1 Updating Information for FreeBSD current users
3 This file is maintained and copyrighted by M. Warner Losh
4 <imp@village.org>. See end of file for further details. For commonly
5 done items, please see the COMMON ITEMS: section later in the file.
7 NOTE TO PEOPLE WHO THINK THAT 5.0-CURRENT IS SLOW:
8 FreeBSD 5.0-CURRENT has many debugging features turned on, in
9 both the kernel and userland. These features attempt to detect
10 incorrect use of system primitives, and encourage loud failure
11 through extra sanity checking and fail stop semantics. They
12 also substantially impact system performance. If you want to
13 do performance measurement, benchmarking, and optimization,
14 you'll want to turn them off. This includes various WITNESS-
15 related kernel options, INVARIANTS, malloc debugging flags
16 in userland, and various verbose features in the kernel. Many
17 developers choose to disable these features on build machines
18 to maximize performance.
20 In addition, IDE write caching is currently disabled by default
21 due to on-going concerns about disk write order and file system
22 integrity. Re-enabling write caching can substantially improve
26 COPY is being deprecated. The 20010530 change was reverted, as
27 it causes far more pain than was expected, and to always compare
28 before installing, please use INSTALL="install -C" again. The
29 -C option is now silently ignored when used with the -d option.
32 Problems with libc_r clients like KDE and GNOME have been resolved.
33 There are still some minor problems with some signals but the
34 system is stable enough for general use again. SMP is less so than UP
35 but each can successfully complete multiple buildworlds.
36 Libkvm needs to be recompiled due to KSE.
39 Now would be a bad time to upgrade. Something in or near the
40 KSE commit totally broke programs using libc_r like KDE and
44 The k5su utility installed as part of Kerberos 5 is no longer
45 installed with the set-user-ID bit set by default. Add
46 ENABLE_SUID_K5SU=yes to /etc/make.conf to have it installed
47 with the set-user-ID bit set.
50 Gcc 3.1 debugging format (cc -g) has changed from STABS to DWARF2.
51 Unfortunately our native GDB (at version 4.18) does not understand
52 the DWARF2 debugging format. Thus you must use `gcc -gstabs+' to
53 generated debugging information for our native GDB.
56 Due to the way CVS works, it may not properly update src/contrib/gcc
57 to the 3.1 sources. The easiest fix is to `rm -rf' src/contrib/gcc
58 and then do a cvs update.
61 When exec'ing set[ug]id executables, the kernel now ensures that the
62 stdio file descriptors (0..2) are open. See FreeBSD-SA-02:23.stdio.
65 New sendmail startup scripts have been installed to make it
66 easier to use alternative MTAs with FreeBSD. Setting the rc.conf
67 variable sendmail_enable to "NO" no longer prevents any sendmail
68 daemons from starting. Instead, either set sendmail_enable to
69 "NONE" or change mta_start_script to a script for starting
70 an alternative MTA. Setting mta_start_script to "" will
71 also prevent any MTA from being started at boot.
74 UCONSOLE is no longer a valid kernel option.
77 FreeBSD 5.0 DP-1 was basically branched today.
80 Warnings are now errors in the kernel. Unless you are a developer,
81 you should add -DNO_WERROR to your make line.
84 sendmail 8.12.2 has been imported. The sendmail binary is no
85 longer a set-user-ID root binary and the infrastructure to support
86 command line mail submission has changed. Be sure to run
87 mergemaster (especially for updating /etc/rc, /etc/defaults/rc.conf,
88 and /etc/mail) and read /etc/mail/README for more details.
90 Due to the import of sendmail 8.12.2, a new user and group are
91 required in order for sendmail to run as a set-group-ID
92 binary. A 'make installworld' will use the new user and group
93 to set the owner and group of /var/spool/clientmqueue and will
94 fail if the new user and group do not exist. The 'smmsp' user
95 and group must be merged from src/etc/group and
96 src/etc/master.passwd before using 'make installworld'.
