT vs. -STABLE'' section of the FreeBSD Handbook.

Important: Upgrading FreeBSD should, of course, only be attempted after backing up all data and configuration files.

This file, and other release-related documents, can be downloaded from ftp://current.FreeBSD.org/pub/FreeBSD/.

For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

All users of FreeBSD 5-CURRENT should subscribe to the <current@FreeBSD.org> mailing list.

For questions about this documentation, e-mail <doc@FreeBSD.org>.



diff --git a/en/releases/5.0R/DP1/relnotes-i386.html b/en/releases/5.0R/DP1/relnotes-i386.html index 91d14ee3e4..aa57066b50 100644 --- a/en/releases/5.0R/DP1/relnotes-i386.html +++ b/en/releases/5.0R/DP1/relnotes-i386.html @@ -1,5441 +1,5441 @@ FreeBSD/i386 5.0-DP1 Release Notes

FreeBSD/i386 5.0-DP1 Release Notes

The FreeBSD Project

Copyright © 2000, 2001, 2002 by The FreeBSD Documentation Project

$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v 1.299 2002/03/13 05:41:41 bmah Exp $

The release notes for FreeBSD 5.0-DP1 contain a summary of the changes made in the FreeBSD base system since 4.0-RELEASE. Both changes for kernel and userland are listed, as well as applicable security advisories that were issued since the last release. Some brief remarks on upgrading are also presented.

Table of Contents
1 Introduction
2 What's New
2.1 Kernel Changes
2.1.1 Processor/Motherboard Support
2.1.2 Bootloader Changes
2.1.3 Network Interface Support
2.1.4 Network Protocols
2.1.5 Disks and Storage
2.1.6 Filesystems
2.1.7 PCCARD Support
2.1.8 Multimedia Support
2.1.9 Contributed Software
2.2 Security-Related Changes
2.3 Userland Changes
2.3.1 Contributed Software
2.3.2 Ports/Packages Collection
3 Upgrading from previous releases of FreeBSD

1 Introduction

This document contains the release notes for FreeBSD 5.0-DP1 on the IA-32 hardware platform. It describes new features of FreeBSD that have been added (or changed) since 4.0-RELEASE. It also provides some notes on upgrading from previous versions of FreeBSD.

The snapshot distribution to which these release notes apply represents a point along the 5-CURRENT development branch between 4.0-RELEASE and the future 5.0-RELEASE. Some pre-built, binary snapshot distributions along this branch can be found at ftp://current.FreeBSD.org/pub/FreeBSD/.

2 What's New

This section describes the most user-visible new or changed features in FreeBSD since 4.0-RELEASE. Typical release note items document new drivers or hardware support, new commands or options, major bugfixes, or contributed software upgrades. Security advisories issued after 4.0-RELEASE are also listed. In general, changes described here are unique to the 5-CURRENT branch unless specifically marked as [MERGED] features.

Many additional changes were made to FreeBSD that are not listed here for lack of space. For example, documentation was corrected and improved, minor bugs were fixed, insecure coding practices were audited and corrected, and source code was cleaned up.

2.1 Kernel Changes

The amdpm(4) driver has been added to provide access to the system monitoring functions of the AMD 756 chipset. [MERGED]

The agp(4) driver for AGP devices has been added. [MERGED]

A new ddb(4) command show pcpu lists some of the per-CPU data.

Two new ddb(4) commands, hwatch and dhwatch, have been introduced. Analogous to watch and dwatch, they install hardware watchpoints (as opposed to software watchpoints) if supported by the architecture. [MERGED]

devfs(5), which allows entries in the /dev directory to be built automatically and supports more flexible attachment of devices, has been largely reworked. devfs(5) is now enabled by default and can be disabled by the NODEVFS kernel option.

The dgm driver has been removed in favor of the digi driver.

A new digi driver has been added to support PCI Xr-based and ISA Xem Digiboard cards. A new digictl(8) program is (mainly) used to re-initialize cards that have external port modules attached such as the PC/Xem.

An eaccess(2) system call has been added, similar to access(2) except that the former uses effective credentials rather than real credentials.

The ichsmb(4) driver for the Intel 82801AA (ICH) SMBus controller and compatibles has been added. [MERGED]

Each jail(2) environment can now run under its own securelevel.

The tunable sysctl variables for jail(2) have moved from jail.* to the security.* hierarchy. Other security-related sysctl variables have moved from kern.security.* to security.*.

The kern.maxvnodes limit now properly limits the number of vnodes in use. Previously only vnodes with no cached pages could be freed; this could allow the number of vnodes to grow without limit on large-memory machines accessing many small files. A vnlru kernel thread helps to flush and reuse vnodes. [MERGED]

The kernel message buffer is now accessible by the (machine-independent) kern.msgbuf sysctl variable; dmesg(8) no longer needs to be SGID kmem. [MERGED]

The kqueue(2) event notification facility was added to the FreeBSD kernel. This is a new interface which is able to replace poll(2)/ select(2), offering improved performance, as well as the ability to report many different types of events. Support for monitoring changes in sockets, pipes, fifos, and files are present, as well as for signals and processes. [MERGED]

A new KVA_SPACE kernel option can be used to reconfigure the size of the kernel virtual address space. [MERGED]

The labpc(4) driver has been removed due to ``bitrot''.

The loader and kernel linker now look for files named linker.hints in each directory with KLDs for a module name and version to KLD filename mapping. The new kldxref(8) utility is used to generate these files.

Linux emulation now supports the kernel functionality required by the emulators/linux_base-7 (RedHat 7.X emulation) port. [MERGED]

Linux emulation now requires options SYSVSEM in the kernel configuration. [MERGED]

lomac(4), a Low-Watermark Mandatory Access Control security facility, has been added as a kernel module. It provides a drop-in security mechanism in addition to the traditional UID-based security facilities, requiring no additional configuration from the administrator. Work on this feature was sponsored by DARPA and NAI Labs.

The maxusers kernel configuration parameter is now a boot-time tunable variable. The kernel parameters derived from maxusers are now also tunables and can be overridden at boot-time. The hz parameter is also now a tunable. [MERGED]

Specifying a value of 0 for the maxusers kernel configuration parameter will now cause an appropriate value to be calculated at boot-time (between 32 and 384, depending on the amount of memory present). This value is now the default for all GENERIC kernels. [MERGED]

The kernel configuration parameters MAXTSIZ, DFLDSIZ, MAXDSIZ, DFLSSIZ, MAXSSIZ, and SGROWSIZ are all loader tunables (kern.maxtsiz, kern.maxdfldsiz, etc.). [MERGED]

The NCPU, NAPIC, NBUS, and NINTR kernel configuration options, for configuring SMP kernels, have been removed. NCPU is now set to a maximum of 16, and the other, aforementioned options are now dynamic. [MERGED]

A nmdm(4) null-modem terminal driver has been added. [MERGED]

The O_DIRECT flag has been added to open(2) and fcntl(2). Specifying this flag for open files will attempt to minimize the cache effects of reading and writing. [MERGED]

An orm(4) device has been added to claim the option ROMs in the ISA memory I/O space, to prevent other drivers from mistakenly assigning addresses that conflict with these ROMs. [MERGED]

PECOFF (Win32 Execution file format) support has been added.

The pmc driver, which supports the power management controller of the NEC PC-98NOTE, has been added. [MERGED]

POSIX.1b Shared Memory Objects are now supported. The implementation uses regular files, but automatically enables the MAP_NOSYNC flag when they are mmap(2)-ed. [MERGED]

Replaced the PQ_*CACHE options with a single PQ_CACHESIZE option to be set to the cache size in kilobytes. The old options are still supported for backwards compatibility. [MERGED]

The puc(4) (PCI ``Universal'' Communications) driver has been added, to help connect PCI-based serial ports to the sio(4) driver. [MERGED]

The random(4) device has been rewritten to use the Yarrow algorithm. It harvests entropy from a variety of interrupt sources, including the console devices, Ethernet and point-to-point network interfaces, and mass-storage devices. Entropy from the random(4) device is now periodically saved to files in /var/db/entropy, as well as at shutdown time. The semantics of /dev/random have changed; it never blocks waiting for entropy bits but generates a stream of pseudo-random data and now behaves exactly as /dev/urandom.

A new kernel option, options REGRESSION, enables interfaces and functionality intended for use during correctness and regression testing.

The snp(4) device is no longer static and can now be compiled as a module. [MERGED]

The spic(4) driver, which provides access to the jog dial device on some Sony laptops, has been added.

The syscons(4) driver now supports keyboard-controlled pasting, by default bound to Shift-Insert.

Support for USB devices was added to the GENERIC kernel and to the installation programs to support USB devices out of the box. Note that SRM does not support USB devices at the moment, so you must still use an AT keyboard if you are not using a serial console. [MERGED]

The umodem driver for USB modems has been added. Support is provided for the 3Com 5605 and Metricom Ricochet GS wireless USB modems. [MERGED]

The uscanner(4) driver for basic USB scanner support using SANE has been added. See the SANE home page for supported scanners. The HP ScanJet 4100C, 5200C and 6300C are known to be working. [MERGED]

The USER_LDT kernel option is now activated by default.

A VESA S3 linear framebuffer driver has been added.

Write combining for crashdumps has been implemented. This feature is useful when write caching is disabled on both SCSI and IDE disks, where large memory dumps could take up to an hour to complete. [MERGED]

Extremely large swap areas (>67 GB) no longer panic the system.

The buildkernel target now gets the name of the configuration(s) to build from the KERNCONF variable, not KERNEL. It is no longer required, in some cases, for a buildworld to precede a buildkernel. (The buildworld is still required when upgrading across major releases, across binutil updates and when config(8) changes version.) [MERGED]

The out-of-swap process termination code now begins killing processes earlier to avoid deadlocks; it now also takes into account the swap space used by processes when computing the process sizes. [MERGED]

Linker sets are now self-contained; gensetdefs(8) is unnecessary and has been removed.

Numerous SMP-friendly changes have been made to the kernel's mbuf allocator.

Network device cloning has been implemented, and the gif(4) device has been modified to take advantage of it. Thus, instead of specifying how many gif(4) interfaces are available in kernel configuration files, ifconfig(8)'s create option should be used when another device instance is desired. [MERGED]

It is now possible to hardwire kernel environment variables (such as tuneables) at compile-time using config(8)'s ENV directive.

Idle zeroing of pages can be enabled with the vm.zeroidle_enable sysctl variable.

The load addresses of kernels are now exported to the symbol table and various hard-coded constants have been removed so that utilities such as ps(1) can work with kernels compiled at different addresses. [MERGED]

Coredumps of large processes (or of a large number of processes) no longer lock up the machine for long periods of time. [MERGED]

The kernel is now aware of the concept that there are smaller units of scheduling than a process (but only one thread per process is allowed at this time).

The kernel now has support for multiple low-level console devices. The new conscontrol(8) utility helps to manage the different consoles.

The kernel on the installation CDs is now separated from the mfsroot image. This permits the use of a full kernel when installing from CD on machines that support CD booting (instead of the stripped-down kernel used on floppies). [MERGED]

The system load average computation now adds some jitter to the timing of samples, in order to avoid synchronization with processes that run periodically. [MERGED]

If a debugging kernel with modules is being built (i.e. using makeoptions DEBUG=-g), the modules will now be built with debugging support as well, for completeness. A side effect of this change is that modules built and installed with debugging kernels will now occupy more space on disk than they did previously. [MERGED]

The kernel dump device can now be set via the dumpdev loader tunable. As a result, it is now possible to obtain crash dumps from panics during the late stages of kernel initialization (before the system enters into single-user mode). [MERGED]

2.1.1 Processor/Motherboard Support

SMP support has been largely reworked, incorporating code from BSD/OS 5.0. One of the main features of SMPng (``SMP Next Generation'') is to allow more processes to run in kernel, without the need for spin locks that can dramatically reduce the efficiency of multiple processors. Interrupt handlers now have contexts associated with them that allow them to be blocked, which reduces the need to lock out interrupts.

Support for the 80386 processor has been removed from the GENERIC kernel, as this code seriously pessimizes performance on other IA32 processors.

The I386_CPU kernel option to support the 80386 processor is now mutually exclusive with support for other IA32 processors; this should slightly improve performance on the 80386 due to the elimination of runtime processor type checks.

Custom kernels that will run on the 80386 can still be built by changing the cpu options in the kernel configuration file to only include I386_CPU.

Detection for new processors, such as the FC-PGA2 Pentium III (Tualatin), Transmeta Crusoe, and Transmeta Crusoe LongRun, has been added. [MERGED]

Support for Streaming SIMD Extensions (SSE) has been introduced. The CPU_ENABLE_SSE kernel option controls whether support is compiled into the kernel. [MERGED]

The CPU_ATHLON_SSE_HACK kernel option has been added, which attempts to enable the SSE feature bit on newer Athlon CPUs if the BIOS has forgotten to enable it.

2.1.2 Bootloader Changes

A new cdboot bootstrap utility for CDROMs provides better compatability with some BIOS implementations that do not completely implement the El Torito bootable CDROM standard. This boot loader supports ``no emulation'' mode booting, thus eliminating the need for an emulated floppy disk image on a bootable CDROM. [MERGED]

The i386 boot loader now has support for a nullconsole console type, for use on systems with neither a video console nor a serial port. [MERGED]

The loader(8) now has optional support (enabled at compile-time, off by default) for loading bzip2-compressed kernels and modules. [MERGED]

Support for Intel's Wired for Management 2.0 (PXE) was added to the FreeBSD boot loader. Due to API differences, the older PXE versions are not supported. This allow network booting using DHCP. [MERGED]

The FreeBSD boot loader now contains a workaround to support CDROM booting on certain IBM BIOSs that expect the first sector of the emulated floppy to contain a valid MS-DOS BPB that they can modify. [MERGED]

The FreeBSD boot loader now supports a -p flag to force the kernel to pause after each line of output during the probing phase. [MERGED]

The FreeBSD boot loader is now capable of booting from filesystems with block sizes larger than 8K. [MERGED]

The kernel and modules have been moved to the directory /boot/kernel, so they can be easily manipulated together. The boot loader has been updated to make this change as seamless as possible.

2.1.3 Network Interface Support

The an(4) driver for Cisco Aironet cards now supports Wired Equivalent Privacy (WEP) encryption, settable via ancontrol(8). [MERGED]

The an(4) driver now supports the Cisco Aironet 350 series of adaptors. [MERGED]

The an(4) driver now supports ``monitor'' mode, settable via the -M option to ancontrol(8). [MERGED]

The an(4) driver now supports Cisco LEAP, as well as the ``Home'' WEP key. The Linux Aironet utilities are now supported under emulation. [MERGED]

Generic support for ARCNET token-based networks has been added. [MERGED]

The bge(4) driver has been added to support the Broadcom BCM570x family of Gigabit Ethernet controllers, including the 3Com 3c996-T, the SysKonnect SK-9D21 and SK-9D41, and the built-in Gigabit Ethernet NICs on Dell PowerEdge 2550 servers. Output TCP/IP checksum offload, jumbo frames and VLAN tag insertion/stripping are supported, as well as interrupt moderation. [MERGED]

The cm driver has been added to support SMC COM90cx6 ARCNET network adapters. [MERGED]

The dc(4) driver now supports NICs based on the Xircom 3201 and Conexant LANfinity RS7112 chips.

The dc(4) driver now has support for VLANs. [MERGED]

The de(4) driver now performs round-robin arbitration between the transmit and receive units of the 21143, instead of giving priority to the receive unit. This gives a 10-15% performance improvement in the forwarding rate under heavy load. [MERGED]

Linksys Fast Ethernet PCCARD cards supported by the ed(4) driver now require the addition of flag 0x80000 to their config line in pccard.conf(5). This flag is not optional. These Linksys cards will not be recognized without it. [MERGED]

A bug in the ed(4) driver that could cause panics with very short packets and BPF or bridging active has been fixed. [MERGED]

The ed(4) driver now has support for D-Link DL10022 chips, necessary for the NetGear FA-410TX and other cards. As a result, device miibus is required in kernel configurations using the ed(4) driver. [MERGED]

The el(4) driver can now be loaded as a module.

The em(4) driver has been added to support NICs based on the Intel 82542, 82543, and 82544 Gigabit Ethernet controller chips. The driver supports transmit/receive checksum offload and jumbo frames on 82543 and 82544-based adapters. [MERGED]

The faith(4) device is now loadable, unloadable, and clonable. [MERGED]

Support for Fujitsu MB86960A/MB86965A based Ethernet PC-Cards has been added back in the fe(4) driver. [MERGED]

The fxp(4) driver now requires a device miibus entry in the kernel configuration file. [MERGED]

The fxp(4) driver now contains a workaround for PCI protocol violations caused by defects in some systems based on the Intel ICH2/ICH2-M chip. The workaround is to rewrite the EEPROM on the interface to disable Dynamic Standby Mode; once the EEPROM is rewritten, the system needs to be rebooted for the new settings to take effect. [MERGED]

The fxp(4) driver now supports Intel's loadable microcode to implement receive-side interrupt coalescing and packet bundling, on NICs that support these features. This support can be activated by the use of the link0 option to ifconfig(8). [MERGED]

The gx(4) driver has been added to support NICs based on the Intel 82542 and 82543 Gigabit Ethernet controller chips. Both fiber and copper variants of the cards are supported. Both boards support VLAN tagging/insertion, and the 82543 additionally supports TCP/IP checksum offload. [MERGED]

The lge(4) driver has been added to support the Level 1 LXT1001 NetCellerator Gigabit Ethernet controller chip. This device is used on some fiber optic GigE cards from SMC, D-Link and Addtron. Jumbograms and TCP/IP checksum offload on receive are supported, although hardware VLAN filtering is not. [MERGED]

Added the nge(4) driver, which supports PCI Gigabit Ethernet adapters based on the National Semiconductor DP83820 and DP83821 Gigabit Ethernet controller chips, including the D-Link DGE-500T, SMC EZ Card 1000 (SMC9462TX), Asante FriendlyNet GigaNIC 1000TA and 1000TPC and Addtron AEG320T. This driver supports transmit and receive checksum offloading. [MERGED]

The pcn(4) driver, which supports the AMD PCnet/FAST, PCnet/FAST+, PCnet/FAST III, PCnet/PRO, PCnet/Home, and HomePNA adapters, has been added. Although these cards are already supported by the lnc(4) driver, the pcn(4) driver runs these chips in 32-bit mode and uses the RX alignment feature to achieve zero-copy receive. This driver is also machine-independent, so it will work on both the i386 and Alpha platforms. The lnc(4) driver is still needed to support non-PCI cards. [MERGED]

The ray(4) driver, which supports the Webgear Aviator wireless network cards, has been committed. The operation of ray(4) interfaces can be modified by raycontrol(8). [MERGED]

The sbni driver, for supporting the Granch SBNI12 series of ISA and PCI point-to-point communications interfaces, has been added. The sysutils/sbniconfig port in the FreeBSD Ports Collection can be used for configuring these devices. [MERGED]

Added support for PCI Ethernet adapters based on the SiS 900 and SiS 7016 Fast Ethernet controller chips (for example, as seen on the SiS 635 and 735 motherboard chipsets), as well as the National Semiconductor DP83815 chipset (including the NetGear FA311-TX and FA312-TX) in the form of the sis(4) driver. This device has support for VLANs. [MERGED]

The snc driver for the National Semiconductor DP8393X (SONIC) Ethernet controller has been added. Currently, this driver is only used on the PC-98 architecture. [MERGED]

The stf(4) device is now clonable.

The tap(4) driver, a virtual Ethernet device driver for bridged configurations, has been added. This device is clonable. [MERGED]

The ti(4) driver now supports the Alteon AceNIC 1000baseT Gigabit Ethernet and Netgear GA620T 1000baseT Gigabit cards. [MERGED]

The ti(4) driver correctly masks VLAN tags. [MERGED]

The txp(4) driver has been added to support NICs based on the 3Com 3XP Typhoon/Sidewinder (3CR990) chipset. [MERGED]

vlan(4) devices are now loadable, unloadable, and clonable. [MERGED]

The wi(4) driver now has support for Prism II and Prism 2.5-based NICs. 104/128-bit WEP now works on Prism cards. [MERGED]

The xl(4) driver now supports the 3Com 3C556 and 3C556B MiniPCI adapters used on some laptops. [MERGED]

The xl(4) driver now supports reception of VLAN tagged frames (on the ``Cyclone'' or newer chipsets). [MERGED]

The xl(4) driver now supports send- and receive-side TCP/IP checksum offloading for NICs implementing this feature, such as the 3C905B, 3C905C, and 3C980C. [MERGED]

A bug in the xl(4) driver, related to statistics overflow interrupt handling, was causing slowdowns at medium to high packet rates; this has been fixed. [MERGED]

The per-interface ifnet structure now has the ability to indicate a set of capabilities supported by a network interface, and which ones are enabled. ifconfig(8) has support for querying these capabilities. [MERGED]

Performance with hosts having a large number of IP aliases has been improved, by replacing the per-interface if_inaddr linear list with a hash table. [MERGED]

Network devices now automatically appear as special files in /dev/net. Interface hardware ioctls (not protocol or routing) can be performed on these devices. The SIOCGIFCONF ioctl may be performed on the special /dev/network node.