97 'mergemaster -p' will do this. You may need to install
98 mergemaster before this will work if you are updating from a
99 very old version of current. The updating recipe has changed
103 The preferred configuration method for PAM is now /etc/pam.d/
104 rather than /etc/pam.conf. If you have an unmodified
105 pam.conf, just delete it after your next mergemaster run. If
106 you have local modifications, you can use
107 /usr/src/etc/pam.d/convert.pl to incorporate them into your
110 Please see the following url for more details:
111 http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<xzp6667fyoa.fsf@flood.ping.uio.no>
113 If anyone here is already using the new rc.conf(5) variable
114 networkfs_types, please note that it has changed
115 http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<9744.1009655556@axl.seasidesoftware.co.za>
118 sys/i4b/driver/i4b_ispppsubr.c has been retired. This file
119 started out its life in the ISDN4BSD project as an offspring
120 from sys/net/if_spppsubr.c, which eventually got a life of its
121 own. All the accumulated features and bugfixes of the i4b
122 version have now been merged back into the base system's
123 version now. The only user-visible change resulting from this
124 is that i4b's sppp(4) interfaces are to be managed with
125 spppcontrol(8) again, since ispppcontrol(8) has been retired
126 as well. (There has never been rc file support for
127 ispppcontrol in -current, but only in -stable. That will be
128 reverted by the time the changes are MFCed.)
131 The fdc(4) driver has been updated and now automatically
132 recognizes media in `standard' formats (like 1440 KB and
133 720 KB for a 3.5" high-density drive) when accessing the
134 default device node (e. g. /dev/fd0). The old variety of
135 floppy device nodes /dev/fd*.* is no longer present by
136 default, devices can be created (in DEVFS) on demand. They
137 will need to be customized then for `odd' densities using
141 The bugs in procfs' debugging support code have been fixed,
142 and truss(1) now works again.
145 Daily security checks have been split out to use the periodic(8)
146 scripts. Some change in configuration may be necessary. Please
148 http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<20011207155805.R8975@blossom.cjclark.org>
152 sos added VCD/SVCD support to ata driver and that needs the
153 kernel and burncd to be in sync.
156 The procfs pseudo-filesystem has now been converted to use the
157 pseudofs framework. If you have 'options PROCFS' in your
158 kernel config, you'll need to add 'options PSEUDOFS' if it's
161 This change temporarily breaks truss(1); use ktrace(1) instead
162 until the issue has been resolved.
165 A security hole in OpenSSH involving `UseLogin yes' has been
169 You need to remove /usr/obj/.../usr.bin/tip before rebuilding
170 after this date. You need to do this only once.
173 Most of the awk issues have been resolved. Some rough
174 edges may be left, but for the most part things should be
175 back to "normal." For CURRENT's usual definition of "normal."
178 Awk has been upgraded to the one true awk from bell labs. Expect
179 choppy waves in the upgrade process.
182 The asr driver problem has been resolved.
185 Due to changes in other parts of the system, the asr driver
186 now causes the system to panic on boot. Do not use it pending
187 correction. Comment it out of any kernel config file that you
188 try to use from this date forward.
191 When crossbuilding, use TARGET=xxx where you used to use
192 MACHINE=xxx. You don't need to set TARGET_ARCH and TARGET,
193 unless you are changing both of them. To cross build pc98 on
194 an alpha, for example, you need to set TARGET=pc98 and
198 The kernel interface that burncd depends on has changed.
199 You must recompile both the kernel and userland applications
203 When crossbuilding, please set TARGET_ARCH rather than
204 MACHINE_ARCH to indicate the target. In the future, one will
205 set TARGET_MACHINE where you set MACHINE now. At the moment,
206 setting MACHINE alone for same MACHINE_ARCH machines works
207 (eg, you can build pc98 on a i386 machine and vice versa).
210 Some weird problems result from using ACPI on some machines.
211 To disable ACPI you can add
212 hint.acpi.0.disable="1"
213 to /boot/loader.conf (or by putting set X=Y at the boot
216 Alternatively, you can remove it from /boot/kernel/acpi.ko
217 or use the MODULES_OVERRIDE function in your kernel config
218 file and not list acpi in that list.
221 The buildworld has been fixed. You may need to install
222 the 4.x compatibility libraries for some old binaries
223 to work. Add COMPAT4X=true to your /etc/make.conf to
224 get them installed on every installworld, or execute the
225 following to get them installed only once:
226 cd src/lib/compat/compat4x.<arch>
228 You will see ``__stdoutp undefined'' until you do this.
231 There's a bug in the world build process. The cross-tools
232 are build with the NEW headers, but the OLD libc.a. This
233 leads to all kinds of problems with the new libc. A temporary
235 CFLAGS="-O -pipe -D_OLD_STDIO"
236 before building world when upgrading from 4.x to current. This
237 can be removed afterwards.