Selected network drivers now implement a semi-polling mode, which makes systems much more resilient to attacks and overloads. To enable polling, the following options are required in a kernel configuration file:

     options DEVICE_POLLING
     options HZ=1000 # not compulsory but strongly recommended
The kern.polling.enable sysctl variable will then activate polling mode; with the kern.polling.user_frac sysctl indicating the percentage of CPU time to be reserved for userland. The devices initially supporting polling are dc(4), fxp(4), and sis(4). More details can be found in the polling(4) manual page. [MERGED]

The packet-forwarding performance of certain network drivers (specifically dc(4) and sis(4)) has been enhanced by the elimination of unnecessary buffer copies. [MERGED]

2.1.4 Network Protocols

accept_filter(9), a kernel feature to reduce overheads when accepting and reading new connections on listening sockets, has been added. [MERGED]

The proxy modifier to arp(8)'s -d option has been renamed to pub, for consistency with the -s option. The only keyword has been added to the -s and -S flags, to be used in creating ``proxy-only'' published entries. [MERGED]

The read timeout feature of bpf(4) now works more correctly with select(2)/ poll(2), and therefore with pthreads. [MERGED]

bridge(4) and dummynet(4) have received some enhancements and bug fixes, and are now loadable modules. [MERGED]

bridge(4) now has better support for multiple, fully-independent bridging clusters, and is much more stable in the presence of dynamic attachments and detatchments. Full support for VLANs is also supported. [MERGED]

ICMP ECHO and TSTAMP replies are now rate limited. TCP RSTs generated due to packets sent to open and unopen ports are now limited by separate counters. Each rate limiting queue now has its own description.

ICMP UNREACH_FILTER_PROHIB messages can now RST TCP connections in the SYN_SENT state if the correct sequence numbers are sent back, as controlled by the net.inet.tcp.icmp_may_rst sysctl.

IP multicast now works on VLAN devices. Several other bugs in the VLAN code have also been fixed.

A bug in the IPSec processing for IPv4, which caused the inbound SPD checks to be ignored, has been fixed. [MERGED]

ipfw(4) now filters correctly in the presence of ECN bits in TCP segments. [MERGED]

A new ng_eth(4) netgraph node allows Ethernet type packets to be filtered to different hooks depending on ethertype.

The ng_gif(4) and ng_gif_demux(4) netgraph nodes, for operating on gif(4) devices, have been added.

The ng_ip_input(4) netgraph node, for queueing IP packets into the main IP input processing code, has been added.

The ng_mppc(4) and ng_bridge(4) node types have been added to the netgraph(4) subsystem. The ng_ether(4) node is now dynamically loadable. Miscellaneous bug fixes and enhancements have also been made. [MERGED]

A new netgraph node type ng_one2many(4) for multiplexing and demultiplexing packets over multiple links has been added. [MERGED]

A new sysctl net.inet.ip.check_interface, which is on by default, causes IP to verify that an incoming packet arrives on an interface that has an address matching the packet's destination address. [MERGED]

A new sysctl net.link.ether.inet.log_arp_wrong_iface has been added to control the suppression of logging when ARP replies arrive on the wrong interface. [MERGED]

A new options RANDOM_IP_ID kernel option causes the ID field of IP packets to be randomized. This closes a minor information leak which allows a remote observer to determine the rate at which the machine is generating packets, since the default behavior is to increment a counter for each packet sent. [MERGED]

TCP has received some bug fixes for its delayed ACK behavior. [MERGED]

TCP now supports the NewReno modification to the TCP Fast Recovery algorithm. This behavior can be controlled via the net.inet.tcp.newreno sysctl variable. [MERGED]

TCP now uses a more aggressive timeout for initial SYN segments; this allows initial connection attempts to be dropped much faster. [MERGED]

The TCP_COMPAT_42 kernel option has been removed. [MERGED]

The TCP_RESTRICT_RST kernel option has been removed. Similar functionality can be achieved with the net.inet.tcp.blackhole sysctl variable. [MERGED]

TCP now has RFC 1323 extensions enabled by default in rc.conf(5). [MERGED]

RFC 1323 and RFC 1644 TCP extensions are now disabled for a connection in progress if no response has been received by the third SYN segment sent. This behavior tries to work around (very old) terminal servers with buggy VJ header compression implementations. [MERGED]

The TCP implementation no longer requires the allocation of a TCP template structure for each connection; this should reduce the buffer usage on large systems handling many connections. [MERGED]

TCP's default buffer sizes, controlled by the net.inet.tcp.sendspace and net.inet.tcp.recvspace sysctl variables, have been increased to 32K and 64K respectively. Previously, the default for both buffer sizes was 16K. To try to avoid increasing congestion, the default value for net.inet.tcp.local_slowstart_flightsize has been changed from infinity to 4. [MERGED]

Note: On busy hosts, the new larger buffer sizes may require manually increasing the NMBCLUSTERS parameter, either in the kernel configuration file or via the kern.ipc.nmbclusters loader tunable. netstat -mb can be used to monitor the state of mbuf clusters.



TCP now supports RFC 1948 (Defending Against Sequence Number Attacks). This functionality is controlled by the net.inet.tcp.strict_rfc1948 and net.inet.tcp.isn_reseed_interval sysctl variables. [MERGED]

The TCP implementation in FreeBSD now implements a cache of outstanding, received SYN segments. Incoming SYN segments now cause entries to be placed in the cache until the TCP three-way handshake is complete, at which point, memory is allocated for the connection as usual. In addition, all TCP Initial Sequence Numbers (ISNs) are used as cookies, allowing entries in the cache to be dropped, but still have their corresponding ACKs accepted later. The combination of the so-called ``syncache'' and ``syncookies'' features makes a host much more resistant to TCP-based Denial of Service attacks. Work on this feature was sponsored by DARPA and NAI Labs. [MERGED]

A bug in the TCP implementation, which could cause connections to stall if a sender saw a zero-sized window, has been corrected. [MERGED]

The TCP implementation now properly ignores packets addressed to IP-layer broadcast addresses. [MERGED]

2.1.5 Disks and Storage

Support for the Adaptec FSA family of PCI-SCSI RAID controllers has been added, in the form of the aac(4) driver. This driver includes proper handling of commands initiated by the adapter, addition/removal of disk devices, crashdump functionality, and ioctl(2) commands necessary for the management CLI, and is fully qualified and sanctioned by Adaptec. [MERGED]

The ahc(4) driver has received numerous updates, bugfixes, and enhancements. Among various improvements are improved compatibility with chips in ``RAID Port'' mode and systems with AAA and/or ARO cards installed, as well as performance improvements. Some bugs were also fixed, including a rare hang on Ultra2/U160 controllers. [MERGED]

The asr(4) driver, which provides support for the Adaptec SCSI RAID controller family, as well as the DPT SmartRAID V and VI families, has been added. [MERGED]

The asr(4) driver now supports the Adaptec 2000S and 2005S Zero-Channel RAID controllers. [MERGED]

The ata(4) driver now has support for ATA100 controllers. In addition, it now supports the ServerWorks ROSB4 ATA33 chipset, the CMD 648 ATA66 and CMD 649 ATA100 chipsets, and the Cyrix 5530. [MERGED]

To provide more flexible configuration, the various options for the ata(4) driver are now boot loader tunables, rather than kernel configure-time options. [MERGED]

The ata(4) driver now has support for tagged queuing, which is enabled by the hw.ata.tags loader tunable. [MERGED]

The ata(4) driver now has support for ATA ``pseudo'' RAID controllers as the Promise Fasttrak and HighPoint HPT370 controllers. [MERGED]

The ata(4) driver now supports a wider variety of SiS chipsets, as listed in the Hardware Notes. [MERGED]

The ata(4) driver now has support for rebuilding failed drives in a RAID1 configuration, under control of atacontrol(8)

The BurnProof(TM) feature, for applicable ATAPI CD-ROM burners, is now supported. [MERGED]

The ata(4) driver now has support for 48-bit addressing. Devices larger than 137GB are now supported. [MERGED]

The ata(4) driver now contains fixes for some data corruption problems on systems using the VIA 82C686B Southbridge chip. [MERGED]

The CAM error recovery code has been updated.

The cd(4) driver now has support for write operations. This allows writing to DVD-RAM, PD and similar drives that probe as CD devices. Note that change affects only random-access writeable devices, not sequential-only writeable devices such as CD-R drives, which are supported by cdrecord(1) (a part of sysutils/cdrtools in the Ports Collection. [MERGED]

The ciss driver, for devices utilizing the Common Interface for SCSI-3 Support, has been added. This driver supports the Compaq SmartRAID 5* family of RAID controllers (5300, 532, 5i). [MERGED]

The fdc(4) floppy disk has undergone a number of enhancements. Density selection for common settings is now automatic; the driver is also much more flexible in setting the densities of various subdevices.

The ida disk driver now has crashdump support. [MERGED]

The iir driver has been added to support the Intel Integrated RAID controllers, as well as prior ICP Vortex controllers.

The isp(4) driver is now proactive about discovering Fibre Channel topology changes.

The isp(4) driver now supports target mode for Qlogic SCSI cards, including Ultra2 and Ultra3 and dual bus cards.

The isp(4) driver now supports the Qlogic 2300 and 2312 Optical Fibre Channel PCI cards. [MERGED]

md(4), the memory disk device, has had the functionality of vn(4) incorporated into it. md(4) devices can now be configured by mdconfig(8). vn(4) has been removed. The Memory Filesystem (MFS) has also been removed.

The mly(4) driver, for Mylex PCI to SCSI AccelRAID and eXtremeRAID controllers with firmware 6.X and later, has been added. [MERGED]

The ncv, nsp, and stg drivers have been ported from NetBSD/pc98. They support the NCR 53C50 / Workbit Ninja SCSI-3 / TMC 18C30, 18C50 based PC-Card/ISA SCSI controllers. All three drivers can be built and loaded as modules. [MERGED]

Some problems in sa(4) error handling have been fixed, including the ``tape drive spinning indefinitely upon mt(1) stat'' problem.

The twe(4) 3ware ATA RAID driver has added. [MERGED]

The vinum(4) volume manager has received some bug fixes and enhancements.

The wd(4) compatibility devices were removed from the ata(4) driver. [MERGED]

2.1.6 Filesystems

Support for named extended attributes was added to the FreeBSD kernel. This allows the kernel, and appropriately privileged userland processes, to tag files and directories with attribute data. Extended attributes were added to support the TrustedBSD Project, in particular ACLs, capability data, and mandatory access control labels (see /usr/src/sys/ufs/ufs/README.extattr for details).

Due to a licensing change, softupdates have been integrated into the main portion of the kernel source tree. As a consequence, softupdates are now available with the GENERIC kernel. [MERGED]

A filesystem snapshot capability has been added to FFS. Details can be found in /usr/src/sys/ufs/ffs/README.snapshot.

Softupdates for FFS have received some bug fixes and enhancements.

When running with softupdates, statfs(2) and df(1) will track the number of blocks and files that are committed to being freed.

A bug in FFS that could cause superblock corruption on very large filesystems has been corrected. [MERGED]

The Inode Filesystem (IFS) has been added; more information can be found in /usr/src/sys/ufs/ifs/README.

The ISO-9660 filesystem now has a hook that supports a loadable character conversion routine. The sysutils/cd9660_unicode port contains a set of common conversions.

kernfs(5) is obsolete and has been retired.

A bug in the NFS client that caused bogus access times with O_EXCL|O_CREAT opens was fixed. [MERGED]

A new NFS hash function (based on the Fowler/Noll/Vo hash algorithm) has been implemented to improve NFS performance by increasing the efficiency of the nfsnode hash tables. [MERGED]

Client-side NFS locks have been implemented.

The client-side and server-side of the NFS code in the kernel used to be intertwined in various complex ways. They have been split apart for ease of maintenance and further development.

-

Support for file system Access Control Lists (ACLs) +

Support for filesystem Access Control Lists (ACLs) has been introduced, allowing more fine-grained control of discretionary access control on files and directories. This support was integrated from the TrustedBSD Project. More details can be found in /usr/src/sys/ufs/ufs/README.acls.

The directory layout preference algorithm for FFS (dirprefs) has been changed. Rather than scattering directory blocks across a disk, it attempts to group related directory blocks together. Operations traversing large directory hierarchies, such as the FreeBSD Ports tree, have shown marked speedups. This change is transparent and automatic for new directories. [MERGED]

smbfs (CIFS) support in kernel has been added. The userland programs smbutil(1) and mount_smbfs(8) can be used to work with SMB shares. Note that mount_smbfs(8) will automatically load the smbfs.ko module into the kernel, even if LIBMCHAIN and LIBICONV were not compiled into the kernel. [MERGED]

For consistency, the fdesc, fifo, null, msdos, portal, umap, and union filesystems have been renamed to fdescfs, fifofs, msdosfs, nullfs, portalfs, umapfs, and unionfs. Where applicable, modules and mount_* programs have been renamed. Compatibility ``glue'' has been added to mount(8) so that msdos filesystem entries in fstab(5) will work without changes.

pseudofs, a pseudo-filesystem framework, has been added. linprocfs(5) and procfs(5) have been modified to use pseudofs.

A simple hash-based lookup optimization for large directories called dirhash has been added. Conditional on the UFS_DIRHASH kernel option (enabled by default in the GENERIC kernel), it improves the speed of operations on very large directories at the expense of some memory. [MERGED]

The virtual memory subsystem now backs UFS directory memory requirements by default (this behavior is controlled via the vfs.vmiodirenable sysctl variable). [MERGED]

A bug that prevented the root filesystem from being mounted from a SCSI CDROM has been fixed (ATAPI CDROMs were always supported). [MERGED]

A number of bugs in the filesystem code, discovered through the use of the fsx filesystem test tool, have been fixed. Under certain circumstances (primarily related to use of NFS), these bugs could cause data corruption or kernel panics. [MERGED]

Network filesystems (such as NFS and smbfs filesystems) listed in /etc/fstab can now be properly mounted during startup initialization; their mounts are deferred until after the network is initialized.

2.1.7 PCCARD Support

The pccard driver and pccardc(8) now support multiple ``beep types'' upon card insertion and removal. [MERGED]

On many modern hosts, PCCARD devices can be configured to route their interrupts via either the ISA or PCI interrupt paths. The pcic(4) driver has been updated to support both interrupt paths (formerly, only routing via ISA was supported). [MERGED] In most cases, configuration of PCMCIA devices in laptops is simpler and more flexible. In addition, various Cardbus bridge PCI cards (such as those used by Orinoco PCI NICs) are now supported. Some hosts may experience problems, such as hangs or panics, with PCI interrupt routing; they can frequently be made to work by forcing the older-style ISA interrupt routing. The following lines, placed in /boot/loader.conf, may fix the problem:

     hw.pcic.intr_path="1"
       hw.pcic.irq="0"

When installing FreeBSD on such a system, typing the following lines to the boot loader may be helpful in starting up FreeBSD for the first time:

     ok set hw.pcic.intr_path="1"
     ok set hw.pcic.irq="0"


Preliminary Cardbus support under NEWCARD has been added. This code supports the TI113X, TI12XX, TI125X, Ricoh 5C46/5C47, Topic 95/97/100 and Cirrus Logic PD683X bridges. 16-bit PC Card support is not yet functional.

2.1.8 Multimedia Support

The pcm(4) driver now supports the ESS Solo 1, Maestro-1, Maestro-2, and Maestro-2e; Forte Media fm801, ESS Maestro-2e, and VIA Technologies VT82C686A sound card/chipsets, and has received some other updates. Separate drivers for the SoundBlaster 8 and SoundBlaster 16 now replace an older, unified driver. A driver for the CMedia CMI8338/CMI8738 sound chips has been added. A driver for the CS4281 sound chip has been added. A driver for the S3 SonicVibes chipset has been added. [MERGED]

A driver for the Avance Logic ALS4000 has been added. [MERGED]

A driver for the ESS Maestro-3/Allegro has been added, however due to licensing restrictions, it cannot be compiled into the kernel. [MERGED] To use this driver, add the following line to /boot/loader.conf:

     snd_maestro3_load="YES"

The bktr(4) driver has been updated to 2.18. This update provides a number of new features. New tuner types have been added, and improvements to the KLD module and to memory allocation have been made. Bugs in devfs(5) when unloading and reloading have been fixed. Support for new Hauppauge Model 44xxx WinTV Cards (the ones with no audio mux) has been added. [MERGED]

The ufm driver, supporting the D-Link DSB-R100 USB Radio, has been added. [MERGED]

When sound modules are built, one can now load all the drivers and infrastructure by kldload snd. [MERGED]

A new API has been added for sound cards with hardware volume control.

A driver for the Intel 443MX, 810, 815, and 815E integrated sound devices has been added. [MERGED]

The via82c686 sound driver now supports the VIA VT8233. [MERGED]

The ich sound driver now support the SiS 7012 chipset. [MERGED]

2.1.9 Contributed Software

The Forth Inspired Command Language (FICL) used in the boot loader has been updated to 2.05.

Support for Advanced Configuration and Power Interface (ACPI), a multi-vendor standard for configuration and power management, has been added. This functionality has been provided by the Intel ACPI Component Architecture project, as of the ACPI CA 20020308 snapshot. Some backward compatability for applications using the older APM standard has been provided.

2.1.9.1 IPFilter

IPFilter has been updated to 3.4.20. [MERGED]

IPFilter now supports IPv6. [MERGED]

2.1.9.2 isdn4bsd

isdn4bsd has been updated to version 1.0.1. As a result of this update, users of the i4bisppp(4) (kernel PPP over ISDN) driver must now use ispppcontrol(8) instead of spppcontrol(8) to configure and control these network interfaces. [MERGED]

The ifpi(4) driver for supporting the AVM Fritz!Card PCI version 2 controller has been added.

The ihfc(4) driver for supporting Cologne Chip Designs HFC devices under isdn4bsd has been added. [MERGED]

The itjc(4) driver for supporting NETjet-S / Teles PCI-TJ devices under isdn4bsd has been added. [MERGED]

Experimental support for the Eicon.Diehl DIVA 2.0 and 2.02 ISA PnP ISDN cards has been added to the isic(4) isdn4bsd driver. [MERGED]

The isic(4) driver now supports the Compaq Microcom 610 ISDN ISA PnP card. [MERGED]

Active CAPI-based ISDN cards manufactured by AVM are now supported using the i4bcapi(4) and the iavc(4) driver. The supported cards are the AVM B1 PCI and AVM B1 ISA Basic Rate cards and the AVM T1 Primary Rate cards. [MERGED]

A new maxconnecttime keyword is now accepted in isdnd.rc(5) files to limit the time a connection may remain open. [MERGED]

isdnphone(8) now supports a -k option for sending messages via the keypad facility to a PBX or exchange office. [MERGED]

2.1.9.3 KAME

The IPv6 stack is now based on a snapshot based on the KAME Project's IPv6 snapshot as of 28 May, 2001. Most of the items listed in this section are a result of this import. Section 2.3.1.3 lists userland updates to the KAME IPv6 stack. [MERGED]

gif(4) is now based on RFC 2893, rather than RFC 1933. The IFF_LINK2 interface flag can be used to control ingress filtering. [MERGED]

IPSec has received some enhancements, including the ability to use the Rijndael and SHA2 algorithms. IPSec RC5 support has been removed due to patent issues. [MERGED]

stf(4) now conforms to RFC 3056; the IFF_LINK2 interface flag can be used to control ingress filtering. [MERGED]

IPv6 has better checking of illegal addresses (such as loopback addresses) on physical networks. [MERGED]

The IPV6_V6ONLY socket option is now completely supported. The kernel's default behavior with respect to this option is controlled by the net.inet6.ip6.v6only sysctl variable. [MERGED]

RFC 3041 (Privacy Extensions for Stateless Address Autoconfiguration) is now supported. It can be enabled via the net.inet6.ip6.use_tempaddr sysctl variable. [MERGED]

2.2 Security-Related Changes

sysinstall(8) now allows the user to select one of two ``security profiles'' at install-time. These profiles enable different levels of system security by enabling or disabling various system services in rc.conf(5) on new installs. [MERGED]

A bug in which malformed ELF executable images can hang the system has been fixed (see security advisory FreeBSD-SA-00:41). [MERGED]

A security hole in Linux emulation was fixed (see security advisory FreeBSD-SA-00:42). [MERGED]

String-handling library calls in many programs were fixed to reduce the possibility of buffer overflow-related exploits. [MERGED]

TCP now uses stronger randomness in choosing its initial sequence numbers (see security advisory FreeBSD-SA-00:52). [MERGED]

Several buffer overflows in tcpdump(1) were corrected (see security advisory FreeBSD-SA-00:61). [MERGED]

A security hole in top(1) was corrected (see security advisory FreeBSD-SA-00:62). [MERGED]

A potential security hole caused by an off-by-one-error in gethostbyname(3) has been fixed (see security advisory FreeBSD-SA-00:63). [MERGED]

A potential buffer overflow in the ncurses(3) library, which could cause arbitrary code to be run from within systat(1), has been corrected (see security advisory FreeBSD-SA-00:68). [MERGED]

A vulnerability in telnetd(8) that could cause it to consume large amounts of server resources has been fixed (see security advisory FreeBSD-SA-00:69). [MERGED]

The nat deny_incoming command in ppp(8) now works correctly (see security advisory FreeBSD-SA-00:70). [MERGED]

A vulnerability in csh(1)/ tcsh(1) temporary files that could allow overwriting of arbitrary user-writable files has been closed (see security advisory FreeBSD-SA-00:76). [MERGED]

The ssh(1) binary is no longer SUID root by default. [MERGED]

Some fixes were applied to the Kerberos IV implementation related to environment variables, a possible buffer overrun, and overwriting ticket files. [MERGED]

telnet(1) now does a better job of sanitizing its environment. [MERGED]

Several vulnerabilities in procfs(5) were fixed (see security advisory FreeBSD-SA-00:77). [MERGED]

A bug in OpenSSH in which a server was unable to disable ssh-agent(1) or X11Forwarding was fixed (see security advisory FreeBSD-SA-01:01). [MERGED]

A bug in ipfw(8) and ip6fw(8) in which inbound TCP segments could incorrectly be treated as being part of an established connection has been fixed (see security advisory FreeBSD-SA-01:08). [MERGED]

A bug in crontab(1) that could allow users to read any file on the system in valid crontab(5) syntax has been fixed (see security advisory FreeBSD-SA-01:09). [MERGED]

A vulnerability in inetd(8) that could allow read-access to the initial 16 bytes of wheel-accessible files has been fixed (see security advisory FreeBSD-SA-01:11). [MERGED]

A bug in periodic(8) that used insecure temporary files has been corrected (see security advisory FreeBSD-SA-01:12). [MERGED]

A bug in sort(1) in which an attacker might be able to cause it to abort processing has been fixed (see security advisory FreeBSD-SA-01:13). [MERGED]

OpenSSH now has code to prevent (instead of just mitigating through connection limits) an attack that can lead to guessing the server key (not host key) by regenerating the server key when an RSA failure is detected (see security advisory FreeBSD-SA-01:24). [MERGED]

A number of programs have had output formatting strings corrected so as to reduce the risk of vulnerabilities. [MERGED]

A number of programs that use temporary files now do so more securely. [MERGED]

A bug in ICMP that could cause an attacker to disrupt TCP and UDP ``sessions'' has been corrected. [MERGED]

A bug in timed(8), which caused it to crash if send certain malformed packets, has been corrected (see security advisory FreeBSD-SA-01:28). [MERGED]

A bug in rwhod(8), which caused it to crash if send certain malformed packets, has been corrected (see security advisory FreeBSD-SA-01:29). [MERGED]

A security hole in FreeBSD's FFS and EXT2FS implementations, which allowed a race condition that could cause users to have unauthorized access to data, has been fixed (see security advisory FreeBSD-SA-01:30). [MERGED]

A remotely-exploitable vulnerability in ntpd(8) has been closed (see security advisory FreeBSD-SA-01:31). [MERGED]

A security hole in IPFilter's fragment cache has been closed (see security advisory FreeBSD-SA-01:32). [MERGED]

Buffer overflows in glob(3), which could cause arbitrary code to be run on an FTP server, have been closed. In addition, to prevent some forms of DOS attacks, glob(3) allows specification of a limit on the number of pathname matches it will return. ftpd(8) now uses this feature (see security advisory FreeBSD-SA-01:33). [MERGED]

Initial sequence numbers in TCP are more thoroughly randomized (see security advisory FreeBSD-SA-01:39). Due to some possible compatibility issues, the behavior of this security fix can be enabled or disabled via the net.inet.tcp.tcp_seq_genscheme sysctl variable.[MERGED]

A vulnerability in the fts(3) routines (used by applications for recursively traversing a filesystem) could allow a program to operate on files outside the intended directory hierarchy. This bug has been fixed (see security advisory FreeBSD-SA-01:40). [MERGED]

FreeBSD's TCP implementation has been made more resistant to SYN floods, by eliminating the RST segment normally sent when removing a connection from the listen queue.