239 A proper fix to the buildworld target is needed.
242 Peter has committed his new kthread nfs client/server code.
243 NFS may be unstable after this date.
246 KSE has hit the tree. Lots of things are now different in
247 the kernel. While a few problems were introduced in the
248 initial commit, most of the major ones have been found and
252 In OLDCARD, CardBus bridges appear to be stable. The work
253 arounds described in the 20010604 entry are now no longer
254 necessary and will be ignored. Most insert/remove problems
255 have been rectified around this date.
258 named now runs as user bind and group bind rather than as
259 root. If named_enable is set to YES in /etc/rc.conf, ensure
260 that user bind is available in /etc/passwd (using vipw(8))
261 and that group bind is available in /etc/group. Also make
262 sure that user or group bind has read (and not write)
263 permission for your name server configuration and that it
264 has read and write permission for your slave zone files and
267 If you wish to continue to run named as root (a less secure
268 alternative), add a line to /etc/rc.conf saying
273 The PAM libraries have had an API upgrade that is beyond
274 the ability of the shared library major number to handle.
275 It is manifested by PAM-using ports dumping core. The
276 solution is to rebuild those ports.
279 The kernel compile module has moved from src/sys/compile/FOO
280 to src/sys/${MACHINE}/compile/FOO.
283 The pccard modem issue from 20010613 has been corrected.
284 OLDCARD support is still a little weak in -current. slot 1 is
285 known not to work on some TI based cardbus bridges. Some
286 cardbus bridges do not properly detect insert/removal events.
287 IRQ configuration needs more safety belts.
290 Softupdates problems have been corrected.
293 Peter ripped out the linkerset support. You must, as always,
294 rerun config after you cvsup if you are using the traditional
295 kernel building methods.
298 pccard modems may not work with current after 20010604 date. Some
299 do, others result in panics. *MAKE*SURE* that you update your
300 config and /etc/rc.conf ala the 20010604 entry, or you will have
301 problems (this issue will be fixed, it just hasn't been yet).
304 SOFTUPDATES seem to be broken since the middle of May or so. Do not
305 use them in current. You can disable softupdates on all mounted
306 partitions, or remove SOFTUPDATES the kernel config file.
309 After Peter's commits to the hints code, people have been noticing
310 that certain devices are attached (or try to) twice. This is due
311 to having both static hints as well as a /boot/device.hints. To
312 work around this issue, please use only one or the other mechanism
313 until this bug is fixed.
315 Please note that a feature of config is that if you have config
316 file FOO and FOO.hints, it automatically adds FOO.hints to the
317 hints.c file, wheather you want it to or not.
320 Locale names have changed to match other systems better.
323 pccard support for pci cards has been committed. You must change
324 your /etc/pccard.conf irq lines. It must match the irq used by
325 pcic device. Interrupt storms may result if you fail to do this.
326 Interrupt storms look a lot like a hang.
328 You must also install a new pccardd, otherwise you will get an
329 interrupt storm at card reset time (just after it tells you what
332 pccardd_flags="-I" is necessary for the time being. It tells pccardd
333 not to ask the kernel if the interrupt is really free or not before
334 using it. You can either change the /etc/pccard.conf irq lines to
335 match pcic, or add "-i X" to the pccardd_flags.
338 INSTALL=install -C is being deprecated. If you want to do this,
339 use COPY=-C instead. The former method will be supported for only
340 a limited time. If you see
342 install: warning: the -d and -C options may not be specified together
344 in your makeworld, then you need to migrate towards using
348 It appears that vm is now stable enough to use again. However,
349 there may be other problems, so caution is still urged. alpha
350 definitely is in bad shape.
353 Minor repo damange has happened. This may cause problems
354 with cvsup of ports. If you get errors, please see
355 http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27495
356 at the bottom for details on a workaround. The error message
358 Updater failed: Cannot delete "/usr/ports/www/jakarta-tomcat/files": Directory not empty
361 Vm and/or swapping are busted on -current. Please be patient.
364 pccard has had much reorganizational work done to it over
365 the past few days. Everything should still work, but if
366 not, please contact imp@freebsd.org.
369 ata ioctl changed. Make sure to recompile both kernel and
370 userland at the same time.
373 New ncurses imported.
376 DEVFS is now opt out, not opt in. Barring major problems, this
377 will be the only way to go starting July 1.
380 OpenSSH has been updated to 2.9. Some defaults are different,
381 including RhostsRSAAuthentication, which changes from yes to no.
384 Perl breakage in 20010501 was corrected at 14:18:33 PDT.
387 Building perl was broken at 02:25:25 PDT.
390 The bug in 20010429 was corrected at 07:35:37 PDT. It is safe to
391 go back in the water.
394 A bad bug was committed at 04:48:42 PDT. Don't use kernels after
395 this date, but before the correction date.
398 old fsck and new kernel interactions appear to have been fixed.
401 fsck and the kernel were changed to handle some optimizations
402 to directory layout. This breaks backward compatibility.
403 Update only if you understand that you must not use the old
404 fsck with the new kernel ever.
407 fsck has changed the meaning of the pass column in /etc/fstab.
408 Please see the cvs commit to fsck.8 or the fsck.8 man page for
409 details. It is unclear if changes to /etc/fstab are necessary.
412 portmap had changed name to rpcbind for maximum POLA in your
413 current world. /etc/hosts.{allow,deny} needs changes. nfs and
414 other rpc based programs that rely on portmapper will not work
415 without updates to /etc/hosts.{allow,deny} and /etc/netconfig.
418 ata subsystem changes. ATA_ENABLE_ATAPI_DMA, ATA_ENABLE_WC
419 and ATA_ENABEL_TAGS are no longer kernel options. They have
420 been replaced by tunables. See ata.4 for details.
423 The fxp driver was converted to use miibus. If you compile
424 fxp into your kernel statically, you will need to add miibus.
427 The wi device now defaults to BSS (infrastructure) mode
431 /dev/urandom should be a symbolic link to /dev/random now.
432 Users of current not using DEVFS need to run MAKEDEV std.
433 ssh might not work if you don't.
436 The ed driver has been updated. It now allows mii attachments,
437 which means that you must include the miibus in your kernel if
438 you use the ed driver.
441 The problems with libc have been corrected. It is now mostly
442 safe to go back into the water.
445 The size of FILE was changed. This breaks upgrading. If
446 you must upgrade, be prepared for pain. It also breaks almost
447 all binaries that you've compiled on -current. You are warned
448 that before upgrading would be a good time to do a level 0
449 dump of your system. No, really, I mean it this time.
451 To get to the new system, you'll need to use the following
452 workaround. Hopefully this can be sorted out so that we
453 don't have to move this to the updating section.
455 To get around the installworld problem, do:
456 # cd /usr/src/usr.bin/sed
460 If that doesn't work, then try:
461 # make -k installworld
465 DEVFS is now the default. If you use vinum, make sure that you
466 do not include devfs in your kernel as problems result.
469 FFS_ROOT and CD9660_ROOT have been removed or deprecated.
470 Remove them from your config.
473 ****************************** WARNING ******************************
474 buildkernel has been changed slightly
475 ****************************** WARNING ******************************
476 KERNCONF replaces the variable KERNEL for buildkernel. You
477 should update your scripts and make.conf accordingly.
480 config has changed to allow DEV_FOO as a replacement for NFOO.
481 This requires a new config to build correctly.
484 The kerrnel option I386_CPU is now mutually exclusive with the
485 other cpu types. If you have an i386 system, be sure that it
486 only had this line. Remove it for all other configurations.
489 Changes to the kernel require it and burncd be in sync.
492 Everyone who has hw.sndunit set to something in
493 /etc/sysctl.conf, it is now hw.snd.unit.
496 ex and vi were broken by some changes to sys/queue.h. If you
497 have a bad vi, you will see make buildworld fail with a core
498 dump while building termcap. You can work around this problem
499 by adding -k to your make buildworld. This will cause the
500 build to complete and install a new vi. Once that's done, you
501 can rebuild again without the -k to pick up anything that
502 might have been ignored by the -k option.
504 Others have suggested that you can just rebuild libc if your
505 vi/ex is dynamically linked, but I've not received any reports
509 There have been some changes to libcrypt in -current. The
510 libscrypt/libdescrypt symlink sillyness is gone and the installed
511 libcrypt is fully functional. Be aware of this.
514 Linksys Fast Ethernet PCCARD cards supported by the ed driver
515 now require the addition of flag 0x80000 to their config line
516 in pccard.conf(5). This flag is not optional. These Linksys
517 cards will not be recognized without it.
520 Important new FreeBSD-version stuff: PAM support has been worked
521 in, partially from the "Unix" OpenSSH version. This requires
522 adding the following in pam.conf:
524 sshd auth sufficient pam_skey.so
525 sshd auth required pam_unix.so try_first_pass
526 sshd session required pam_permit.so
532 The random device needs more entropy, so you need to make sure
533 that you've run mergemaster to get a /etc/rc which will seed
534 /dev/random. If you don't and the system hangs after ldconfig,
535 then banging on the keyboard randomly until it unhangs is one
539 ****************************** WARNING ******************************
540 Sendmail has been updated.
541 ****************************** WARNING ******************************
542 o mail.local(8) is no longer installed as a set-user-id binary.