OpenSSH now switches to the user's UID before attempting to unlink the authentication forwarding file, nullifying the effects of a race.

A flaw allowed some signal handlers to remain in effect in a child process after being exec-ed from its parent. This allowed an attacker to execute arbitrary code in the context of a setuid binary. This flaw has been corrected (see security advisory FreeBSD-SA-01:42). [MERGED]

A remote buffer overflow in tcpdump(1) has been fixed (see security advisory FreeBSD-SA-01:48). [MERGED]

A remote buffer overflow in telnetd(8) has been fixed (see security advisory FreeBSD-SA-01:49). [MERGED]

The new net.inet.ip.maxfragpackets and net.inet.ip6.maxfragpackets sysctl variables limit the amount of memory that can be consumed by IPv4 and IPv6 packet fragments, which defends against some denial of service attacks (see security advisory FreeBSD-SA-01:52). [MERGED]

All services in inetd.conf are now disabled by default for new installations. sysinstall(8) gives the option of enabling or disabling inetd(8) on new installations, as well as editing inetd.conf. [MERGED]

A flaw in the implementation of the ipfw(8) me rules on point-to-point links has been corrected. Formerly, me filter rules would match the remote IP address of a point-to-point interface in addition to the intended local IP address (see security advisory FreeBSD-SA-01:53). [MERGED]

A vulnerability in procfs(5), which could allow a process to read sensitive information from another process's memory space, has been closed (see security advisory FreeBSD-SA-01:55). [MERGED]

The PARANOID hostname checking in tcp_wrappers now works as advertised (see security advisory FreeBSD-SA-01:56). [MERGED]

A local root exploit in sendmail(8) has been closed (see security advisory FreeBSD-SA-01:57). [MERGED]

A remote root vulnerability in lpd(8) has been closed (see security advisory FreeBSD-SA-01:58). [MERGED]

A race condition in rmuser(8) that briefly exposed a world-readable /etc/master.passwd has been fixed (see security advisory FreeBSD-SA-01:59). [MERGED]

A vulnerability in UUCP has been closed (see security advisory FreeBSD-SA-01:62). All non-root-owned binaries in standard system paths now have the schg flag set to prevent exploit vectors when run by cron(8), by root, or by a user other then the one owning the binary. In addition, uustat(1) is now run via /etc/periodic/daily/410.status-uucp as uucp, not root. In FreeBSD -CURRENT, UUCP has since been moved to the Ports Collection and no longer a part of the base system. [MERGED]

A security hole in the form of a buffer overflow in the semop(2) system call has been closed. [MERGED]

A security hole in OpenSSH, which could allow users to execute code with arbitrary privileges if UseLogin yes was set, has been closed. Note that the default value of this setting is UseLogin no. (See security advisory FreeBSD-SA-01:63.) [MERGED]

The use of an insecure temporary directory by pkg_add(1) could permit a local attacker to modify the contents of binary packages while they were being installed. This hole has been closed. (See security advisory FreeBSD-SA-02:01.) [MERGED]

A race condition in pw(8), which could expose the contents of /etc/master.passwd, has been eliminated. (See security advisory FreeBSD-SA-02:02.) [MERGED]

A bug in k5su(8) could have allowed a process that had given up superuser privileges to regain them. This bug has been fixed. (See security advisory FreeBSD-SA-02:07.) [MERGED]

An ``off-by-one'' bug has been fixed in OpenSSH's multiplexing code. This bug could have allowed an authenticated remote user to cause sshd(8) to execute arbitrary code with superuser privileges, or allowed a malicious SSH server to execute arbitrary code on the client system with the privileges of the client user. (See security advisory FreeBSD-SA-02:13.) [MERGED]

A programming error in zlib could result in attempts to free memory multiple times. The malloc(3)/ free(3) routines used in FreeBSD are not vulnerable to this error, but applications receiving specially-crafted blocks of invalid compressed data could be made to function incorrectly or abort. This zlib bug has been fixed. For a workaround and solutions, see security advisory FreeBSD-SA-02:18. [MERGED]

2.3 Userland Changes

If the first argument to ancontrol(8) or wicontrol(8) doesn't start with a -, it is assumed to be an interface.

apmd(8) now has the ability to monitor battery levels and execute commands based on percentage or minutes of battery life remaining via the apm_battery configuration directive. See the commented-out examples in /etc/apmd.conf for the syntax. [MERGED]

arp(8) now prints the applicable interface name for each ARP entry. [MERGED]

arp(8) now prints [fddi] or [atm] tags for addresses on interfaces of those types.

atacontrol(8) has been added to control various aspects of the ata(4) driver.

boot98cfg(8), a PC-98 boot manager installation and configuration utility, has been added. [MERGED]

burncd(8) now supports a -m option for multisession mode (the default behavior now is to close disks as single-session). A -l option to take a list of image files from a filename was also added; - can be used as a filename for stdin. [MERGED]

burncd(8) now supports Disk At Once (DAO) mode, selectable via the -d flag.

burncd(8) now has the ability to write VCDs/SVCDs.

c89(1) has been converted from a shell script to a binary executable, fixing some minor bugs. [MERGED]

A minimalized version of camcontrol(8) is now available on the installation floppy. This allows it to rescan for devices that have been connected after booting, or to show the devices attached to SCSI busses (e. g. from within the ``emergency holographic shell''). [MERGED]

cat(1) now has the ability to read from UNIX-domain sockets. [MERGED]

cdcontrol(1) now supports a cdid command, which calculates and displays the CD serial number, using the same algorithm used by the CDDB database. [MERGED]

cdcontrol(1) now uses the CDROM environment variable to pick a default device. [MERGED]

cdcontrol(1) now supports next and prev commands to skip forwards or backwards a specified number of tracks while playing an audio CD. [MERGED]

chflags(1) has moved from /usr/bin to /bin.

chio(1) now has the ability to specify elements by volume tag instead of by their physical location as well as the ability to return an element to its previous location. [MERGED]

chmod(1) now supports a -h for changing the mode of a symbolic link.

chown(8) now correctly follows symbolic links named as command line arguments if run without -R. [MERGED]

chown(8) no longer takes . as a user/group delimeter. This change was made to support usernames containing a ..

Use of the CSMG_* macros no longer require inclusion of <sys/param.h>

col(1) now takes a -p flag to force unknown control sequences to be passed through unchanged. [MERGED]

The compat3x distribution has been updated to include libraries present in FreeBSD 3.5.1-RELEASE. [MERGED]

A compat4x distribution has been added for compatibility with FreeBSD 4-STABLE.

config(8) is now better about converting various warnings that should have been errors into actual fatal errors with an exit code. This ensures that make buildkernel doesn't quietly ignore them and build a bogus kernel without a human to read the errors. [MERGED]

A number of buffer overflows in config(8) have been fixed. [MERGED]

ctags(1) no longer creates a corrupt tags file if the source file used // (C++-style) comments. [MERGED]

The daemon(8) program, a command-line interface to daemon(3), has been added. It detaches itself from its controlling terminal and executes a program specified on the command line. This allows the user to run an arbitrary program as if it were written to be a daemon.

devinfo, a simple tool to print the device tree and resource usage by devices, has been added.

df(1) now takes a -l option to only display information about locally-mounted filesystems. [MERGED]

disklabel(8) now supports partition sizes expressed in kilobytes, megabytes, or gigabytes, in addition to sectors. [MERGED]

dmesg(8) now has a -a option to show the entire message buffer, including syslogd(8) records and /dev/console output. [MERGED]

du(1) now takes a -I command-line flag to ignore/skip files and subdirectories matching a specified shell-glob mask. [MERGED]

dump(8) now supports inheritance of the nodump flag down a hierarchy. [MERGED]

The -T option to dump(8) no longer swallows an extra argument. [MERGED]

dump(8) has a new -D option, allowing the path to the /etc/dumpdates file to be changed. [MERGED]

dump(8) now supplies progress information in its process title, useful for monitoring automated backups. [MERGED]

dump(8) now supports a new -S to allow it to just print out the dump size estimates and exit.

edquota(8) now takes a -f option to allow limiting the prototype quota distribution (specified with -p) to a single filesystem. [MERGED]

/etc/rc.firewall and /etc/rc.firewall6 will no longer add their own hardcoded rules in the cases of a rules file in the firewall_type variable or a non-existent firewall type. (The motivation for this change is to avoid acting on assumptions about a site's firewall policies.) In addition, the closed firewall type now works as documented in the rc.firewall(8) manual page. [MERGED]

The functionality of /etc/security has been been moved into a set of scripts under the periodic(8) framework, to make local customization easier and more maintainable. These scripts now reside in /etc/periodic/security/. [MERGED]

fbtab(5) now accepts glob matching patterns for target devices, not just individual devices and directories.

fdisk(8) no longer attempts to search for a device if none has been specified on the command line, but instead tries to figure out the default device name from the root device.

fdread(1), a program to read data from floppy disks, has been added. It is a counterpart to fdwrite(1) and is designed to provide a means of recovering at least some data from bad media, and to obviate for a complex invocation of dd(1).

find(1) now takes the -empty flag, which returns true if a file or directory is empty. [MERGED]

find(1) now takes the -iname and -ipath primaries for case-insensitive matches, and the -regexp and -iregexp primaries for regular-expression matches. The -E flag now enables extended regular expressions. [MERGED]

find(1) now has the -anewer, -cnewer, -mnewer, -okdir, and -newer[acm][acmt] primaries for comparisons of file timestamps. The latter primaries can be specified with various units of time. [MERGED]

finger(1) now has the ability to support fingering aliases, via the finger.conf(5) file. [MERGED]

finger(1) now has support for a .pubkey file.

fmt(1) has been rewritten; the rewrite fixes a number of bugs compared to its prior behavior. [MERGED]

fmtcheck(3), a function for checking consistency of format string arguments, has been added. [MERGED]

fsck(8) wrappers have been imported; this feature provides infrastructure for fsck(8) to work on different types of filesystems (analogous to mount(8)).

The behavior of fsck(8) when dealing with various passes (a la /etc/fstab) has been modified to accommodate multiple-disk filesystems.

fsck(8) now has support for foreground (-F) and background (-B) checks. Traditionally, fsck(8) is invoked before the filesystems are mounted and all checks are done to completion at that time. If background checking is available, fsck(8) is invoked twice. It is first invoked at the traditional time, before the filesystems are mounted, with the -F flag to do checking on all the filesystems that cannot do background checking. It is then invoked a second time, after the system has completed going multiuser, with the -B flag to do checking on all the filesystems that can do background checking. Unlike the foreground checking, the background checking is started asynchronously so that other system activity can proceed even on the filesystems that are being checked. Boot-time enabling of this feature is controlled by the background_fsck option in rc.conf(5).

Shortly after the receipt of a SIGINFO signal (normally control-T from the controlling tty), fsck_ffs(8) will now output a line indicating the current phase number and progress information relevant to the current phase. [MERGED]

fsck_ffs(8) now supports background filesystem checks to mounted FFS filesystems with the -B option (softupdates must be enabled on these filesystems). The -F flag now determines whether a specified filesystem needs foreground checking.

A new fsck_msdosfs(8) utility has been added to check the consistency of MS-DOS filesystems. [MERGED]

ftpd(8) now supports a -r flag for read-only mode and a -E flag to disable EPSV. It also has some fixes to reduce information leakage and the ability to specify compile-time port ranges. [MERGED]

ftpd(8) now supports -o and -O options to disable the RETR command; the former for everybody, and the latter only for guest users. Coupled with -A and appropriate file permissions, these can be used to create a relatively safe anonymous FTP drop box for others to upload to.

gdb(1) now supports hardware watchpoints (using the kernel's debug register + support that has been introduced in FreeBSD 4.0). [MERGED]

The getprogname(3) and setprogname(3) library functions have been added to manipulate the name of the current program. They are used by error-reporting routines to produce consistent output. [MERGED]

gprof(1) now has a -K option to enable dynamic symbol resolution from the currently-running kernel. With this change, properly-compiled KLD modules are now able to be profiled.

growfs(8), a utility for growing FFS filesystems, has been added. ffsinfo(8), a utility for dump all the meta-information of an existing filesystem, has also been added. [MERGED]

The groups(1) and whoami(1) shell scripts are now unnecessary; their functionality has been completely folded into id(1). [MERGED]

The ibcs2(8), linux(8), osf1(8), and svr4(8) scripts, whose sole purpose was to load emulation kernel modules, have been removed. The kernel module system will automatically load them as needed to fulfill dependencies.

indent(1) has gained some new formatting options. [MERGED]

ifconfig(8) command can set the link-layer address of an interface using the lladdr parameter. [MERGED]

ifconfig(8) can now accept addresses in slash/CIDR notation. [MERGED]

ifconfig(8) now has support for setting parameters for IEEE 802.11 wireless network devices. wi(4) and an(4) devices are supported, and partial support is provided for awi(4) devices. [MERGED]

ifconfig(8) no longer displays the list of supported media by default. Instead it displays it when the -m flag is given. [MERGED]

The syntax of inetd(8)'s support for faithd(8) is now compatible with that of other BSDs. [MERGED]

The ident protocol support in inetd(8) has been cleaned up and updated. [MERGED]

inetd(8) now has the ability to manage UNIX-domain sockets. [MERGED]

install(1) has a number of new features, including the -b and -B options for backing up existing target files and the -S option for ``safe'' (atomic copy) operation. The -c (copy) flag is now the default, and the -D (debugging) flag has been withdrawn. install(1) now issues a warning if -d (create directories) and -C (copy changed files only) are used together. [MERGED]

IP Filter is now supported by the rc.conf(5) boot-time configuration and initialization. [MERGED]

ipfstat(8) now supports the -t option to turn on a top(1)-like display. [MERGED]

ipfw(8) will now avoid the display of dynamic firewall rules unless the -d flag is passed to it. The -e option lists expired dynamic rules. [MERGED]

ipfw(8) has a new feature (me) that allows for packet matching on interfaces with dynamically-changing IP addresses. [MERGED]

ipfw(8) has a new limit type of firewall rule, which limits the number of sessions between address pairs. [MERGED]

ipfw(8) filter rules can now match on the value of the IPv4 precedence field.

ip6fw(8) now has the ability to use a preprocessor and use the -q (quiet) flag when reading from a file. [MERGED]

kenv(1), a command to dump the kernel environment, has been added. [MERGED]

keyinfo(1) is now a C program, rather than a Perl script. [MERGED]

killall(1) is now a C program, rather than a Perl script. As a result, its -m option now uses the regular expression syntax of regex(3), rather than that of perl(1). [MERGED]

killall(1) now allows non-root users to kill SUID root processes that they started, the same as the Perl version did. [MERGED]

The kldconfig(8) utility has been added to make it easier to manipulate the kernel module search path. [MERGED]

last(1) now implements a -d that provides a ``snapshot'' of who was logged in at a particular date and time. [MERGED]

last(1) now supports a -y flag, which causes the year to be included in the session start time.

The lastlogin(8) utility, which prints the last login time of each user, has been imported from NetBSD. [MERGED]

ldconfig(8) now checks directory ownerships and permissions for greater security; these checks can be disabled with the -i flag. [MERGED]

ldd(1) can now be used on shared libraries, in addition to executables. [MERGED]

ldd(1) now supports a -a flag to list all the objects that are needed by each loaded object.

libc is now thread-safe by default; libc_r contains only thread functions.

libcrypt and libdescrypt have been unified to provide a configurable password authentication hash library. Both the md5 and des hash methods are provided unless the des hash is specifically compiled out. [MERGED]

libcrypt now has support for Blowfish password hashing. [MERGED]

libdisk can now do install-time configuration of the boot0 boot loader. [MERGED]

libstand now has support for filesystems containing bzip2-compressed files. [MERGED]

libstand now has support for overwriting the contents of a file on a UFS filesystem (it cannot expand or truncate files because the filesystem may be dirty or inconsistent).

The default TCP port range used by libfetch for passive FTP retrievals has changed; this affects the behavior of fetch(1), which has gained the -U option to restore the old behavior. [MERGED]

libfetch now has support for an authentication callback. [MERGED]

libfetch now has support for a HTTP_USER_AGENT environment variable. [MERGED]

libgmp has been superceded by libmp.

The functions from libposix1e have been integrated into libc.

ln(1) now takes an -i option to request user confirmation before overwriting an existing file. [MERGED]

ln(1) now takes a -h flag to avoid following a target that is a link, with a -n flag for compatibility with other implementations. [MERGED]

logger(1) can now send messages directly to a remote syslog. [MERGED]

login(1) now exports environment variables set by PAM modules. [MERGED]

lpc(8) has been improved; lpc clean is now somewhat safer, and a new lpc tclean command has been added to check to see what files would be removed by lpc clean. [MERGED]

lpd(8) now takes two new options: -c will log all connection errors to syslogd(8), while -W will allow connections from non-reserved ports. [MERGED]

lpd(8) now has some support for o-type print-file actions in its control files, which allows printing of PostScript files generated by MacOS 10.1. [MERGED]

lpr(1), lpq(1), and lpd(8) have received a few minor enhancements. [MERGED]

Catching up with most other network utilities in the base system, lpr(1), lpd(8), syslogd(8), and logger(1) are now all IPv6-capable. [MERGED]

lprm - now works for remote printer queues. [MERGED]

ls(1) can produce colorized listings with the -G flag (and appropriate terminal support). The CLICOLOR environment variable can be set to enable colorized listings by default. [MERGED]

mail(1) now takes a -E flag to avoid sending messages with empty bodies. [MERGED]

make(1) has gained the :C/// (regular expression substitution), :L (lowercase), and :U (uppercase) variable modifiers. These were added to reduce the differences between the FreeBSD and OpenBSD/NetBSD make(1) programs. [MERGED]

Bugs in make(1), among which include broken null suffix behavior, bad assumptions about current directory permissions, and potential buffer overflows, have been fixed. [MERGED]

The new CPUTYPE make.conf variable controls the compilation of processor-specific optimizations in various pieces of code such as OpenSSL. [MERGED]

The FreeBSD Makefile infrastructure now supports the WARNS directive from NetBSD. This directive controls the addition of compiler warning flags to CFLAGS in a relatively compiler-neutral manner. [MERGED]

man(1) is no longer installed SUID man, in order to reduce vulnerabilities associated with generating ``catpages'' (preformatted manual pages cached for repeated viewing). As a result, man(1) can no longer create system catpages on a regular user's behalf. It is still able to do so if the user has write permissions to the directory holding catpages (e.g. a user's own manpages) or if the running user is root.