543 o sendmail(8) is now built with STARTTLS support unless NO_OPENSSL
545 o The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY
547 o Now using sendmail's version of vacation(1).
548 o The sendmail cf building tools (contrib/sendmail/cf) are installed
549 in /usr/share/sendmail/cf.
550 o sendmail.cw changed to local-host-names
552 More details can be found at
553 http://people.freebsd.org/~imp/UPDATING/sendmail-20001010
556 The ports tree's new layout is in place. Be sure to update
557 your entire ports tree, or you will have problems.
560 The perl build procedure no longer installs miniperl, nor uses
561 the installed miniperl. It is recommended that you delete
565 This weekend the ports tree will be updated to a new layout.
566 It will be in an inconsistent state until noted in the UPDATING
567 file, or with asami-san's message to the relevant mailing
568 lists. With this new layout, you'll need to update the whole
569 tree for anything to work.
572 There was a change in the passwd format. Need more information.
575 /boot/kernel/kernel.ko -> /boot/kernel/kernel change has taken
576 place. Please update boot loader (not the boot blocks) at the
577 same time as your kernel.
580 The new pmtimer device is necessary for laptops. Failure to
581 include the device will cause suspended laptops losing time
582 when they resume. Include
584 in your config file and
585 hint.pmtimer.0.at="isa"
586 to your /boot/device.hints file.
589 The random device has been turned into a (pseudo-)device,
590 rather than an option. The supplied kernel config files have
591 been updated. You will need to do something similar in your
592 own kernel config file.
597 If you prefer to load the loadable module, you need to do
601 The random device module has been renamed from randomdev.ko to
602 random.ko. You will need to edit your /boot/loader.conf to
603 reflect this if you load this module at boot time.
604 The line should read:
608 The SMPNG commit has happened. It should work, but if it
609 doesn't, fallback to the PRE_SMPNG CVS tag. There are likely
610 to be a variety of minor issues. Please see 20000905 to make
611 sure you don't have model loading problems which might at
612 first blush appear related to SMP.
615 nsswitch has been imported from NetBSD. Among other things,
616 this means that /etc/host.conf is no longer used. See
617 nsswitch.conf(5) instead. Note that at boot time rc.network
618 will attempt to produce a new nsswitch.conf file for you if you
619 don't have one, and you have host.conf.
622 The ucred structure changed size. This breaks the interface
623 that mountd uses. Trying to use an older mountd with a newer
624 kernel guarantees a panic. This means that you need to use
625 kernels newer than today only with matching mountd, but you
626 needed to do that anyway with the boot loader changes.
629 The boot loader has been updated. The new default kernel is
630 now /boot/kernel/kernel.ko. The new default module location
633 You *MUST* upgrade your boot loader and kernel at the same time.
634 The easiest way to do this is to do the buildworld/buildkernel/
635 installkernel/installworld dance.
637 Furthermore, you are urged to delete your old /modules directory
638 before booting the new kernel, since kldload will find stale
639 modules in that directory instead of finding them in the correct
640 path, /boot/kernel. The most common complaint that this cures
641 is that the linux module crashes your machine after the update.
643 if [ ! -d /boot/kernel.old ]; then
644 mv /modules.old /boot/kernel.old
645 chflags noschg /kernel.old
646 mv /kernel.old /boot/kernel.old/kernel.ko
647 chflags schg /boot/kernel.old/kernel.ko
651 A new issue with the sendmail upgrade has come to light.
652 /etc/aliases has moved to /etc/mail/aliases. Mergemaster will
653 incorrectly install the default aliases in /etc/mail rather than
654 move the old one from /etc. So you'll need to manually move the
655 file, create a symbolic link, remove the old /etc/aliases.db and
656 run newaliases. For safety sake, you should stop sendmail
657 while doing this and run the upgrade when locally sourced email
658 is not likely to be generated.
661 /boot/device.hints is now required for installkernel to
662 succeed. You should copy GENERIC.hints for your architecture
663 into /boot/device.hints. If and only if you compile hints
664 into your kernel, then this file may be empty. Please note,
665 if you have an empty or missing /boot/device.hints file and
666 you neglected to compile hints into your kernel, no boot
667 messages will appear after the boot loader tries to start the
671 If you do NOT have ``options RANDOMDEV'' in your kernel and
672 you DO want the random device then add randomdev_load="YES" to
676 suidperl is now always built and installed on the system, but
677 with permissions of 511. If you have applications that use
678 this program, you are now required to add ENABLE_SUIDPERL=true
679 to /etc/make.conf. If you forget to do this,
680 chmod 4511 /usr/bin/suidperl
681 will fix this until the next build.
684 sendmail has been updated from 8.9.3 to 8.11.0. Some of the more
685 visible changes that may immediately affect your configuration
687 - New default file locations from src/contrib/sendmail/cf/README
688 - newaliases limited to root and trusted users
689 - MSA port (587) turned on by default
690 - New queue file naming system so can't go from 8.11 -> 8.9
691 - FEATURE(`rbl') renamed to FEATURE(`dnsbl')
692 - FEATURE(`nullclient') is more full featured
693 - FEATURE(`nouucp') requires an argument: `reject' or `nospecial'
694 - mail.local FreeBSD-only -b option changed to -B
695 - See src/contrib/sendmail/RELEASE_NOTES for more info
698 suidperl (aka sperl) is no longer build by default. You must
699 specifically define BUILD_SUIDPERL to "true" for it to be build.
700 Furthermore, we recommend that you remove /usr/bin/sperl* and
701 /usr/bin/suidperl files from your system unless you have a
705 Networking defaults have been tightened. Anybody upgrading
706 /etc/defaults/rc.conf needs to add the following lines to
707 /etc/rc.conf if they want to have the same setup
708 afterwards (unless the variables already are set, of course):
709 # Enable network daemons for user convenience.
712 sendmail_enable="YES"
715 If you have null_load="YES" in your /boot/loader.conf, you
716 will need to change that to nullfs_load="YES".
719 The "installkernel" target has changed slightly. Now even if
720 you override KERNEL e.g. 'make installkernel KERNEL=MYKERNEL'
721 it will install the MYKERNEL file (built with the buildkernel
722 target) as /kernel rather than /MYKERNEL. Those who have
723 updated their /boot/loader.conf files to point to /MYKERNEL
724 should remove that entry or perform manual rename of /kernel
728 If you use CVSUP or CTM to get CVS trees, AND you used to get
729 the old crypto files from internat.freebsd.org AND you check
730 out files from the CVS tree with the cvs command, please read
731 http://people.freebsd.org/~imp/internat.txt
732 for details on potential problems that you might have and how
735 If you are merely a mirror, or don't answer yes to each of the
736 clauses above, you needn't worry.
739 /etc/security has been updated to print the inode number of
740 setuid programs that have changed. You will see a large spike
741 in the number of changed programs the first time when you run
742 mergemaster to get a new /etc/security.
745 /dev/random now has good entropy collection (from the keyboard
746 and sysmouse drivers). Please ensure that either `options
747 RANDOMDEV' is present in your kernel config file or that
748 `randomdev_load="YES"' is in your /boot/loader.conf. If you do
749 not have the /dev/random driver, OpenSSL (and consequently
750 lots of crypto tools (like SSH)) will fail with strange
751 errors. (see below, 20000624).
753 FreeBSD-current is safe again to run Crypto.
756 phk made the malloc default options AJ. This may slow things
757 down and uncover other latent bugs in the code. If you need to
758 run at full speed, you can disable this by doing the following:
759 ln -s aj /etc/malloc.conf
762 libftpio's version was accidentally bumped a few days ago. This
763 has been corrected. You may need to remove /usr/lib/libftpio.so.6
764 before doing your next buildworld/installworld pair. It certainly
765 won't hurt to remove it before the update procedure. It will
766 break fetch until a new one is built, but ftp can be used in the
770 The crypto packages have changed for the cvsup. This has been done
771 in a backward compatible way, but the old packages will go away at
772 some point in the future. Look at /usr/share/examples/cvsup for
776 With the new sys/modules/sound/drivers/*, you will need to
777 set SYSDIR until you do an installworld after July 7th.
780 rc.shutdown and rc will now call the rc.d scripts with start
781 or stop. This may cause some harmless warnings from older
782 rc.d scripts that haven't been updated.
785 The libfetch based version of fetch has gone into the tree.
786 Minor problems may result on some of the less popular sites,
787 which should be reported to des@freebsd.org.