The mdmfs(8) command has been added; it is a wrapper around mdconfig(8), disklabel(8), newfs(8), and mount(8) that mimics the command line option set of the deprecated mount_mfs(8).

mergemaster(8) now sources an /etc/mergemaster.rc file and also prompts the user to run recommended commands (such as newaliases) as needed. [MERGED]

moused(8) now takes a -a option to control mouse acceleration. [MERGED]

mtree(8) now includes support for a file that lists pathnames to be excluded when creating and verifying prototypes. This makes it easier to use mtree(8) as a part of an intrusion-detection system. [MERGED]

natd(8) now supports a -log_ipfw_denied option to log packets that cannot be re-injected because they are blocked by ipfw(8) rules. [MERGED]

The ``in use'' percentage metric displayed by netstat(1) now really reflects the percentage of network mbufs used. [MERGED]

netstat(1) now has a -W flag that tells it not to truncate addresses, even if they're too long for the column they're printed in. [MERGED]

netstat(1) now keeps track of input and output packets on a per-address basis for each interface. [MERGED]

netstat(1) now has a -z flag to reset statistics. [MERGED]

netstat(1) now has a -S flag to print address numerically but port names symbolically. [MERGED]

newfs(8) now implements write combining, which can make creation of new filesystems up to seven times faster. [MERGED]

newfs(8) now takes a -U option to enable softupdates on a new filesystem. [MERGED]

The default number of cylinders per group in newfs(8) is now computed to be the maximum allowable given the current filesystem parameters. It can be overridden with the -c option. Formerly, the default was fixed at 16. This change leads to better fsck(8) performance and reduced fragmentation. [MERGED]

The default block and fragment sizes for new filesystems created by newfs(8) are now 16384 and 2048 bytes, respectively (the old defaults were 8192 and 1024 bytes). This change generally provides increased performance, at the expense of some wasted disk space. [MERGED]

newsyslog(8) now has the ability to compress log files using bzip2(1). [MERGED]

NFS now works over IPv6.

ngctl(8) now supports a write command to send a data packet down a given hook. [MERGED]

nl(1), a line numbering filter program, has been added. [MERGED]

nsswitch support has been merged from NetBSD. By creating an nsswitch.conf(5) file, FreeBSD can be configured so that various databases such as passwd(5) and group(5) can be looked up using flat files, NIS, or Hesiod. The old hosts.conf file is no longer used.

PAM support has been added for account management and sessions.

PAM configuration is now specified by files in /etc/pam.d/, rather than a single /etc/pam.conf file. /etc/pam.d/README has more details.

A number of new PAM modules have been added.

passwd(1) and pw(8) now select the password hash algorithm at run time. See the passwd_format attribute in /etc/login.conf. [MERGED]

pax(1) has received a number of enhancements, including cpio(1) functionality, tar(1) compatibility enhancements, -z and -Z flags for gzip(1) and compress(1) functionality, and a number of bug fixes.

pciconf(8) now supports a -v option to display the vendor/device information of configured devices, in conjunction with the -l option. The default vendor/device database can be found at /usr/share/misc/pci_vendors. [MERGED]

The behavior of periodic(8) is now controlled by /etc/defaults/periodic.conf and /etc/periodic.conf. [MERGED]

ping(8) now supports a -m option to set the TTL of outgoing packets. [MERGED]

ping(8) now supports a -A option to beep when packets are lost. [MERGED]

Userland ppp(8) has received a number of updates and bug fixes. [MERGED]

ppp(8) has gained the tcpmssfixup option, which adjusts outgoing and incoming TCP SYN packets so that the maximum receive segment size is no larger than allowed by the interface MTU. [MERGED]

ppp(8) now supports IPv6.

pppd(8) (the control program for kernel-level PPP) is now installed mode 4550 and root:dialer, rather than mode 4555 (in other words, it is no longer world-executable). Users of pppd(8) may need to change their group settings. [MERGED]

The -W option to ps(1) (to extract information from a specified swap device) has been useless for some time; it has been removed. [MERGED]

pwd(1) can now double as realpath(1), a program to resolve pathnames to their underlying physical paths. [MERGED]

The pseudo-random number generator implemented by rand(3) has been improved to provide less biased results.

rc(8) now has an framework for handling dependencies between rc.conf(5) variables. [MERGED]

rc(8) now deletes all non-directory files in /var/run and /var/spool/lock at boot time. [MERGED]

rcmd(3) now supports the use of the RSH environment variable to specify a program to use other than rsh(1) for remote execution. As a result, programs such as dump(8), can use ssh(1) for remote transport.

rdist(1) has been retired from the base system, but is still available from FreeBSD Ports Collection as net/44bsd-rdist.

The resolver(3) in FreeBSD now implements EDNS0 support, which will be necessary when working with IPv6 transport-ready resolvers/DNS servers. [MERGED]

The rfork_thread(3) library call has been added as a helper function to rfork(2). Using this function should avoid the need to implement complex stack swap code. [MERGED]

The -v option to rm(1) now displays the entire pathname of a file being removed.

route(8) is now more verbose when changing indirect routes, in the case of a gateway route that is the same route as the one being modified. [MERGED]

route(8) now uses host/bits syntax instead of net/bits syntax, for compatibility with netstat(1). [MERGED]

route(8) can now create ``proxy only'' published ARP entries. [MERGED]

The route(8) add command now supports the -ifp and -ifa modifiers. [MERGED]

rpcbind(8) has replaced portmap(8).

rpcgen(1) now uses /usr/bin/cpp (as on NetBSD), not /usr/libexec/cpp.

rpc.lockd(8) has been imported from NetBSD. This daemon provides support for servicing client NFS locks.

The performance of the ELF dynamic linker rtld(1) has been improved. [MERGED]

RSA Security has waived all patent rights to the RSA algorithm. As a result, the native OpenSSL implementation of the RSA algorithm is now activated by default, and the security/rsaref port and the librsaUSA and librsaINTL libraries are no longer required for USA and non-USA residents respectively. [MERGED]

rtld(1) will now print the names of all objects that cause each object to be loaded, if the LD_TRACE_LOADED_OBJECTS_ALL environment variable is defined.

savecore(8) now supports a -k option to prevent clearing a crash dump after saving it. It also attempts to avoid writing large stretches of zeros to crash dump files to save space and time. [MERGED]

savecore(8) now works correctly on machines with 2 GB or more of RAM. [MERGED]

sed(1) now takes a -E option for extended regular expression support. [MERGED]

send-pr(1) now takes a -a option to include a file into the Fix: section of a problem report. [MERGED]

The setfacl(1) and getfacl(1) commands - have been added to manage file system Access Control + have been added to manage filesystem Access Control Lists.

setproctitle(3) has been moved from libutil to libc. [MERGED]

sh(1) now implements test as a built-in command for improved efficiency. [MERGED]

sh(1) no longer implements printf as a built-in command because it was considered less valuable compared to the other built-in commands (this functionality is, of course, still available through the printf(1) executable).

sockstat(1) now has -c and -l flags for listing connected and listening sockets, respectively. [MERGED]

split(1) now has the ability to split a file longer than 2GB. [MERGED]

In preparation for meeting SUSv2/POSIX <sys/select.h> requirements, struct selinfo and related functions have been moved to <sys/selinfo.h>.

The strnstr(3) and strcasestr(3) variants of strstr(3) have been implemented. [MERGED]

stty(1) now has support for an erase2 control character, so that, for example, both the Delete and Backspace keys can be used to erase characters. [MERGED]

style.perl(7), a style guide for Perl code in the FreeBSD base system, has been added. [MERGED]

su(1) now uses PAM for authentication.

Boot-time syscons(4) configuration was moved to a machine-independent /etc/rc.syscons. [MERGED]

sysctl(8) now supports a -N option to print out variable names only. [MERGED]

sysctl(8) has replaced the -A and -X options with -ao and -ax respectively; the former options are now deprecated. The -w option is deprecated as well; it is not needed to determine the user's intentions. [MERGED]

sysctl(8) now supports a -e option to separate variable names and values by = rather than :. This feature is useful for producing output that can be fed back to sysctl(8). [MERGED]

sysinstall(8) now properly preserves /etc/mail during a binary upgrade. [MERGED]

sysinstall(8) now uses some more intuitive defaults thanks to some new dialog support functions. [MERGED]

The default root partition in sysinstall(8) is now 100MB on the i386 and 120MB on the Alpha.

sysinstall(8) now lives in /usr/sbin, which simplifies the installation process. The sysinstall(8) manpage is also installed in a more consistent fashion now.

sysinstall(8) now has the ability to load KLDs as a part of the installation. [MERGED]

When run from the installation media, sysinstall(8) will automatically load any device drivers found in the /stand/modules directory of the mfsroot floppy or filesystem image. Note that any drivers so loaded will not appear in the kernel's boot messages; the sysinstall(8) debugging screen will provide additional information. [MERGED]

sysinstall(8) now enables Soft Updates by default on all filesystems it creates, except for the root filesystem. [MERGED]

sysinstall(8) has received updates for its ``auto'' partitioning mode which provide more reasonable defaults for the sizes of partitions that are created; auto-sized partitions can now also recover the space that becomes available when other partitions are deleted. [MERGED]

syslogd(8) can take a -n option to disable DNS queries for every request. [MERGED]

syslogd(8) now supports a LOG_CONSOLE facility (disabled by default), which can be used to log /dev/console output. [MERGED]

syslogd(8) now has the ability to bind to a specific address (as opposed to using every available one) via the -b option. [MERGED]

syslogd(8) now accepts a -c flag to disable repeated line compression. [MERGED]

tail(1) now has the ability to work on files longer than 2GB. [MERGED]

tar(1) now supports the TAR_RSH variable, principally to enable the use of ssh(1) as a transport. [MERGED]

telnet(1) now does autologin and encryption by default; a new -y option turns off encryption.

telnet(1) now supports a -u flag to allow connections to UNIX-domain (AF_UNIX) sockets. [MERGED]

tftpd(8) now takes the -c and -C options, which allow the server to chroot(2) based on the IP address of the connecting client. tftp(1) and tftpd(8) can now transfer files larger than 65535 blocks. [MERGED]

tftpd(8) now supports RFC 2349 (TFTP Timeout Interval and Transfer Size Options); this feature is required by some firmware like EFI boot managers (at least on HP i2000 Itanium servers) in order to boot an image using TFTP.

A version of Transport Independent RPC (TI-RPC) has been imported.

tmpnam(3) will now use the TMPDIR environment variable, if set, to specify the location of temporary files. [MERGED]

tip(1) has been updated from OpenBSD, and has the ability to act as a cu(1) substitute.

top(1) will now use the full width of its tty.

touch(1) now takes a -h option to operate on a symbolic link, rather than what the link points to.

The truncate(1) utility, which truncates or extends the length of files, has been added. [MERGED]

Ukrainian language support has been added to the FreeBSD console. [MERGED]

UUCP has been removed from the base system. It can be found in the Ports Collection, in net/freebsd-uucp.

units(1) has received some updates and bugfixes. [MERGED]

usbdevs(8) now supports a -d flag to show the device driver associated with each device.

uudecode(1) now accepts a -o option to set its output file.

vidcontrol(1) now accepts a -g parameter to select custom text geometry in the VESA_800x600 raster text mode. [MERGED]

vidcontrol(1) now allows the user to omit the font size specification when loading a font, and has some better error-handling. [MERGED]

vidcontrol(1) now supports a -p option to take a snapshot of a syscons(4) video buffer. These snapshots can be manipulated by the graphics/scr2png utility in the Ports Collection. [MERGED]

vidcontrol(1) now supports a -C option to clear the history buffer for a given tty, as well as a -h option to set the size of the history buffer. [MERGED]

The default stripe size in vinum(8) has been changed from 256KB to 279KB, to spread out superblocks more evenly between stripes.

wall(1) now supports a -g flag to write a message to all users of a given group. [MERGED]

watch(8) now takes a -f option to specify a snp(4) device to use. [MERGED]

which(1) is now a C program, rather than a Perl script.

whois(1) now directs queries for IP addresses to ARIN. If a query to ARIN references APNIC or RIPE, the appropriate server will also be queried, provided that the -Q option is not specified. [MERGED]

whois(1) supports a -c option to specify a country code to help direct queries towards a particular whois server. [MERGED]

xargs(1) now supports a -J replstr option that allows the user to tell xargs(1) to insert the data read from standard input at a specific point in the command line arguments rather than at the end. [MERGED]

The compiler chain now uses the FSF-supplied C/C++ runtime initialization code. This change brings about better compatibility with code generated from the various egcs and gcc ports, as well as the stock public FSF source. [MERGED]

The threads library has gained some signal handling changes, bug fixes, and performance enhancements (including zero system call thread switching). gdb(1) thread support has been updated to match these changes. [MERGED]

Significant additions have been made to internationalization support; FreeBSD now has complete locale support for the LC_MONETARY, LC_NUMERIC, and LC_MESSAGES categories. A number of applications have been updated to take advantage of this support.

Locale names have been changed to improve compatibility with the names used by X11R6, as well as a number of other UNIX versions. As an example, the en_US.ISO_8859-1 locale name has been changed to en_US.ISO8859-1. Entries in /etc/locale.alias provide backward compatibility. [MERGED]

/usr/src/share/examples/BSD_daemon/ now contains a scalable Beastie graphic. [MERGED]

As part of an ongoing process, many manual pages were improved, both in terms of their formatting markup and in their content. [MERGED]

2.3.1 Contributed Software

am-utils has been updated to 6.0.7.

awk from Bell Labs (variously known as ``BWK awk'' or ``The One True AWK'') has been imported. It is available as awk on the sparc64 architecture, and nawk on other architectures.

bc has been updated from 1.04 to 1.06. [MERGED]

The ISC library from the BIND distribution is now built as libisc. [MERGED]

BIND is now built with the NOADDITIONAL flag, which causes named(8) to operate in a more consistent fashion for certain common misconfigurations. [MERGED]

BIND has been updated to 8.3.1-REL. [MERGED]

Binutils has been updated to 2.12.0.

bzip2 1.0.2 has been imported; this brings the bzip2(1) program and the libbz2 library to the base system. [MERGED]

The ee(1) Easy Editor has been updated to 1.4.2. [MERGED]

file has been updated to 3.37.

gcc has been updated to 2.95.3. [MERGED]

gcc(1) now uses a unified libgcc rather than a separate one for threaded and non-threaded programs. /usr/lib/libgcc_r.a can be removed. [MERGED]

gcc(1) now supports the environment variable GCC_OPTIONS, which can hold a set of default options for GCC. [MERGED]

GNATS has been updated to 3.113. [MERGED]

GNU awk has been updated to 3.1.0. It is available as gawk on the sparc64 architecture, and as awk on other architectures.

gperf has been updated to 2.7.2.

groff and its related utilities have been updated to FSF version 1.17.2. This import brings in a new mdoc(7) macro package (sometimes referred to as mdocNG), which removes many of the limitations of its predecessor. [MERGED]

Heimdal has been updated to 0.3f.

The version of IPFilter provided with FreeBSD now includes the ipfs(8) program, which allows state information created for NAT entries and stateful rules to be saved to disk and restored after a reboot. Boot-time configuration of these features is supported by rc.conf(5). [MERGED]

The ISC DHCP client has been updated to 3.0.1RC6.

Kerberos IV has been updated to 1.0.5. [MERGED]

The more(1) command has been replaced by less(1), although it can still be run as more. [MERGED] Version 371 of less has been imported.

libpcap has been updated to 0.6.2. [MERGED]

libreadline has been updated to 4.2.

libz has been updated to 1.1.4.

lint has been updated to snapshot of NetBSD lint(1) as of 3 March 2002.

lukemftp (the FTP client from NetBSD) has replaced the FreeBSD ftp(1) program. Among its new features are more automation methods, better standards compliance, transfer rate throttling, and a customizable command-line prompt. Some environment variables and command-line arguments have changed.

The FTP daemon from NetBSD, otherwise known as lukemftpd, has been imported and is available as lukemftpd(8).

ncurses has been updated to 5.2-20010512.

The NTP suite of programs has been updated to 4.1.0. [MERGED]

OpenPAM (``Centaury'' release) has been imported, replacing Linux-PAM.

The OPIE one-time-password suite has been updated to 2.32. [MERGED] It has completely replaced the functionality of S/Key.

Perl has been updated to version 5.6.0.

routed(8) has been updated to version 2.22. [MERGED]

Version 1.4.3 of the smbfs userland utilities have been imported. [MERGED]

tcpdump has been updated to 3.6.3. [MERGED]

The csh(1) shell has been replaced by tcsh(1), although it can still be run as csh. tcsh has been updated to version 6.11. [MERGED]

The contributed version of tcp_wrappers now includes the tcpd(8) helper daemon. While not strictly necessary in a standard FreeBSD installation (because inetd(8) already incorporates this functionality), this may be useful for inetd(8) replacements such as xinetd.

top has been updated to version 3.5b12.

traceroute(8) now takes its default maximum TTL value from the net.inet.ip.ttl sysctl variable. [MERGED]

The timezone database has been updated to the tzdata2001d release. [MERGED]

2.3.1.1 CVS

cvs has been updated to 1.11.1p1. [MERGED]

The default value for cvs(1)'s CVS_RSH variable is now ssh, rather than rsh. [MERGED]

cvs(1) now supports a -T option to update a sandbox's CVS/Template file from the repository. [MERGED]

cvs(1) diff now supports the -j option to perform differences against a revision relative to a branch tag. [MERGED]

2.3.1.2 CVSup

CVSup, a frequently used utility in the FreeBSD Ports Collection, was formerly installable using several ports and packages. The net/cvsup-bin and net/cvsupd-bin ports/packages are no longer necessary or available; the net/cvsup port should be used instead. [MERGED]

CVSup has been updated to 16.1_3, which is available in the FreeBSD Ports Collection as net/cvsup. This update fixes a long-standing (but only recently encountered) bug which affects the timestamps on all files after Sun Sep 9 01:46:40 UTC 2001 (1,000,000,000 seconds after the UNIX epoch). [MERGED]

2.3.1.3 KAME

The IPv6 stack is now based on a snapshot based on the KAME Project's IPv6 snapshot as of 28 May, 2001. Most of the items listed in this section are a result of this import. Section 2.1.9.3 lists kernel updates to the KAME IPv6 stack. [MERGED]

faithd(8) now supports a configuration file for access control. [MERGED]

ifconfig(8) can now perform the functions of gifconfig(8). [MERGED]

ifconfig(8) can now perform the functions of prefix(8). prefix(8) is now a shell script for partial backwards compatibility. [MERGED]

ndp(8) now implements garbage collection for stale NDP entries, as described in RFC 2461 (Neighbor Discovery for IP Version 6 (IPv6)). [MERGED]

pim6dd(8) and pim6sd(8) have been removed due to restrictive licensing conditions. These programs are available in the ports collection as net/pim6dd and net/pim6sd. [MERGED]

route6d(8) now supports an -n flag to avoid updating the kernel forwarding table. [MERGED]

The -R (router renumbering) option to rtadvd(8) is currently ignored. [MERGED]

2.3.1.4 OpenSSH

OpenSSH has been updated to 2.9, which provides support for the SSH2 protocol (now the default) and DSA keys. ssh-add(1) and ssh-agent(1) can now handle DSA keys, with support for authentication forwarding. OpenSSH users in the USA no longer need to rely on the restrictively-licensed RSAREF toolkit which is required to handle RSA keys. Among other new features: A client and server for sftp has been added. scp(1) can now handle files larger than 2 GBytes. A limit on the number of outstanding, unauthenticated connections in sshd(8) has been added. Support has been added for the Rijndael encryption algorithm. Rekeying of existing sessions is now supported, and an experimental SOCKS4 proxy has been added to ssh(1).

OpenSSH can now authenticate using OPIE passwords in SSH1 mode. Support is not yet available in SSH2 mode. [MERGED]

PAM support for OpenSSH has been added.

A long-standing bug in OpenSSH, which sometimes resulted in a dropped session when an X11-forwarded client was closed, was fixed.

Kerberos compatibility has been added to OpenSSH. [MERGED]

OpenSSH has been modified to be more resistant to traffic analysis by requiring that ``non-echoed'' characters are still echoed back in a null packet, as well as by padding passwords sent so as not to hint at password lengths. [MERGED]

sshd(8) is now enabled by default on new installs. [MERGED]

sshd(8) X11Forwarding is now turned on by default on the server (any risk is to the client, where it is already disabled by default). [MERGED]

In /etc/ssh/sshd_config, the ConnectionsPerPeriod parameter has been deprecated in favor of MaxStartups. [MERGED]

OpenSSH now has a VersionAddendum configuration setting for sshd(8) to allow changing the part of the OpenSSH version string after the main version number.

2.3.1.5 OpenSSL

OpenSSL has been updated to 0.9.6c.

OpenSSL now has support for machine-dependent ASM optimizations, activated by the new MACHINE_CPU and/or CPUTYPE make.conf variables. [MERGED]

2.3.1.6 sendmail

sendmail has been updated from version 8.9.3 to version 8.12.2. Important changes include: sendmail(8) is no longer installed as a set-user-ID root binary (now set-group-ID smmsp); new default file locations (see /usr/src/contrib/sendmail/cf/README); newaliases(1) is limited to root and trusted users; STARTTLS encryption; and the MSA port (587) is turned on by default. See /usr/src/contrib/sendmail/RELEASE_NOTES for more information. [MERGED]

mail.local(8) is no longer installed as a set-user-ID binary. If you are using a /etc/mail/sendmail.cf from the default sendmail.cf included with FreeBSD any time after 3.1.0, you are fine. If you are using a hand-configured sendmail.cf and mail.local for delivery, check to make sure the F=S flag is set on the Mlocal line. Those with .mc files who need to add the flag can do so by adding the following line to their .mc file and regenerating the sendmail.cf file:

     MODIFY_MAILER_FLAGS(`LOCAL',`+S')dnl

Note that FEATURE(`local_lmtp') already does this. [MERGED]

The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY commands. [MERGED]

vacation(1) has been updated to use the version included with sendmail. [MERGED]

The sendmail configuration building tools are installed in /usr/share/sendmail/cf/. [MERGED]

New make.conf options: SENDMAIL_MC and SENDMAIL_ADDITIONAL_MC. See /usr/share/examples/etc/make.conf for more information. [MERGED]

/etc/mail/Makefile now supports: the new SENDMAIL_MC make.conf option; the ability to build .cf files from .mc files; generalized map rebuilding; rebuilding the aliases file; and the ability to stop, start, and restart sendmail. [MERGED]

The smmsp and mailnull users have been added to /etc/master.passwd. In the absence of a confDEF_USER_ID setting, by default, sendmail will use the mailnull user for extra security. Previously, if the mailnull user did not exist, the daemon user was used. This change may generate some permissions issues when mailing to files or to programs (such as mail/majordomo). [MERGED] The previous behavior can be restored by adding the following line to a system's *.mc configuration file:

     define(`confDEF_USER_ID', `daemon')


2.3.2 Ports/Packages Collection

BSDPAN, a collection of modules that provides tighter integration of Perl into the FreeBSD Ports Collection, has been added.

pkg_create(1) and pkg_add(1) can now work with packages that have been compressed using bzip2(1). pkg_add(1) will use the PACKAGEROOT environment variable to determine a mirror site for new packages. [MERGED]

pkg_create(1) now records dependencies in dependency order rather than in the order specified on the command line. This improves the functioning of pkg_add -r. [MERGED]

pkg_create(1) now supports a -b to create a package file from a locally-installed package. [MERGED]

When requested to delete multiple packages, pkg_delete(1) will now attempt to remove them in dependency order rather than the order specified on the command line. [MERGED]

pkg_delete(1) now can perform glob/regexp matching of package names. In addition, it supports a -a option for removing all packages and a -i option for rm(1)-style interactive confirmation. [MERGED]

pkg_delete(1) now supports a -r option for recursive package removal. [MERGED]

pkg_info(1) now supports globbing against names of installed packages. The -G option disables this behavior, and the -x option causes regular expression matching instead of shell globbing. [MERGED]

pkg_info(1) can now accept a -g flag for verifying an installed package against its recorded checksums (to see if it's been modified post-installation). Naturally, this mechanism is only as secure as the contents of /var/db/pkg if it's to be used for auditing purposes. [MERGED]

pkg_sign(1) and pkg_check(1) have been added to digitally sign and verify the signatures on binary package files. [MERGED]

pkg_update(1), a utility to update installed packages and update their dependencies, has been added. [MERGED]

pkg_version(1) now has a version number comparison routine that corresponds to the Porters Handbook. It also has a -t option for testing address comparisons. [MERGED]

pkg_version(1) now takes a -s flag to limit its operation to ports/packages matching a given string. [MERGED]

Version numbers of installed packages have a new (backward-compatible) syntax, which supports the PORTREVISION and PORTEPOCH variables in Ports Collection Makefiles. These changes help keep track of changes in the ports collection entries such as security patches or FreeBSD-specific updates, which aren't reflected in the original, third-party software distributions. pkg_version(1) can now compare these new-style version numbers. [MERGED]

To improve performance and disk utilization, the ``ports skeletons'' in the FreeBSD Ports Collection have been restructured. Installed ports and packages should not be affected. [MERGED]

All packages and ports now contain an ``origin'' directive, which makes it easier for programs such as pkg_version(1) to determine the directory from which a package was built. [MERGED]

3 Upgrading from previous releases of FreeBSD

If you're upgrading from a previous release of FreeBSD, you generally will have three options:

  • Using the binary upgrade option of sysinstall(8). This option is perhaps the quickest, although it presumes that your installation of FreeBSD uses no special compilation options.

  • Performing a complete reinstall of FreeBSD. Technically, this is not an upgrading method, and in any case is usually less convenient than a binary upgrade, in that it requires you to manually backup and restore the contents of /etc. However, it may be useful in cases where you want (or need) to change the partitioning of your disks.

  • From source code in /usr/src. This route is more flexible, but requires more disk space, time, and more technical expertise. Upgrading from very old versions of FreeBSD may be problematic; in cases like this, it is usually more effective to perform a binary upgrade or a complete reinstall.



Please read the INSTALL.TXT file for more information, preferably before beginning an upgrade. If you are upgrading from source, please be sure to read /usr/src/UPDATING as well.

Finally, if you want to use one of various means to track the -STABLE or -CURRENT branches of FreeBSD, please be sure to consult the ``-CURRENT vs. -STABLE'' section of the FreeBSD Handbook.

Important: Upgrading FreeBSD should, of course, only be attempted after backing up all data and configuration files.

This file, and other release-related documents, can be downloaded from ftp://current.FreeBSD.org/pub/FreeBSD/.

For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

All users of FreeBSD 5-CURRENT should subscribe to the <current@FreeBSD.org> mailing list.

For questions about this documentation, e-mail <doc@FreeBSD.org>.



diff --git a/en/releases/5.0R/DP1/relnotes-sparc64.html b/en/releases/5.0R/DP1/relnotes-sparc64.html index 17fb9b75cd..7a68f0fa11 100644 --- a/en/releases/5.0R/DP1/relnotes-sparc64.html +++ b/en/releases/5.0R/DP1/relnotes-sparc64.html @@ -1,5111 +1,5111 @@ FreeBSD/sparc64 5.0-CURRENT Release Notes

FreeBSD/sparc64 5.0-CURRENT Release Notes

The FreeBSD Project

Copyright © 2000, 2001, 2002 by The FreeBSD Documentation Project

$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v 1.315 2002/04/05 17:03:33 bmah Exp $

The release notes for FreeBSD 5.0-CURRENT contain a summary of the changes made in the FreeBSD base system since 4.0-RELEASE. Both changes for kernel and userland are listed, as well as applicable security advisories that were issued since the last release. Some brief remarks on upgrading are also presented.

Table of Contents
1 Introduction
2 What's New
2.1 Kernel Changes
2.1.1 Processor/Motherboard Support
2.1.2 Bootloader Changes
2.1.3 Network Interface Support
2.1.4 Network Protocols
2.1.5 Disks and Storage
2.1.6 Filesystems
2.1.7 PCCARD Support
2.1.8 Multimedia Support
2.1.9 Contributed Software
2.2 Security-Related Changes
2.3 Userland Changes
2.3.1 Contributed Software
2.3.2 Ports/Packages Collection
3 Upgrading from previous releases of FreeBSD

1 Introduction

This document contains the release notes for FreeBSD 5.0-CURRENT on the UltraSPARC hardware platform. It describes new features of FreeBSD that have been added (or changed) since 4.0-RELEASE. It also provides some notes on upgrading from previous versions of FreeBSD.

The snapshot distribution to which these release notes apply represents a point along the 5-CURRENT development branch between 4.0-RELEASE and the future 5.0-RELEASE. Some pre-built, binary snapshot distributions along this branch can be found at ftp://ftp.FreeBSD.org/pub/FreeBSD/development/sparc64/.

2 What's New

This section describes the most user-visible new or changed features in FreeBSD since 4.0-RELEASE. Typical release note items document new drivers or hardware support, new commands or options, major bugfixes, or contributed software upgrades. Security advisories issued after 4.0-RELEASE are also listed. In general, changes described here are unique to the 5-CURRENT branch unless specifically marked as [MERGED] features.

Many additional changes were made to FreeBSD that are not listed here for lack of space. For example, documentation was corrected and improved, minor bugs were fixed, insecure coding practices were audited and corrected, and source code was cleaned up.

2.1 Kernel Changes

The agp(4) driver for AGP devices has been added. [MERGED]

A new ddb(4) command show pcpu lists some of the per-CPU data.

Two new ddb(4) commands, hwatch and dhwatch, have been introduced. Analogous to watch and dwatch, they install hardware watchpoints (as opposed to software watchpoints) if supported by the architecture. [MERGED]

devfs(5), which allows entries in the /dev directory to be built automatically and supports more flexible attachment of devices, has been largely reworked. devfs(5) is now enabled by default and can be disabled by the NODEVFS kernel option.

The dgm driver has been removed in favor of the digi driver.

A new digi driver has been added to support PCI Xr-based and ISA Xem Digiboard cards. A new digictl(8) program is (mainly) used to re-initialize cards that have external port modules attached such as the PC/Xem.

An eaccess(2) system call has been added, similar to access(2) except that the former uses effective credentials rather than real credentials.

Support has been added for EBus-based devices.

Each jail(2) environment can now run under its own securelevel.

The tunable sysctl variables for jail(2) have moved from jail.* to the security.* hierarchy. Other security-related sysctl variables have moved from kern.security.* to security.*.

The kern.maxvnodes limit now properly limits the number of vnodes in use. Previously only vnodes with no cached pages could be freed; this could allow the number of vnodes to grow without limit on large-memory machines accessing many small files. A vnlru kernel thread helps to flush and reuse vnodes. [MERGED]

The kernel message buffer is now accessible by the (machine-independent) kern.msgbuf sysctl variable; dmesg(8) no longer needs to be SGID kmem. [MERGED]

The kqueue(2) event notification facility was added to the FreeBSD kernel. This is a new interface which is able to replace poll(2)/ select(2), offering improved performance, as well as the ability to report many different types of events. Support for monitoring changes in sockets, pipes, fifos, and files are present, as well as for signals and processes. [MERGED]

The labpc(4) driver has been removed due to ``bitrot''.

The loader and kernel linker now look for files named linker.hints in each directory with KLDs for a module name and version to KLD filename mapping. The new kldxref(8) utility is used to generate these files.

Linux emulation now supports the kernel functionality required by the emulators/linux_base-7 (RedHat 7.X emulation) port. [MERGED]

Linux emulation now requires options SYSVSEM in the kernel configuration. [MERGED]

lomac(4), a Low-Watermark Mandatory Access Control security facility, has been added as a kernel module. It provides a drop-in security mechanism in addition to the traditional UID-based security facilities, requiring no additional configuration from the administrator. Work on this feature was sponsored by DARPA and NAI Labs.

The maxusers kernel configuration parameter is now a boot-time tunable variable. The kernel parameters derived from maxusers are now also tunables and can be overridden at boot-time. The hz parameter is also now a tunable. [MERGED]

Specifying a value of 0 for the maxusers kernel configuration parameter will now cause an appropriate value to be calculated at boot-time (between 32 and 384, depending on the amount of memory present). This value is now the default for all GENERIC kernels. [MERGED]

The kernel configuration parameters MAXTSIZ, DFLDSIZ, MAXDSIZ, DFLSSIZ, MAXSSIZ, and SGROWSIZ are all loader tunables (kern.maxtsiz, kern.maxdfldsiz, etc.). [MERGED]

mutex(9) profiling code has been added, enabled by the MUTEX_PROFILING kernel configuration option. It enables the debug.mutex.prof.* hierarchy of sysctl variables.

A nmdm(4) null-modem terminal driver has been added. [MERGED]

The O_DIRECT flag has been added to open(2) and fcntl(2). Specifying this flag for open files will attempt to minimize the cache effects of reading and writing. [MERGED]

An orm(4) device has been added to claim the option ROMs in the ISA memory I/O space, to prevent other drivers from mistakenly assigning addresses that conflict with these ROMs. [MERGED]

POSIX.1b Shared Memory Objects are now supported. The implementation uses regular files, but automatically enables the MAP_NOSYNC flag when they are mmap(2)-ed. [MERGED]

Replaced the PQ_*CACHE options with a single PQ_CACHESIZE option to be set to the cache size in kilobytes. The old options are still supported for backwards compatibility. [MERGED]

The random(4) device has been rewritten to use the Yarrow algorithm. It harvests entropy from a variety of interrupt sources, including the console devices, Ethernet and point-to-point network interfaces, and mass-storage devices. Entropy from the random(4) device is now periodically saved to files in /var/db/entropy, as well as at shutdown time. The semantics of /dev/random have changed; it never blocks waiting for entropy bits but generates a stream of pseudo-random data and now behaves exactly as /dev/urandom.

A new kernel option, options REGRESSION, enables interfaces and functionality intended for use during correctness and regression testing.

Support has been added for SBus-based devices.

The snp(4) device is no longer static and can now be compiled as a module. [MERGED]

The syscons(4) driver now supports keyboard-controlled pasting, by default bound to Shift-Insert.

Support for USB devices was added to the GENERIC kernel and to the installation programs to support USB devices out of the box. Note that SRM does not support USB devices at the moment, so you must still use an AT keyboard if you are not using a serial console. [MERGED]

The ucom device driver has been added, to support USB modems, serial devices, and other programs that need to look like a tty. The related uplcom and uvscom drivers provide specific support for the Prolific PL-2303 serial adapter and the SUNTAC Slipper U VS-10U, respectively.

To increase security, the UCONSOLE kernel configuration option has been removed.

The USER_LDT kernel option is now activated by default.

A VESA S3 linear framebuffer driver has been added.

Write combining for crashdumps has been implemented. This feature is useful when write caching is disabled on both SCSI and IDE disks, where large memory dumps could take up to an hour to complete. [MERGED]

Extremely large swap areas (>67 GB) no longer panic the system.

The buildkernel target now gets the name of the configuration(s) to build from the KERNCONF variable, not KERNEL. It is no longer required, in some cases, for a buildworld to precede a buildkernel. (The buildworld is still required when upgrading across major releases, across binutil updates and when config(8) changes version.) [MERGED]

The out-of-swap process termination code now begins killing processes earlier to avoid deadlocks; it now also takes into account the swap space used by processes when computing the process sizes. [MERGED]

Linker sets are now self-contained; gensetdefs(8) is unnecessary and has been removed.

Network device cloning has been implemented, and the gif(4) device has been modified to take advantage of it. Thus, instead of specifying how many gif(4) interfaces are available in kernel configuration files, ifconfig(8)'s create option should be used when another device instance is desired. [MERGED]

It is now possible to hardwire kernel environment variables (such as tuneables) at compile-time using config(8)'s ENV directive.

Idle zeroing of pages can be enabled with the vm.idlezero_enable sysctl variable.

Coredumps of large processes (or of a large number of processes) no longer lock up the machine for long periods of time. [MERGED]

The Kernel-Scheduled Entity project has made changes to the kernel scheduler to more efficiently handle multi-threaded programs.

The kernel now has support for multiple low-level console devices. The new conscontrol(8) utility helps to manage the different consoles.

The kernel on the installation CDs is now separated from the mfsroot image. This permits the use of a full kernel when installing from CD on machines that support CD booting (instead of the stripped-down kernel used on floppies). [MERGED]

The system load average computation now adds some jitter to the timing of samples, in order to avoid synchronization with processes that run periodically. [MERGED]

If a debugging kernel with modules is being built (i.e. using makeoptions DEBUG=-g), the modules will now be built with debugging support as well, for completeness. A side effect of this change is that modules built and installed with debugging kernels will now occupy more space on disk than they did previously. [MERGED]

The kernel dump device can now be set via the dumpdev loader tunable. As a result, it is now possible to obtain crash dumps from panics during the late stages of kernel initialization (before the system enters into single-user mode). [MERGED]

The kernel memory allocator is now a slab memory allocator, similar to that used in Solaris. This is a SMP-safe memory allocator that has near-linear performance as the number of CPUs increases. It also allows for reduced memory fragmentation.

2.1.1 Processor/Motherboard Support

SMP support has been largely reworked, incorporating code from BSD/OS 5.0. One of the main features of SMPng (``SMP Next Generation'') is to allow more processes to run in kernel, without the need for spin locks that can dramatically reduce the efficiency of multiple processors. Interrupt handlers now have contexts associated with them that allow them to be blocked, which reduces the need to lock out interrupts.

The UltraSPARC platform is now supported by FreeBSD. The following machines are supported to at least some degree: Ultra 1/2/5/10/30/60, Enterprise 220R/420R, Netra T1 AC200/DC200, Netra T 105, and Blade 100. SMP is supported, and has been tested on the Ultra 2, Ultra 60, Enterprise 220R, and Enterprise 420R.

2.1.2 Bootloader Changes

The kernel and modules have been moved to the directory /boot/kernel, so they can be easily manipulated together. The boot loader has been updated to make this change as seamless as possible.

2.1.3 Network Interface Support

The an(4) driver for Cisco Aironet cards now supports Wired Equivalent Privacy (WEP) encryption, settable via ancontrol(8). [MERGED]

The an(4) driver now supports the Cisco Aironet 350 series of adaptors. [MERGED]

The an(4) driver now supports ``monitor'' mode, settable via the -M option to ancontrol(8). [MERGED]

The an(4) driver now supports Cisco LEAP, as well as the ``Home'' WEP key. The Linux Aironet utilities are now supported under emulation. [MERGED]

The dc(4) driver now supports NICs based on the Xircom 3201 and Conexant LANfinity RS7112 chips.

The dc(4) driver now has support for VLANs. [MERGED]

The de(4) driver now performs round-robin arbitration between the transmit and receive units of the 21143, instead of giving priority to the receive unit. This gives a 10-15% performance improvement in the forwarding rate under heavy load. [MERGED]

A bug in the ed(4) driver that could cause panics with very short packets and BPF or bridging active has been fixed. [MERGED]

The ed(4) driver now has support for D-Link DL10022 chips, necessary for the NetGear FA-410TX and other cards. As a result, device miibus is required in kernel configurations using the ed(4) driver. [MERGED]

The faith(4) device is now loadable, unloadable, and clonable. [MERGED]

The fxp(4) driver now requires a device miibus entry in the kernel configuration file. [MERGED]

The fxp(4) driver now contains a workaround for PCI protocol violations caused by defects in some systems based on the Intel ICH2/ICH2-M chip. The workaround is to rewrite the EEPROM on the interface to disable Dynamic Standby Mode; once the EEPROM is rewritten, the system needs to be rebooted for the new settings to take effect. [MERGED]

The fxp(4) driver now supports Intel's loadable microcode to implement receive-side interrupt coalescing and packet bundling, on NICs that support these features. This support can be activated by the use of the link0 option to ifconfig(8). [MERGED]

The gem driver has been added to support the Sun GEM Gigabit Ethernet and ERI Fast Ethernet adapters.

The gx(4) driver has been added to support NICs based on the Intel 82542 and 82543 Gigabit Ethernet controller chips. Both fiber and copper variants of the cards are supported. Both boards support VLAN tagging/insertion, and the 82543 additionally supports TCP/IP checksum offload. [MERGED]

The hme driver has been added to support the Sun HME Fast Ethernet adapter, onboard on many Sun Ultra series machines.

The lge(4) driver has been added to support the Level 1 LXT1001 NetCellerator Gigabit Ethernet controller chip. This device is used on some fiber optic GigE cards from SMC, D-Link and Addtron. Jumbograms and TCP/IP checksum offload on receive are supported, although hardware VLAN filtering is not. [MERGED]

Added the nge(4) driver, which supports PCI Gigabit Ethernet adapters based on the National Semiconductor DP83820 and DP83821 Gigabit Ethernet controller chips, including the D-Link DGE-500T, SMC EZ Card 1000 (SMC9462TX), Asante FriendlyNet GigaNIC 1000TA and 1000TPC and Addtron AEG320T. This driver supports transmit and receive checksum offloading. [MERGED]

The pcn(4) driver, which supports the AMD PCnet/FAST, PCnet/FAST+, PCnet/FAST III, PCnet/PRO, PCnet/Home, and HomePNA adapters, has been added. Although these cards are already supported by the lnc(4) driver, the pcn(4) driver runs these chips in 32-bit mode and uses the RX alignment feature to achieve zero-copy receive. This driver is also machine-independent, so it will work on both the i386 and Alpha platforms. The lnc(4) driver is still needed to support non-PCI cards. [MERGED]

The ray(4) driver, which supports the Webgear Aviator wireless network cards, has been committed. The operation of ray(4) interfaces can be modified by raycontrol(8). [MERGED]

Added support for PCI Ethernet adapters based on the SiS 900 and SiS 7016 Fast Ethernet controller chips (for example, as seen on the SiS 635 and 735 motherboard chipsets), as well as the National Semiconductor DP83815 chipset (including the NetGear FA311-TX and FA312-TX) in the form of the sis(4) driver. This device has support for VLANs. [MERGED]

The stf(4) device is now clonable.

The tap(4) driver, a virtual Ethernet device driver for bridged configurations, has been added. This device is clonable. [MERGED]

The ti(4) driver now supports the Alteon AceNIC 1000baseT Gigabit Ethernet and Netgear GA620T 1000baseT Gigabit cards. [MERGED]

The ti(4) driver correctly masks VLAN tags. [MERGED]

The txp(4) driver has been added to support NICs based on the 3Com 3XP Typhoon/Sidewinder (3CR990) chipset. [MERGED]

vlan(4) devices are now loadable, unloadable, and clonable. [MERGED]

The wi(4) driver now has support for Prism II and Prism 2.5-based NICs. 104/128-bit WEP now works on Prism cards. [MERGED]

The xl(4) driver now supports the 3Com 3C556 and 3C556B MiniPCI adapters used on some laptops. [MERGED]

The xl(4) driver now supports reception of VLAN tagged frames (on the ``Cyclone'' or newer chipsets). [MERGED]

The xl(4) driver now supports send- and receive-side TCP/IP checksum offloading for NICs implementing this feature, such as the 3C905B, 3C905C, and 3C980C. [MERGED]

A bug in the xl(4) driver, related to statistics overflow interrupt handling, was causing slowdowns at medium to high packet rates; this has been fixed. [MERGED]

The per-interface ifnet structure now has the ability to indicate a set of capabilities supported by a network interface, and which ones are enabled. ifconfig(8) has support for querying these capabilities. [MERGED]

Performance with hosts having a large number of IP aliases has been improved, by replacing the per-interface if_inaddr linear list with a hash table. [MERGED]

Network devices now automatically appear as special files in /dev/net. Interface hardware ioctls (not protocol or routing) can be performed on these devices. The SIOCGIFCONF ioctl may be performed on the special /dev/network node.