790 From approximately this date forward, one must have the crypto
791 system installed in order to build the system and kernel.
792 While not technically strictly true, one should treat it as
793 required and grab the crypto bits. If you are grabbing CVS
794 trees, src-all and cvs-crypto should be treated as if they
795 were required. You should check with the latest collections
796 to make sure that these haven't changed.
799 Mark Murray just committed the first parts of a cleanup of
800 /dev/zero, et al. This is also cleaning up /dev/random.
801 The entropy is disconnected, so DO NOT USE VERSIONS OF FREEBSD
802 -CURRENT FROM THIS POINT to 2000710 for cryptographic services
803 until Mark can merge in the fixes to this work in progress.
804 openssh and openssl should not be used to generate keys from this
805 date to the completion of the work.
807 If you must operate at this reduced level of security, add '
808 options RANDOMDEV' to your kernel or modload the randomdev
809 module. You may also need to copy a new MAKEDEV to /dev and
810 recreate the random and urandom devices.
813 The license on the softupdates is now a standard 2 clause
814 BSD license. You may need to remove your symbolic links
815 that used to be required when updating.
818 Scott Flatman <sf@aracnet.com> sent in a decent write-up on
819 the config file update procedure.
820 http://people.freebsd.org/~imp/config-upd.html
821 NOTE: LINT is gone. It has been replaced with NOTES. NOTES
822 isn't buildable. However, you can generate a LINT file.
825 Binutils 2.10 have hit the tree, or will shortly. As soon
826 as they do, the problem noted in 20000522 will be resolved and
827 that workaround will no longer be required.
830 phk removed the compatibility creation of wd devices in the
831 ad driver. If you haven't done so already, you must update
832 your fstab, etc to use the ad devices instead of the wd
835 In addition, you'll need to update your boot blocks to a
836 more modern version, if you haven't already done so. Modern
837 here means 4.0 release or newer (although older releases
841 Peter took an axe to config(8). Be sure that you read his mail
842 on the topic before even thinking about updating. You will
843 need to create a /boot/device.hints or add a hints directive
844 to your config file to compile them in statically. The format
845 of the config file has changed as well. Please see GENERIC or
846 NEWCARD for examples of the new format.
848 Indirectly, this also breaks USERCONFIG. Unless a newer entry
849 says that it has been fixed, assume that must use the hints mechanism
850 in the loader if you need to use a machine with very old ISA cards
854 A new set of binutils went into the tree today. Anybody
855 building a kernel after this point is advised that they need
856 to rebuild their binutils (or better yet do a
857 buildworld/installworld) before building a new kernel.
859 Due to bugs in binutils, using malloc options (eg /etc/malloc.conf
860 or MALLOC_OPTIONS env var) J will cause ld to dump core. It
861 is recommended that you don't set this option until the problem
865 The ethernet drivers were all updated to clean up the BPF handling.
868 The problems with boot blocks on the alphas have been corrected.
869 This will require some care in updating alphas. A new libstand
870 is requires for the boot blocks to build properly.
873 Recompile all kld modules. Proper version dependency info
877 Modules have been disconnected from the buildworld tree and
878 connected to the kernel building instead.
881 You may need to build gperf
882 cd /usr/src/gnu/usr.bin/gperf && make depend all install
883 when upgrading from 4.0 -> current. The build system now uses
884 an option only in -current.
887 The method that we brand ELF binaries has changed to be more
888 acceptable to the binutils maintainers. You will need to
889 rebrand your ELF binaries that aren't native. One problem
890 binary is the Linux ldconfig. After your make world, but
891 before you reboot, you'll need to issue:
892 brandelf -t Linux /compat/linux/sbin/ldconfig
893 if you have Linux compatibility enabled on your machine.
896 If you have really bad/marginal IDE drives, you may find they
897 don't work well. Use pio mode instead. The easiest way to
898 cope if you have a problem combination is to add:
899 /sbin/sysctl hw.ata.ata_dma=0
900 to the start of /etc/rc.conf.
903 The ISA and PCI compatibility shims have been connected to the
904 options COMPAT_OLDISA and COMPAT_OLDPCI. If you are using old
905 style PCI or ISA drivers (i.e. tx, voxware, etc.) you must
906 include the appropriate option in your kernel config. Drivers
907 using the shims should be updated or they won't ship with
908 5.0-RELEASE, targeted for 2001.
911 We've entered the traditional post release dumping party.
912 Large kernel changes are being committed and are in the
913 works. It is important to keep the systems' klds and kernel
914 in sync as kernel interfaces and structures are changing.
915 Before reporting kernel panics, make sure that all modules
916 that you are loading are up to date.
919 If you are upgrading from an older version of FreeBSD, you
920 need to update your boot blocks as well. 'disklabel -B ad0'
921 will do the trick. This isn't critical until you remove your
922 wd device entries in /dev, at which point your system will not
926 4.0 RELEASE shipped. Please see the 4.0 UPDATING file for how
927 to upgrade to 4.0 from 3.x.
933 Avoid using make -j when upgrading. From time to time in the
934 past there have been problems using -j with buildworld and/or
935 installworld. This is especially true when upgrading between
936 "distant" versions (eg one that cross a major release boundary
937 or several minor releases, or when several months have passed
938 on the -current branch).
940 Sometimes, obscure build problems are the result of environment
941 poisoning. This can happen because the make utility reads its
942 environment when searching for values for global variables.
943 To run your build attempts in an "environmental clean room",
944 prefix all make commands with 'env -i '. See the env(1) manual
945 page for more details.
949 If you are updating from a prior version of FreeBSD (even one just
950 a few days old), you should follow this procedure. With a
951 /usr/obj tree with a fresh buildworld,
952 make buildkernel KERNCONF=YOUR_KERNEL_HERE
953 make installkernel KERNCONF=YOUR_KERNEL_HERE
955 To just build a kernel when you know that it won't mess you up
956 --------------------------------------------------------------
957 cd src/sys/{i386,alpha}/conf
958 config KERNEL_NAME_HERE
959 cd ../../compile/KERNEL_NAME_HERE
964 If this fails, go to the "To build a kernel" section.
966 To rebuild everything and install it on the current system.
967 -----------------------------------------------------------
969 Build a new kernel, see above.
971 To upgrade from 4.x-stable to current
972 -------------------------------------
974 make buildkernel KERNCONF=YOUR_KERNEL_HERE
975 cp src/sys/${MACHINE_ARCH}/conf/GENERIC.hints /boot/device.hints [2]
976 make installkernel KERNCONF=YOUR_KERNEL_HERE
977 reboot in single user [3]
984 Make sure that you've read the UPDATING file to understand the
985 tweaks to various things you need. At this point in the life
986 cycle of current, things change often and you are on your own
987 to cope. The defaults can also change, so please read ALL of
988 the UPDATING entries.
990 Also, if you are tracking -current, you must be subscribed to
991 freebsd-current@freebsd.org. Make sure that before you update
992 your sources that you have read and understood all the recent
993 messages there. If in doubt, please track -stable which has
996 [1] If you have third party modules, such as vmware, you
997 should disable them at this point so they don't crash your
1000 [2] If you have legacy ISA devices, you may need to create
1001 your own device.hints to reflect your unique hardware
1004 [3] From the bootblocks, boot -s, and then do
1009 adjkerntz -i # if CMOS is wall time
1010 Also, when doing a major release upgrade, it is required that
1011 you boot into single user mode to do the installworld.
1013 [4] Note: This step is non-optional. Failure to do this step
1014 can result in a significant reduction in the functionality of the
1015 system. Attempting to do it by hand is not recommended and those
1016 that pursue this avenue should read this file carefully, as well
1017 as the archives of freebsd-current and freebsd-hackers mailing lists
1018 for potential gotchas.
1020 [5] Usually this step is a noop. However, from time to time
1021 you may need to do this if you get unknown user in the following
1022 step. It never hurts to do it all the time. You may need to
1023 install a new mergemaster (cd src/usr.sbin/mergemaster && make
1024 install) after the buildworld before this step if you last updated
1025 from current before 20020224 or from -stable before 20020408.
1029 This file contains a list, in reverse chronological order, of major
1030 breakages in tracking -current. Not all things will be listed here,
1031 and it only starts on March 15, 2000. Updating files can found in
1032 previous releases if your system is older than this.
1034 Copyright information:
1036 Copyright 1998, 2002 M. Warner Losh. All Rights Reserved.
1038 Redistribution, publication, translation and use, with or without
1039 modification, in full or in part, in any form or format of this
1040 document are permitted without further permission from the author.
1042 THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
1043 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
1044 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
1045 DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
1046 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1047 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
1048 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1049 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
1050 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
1051 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
1052 POSSIBILITY OF SUCH DAMAGE.
1054 If you find this document useful, and you want to, you may buy the
1057 Contact Warner Losh if you have any questions about your use of