Selected network drivers now implement a semi-polling mode, which makes systems much more resilient to attacks and overloads. To enable polling, the following options are required in a kernel configuration file:

     options DEVICE_POLLING
     options HZ=1000 # not compulsory but strongly recommended
The kern.polling.enable sysctl variable will then activate polling mode; with the kern.polling.user_frac sysctl indicating the percentage of CPU time to be reserved for userland. The devices initially supporting polling are dc(4), fxp(4), and sis(4). More details can be found in the polling(4) manual page. [MERGED]

2.1.4 Network Protocols

accept_filter(9), a kernel feature to reduce overheads when accepting and reading new connections on listening sockets, has been added. [MERGED]

The proxy modifier to arp(8)'s -d option has been renamed to pub, for consistency with the -s option. The only keyword has been added to the -s and -S flags, to be used in creating ``proxy-only'' published entries. [MERGED]

The read timeout feature of bpf(4) now works more correctly with select(2)/ poll(2), and therefore with pthreads. [MERGED]

bridge(4) and dummynet(4) have received some enhancements and bug fixes, and are now loadable modules. [MERGED]

bridge(4) now has better support for multiple, fully-independent bridging clusters, and is much more stable in the presence of dynamic attachments and detatchments. Full support for VLANs is also supported. [MERGED]

ICMP ECHO and TSTAMP replies are now rate limited. TCP RSTs generated due to packets sent to open and unopen ports are now limited by separate counters. Each rate limiting queue now has its own description.

ICMP UNREACH_FILTER_PROHIB messages can now RST TCP connections in the SYN_SENT state if the correct sequence numbers are sent back, as controlled by the net.inet.tcp.icmp_may_rst sysctl. [MERGED]

IP multicast now works on VLAN devices. Several other bugs in the VLAN code have also been fixed.

A bug in the IPSec processing for IPv4, which caused the inbound SPD checks to be ignored, has been fixed. [MERGED]

ipfw(4) now filters correctly in the presence of ECN bits in TCP segments. [MERGED]

A new ng_eth(4) netgraph node allows Ethernet type packets to be filtered to different hooks depending on ethertype.

The ng_gif(4) and ng_gif_demux(4) netgraph nodes, for operating on gif(4) devices, have been added.

The ng_ip_input(4) netgraph node, for queueing IP packets into the main IP input processing code, has been added.

The ng_mppc(4) and ng_bridge(4) node types have been added to the netgraph(4) subsystem. The ng_ether(4) node is now dynamically loadable. Miscellaneous bug fixes and enhancements have also been made. [MERGED]

A new netgraph node type ng_one2many(4) for multiplexing and demultiplexing packets over multiple links has been added. [MERGED]

A new sysctl net.inet.ip.check_interface, which is on by default, causes IP to verify that an incoming packet arrives on an interface that has an address matching the packet's destination address. [MERGED]

A new sysctl net.link.ether.inet.log_arp_wrong_iface has been added to control the suppression of logging when ARP replies arrive on the wrong interface. [MERGED]

A new options RANDOM_IP_ID kernel option causes the ID field of IP packets to be randomized. This closes a minor information leak which allows a remote observer to determine the rate at which the machine is generating packets, since the default behavior is to increment a counter for each packet sent. [MERGED]

TCP has received some bug fixes for its delayed ACK behavior. [MERGED]

TCP now supports the NewReno modification to the TCP Fast Recovery algorithm. This behavior can be controlled via the net.inet.tcp.newreno sysctl variable. [MERGED]

TCP now uses a more aggressive timeout for initial SYN segments; this allows initial connection attempts to be dropped much faster. [MERGED]

The TCP_COMPAT_42 kernel option has been removed. [MERGED]

The TCP_RESTRICT_RST kernel option has been removed. Similar functionality can be achieved with the net.inet.tcp.blackhole sysctl variable. [MERGED]

TCP now has RFC 1323 extensions enabled by default in rc.conf(5). [MERGED]

RFC 1323 and RFC 1644 TCP extensions are now disabled for a connection in progress if no response has been received by the third SYN segment sent. This behavior tries to work around (very old) terminal servers with buggy VJ header compression implementations. [MERGED]

The TCP implementation no longer requires the allocation of a TCP template structure for each connection; this should reduce the buffer usage on large systems handling many connections. [MERGED]

TCP's default buffer sizes, controlled by the net.inet.tcp.sendspace and net.inet.tcp.recvspace sysctl variables, have been increased to 32K and 64K respectively. Previously, the default for both buffer sizes was 16K. To try to avoid increasing congestion, the default value for net.inet.tcp.local_slowstart_flightsize has been changed from infinity to 4. [MERGED]

Note: On busy hosts, the new larger buffer sizes may require manually increasing the NMBCLUSTERS parameter, either in the kernel configuration file or via the kern.ipc.nmbclusters loader tunable. netstat -mb can be used to monitor the state of mbuf clusters.



TCP now supports RFC 1948 (Defending Against Sequence Number Attacks). This functionality is controlled by the net.inet.tcp.strict_rfc1948 and net.inet.tcp.isn_reseed_interval sysctl variables. [MERGED]

The TCP implementation in FreeBSD now implements a cache of outstanding, received SYN segments. Incoming SYN segments now cause entries to be placed in the cache until the TCP three-way handshake is complete, at which point, memory is allocated for the connection as usual. In addition, all TCP Initial Sequence Numbers (ISNs) are used as cookies, allowing entries in the cache to be dropped, but still have their corresponding ACKs accepted later. The combination of the so-called ``syncache'' and ``syncookies'' features makes a host much more resistant to TCP-based Denial of Service attacks. Work on this feature was sponsored by DARPA and NAI Labs. [MERGED]

A bug in the TCP implementation, which could cause connections to stall if a sender saw a zero-sized window, has been corrected. [MERGED]

The TCP implementation now properly ignores packets addressed to IP-layer broadcast addresses. [MERGED]

The ephemeral port range used for TCP and UDP has been changed to 49152-65535 (the old default was 1024-5000). This increases the number of concurrent outgoing connections/streams.

2.1.5 Disks and Storage

The ahc(4) driver has received numerous updates, bugfixes, and enhancements. Among various improvements are improved compatibility with chips in ``RAID Port'' mode and systems with AAA and/or ARO cards installed, as well as performance improvements. Some bugs were also fixed, including a rare hang on Ultra2/U160 controllers. [MERGED]

The ata(4) driver now has support for ATA100 controllers. In addition, it now supports the ServerWorks ROSB4 ATA33 chipset, the CMD 648 ATA66 and CMD 649 ATA100 chipsets, and the Cyrix 5530. [MERGED]

To provide more flexible configuration, the various options for the ata(4) driver are now boot loader tunables, rather than kernel configure-time options. [MERGED]

The ata(4) driver now has support for tagged queuing, which is enabled by the hw.ata.tags loader tunable. [MERGED]

The ata(4) driver now has support for ATA ``pseudo'' RAID controllers as the Promise Fasttrak and HighPoint HPT370 controllers. [MERGED]

The ata(4) driver now supports a wider variety of SiS chipsets, as listed in the Hardware Notes. [MERGED]

The ata(4) driver now has support for creating, deleting, querying, and rebuilding ATA RAIDs under control of atacontrol(8). [MERGED]

The BurnProof(TM) feature, for applicable ATAPI CD-ROM burners, is now supported. [MERGED]

The ata(4) driver now has support for 48-bit addressing. Devices larger than 137GB are now supported. [MERGED]

The ata(4) driver now contains fixes for some data corruption problems on systems using the VIA 82C686B Southbridge chip. [MERGED]

The CAM error recovery code has been updated.

The cd(4) driver now has support for write operations. This allows writing to DVD-RAM, PD and similar drives that probe as CD devices. Note that change affects only random-access writeable devices, not sequential-only writeable devices such as CD-R drives, which are supported by cdrecord(1) (a part of sysutils/cdrtools in the Ports Collection. [MERGED]

The fdc(4) floppy disk has undergone a number of enhancements. Density selection for common settings is now automatic; the driver is also much more flexible in setting the densities of various subdevices.

The geom(4) disk I/O request transformation framework has been added; this extensible framework is designed to support a wide variety of operations on I/O requests on their way from the upper kernel to the device drivers.

The ida disk driver now has crashdump support. [MERGED]

The isp(4) driver is now proactive about discovering Fibre Channel topology changes.

The isp(4) driver now supports target mode for Qlogic SCSI cards, including Ultra2 and Ultra3 and dual bus cards.

The isp(4) driver now supports the Qlogic 2300 and 2312 Optical Fibre Channel PCI cards. [MERGED]

md(4), the memory disk device, has had the functionality of vn(4) incorporated into it. md(4) devices can now be configured by mdconfig(8). vn(4) has been removed. The Memory Filesystem (MFS) has also been removed.

Some problems in sa(4) error handling have been fixed, including the ``tape drive spinning indefinitely upon mt(1) stat'' problem.

The vinum(4) volume manager has received some bug fixes and enhancements.

The wd(4) compatibility devices were removed from the ata(4) driver. [MERGED]

2.1.6 Filesystems

Support for named extended attributes was added to the FreeBSD kernel. This allows the kernel, and appropriately privileged userland processes, to tag files and directories with attribute data. Extended attributes were added to support the TrustedBSD Project, in particular ACLs, capability data, and mandatory access control labels (see /usr/src/sys/ufs/ufs/README.extattr for details).

Due to a licensing change, softupdates have been integrated into the main portion of the kernel source tree. As a consequence, softupdates are now available with the GENERIC kernel. [MERGED]

A filesystem snapshot capability has been added to FFS. Details can be found in /usr/src/sys/ufs/ffs/README.snapshot.

Softupdates for FFS have received some bug fixes and enhancements.

When running with softupdates, statfs(2) and df(1) will track the number of blocks and files that are committed to being freed.

A bug in FFS that could cause superblock corruption on very large filesystems has been corrected. [MERGED]

The Inode Filesystem (IFS) has been added; more information can be found in /usr/src/sys/ufs/ifs/README.

The ISO-9660 filesystem now has a hook that supports a loadable character conversion routine. The sysutils/cd9660_unicode port contains a set of common conversions. [MERGED]

kernfs(5) is obsolete and has been retired.

A bug in the NFS client that caused bogus access times with O_EXCL|O_CREAT opens was fixed. [MERGED]

A new NFS hash function (based on the Fowler/Noll/Vo hash algorithm) has been implemented to improve NFS performance by increasing the efficiency of the nfsnode hash tables. [MERGED]

Client-side NFS locks have been implemented.

The client-side and server-side of the NFS code in the kernel used to be intertwined in various complex ways. They have been split apart for ease of maintenance and further development.

-

Support for file system Access Control Lists (ACLs) +

Support for filesystem Access Control Lists (ACLs) has been introduced, allowing more fine-grained control of discretionary access control on files and directories. This support was integrated from the TrustedBSD Project. More details can be found in /usr/src/sys/ufs/ufs/README.acls.

The directory layout preference algorithm for FFS (dirprefs) has been changed. Rather than scattering directory blocks across a disk, it attempts to group related directory blocks together. Operations traversing large directory hierarchies, such as the FreeBSD Ports tree, have shown marked speedups. This change is transparent and automatic for new directories. [MERGED]

For consistency, the fdesc, fifo, null, msdos, portal, umap, and union filesystems have been renamed to fdescfs, fifofs, msdosfs, nullfs, portalfs, umapfs, and unionfs. Where applicable, modules and mount_* programs have been renamed. Compatibility ``glue'' has been added to mount(8) so that msdos filesystem entries in fstab(5) will work without changes.

pseudofs, a pseudo-filesystem framework, has been added. linprocfs(5) and procfs(5) have been modified to use pseudofs.

A simple hash-based lookup optimization for large directories called dirhash has been added. Conditional on the UFS_DIRHASH kernel option (enabled by default in the GENERIC kernel), it improves the speed of operations on very large directories at the expense of some memory. [MERGED]

The virtual memory subsystem now backs UFS directory memory requirements by default (this behavior is controlled via the vfs.vmiodirenable sysctl variable). [MERGED]

A bug that prevented the root filesystem from being mounted from a SCSI CDROM has been fixed (ATAPI CDROMs were always supported). [MERGED]

A number of bugs in the filesystem code, discovered through the use of the fsx filesystem test tool, have been fixed. Under certain circumstances (primarily related to use of NFS), these bugs could cause data corruption or kernel panics. [MERGED]

Network filesystems (such as NFS and smbfs filesystems) listed in /etc/fstab can now be properly mounted during startup initialization; their mounts are deferred until after the network is initialized.

2.1.7 PCCARD Support

On many modern hosts, PCCARD devices can be configured to route their interrupts via either the ISA or PCI interrupt paths. The pcic(4) driver has been updated to support both interrupt paths (formerly, only routing via ISA was supported). [MERGED] In most cases, configuration of PCMCIA devices in laptops is simpler and more flexible. In addition, various Cardbus bridge PCI cards (such as those used by Orinoco PCI NICs) are now supported. Some hosts may experience problems, such as hangs or panics, with PCI interrupt routing; they can frequently be made to work by forcing the older-style ISA interrupt routing. The following lines, placed in /boot/loader.conf, may fix the problem:

     hw.pcic.intr_path="1"
       hw.pcic.irq="0"

When installing FreeBSD on such a system, typing the following lines to the boot loader may be helpful in starting up FreeBSD for the first time:

     ok set hw.pcic.intr_path="1"
     ok set hw.pcic.irq="0"


2.1.8 Multimedia Support

     snd_maestro3_load="YES"

The bktr(4) driver has been updated to 2.18. This update provides a number of new features. New tuner types have been added, and improvements to the KLD module and to memory allocation have been made. Bugs in devfs(5) when unloading and reloading have been fixed. Support for new Hauppauge Model 44xxx WinTV Cards (the ones with no audio mux) has been added. [MERGED]

When sound modules are built, one can now load all the drivers and infrastructure by kldload snd. [MERGED]

A new API has been added for sound cards with hardware volume control.

2.1.9 Contributed Software

The Forth Inspired Command Language (FICL) used in the boot loader has been updated to 2.05.

Support for Advanced Configuration and Power Interface (ACPI), a multi-vendor standard for configuration and power management, has been added. This functionality has been provided by the Intel ACPI Component Architecture project, as of the ACPI CA 20020308 snapshot. Some backward compatability for applications using the older APM standard has been provided.

2.1.9.1 IPFilter

IPFilter has been updated to 3.4.25.

IPFilter now supports IPv6. [MERGED]

2.1.9.3 KAME

The IPv6 stack is now based on a snapshot based on the KAME Project's IPv6 snapshot as of 28 May, 2001. Most of the items listed in this section are a result of this import. Section 2.3.1.3 lists userland updates to the KAME IPv6 stack. [MERGED]

gif(4) is now based on RFC 2893, rather than RFC 1933. The IFF_LINK2 interface flag can be used to control ingress filtering. [MERGED]

IPSec has received some enhancements, including the ability to use the Rijndael and SHA2 algorithms. IPSec RC5 support has been removed due to patent issues. [MERGED]

stf(4) now conforms to RFC 3056; the IFF_LINK2 interface flag can be used to control ingress filtering. [MERGED]

IPv6 has better checking of illegal addresses (such as loopback addresses) on physical networks. [MERGED]

The IPV6_V6ONLY socket option is now completely supported. The kernel's default behavior with respect to this option is controlled by the net.inet6.ip6.v6only sysctl variable. [MERGED]

RFC 3041 (Privacy Extensions for Stateless Address Autoconfiguration) is now supported. It can be enabled via the net.inet6.ip6.use_tempaddr sysctl variable. [MERGED]

2.2 Security-Related Changes

sysinstall(8) now allows the user to select one of two ``security profiles'' at install-time. These profiles enable different levels of system security by enabling or disabling various system services in rc.conf(5) on new installs. [MERGED]

A bug in which malformed ELF executable images can hang the system has been fixed (see security advisory FreeBSD-SA-00:41). [MERGED]

A security hole in Linux emulation was fixed (see security advisory FreeBSD-SA-00:42). [MERGED]

String-handling library calls in many programs were fixed to reduce the possibility of buffer overflow-related exploits. [MERGED]

TCP now uses stronger randomness in choosing its initial sequence numbers (see security advisory FreeBSD-SA-00:52). [MERGED]

Several buffer overflows in tcpdump(1) were corrected (see security advisory FreeBSD-SA-00:61). [MERGED]

A security hole in top(1) was corrected (see security advisory FreeBSD-SA-00:62). [MERGED]

A potential security hole caused by an off-by-one-error in gethostbyname(3) has been fixed (see security advisory FreeBSD-SA-00:63). [MERGED]

A potential buffer overflow in the ncurses(3) library, which could cause arbitrary code to be run from within systat(1), has been corrected (see security advisory FreeBSD-SA-00:68). [MERGED]

A vulnerability in telnetd(8) that could cause it to consume large amounts of server resources has been fixed (see security advisory FreeBSD-SA-00:69). [MERGED]

The nat deny_incoming command in ppp(8) now works correctly (see security advisory FreeBSD-SA-00:70). [MERGED]

A vulnerability in csh(1)/ tcsh(1) temporary files that could allow overwriting of arbitrary user-writable files has been closed (see security advisory FreeBSD-SA-00:76). [MERGED]

The ssh(1) binary is no longer SUID root by default. [MERGED]

Some fixes were applied to the Kerberos IV implementation related to environment variables, a possible buffer overrun, and overwriting ticket files. [MERGED]

telnet(1) now does a better job of sanitizing its environment. [MERGED]

Several vulnerabilities in procfs(5) were fixed (see security advisory FreeBSD-SA-00:77). [MERGED]

A bug in OpenSSH in which a server was unable to disable ssh-agent(1) or X11Forwarding was fixed (see security advisory FreeBSD-SA-01:01). [MERGED]

A bug in ipfw(8) and ip6fw(8) in which inbound TCP segments could incorrectly be treated as being part of an established connection has been fixed (see security advisory FreeBSD-SA-01:08). [MERGED]

A bug in crontab(1) that could allow users to read any file on the system in valid crontab(5) syntax has been fixed (see security advisory FreeBSD-SA-01:09). [MERGED]

A vulnerability in inetd(8) that could allow read-access to the initial 16 bytes of wheel-accessible files has been fixed (see security advisory FreeBSD-SA-01:11). [MERGED]

A bug in periodic(8) that used insecure temporary files has been corrected (see security advisory FreeBSD-SA-01:12). [MERGED]

OpenSSH now has code to prevent (instead of just mitigating through connection limits) an attack that can lead to guessing the server key (not host key) by regenerating the server key when an RSA failure is detected (see security advisory FreeBSD-SA-01:24). [MERGED]

A number of programs have had output formatting strings corrected so as to reduce the risk of vulnerabilities. [MERGED]

A number of programs that use temporary files now do so more securely. [MERGED]

A bug in ICMP that could cause an attacker to disrupt TCP and UDP ``sessions'' has been corrected. [MERGED]

A bug in timed(8), which caused it to crash if send certain malformed packets, has been corrected (see security advisory FreeBSD-SA-01:28). [MERGED]

A bug in rwhod(8), which caused it to crash if send certain malformed packets, has been corrected (see security advisory FreeBSD-SA-01:29). [MERGED]

A security hole in FreeBSD's FFS and EXT2FS implementations, which allowed a race condition that could cause users to have unauthorized access to data, has been fixed (see security advisory FreeBSD-SA-01:30). [MERGED]

A remotely-exploitable vulnerability in ntpd(8) has been closed (see security advisory FreeBSD-SA-01:31). [MERGED]

A security hole in IPFilter's fragment cache has been closed (see security advisory FreeBSD-SA-01:32). [MERGED]

Buffer overflows in glob(3), which could cause arbitrary code to be run on an FTP server, have been closed. In addition, to prevent some forms of DOS attacks, glob(3) allows specification of a limit on the number of pathname matches it will return. ftpd(8) now uses this feature (see security advisory FreeBSD-SA-01:33). [MERGED]

Initial sequence numbers in TCP are more thoroughly randomized (see security advisory FreeBSD-SA-01:39). Due to some possible compatibility issues, the behavior of this security fix can be enabled or disabled via the net.inet.tcp.tcp_seq_genscheme sysctl variable.[MERGED]

A vulnerability in the fts(3) routines (used by applications for recursively traversing a filesystem) could allow a program to operate on files outside the intended directory hierarchy. This bug has been fixed (see security advisory FreeBSD-SA-01:40). [MERGED]

OpenSSH now switches to the user's UID before attempting to unlink the authentication forwarding file, nullifying the effects of a race.

A flaw allowed some signal handlers to remain in effect in a child process after being exec-ed from its parent. This allowed an attacker to execute arbitrary code in the context of a setuid binary. This flaw has been corrected (see security advisory FreeBSD-SA-01:42). [MERGED]

A remote buffer overflow in tcpdump(1) has been fixed (see security advisory FreeBSD-SA-01:48). [MERGED]

A remote buffer overflow in telnetd(8) has been fixed (see security advisory FreeBSD-SA-01:49). [MERGED]

The new net.inet.ip.maxfragpackets and net.inet.ip6.maxfragpackets sysctl variables limit the amount of memory that can be consumed by IPv4 and IPv6 packet fragments, which defends against some denial of service attacks (see security advisory FreeBSD-SA-01:52). [MERGED]

All services in inetd.conf are now disabled by default for new installations. sysinstall(8) gives the option of enabling or disabling inetd(8) on new installations, as well as editing inetd.conf. [MERGED]

A flaw in the implementation of the ipfw(8) me rules on point-to-point links has been corrected. Formerly, me filter rules would match the remote IP address of a point-to-point interface in addition to the intended local IP address (see security advisory FreeBSD-SA-01:53). [MERGED]

A vulnerability in procfs(5), which could allow a process to read sensitive information from another process's memory space, has been closed (see security advisory FreeBSD-SA-01:55). [MERGED]

The PARANOID hostname checking in tcp_wrappers now works as advertised (see security advisory FreeBSD-SA-01:56). [MERGED]

A local root exploit in sendmail(8) has been closed (see security advisory FreeBSD-SA-01:57). [MERGED]

A remote root vulnerability in lpd(8) has been closed (see security advisory FreeBSD-SA-01:58). [MERGED]

A race condition in rmuser(8) that briefly exposed a world-readable /etc/master.passwd has been fixed (see security advisory FreeBSD-SA-01:59). [MERGED]

A vulnerability in UUCP has been closed (see security advisory FreeBSD-SA-01:62). All non-root-owned binaries in standard system paths now have the schg flag set to prevent exploit vectors when run by cron(8), by root, or by a user other then the one owning the binary. In addition, uustat(1) is now run via /etc/periodic/daily/410.status-uucp as uucp, not root. In FreeBSD -CURRENT, UUCP has since been moved to the Ports Collection and no longer a part of the base system. [MERGED]

A security hole in the form of a buffer overflow in the semop(2) system call has been closed. [MERGED]

A security hole in OpenSSH, which could allow users to execute code with arbitrary privileges if UseLogin yes was set, has been closed. Note that the default value of this setting is UseLogin no. (See security advisory FreeBSD-SA-01:63.) [MERGED]

The use of an insecure temporary directory by pkg_add(1) could permit a local attacker to modify the contents of binary packages while they were being installed. This hole has been closed. (See security advisory FreeBSD-SA-02:01.) [MERGED]

A race condition in pw(8), which could expose the contents of /etc/master.passwd, has been eliminated. (See security advisory FreeBSD-SA-02:02.) [MERGED]

A bug in k5su(8) could have allowed a process that had given up superuser privileges to regain them. This bug has been fixed. (See security advisory FreeBSD-SA-02:07.) [MERGED]

An ``off-by-one'' bug has been fixed in OpenSSH's multiplexing code. This bug could have allowed an authenticated remote user to cause sshd(8) to execute arbitrary code with superuser privileges, or allowed a malicious SSH server to execute arbitrary code on the client system with the privileges of the client user. (See security advisory FreeBSD-SA-02:13.) [MERGED]

A programming error in zlib could result in attempts to free memory multiple times. The malloc(3)/ free(3) routines used in FreeBSD are not vulnerable to this error, but applications receiving specially-crafted blocks of invalid compressed data could be made to function incorrectly or abort. This zlib bug has been fixed. For a workaround and solutions, see security advisory FreeBSD-SA-02:18. [MERGED]

2.3 Userland Changes

If the first argument to ancontrol(8) or wicontrol(8) doesn't start with a -, it is assumed to be an interface.

apmd(8) now has the ability to monitor battery levels and execute commands based on percentage or minutes of battery life remaining via the apm_battery configuration directive. See the commented-out examples in /etc/apmd.conf for the syntax. [MERGED]

arp(8) now prints the applicable interface name for each ARP entry. [MERGED]

arp(8) now prints [fddi] or [atm] tags for addresses on interfaces of those types.

atacontrol(8) has been added to control various aspects of the ata(4) driver. [MERGED]

The system awk(1) refers to BWK awk on the sparc64 platform. It remains GNU awk on other platforms.

burncd(8) now supports a -m option for multisession mode (the default behavior now is to close disks as single-session). A -l option to take a list of image files from a filename was also added; - can be used as a filename for stdin. [MERGED]

burncd(8) now supports Disk At Once (DAO) mode, selectable via the -d flag.

burncd(8) now has the ability to write VCDs/SVCDs.

c89(1) has been converted from a shell script to a binary executable, fixing some minor bugs. [MERGED]

cat(1) now has the ability to read from UNIX-domain sockets. [MERGED]

cdcontrol(1) now supports a cdid command, which calculates and displays the CD serial number, using the same algorithm used by the CDDB database. [MERGED]

cdcontrol(1) now uses the CDROM environment variable to pick a default device. [MERGED]

cdcontrol(1) now supports next and prev commands to skip forwards or backwards a specified number of tracks while playing an audio CD. [MERGED]

chflags(1) has moved from /usr/bin to /bin.

chio(1) now has the ability to specify elements by volume tag instead of by their physical location as well as the ability to return an element to its previous location. [MERGED]

chmod(1) now supports a -h for changing the mode of a symbolic link.

chown(8) now correctly follows symbolic links named as command line arguments if run without -R. [MERGED]

chown(8) no longer takes . as a user/group delimeter. This change was made to support usernames containing a ..

Use of the CSMG_* macros no longer require inclusion of <sys/param.h>

col(1) now takes a -p flag to force unknown control sequences to be passed through unchanged. [MERGED]

The compat3x distribution has been updated to include libraries present in FreeBSD 3.5.1-RELEASE. [MERGED]

A compat4x distribution has been added for compatibility with FreeBSD 4-STABLE.

config(8) is now better about converting various warnings that should have been errors into actual fatal errors with an exit code. This ensures that make buildkernel doesn't quietly ignore them and build a bogus kernel without a human to read the errors. [MERGED]

A number of buffer overflows in config(8) have been fixed. [MERGED]

ctags(1) no longer creates a corrupt tags file if the source file used // (C++-style) comments. [MERGED]

The daemon(8) program, a command-line interface to daemon(3), has been added. It detaches itself from its controlling terminal and executes a program specified on the command line. This allows the user to run an arbitrary program as if it were written to be a daemon.

devinfo, a simple tool to print the device tree and resource usage by devices, has been added.

df(1) now takes a -l option to only display information about locally-mounted filesystems. [MERGED]

disklabel(8) now supports partition sizes expressed in kilobytes, megabytes, or gigabytes, in addition to sectors. [MERGED]

diskpart(8) has been declared obsolete, and has been removed.

dmesg(8) now has a -a option to show the entire message buffer, including syslogd(8) records and /dev/console output. [MERGED]

du(1) now takes a -I command-line flag to ignore/skip files and subdirectories matching a specified shell-glob mask. [MERGED]

dump(8) now supports inheritance of the nodump flag down a hierarchy. [MERGED]

The -T option to dump(8) no longer swallows an extra argument. [MERGED]

dump(8) has a new -D option, allowing the path to the /etc/dumpdates file to be changed. [MERGED]

dump(8) now supplies progress information in its process title, useful for monitoring automated backups. [MERGED]

dump(8) now supports a new -S to allow it to just print out the dump size estimates and exit.

edquota(8) now takes a -f option to allow limiting the prototype quota distribution (specified with -p) to a single filesystem. [MERGED]

/etc/rc.firewall and /etc/rc.firewall6 will no longer add their own hardcoded rules in the cases of a rules file in the firewall_type variable or a non-existent firewall type. (The motivation for this change is to avoid acting on assumptions about a site's firewall policies.) In addition, the closed firewall type now works as documented in the rc.firewall(8) manual page. [MERGED]

The functionality of /etc/security has been been moved into a set of scripts under the periodic(8) framework, to make local customization easier and more maintainable. These scripts now reside in /etc/periodic/security/. [MERGED]

fbtab(5) now accepts glob matching patterns for target devices, not just individual devices and directories.

fdread(1), a program to read data from floppy disks, has been added. It is a counterpart to fdwrite(1) and is designed to provide a means of recovering at least some data from bad media, and to obviate for a complex invocation of dd(1).

find(1) now takes the -empty flag, which returns true if a file or directory is empty. [MERGED]

find(1) now takes the -iname and -ipath primaries for case-insensitive matches, and the -regexp and -iregexp primaries for regular-expression matches. The -E flag now enables extended regular expressions. [MERGED]

find(1) now has the -anewer, -cnewer, -mnewer, -okdir, and -newer[acm][acmt] primaries for comparisons of file timestamps. The latter primaries can be specified with various units of time. [MERGED]

finger(1) now has the ability to support fingering aliases, via the finger.conf(5) file. [MERGED]

finger(1) now has support for a .pubkey file.

fmt(1) has been rewritten; the rewrite fixes a number of bugs compared to its prior behavior. [MERGED]

fmtcheck(3), a function for checking consistency of format string arguments, has been added. [MERGED]

fsck(8) wrappers have been imported; this feature provides infrastructure for fsck(8) to work on different types of filesystems (analogous to mount(8)).

The behavior of fsck(8) when dealing with various passes (a la /etc/fstab) has been modified to accommodate multiple-disk filesystems.

fsck(8) now has support for foreground (-F) and background (-B) checks. Traditionally, fsck(8) is invoked before the filesystems are mounted and all checks are done to completion at that time. If background checking is available, fsck(8) is invoked twice. It is first invoked at the traditional time, before the filesystems are mounted, with the -F flag to do checking on all the filesystems that cannot do background checking. It is then invoked a second time, after the system has completed going multiuser, with the -B flag to do checking on all the filesystems that can do background checking. Unlike the foreground checking, the background checking is started asynchronously so that other system activity can proceed even on the filesystems that are being checked. Boot-time enabling of this feature is controlled by the background_fsck option in rc.conf(5).

Shortly after the receipt of a SIGINFO signal (normally control-T from the controlling tty), fsck_ffs(8) will now output a line indicating the current phase number and progress information relevant to the current phase. [MERGED]

fsck_ffs(8) now supports background filesystem checks to mounted FFS filesystems with the -B option (softupdates must be enabled on these filesystems). The -F flag now determines whether a specified filesystem needs foreground checking.

A new fsck_msdosfs(8) utility has been added to check the consistency of MS-DOS filesystems. [MERGED]

ftpd(8) now supports a -r flag for read-only mode and a -E flag to disable EPSV. It also has some fixes to reduce information leakage and the ability to specify compile-time port ranges. [MERGED]

ftpd(8) now supports -o and -O options to disable the RETR command; the former for everybody, and the latter only for guest users. Coupled with -A and appropriate file permissions, these can be used to create a relatively safe anonymous FTP drop box for others to upload to.

The getprogname(3) and setprogname(3) library functions have been added to manipulate the name of the current program. They are used by error-reporting routines to produce consistent output. [MERGED]

gprof(1) now has a -K option to enable dynamic symbol resolution from the currently-running kernel. With this change, properly-compiled KLD modules are now able to be profiled.

growfs(8), a utility for growing FFS filesystems, has been added. ffsinfo(8), a utility for dump all the meta-information of an existing filesystem, has also been added. [MERGED]

The groups(1) and whoami(1) shell scripts are now unnecessary; their functionality has been completely folded into id(1). [MERGED]

The ibcs2(8), linux(8), osf1(8), and svr4(8) scripts, whose sole purpose was to load emulation kernel modules, have been removed. The kernel module system will automatically load them as needed to fulfill dependencies.

indent(1) has gained some new formatting options. [MERGED]

ifconfig(8) can set the link-layer address of an interface using the link parameter. [MERGED]

ifconfig(8) can now accept addresses in slash/CIDR notation. [MERGED]

ifconfig(8) now has support for setting parameters for IEEE 802.11 wireless network devices. wi(4) and an(4) devices are supported, and partial support is provided for awi(4) devices. [MERGED]

ifconfig(8) no longer displays the list of supported media by default. Instead it displays it when the -m flag is given. [MERGED]

The syntax of inetd(8)'s support for faithd(8) is now compatible with that of other BSDs. [MERGED]

The ident protocol support in inetd(8) has been cleaned up and updated. [MERGED]

inetd(8) now has the ability to manage UNIX-domain sockets. [MERGED]

install(1) has a number of new features, including the -b and -B options for backing up existing target files and the -S option for ``safe'' (atomic copy) operation. The -c (copy) flag is now the default, and the -D (debugging) flag has been withdrawn. install(1) now issues a warning if -d (create directories) and -C (copy changed files only) are used together. [MERGED]

IP Filter is now supported by the rc.conf(5) boot-time configuration and initialization. [MERGED]

ipfstat(8) now supports the -t option to turn on a top(1)-like display. [MERGED]

ipfw(8) will now avoid the display of dynamic firewall rules unless the -d flag is passed to it. The -e option lists expired dynamic rules. [MERGED]

ipfw(8) has a new feature (me) that allows for packet matching on interfaces with dynamically-changing IP addresses. [MERGED]

ipfw(8) has a new limit type of firewall rule, which limits the number of sessions between address pairs. [MERGED]

ipfw(8) filter rules can now match on the value of the IPv4 precedence field.

ip6fw(8) now has the ability to use a preprocessor and use the -q (quiet) flag when reading from a file. [MERGED]

kenv(1), a command to dump the kernel environment, has been added. [MERGED]

keyinfo(1) is now a C program, rather than a Perl script. [MERGED]

killall(1) is now a C program, rather than a Perl script. As a result, its -m option now uses the regular expression syntax of regex(3), rather than that of perl(1). [MERGED]

killall(1) now allows non-root users to kill SUID root processes that they started, the same as the Perl version did. [MERGED]

The kldconfig(8) utility has been added to make it easier to manipulate the kernel module search path. [MERGED]

ktrdump, a utility to dump the ktr trace buffer from userland, has been added.

last(1) now implements a -d that provides a ``snapshot'' of who was logged in at a particular date and time. [MERGED]

last(1) now supports a -y flag, which causes the year to be included in the session start time.

The lastlogin(8) utility, which prints the last login time of each user, has been imported from NetBSD. [MERGED]

ldconfig(8) now checks directory ownerships and permissions for greater security; these checks can be disabled with the -i flag. [MERGED]

ldd(1) can now be used on shared libraries, in addition to executables. [MERGED]

ldd(1) now supports a -a flag to list all the objects that are needed by each loaded object.

libc is now thread-safe by default; libc_r contains only thread functions.

libcrypt and libdescrypt have been unified to provide a configurable password authentication hash library. Both the md5 and des hash methods are provided unless the des hash is specifically compiled out. [MERGED]

libcrypt now has support for Blowfish password hashing. [MERGED]

libstand now has support for filesystems containing bzip2-compressed files. [MERGED]

libstand now has support for overwriting the contents of a file on a UFS filesystem (it cannot expand or truncate files because the filesystem may be dirty or inconsistent).

libstand now has support for loading large kernels and modules split across several physical media.

The default TCP port range used by libfetch for passive FTP retrievals has changed; this affects the behavior of fetch(1), which has gained the -U option to restore the old behavior. [MERGED]

libfetch now has support for an authentication callback. [MERGED]

libfetch now has support for a HTTP_USER_AGENT environment variable. [MERGED]

libgmp has been superceded by libmp.

The functions from libposix1e have been integrated into libc.

libusb has been renamed as libusbhid, following NetBSD's naming conventions. [MERGED]

ln(1) now takes an -i option to request user confirmation before overwriting an existing file. [MERGED]

ln(1) now takes a -h flag to avoid following a target that is a link, with a -n flag for compatibility with other implementations. [MERGED]

logger(1) can now send messages directly to a remote syslog. [MERGED]

login(1) now exports environment variables set by PAM modules. [MERGED]

lpc(8) has been improved; lpc clean is now somewhat safer, and a new lpc tclean command has been added to check to see what files would be removed by lpc clean. [MERGED]

lpd(8) now takes two new options: -c will log all connection errors to syslogd(8), while -W will allow connections from non-reserved ports. [MERGED]

lpd(8) now has some support for o-type print-file actions in its control files, which allows printing of PostScript files generated by MacOS 10.1. [MERGED]

lpr(1), lpq(1), and lpd(8) have received a few minor enhancements. [MERGED]

Catching up with most other network utilities in the base system, lpr(1), lpd(8), syslogd(8), and logger(1) are now all IPv6-capable. [MERGED]

lprm - now works for remote printer queues. [MERGED]

ls(1) can produce colorized listings with the -G flag (and appropriate terminal support). The CLICOLOR environment variable can be set to enable colorized listings by default. [MERGED]

mail(1) now takes a -E flag to avoid sending messages with empty bodies. [MERGED]

make(1) has gained the :C/// (regular expression substitution), :L (lowercase), and :U (uppercase) variable modifiers. These were added to reduce the differences between the FreeBSD and OpenBSD/NetBSD make(1) programs. [MERGED]

Bugs in make(1), among which include broken null suffix behavior, bad assumptions about current directory permissions, and potential buffer overflows, have been fixed. [MERGED]

The new CPUTYPE make.conf variable controls the compilation of processor-specific optimizations in various pieces of code such as OpenSSL. [MERGED]

The FreeBSD Makefile infrastructure now supports the WARNS directive from NetBSD. This directive controls the addition of compiler warning flags to CFLAGS in a relatively compiler-neutral manner. [MERGED]

man(1) is no longer installed SUID man, in order to reduce vulnerabilities associated with generating ``catpages'' (preformatted manual pages cached for repeated viewing). As a result, man(1) can no longer create system catpages on a regular user's behalf. It is still able to do so if the user has write permissions to the directory holding catpages (e.g. a user's own manpages) or if the running user is root.

The mdmfs(8) command has been added; it is a wrapper around mdconfig(8), disklabel(8), newfs(8), and mount(8) that mimics the command line option set of the deprecated mount_mfs(8).

mergemaster(8) now sources an /etc/mergemaster.rc file and also prompts the user to run recommended commands (such as newaliases) as needed. [MERGED]

moused(8) now takes a -a option to control mouse acceleration. [MERGED]

mtree(8) now includes support for a file that lists pathnames to be excluded when creating and verifying prototypes. This makes it easier to use mtree(8) as a part of an intrusion-detection system. [MERGED]

natd(8) now supports a -log_ipfw_denied option to log packets that cannot be re-injected because they are blocked by ipfw(8) rules. [MERGED]

The ``in use'' percentage metric displayed by netstat(1) now really reflects the percentage of network mbufs used. [MERGED]

netstat(1) now has a -W flag that tells it not to truncate addresses, even if they're too long for the column they're printed in. [MERGED]

netstat(1) now keeps track of input and output packets on a per-address basis for each interface. [MERGED]

netstat(1) now has a -z flag to reset statistics. [MERGED]

netstat(1) now has a -S flag to print address numerically but port names symbolically. [MERGED]

newfs(8) now implements write combining, which can make creation of new filesystems up to seven times faster. [MERGED]

newfs(8) now takes a -U option to enable softupdates on a new filesystem. [MERGED]

The default number of cylinders per group in newfs(8) is now computed to be the maximum allowable given the current filesystem parameters. It can be overridden with the -c option. Formerly, the default was fixed at 16. This change leads to better fsck(8) performance and reduced fragmentation. [MERGED]

The default block and fragment sizes for new filesystems created by newfs(8) are now 16384 and 2048 bytes, respectively (the old defaults were 8192 and 1024 bytes). This change generally provides increased performance, at the expense of some wasted disk space. [MERGED]

A number of archaic features of newfs(8) have been removed; these implement tuning features that are essentially useless on modern hard disks. These features were controlled by the -O, -d, -k, -l, -n, -p, -r, -t, and -x flags.

newsyslog(8) now has the ability to compress log files using bzip2(1). [MERGED]

NFS now works over IPv6.

ngctl(8) now supports a write command to send a data packet down a given hook. [MERGED]

nl(1), a line numbering filter program, has been added. [MERGED]

nsswitch support has been merged from NetBSD. By creating an nsswitch.conf(5) file, FreeBSD can be configured so that various databases such as passwd(5) and group(5) can be looked up using flat files, NIS, or Hesiod. The old hosts.conf file is no longer used.

PAM support has been added for account management and sessions.

PAM configuration is now specified by files in /etc/pam.d/, rather than a single /etc/pam.conf file. /etc/pam.d/README has more details.

A number of new PAM modules have been added.

passwd(1) and pw(8) now select the password hash algorithm at run time. See the passwd_format attribute in /etc/login.conf. [MERGED]

pax(1) has received a number of enhancements, including cpio(1) functionality, tar(1) compatibility enhancements, -z and -Z flags for gzip(1) and compress(1) functionality, and a number of bug fixes.

pciconf(8) now supports a -v option to display the vendor/device information of configured devices, in conjunction with the -l option. The default vendor/device database can be found at /usr/share/misc/pci_vendors. [MERGED]

The behavior of periodic(8) is now controlled by /etc/defaults/periodic.conf and /etc/periodic.conf. [MERGED]

ping(8) now supports a -m option to set the TTL of outgoing packets. [MERGED]

ping(8) now supports a -A option to beep when packets are lost. [MERGED]

Userland ppp(8) has received a number of updates and bug fixes. [MERGED]

ppp(8) has gained the tcpmssfixup option, which adjusts outgoing and incoming TCP SYN packets so that the maximum receive segment size is no larger than allowed by the interface MTU. [MERGED]

ppp(8) now supports IPv6.

pppd(8) (the control program for kernel-level PPP) is now installed mode 4550 and root:dialer, rather than mode 4555 (in other words, it is no longer world-executable). Users of pppd(8) may need to change their group settings. [MERGED]

The -W option to ps(1) (to extract information from a specified swap device) has been useless for some time; it has been removed. [MERGED]

pwd(1) can now double as realpath(1), a program to resolve pathnames to their underlying physical paths. [MERGED]

The pseudo-random number generator implemented by rand(3) has been improved to provide less biased results.

rc(8) now has an framework for handling dependencies between rc.conf(5) variables. [MERGED]

rc(8) now deletes all non-directory files in /var/run and /var/spool/lock at boot time. [MERGED]

rcmd(3) now supports the use of the RSH environment variable to specify a program to use other than rsh(1) for remote execution. As a result, programs such as dump(8), can use ssh(1) for remote transport.

rdist(1) has been retired from the base system, but is still available from FreeBSD Ports Collection as net/44bsd-rdist.

The resolver(3) in FreeBSD now implements EDNS0 support, which will be necessary when working with IPv6 transport-ready resolvers/DNS servers. [MERGED]

The rfork_thread(3) library call has been added as a helper function to rfork(2). Using this function should avoid the need to implement complex stack swap code. [MERGED]

The -v option to rm(1) now displays the entire pathname of a file being removed.

route(8) is now more verbose when changing indirect routes, in the case of a gateway route that is the same route as the one being modified. [MERGED]

route(8) now uses host/bits syntax instead of net/bits syntax, for compatibility with netstat(1). [MERGED]

route(8) can now create ``proxy only'' published ARP entries. [MERGED]

The route(8) add command now supports the -ifp and -ifa modifiers. [MERGED]

rpcbind(8) has replaced portmap(8).

rpcgen(1) now uses /usr/bin/cpp (as on NetBSD), not /usr/libexec/cpp.

rpc.lockd(8) has been imported from NetBSD. This daemon provides support for servicing client NFS locks.

The performance of the ELF dynamic linker rtld(1) has been improved. [MERGED]

RSA Security has waived all patent rights to the RSA algorithm. As a result, the native OpenSSL implementation of the RSA algorithm is now activated by default, and the security/rsaref port and the librsaUSA and librsaINTL libraries are no longer required for USA and non-USA residents respectively. [MERGED]

rtld(1) will now print the names of all objects that cause each object to be loaded, if the LD_TRACE_LOADED_OBJECTS_ALL environment variable is defined.

savecore(8) now supports a -k option to prevent clearing a crash dump after saving it. It also attempts to avoid writing large stretches of zeros to crash dump files to save space and time. [MERGED]

savecore(8) now works correctly on machines with 2 GB or more of RAM. [MERGED]

sed(1) now takes a -E option for extended regular expression support. [MERGED]

send-pr(1) now takes a -a option to include a file into the Fix: section of a problem report. [MERGED]

The setfacl(1) and getfacl(1) commands - have been added to manage file system Access Control + have been added to manage filesystem Access Control Lists.

setproctitle(3) has been moved from libutil to libc. [MERGED]

sh(1) now implements test as a built-in command for improved efficiency. [MERGED]

sh(1) no longer implements printf as a built-in command because it was considered less valuable compared to the other built-in commands (this functionality is, of course, still available through the printf(1) executable).

sockstat(1) now has -c and -l flags for listing connected and listening sockets, respectively. [MERGED]

split(1) now has the ability to split a file longer than 2GB. [MERGED]

In preparation for meeting SUSv2/POSIX <sys/select.h> requirements, struct selinfo and related functions have been moved to <sys/selinfo.h>.

The strnstr(3) and strcasestr(3) variants of strstr(3) have been implemented. [MERGED]

stty(1) now has support for an erase2 control character, so that, for example, both the Delete and Backspace keys can be used to erase characters. [MERGED]

style.perl(7), a style guide for Perl code in the FreeBSD base system, has been added. [MERGED]

su(1) now uses PAM for authentication.

Boot-time syscons(4) configuration was moved to a machine-independent /etc/rc.syscons. [MERGED]

sysctl(8) now supports a -N option to print out variable names only. [MERGED]

sysctl(8) has replaced the -A and -X options with -ao and -ax respectively; the former options are now deprecated. The -w option is deprecated as well; it is not needed to determine the user's intentions. [MERGED]

sysctl(8) now supports a -e option to separate variable names and values by = rather than :. This feature is useful for producing output that can be fed back to sysctl(8). [MERGED]

sysinstall(8) now properly preserves /etc/mail during a binary upgrade. [MERGED]

sysinstall(8) now uses some more intuitive defaults thanks to some new dialog support functions. [MERGED]

The default root partition in sysinstall(8) is now 100MB on the i386 and 120MB on the Alpha.

sysinstall(8) now lives in /usr/sbin, which simplifies the installation process. The sysinstall(8) manpage is also installed in a more consistent fashion now.

sysinstall(8) now has the ability to load KLDs as a part of the installation. [MERGED]

When run from the installation media, sysinstall(8) will automatically load any device drivers found in the /stand/modules directory of the mfsroot floppy or filesystem image. Note that any drivers so loaded will not appear in the kernel's boot messages; the sysinstall(8) debugging screen will provide additional information. [MERGED]

sysinstall(8) now enables Soft Updates by default on all filesystems it creates, except for the root filesystem. [MERGED]

sysinstall(8) has received updates for its ``auto'' partitioning mode which provide more reasonable defaults for the sizes of partitions that are created; auto-sized partitions can now also recover the space that becomes available when other partitions are deleted. [MERGED]

syslogd(8) can take a -n option to disable DNS queries for every request. [MERGED]

syslogd(8) now supports a LOG_CONSOLE facility (disabled by default), which can be used to log /dev/console output. [MERGED]

syslogd(8) now has the ability to bind to a specific address (as opposed to using every available one) via the -b option. [MERGED]

syslogd(8) now accepts a -c flag to disable repeated line compression. [MERGED]

tail(1) now has the ability to work on files longer than 2GB. [MERGED]

tar(1) now supports the TAR_RSH variable, principally to enable the use of ssh(1) as a transport. [MERGED]

telnet(1) now does autologin and encryption by default; a new -y option turns off encryption.

telnet(1) now supports a -u flag to allow connections to UNIX-domain (AF_UNIX) sockets. [MERGED]

tftpd(8) now takes the -c and -C options, which allow the server to chroot(2) based on the IP address of the connecting client. tftp(1) and tftpd(8) can now transfer files larger than 65535 blocks. [MERGED]

tftpd(8) now supports RFC 2349 (TFTP Timeout Interval and Transfer Size Options); this feature is required by some firmware like EFI boot managers (at least on HP i2000 Itanium servers) in order to boot an image using TFTP.

A version of Transport Independent RPC (TI-RPC) has been imported.

tmpnam(3) will now use the TMPDIR environment variable, if set, to specify the location of temporary files. [MERGED]

tip(1) has been updated from OpenBSD, and has the ability to act as a cu(1) substitute.

top(1) will now use the full width of its tty.

touch(1) now takes a -h option to operate on a symbolic link, rather than what the link points to.

The truncate(1) utility, which truncates or extends the length of files, has been added. [MERGED]

Ukrainian language support has been added to the FreeBSD console. [MERGED]

UUCP has been removed from the base system. It can be found in the Ports Collection, in net/freebsd-uucp.

units(1) has received some updates and bugfixes. [MERGED]

usbdevs(8) now supports a -d flag to show the device driver associated with each device.

The usbhidctl(1) utility has been added to manipulate USB Human Interface Devices. [MERGED]

uudecode(1) now accepts a -o option to set its output file.

vidcontrol(1) now accepts a -g parameter to select custom text geometry in the VESA_800x600 raster text mode. [MERGED]

vidcontrol(1) now allows the user to omit the font size specification when loading a font, and has some better error-handling. [MERGED]

vidcontrol(1) now supports a -p option to take a snapshot of a syscons(4) video buffer. These snapshots can be manipulated by the graphics/scr2png utility in the Ports Collection. [MERGED]

vidcontrol(1) now supports a -C option to clear the history buffer for a given tty, as well as a -h option to set the size of the history buffer. [MERGED]

The default stripe size in vinum(8) has been changed from 256KB to 279KB, to spread out superblocks more evenly between stripes.

wall(1) now supports a -g flag to write a message to all users of a given group. [MERGED]

watch(8) now takes a -f option to specify a snp(4) device to use. [MERGED]

which(1) is now a C program, rather than a Perl script.

whois(1) now directs queries for IP addresses to ARIN. If a query to ARIN references APNIC or RIPE, the appropriate server will also be queried, provided that the -Q option is not specified. [MERGED]

whois(1) supports a -c option to specify a country code to help direct queries towards a particular whois server. [MERGED]

xargs(1) now supports a -J replstr option that allows the user to tell xargs(1) to insert the data read from standard input at a specific point in the command line arguments rather than at the end. [MERGED]

The compiler chain now uses the FSF-supplied C/C++ runtime initialization code. This change brings about better compatibility with code generated from the various egcs and gcc ports, as well as the stock public FSF source. [MERGED]

The threads library has gained some signal handling changes, bug fixes, and performance enhancements (including zero system call thread switching). gdb(1) thread support has been updated to match these changes. [MERGED]

Significant additions have been made to internationalization support; FreeBSD now has complete locale support for the LC_MONETARY, LC_NUMERIC, and LC_MESSAGES categories. A number of applications have been updated to take advantage of this support.

Locale names have been changed to improve compatibility with the names used by X11R6, as well as a number of other UNIX versions. As an example, the en_US.ISO_8859-1 locale name has been changed to en_US.ISO8859-1. Entries in /etc/locale.alias provide backward compatibility. [MERGED]

/usr/src/share/examples/BSD_daemon/ now contains a scalable Beastie graphic. [MERGED]

As part of an ongoing process, many manual pages were improved, both in terms of their formatting markup and in their content. [MERGED]

2.3.1 Contributed Software

am-utils has been updated to 6.0.7.

A 10 February 2002 snapshot of awk from Bell Labs (variously known as ``BWK awk'' or ``The One True AWK'') has been imported. It is available as awk on the sparc64 architecture, and nawk on other architectures.

bc has been updated from 1.04 to 1.06. [MERGED]

The ISC library from the BIND distribution is now built as libisc. [MERGED]

BIND is now built with the NOADDITIONAL flag, which causes named(8) to operate in a more consistent fashion for certain common misconfigurations. [MERGED]

BIND has been updated to 8.3.1-REL. [MERGED]

Binutils has been updated to 2.12.0.

bzip2 1.0.2 has been imported; this brings the bzip2(1) program and the libbz2 library to the base system. [MERGED]

The ee(1) Easy Editor has been updated to 1.4.2. [MERGED]

file has been updated to 3.37.

gcc has been updated to a snapshot of the 2.95 development branch from 20 March 2002 (this snapshot includes changes made after the release of gcc2.95.3).

gcc(1) now uses a unified libgcc rather than a separate one for threaded and non-threaded programs. /usr/lib/libgcc_r.a can be removed. [MERGED]

gcc(1) now supports the environment variable GCC_OPTIONS, which can hold a set of default options for GCC. [MERGED]

GNATS has been updated to 3.113. [MERGED]

GNU awk has been updated to 3.1.0. It is available as gawk on the sparc64 architecture, and as awk on other architectures.

gperf has been updated to 2.7.2.

groff and its related utilities have been updated to FSF version 1.17.2. This import brings in a new mdoc(7) macro package (sometimes referred to as mdocNG), which removes many of the limitations of its predecessor. [MERGED]

Heimdal has been updated to 0.3f.

The version of IPFilter provided with FreeBSD now includes the ipfs(8) program, which allows state information created for NAT entries and stateful rules to be saved to disk and restored after a reboot. Boot-time configuration of these features is supported by rc.conf(5). [MERGED]

The ISC DHCP client has been updated to 3.0.1RC8.

Kerberos IV has been updated to 1.0.5. [MERGED]

The more(1) command has been replaced by less(1), although it can still be run as more. [MERGED] Version 371 of less has been imported.

libpcap has been updated to 0.6.2. [MERGED]

libreadline has been updated to 4.2.

libz has been updated to 1.1.4.

lint has been updated to snapshot of NetBSD lint(1) as of 3 March 2002.

lukemftp (the FTP client from NetBSD) has replaced the FreeBSD ftp(1) program. Among its new features are more automation methods, better standards compliance, transfer rate throttling, and a customizable command-line prompt. Some environment variables and command-line arguments have changed.

The FTP daemon from NetBSD, otherwise known as lukemftpd, has been imported and is available as lukemftpd(8).

ncurses has been updated to 5.2-20010512.

The NTP suite of programs has been updated to 4.1.0. [MERGED]

OpenPAM (``Centaury'' release) has been imported, replacing Linux-PAM.

The OPIE one-time-password suite has been updated to 2.4. It has completely replaced the functionality of S/Key.

Perl has been updated to version 5.6.1.

routed(8) has been updated to version 2.22. [MERGED]

sort(1) from NetBSD (as of 22 March 2002) is now the system sorting program, replacing GNU sort.

tcpdump has been updated to 3.6.3. [MERGED]

The csh(1) shell has been replaced by tcsh(1), although it can still be run as csh. tcsh has been updated to version 6.11. [MERGED]

The contributed version of tcp_wrappers now includes the tcpd(8) helper daemon. While not strictly necessary in a standard FreeBSD installation (because inetd(8) already incorporates this functionality), this may be useful for inetd(8) replacements such as xinetd.

texinfo has been updated to 4.1. [MERGED]

top has been updated to version 3.5b12.

traceroute(8) now takes its default maximum TTL value from the net.inet.ip.ttl sysctl variable. [MERGED]

The timezone database has been updated to the tzdata2002c release. [MERGED]

2.3.1.1 CVS

cvs has been updated to 1.11.1p1. [MERGED]

The default value for cvs(1)'s CVS_RSH variable is now ssh, rather than rsh. [MERGED]

cvs(1) now supports a -T option to update a sandbox's CVS/Template file from the repository. [MERGED]

cvs(1) diff now supports the -j option to perform differences against a revision relative to a branch tag. [MERGED]

2.3.1.2 CVSup

CVSup, a frequently used utility in the FreeBSD Ports Collection, was formerly installable using several ports and packages. The net/cvsup-bin and net/cvsupd-bin ports/packages are no longer necessary or available; the net/cvsup port should be used instead. [MERGED]

CVSup has been updated to 16.1_3, which is available in the FreeBSD Ports Collection as net/cvsup. This update fixes a long-standing (but only recently encountered) bug which affects the timestamps on all files after Sun Sep 9 01:46:40 UTC 2001 (1,000,000,000 seconds after the UNIX epoch). [MERGED]

2.3.1.3 KAME

The IPv6 stack is now based on a snapshot based on the KAME Project's IPv6 snapshot as of 28 May, 2001. Most of the items listed in this section are a result of this import. Section 2.1.9.3 lists kernel updates to the KAME IPv6 stack. [MERGED]

faithd(8) now supports a configuration file for access control. [MERGED]

ifconfig(8) can now perform the functions of gifconfig(8). [MERGED]

ifconfig(8) can now perform the functions of prefix(8). prefix(8) is now a shell script for partial backwards compatibility. [MERGED]

ndp(8) now implements garbage collection for stale NDP entries, as described in RFC 2461 (Neighbor Discovery for IP Version 6 (IPv6)). [MERGED]

pim6dd(8) and pim6sd(8) have been removed due to restrictive licensing conditions. These programs are available in the ports collection as net/pim6dd and net/pim6sd. [MERGED]

route6d(8) now supports an -n flag to avoid updating the kernel forwarding table. [MERGED]

The -R (router renumbering) option to rtadvd(8) is currently ignored. [MERGED]

2.3.1.4 OpenSSH

OpenSSH has been updated to 2.9, which provides support for the SSH2 protocol (now the default) and DSA keys. ssh-add(1) and ssh-agent(1) can now handle DSA keys, with support for authentication forwarding. OpenSSH users in the USA no longer need to rely on the restrictively-licensed RSAREF toolkit which is required to handle RSA keys. Among other new features: A client and server for sftp(1) has been added. scp(1) can now handle files larger than 2 GBytes. A limit on the number of outstanding, unauthenticated connections in sshd(8) has been added. Support has been added for the Rijndael encryption algorithm. Rekeying of existing sessions is now supported, and an experimental SOCKS4 proxy has been added to ssh(1). [MERGED]

OpenSSH has been updated to version 3.1. Among the changes:

  • The *2 files are obsolete (for example, ~/.ssh/known_hosts can hold the contents of ~/.ssh/known_hosts2).

  • ssh-keygen(1) can import and export keys using the SECSH Public Key File Format, for key exchange with several commercial SSH implementations.

  • ssh-add(1) now adds all three default keys.

  • ssh-keygen(1) no longer defaults to a specific key type; one must be specified with the -t option.



OpenSSH can now authenticate using OPIE passwords.

PAM support for OpenSSH has been added.

A long-standing bug in OpenSSH, which sometimes resulted in a dropped session when an X11-forwarded client was closed, was fixed.

Kerberos compatibility has been added to OpenSSH. [MERGED]

OpenSSH has been modified to be more resistant to traffic analysis by requiring that ``non-echoed'' characters are still echoed back in a null packet, as well as by padding passwords sent so as not to hint at password lengths. [MERGED]

sshd(8) is now enabled by default on new installs. [MERGED]

sshd(8) X11Forwarding is now turned on by default on the server (any risk is to the client, where it is already disabled by default). [MERGED]

In /etc/ssh/sshd_config, the ConnectionsPerPeriod parameter has been deprecated in favor of MaxStartups. [MERGED]

OpenSSH now has a VersionAddendum configuration setting for sshd(8) to allow changing the part of the OpenSSH version string after the main version number.

2.3.1.5 OpenSSL

OpenSSL has been updated to 0.9.6c.

OpenSSL now has support for machine-dependent ASM optimizations, activated by the new MACHINE_CPU and/or CPUTYPE make.conf variables. [MERGED]

2.3.1.6 sendmail

sendmail has been updated from version 8.9.3 to version 8.12.2. Important changes include: sendmail(8) is no longer installed as a set-user-ID root binary (now set-group-ID smmsp); new default file locations (see /usr/src/contrib/sendmail/cf/README); newaliases(1) is limited to root and trusted users; STARTTLS encryption; and the MSA port (587) is turned on by default. See /usr/src/contrib/sendmail/RELEASE_NOTES for more information. [MERGED]

mail.local(8) is no longer installed as a set-user-ID binary. If you are using a /etc/mail/sendmail.cf from the default sendmail.cf included with FreeBSD any time after 3.1.0, you are fine. If you are using a hand-configured sendmail.cf and mail.local for delivery, check to make sure the F=S flag is set on the Mlocal line. Those with .mc files who need to add the flag can do so by adding the following line to their .mc file and regenerating the sendmail.cf file:

     MODIFY_MAILER_FLAGS(`LOCAL',`+S')dnl

Note that FEATURE(`local_lmtp') already does this. [MERGED]

The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY commands. [MERGED]

vacation(1) has been updated to use the version included with sendmail. [MERGED]

The sendmail configuration building tools are installed in /usr/share/sendmail/cf/. [MERGED]

New make.conf options: SENDMAIL_MC and SENDMAIL_ADDITIONAL_MC. See /usr/share/examples/etc/make.conf for more information. [MERGED]

/etc/mail/Makefile now supports: the new SENDMAIL_MC make.conf option; the ability to build .cf files from .mc files; generalized map rebuilding; rebuilding the aliases file; and the ability to stop, start, and restart sendmail. [MERGED]

The smmsp and mailnull users have been added to /etc/master.passwd. In the absence of a confDEF_USER_ID setting, by default, sendmail will use the mailnull user for extra security. Previously, if the mailnull user did not exist, the daemon user was used. This change may generate some permissions issues when mailing to files or to programs (such as mail/majordomo). [MERGED] The previous behavior can be restored by adding the following line to a system's *.mc configuration file:

     define(`confDEF_USER_ID', `daemon')


2.3.2 Ports/Packages Collection

BSDPAN, a collection of modules that provides tighter integration of Perl into the FreeBSD Ports Collection, has been added.

pkg_create(1) and pkg_add(1) can now work with packages that have been compressed using bzip2(1). pkg_add(1) will use the PACKAGEROOT environment variable to determine a mirror site for new packages. [MERGED]

pkg_create(1) now records dependencies in dependency order rather than in the order specified on the command line. This improves the functioning of pkg_add -r. [MERGED]

pkg_create(1) now supports a -b to create a package file from a locally-installed package. [MERGED]

When requested to delete multiple packages, pkg_delete(1) will now attempt to remove them in dependency order rather than the order specified on the command line. [MERGED]

pkg_delete(1) now can perform glob/regexp matching of package names. In addition, it supports a -a option for removing all packages and a -i option for rm(1)-style interactive confirmation. [MERGED]

pkg_delete(1) now supports a -r option for recursive package removal. [MERGED]

pkg_info(1) now supports globbing against names of installed packages. The -G option disables this behavior, and the -x option causes regular expression matching instead of shell globbing. [MERGED]

pkg_info(1) can now accept a -g flag for verifying an installed package against its recorded checksums (to see if it's been modified post-installation). Naturally, this mechanism is only as secure as the contents of /var/db/pkg if it's to be used for auditing purposes. [MERGED]

pkg_sign(1) and pkg_check(1) have been added to digitally sign and verify the signatures on binary package files. [MERGED]

pkg_update(1), a utility to update installed packages and update their dependencies, has been added. [MERGED]

pkg_version(1) now has a version number comparison routine that corresponds to the Porters Handbook. It also has a -t option for testing address comparisons. [MERGED]

pkg_version(1) now takes a -s flag to limit its operation to ports/packages matching a given string. [MERGED]

Version numbers of installed packages have a new (backward-compatible) syntax, which supports the PORTREVISION and PORTEPOCH variables in Ports Collection Makefiles. These changes help keep track of changes in the ports collection entries such as security patches or FreeBSD-specific updates, which aren't reflected in the original, third-party software distributions. pkg_version(1) can now compare these new-style version numbers. [MERGED]

To improve performance and disk utilization, the ``ports skeletons'' in the FreeBSD Ports Collection have been restructured. Installed ports and packages should not be affected. [MERGED]

All packages and ports now contain an ``origin'' directive, which makes it easier for programs such as pkg_version(1) to determine the directory from which a package was built. [MERGED]

3 Upgrading from previous releases of FreeBSD

If you're upgrading from a previous release of FreeBSD, you generally will have three options:

  • Using the binary upgrade option of sysinstall(8). This option is perhaps the quickest, although it presumes that your installation of FreeBSD uses no special compilation options.

  • Performing a complete reinstall of FreeBSD. Technically, this is not an upgrading method, and in any case is usually less convenient than a binary upgrade, in that it requires you to manually backup and restore the contents of /etc. However, it may be useful in cases where you want (or need) to change the partitioning of your disks.

  • From source code in /usr/src. This route is more flexible, but requires more disk space, time, and more technical expertise. Upgrading from very old versions of FreeBSD may be problematic; in cases like this, it is usually more effective to perform a binary upgrade or a complete reinstall.



Please read the INSTALL.TXT file for more information, preferably before beginning an upgrade. If you are upgrading from source, please be sure to read /usr/src/UPDATING as well.

Finally, if you want to use one of various means to track the -STABLE or -CURRENT branches of FreeBSD, please be sure to consult the ``-CURRENT vs. -STABLE'' section of the FreeBSD Handbook.

Important: Upgrading FreeBSD should, of course, only be attempted after backing up all data and configuration files.

This file, and other release-related documents, can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/development/sparc64/.

For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

All users of FreeBSD 5-CURRENT should subscribe to the <current@FreeBSD.org> mailing list.

For questions about this documentation, e-mail <doc@FreeBSD.org>.