1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
11 <title>&os; &release.current; Release Notes</title>
13 <corpauthor>The &os; Project</corpauthor>
15 <pubdate>$FreeBSD$</pubdate>
28 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
31 <legalnotice id="trademarks" role="trademarks">
42 <para>The release notes for &os; &release.current; contain a summary
43 of the changes made to the &os; base system on the
44 &release.branch; development line.
45 This document lists applicable security advisories that were issued since
46 the last release, as well as significant changes to the &os;
48 Some brief remarks on upgrading are also presented.</para>
53 <title>Introduction</title>
55 <para>This document contains the release notes for &os;
57 describes recently added, changed, or deleted features of &os;.
58 It also provides some notes on upgrading
59 from previous versions of &os;.</para>
61 <![ %release.type.current [
63 <para>The &release.type; distribution to which these release notes
64 apply represents the latest point along the &release.branch; development
65 branch since &release.branch; was created. Information regarding pre-built, binary
66 &release.type; distributions along this branch
67 can be found at <ulink url="&release.url;"></ulink>.</para>
71 <![ %release.type.snapshot [
73 <para>The &release.type; distribution to which these release notes
74 apply represents a point along the &release.branch; development
75 branch between &release.prev; and the future &release.next;.
77 pre-built, binary &release.type; distributions along this branch
78 can be found at <ulink url="&release.url;"></ulink>.</para>
82 <![ %release.type.release [
84 <para>This distribution of &os; &release.current; is a
85 &release.type; distribution. It can be found at <ulink
86 url="&release.url;"></ulink> or any of its mirrors. More
87 information on obtaining this (or other) &release.type;
88 distributions of &os; can be found in the <ulink
89 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
90 &os;</quote> appendix</ulink> to the <ulink
91 url="&url.books.handbook;/">&os; Handbook</ulink>.</para>
95 <para>All users are encouraged to consult the release errata before
96 installing &os;. The errata document is updated with
97 <quote>late-breaking</quote> information discovered late in the
98 release cycle or after the release. Typically, it contains
99 information on known bugs, security advisories, and corrections to
100 documentation. An up-to-date copy of the errata for &os;
101 &release.current; can be found on the &os; Web site.</para>
105 <title>What's New</title>
107 <para>This section describes the most user-visible new or changed
108 features in &os; since &release.prev;.</para>
110 <para>Typical release note items document recent security
111 advisories issued after &release.prev;, new drivers or hardware
112 support, new commands or options, major bug fixes, or
113 contributed software upgrades. They may also list changes to
114 major ports/packages or release engineering practices. Clearly
115 the release notes cannot list every single change made to &os;
116 between releases; this document focuses primarily on security
117 advisories, user-visible changes, and major architectural
120 <sect2 id="security">
121 <title>Security Advisories</title>
123 <para>Problems described in the following security advisories have
124 been fixed. For more information, consult the individual
125 advisories available from
126 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
128 <informaltable frame="none" pgwide="0">
130 <colspec colwidth="1*">
131 <colspec colwidth="1*">
132 <colspec colwidth="3*">
135 <entry>Advisory</entry>
143 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:01.lukemftpd.asc"
144 >SA-09:01.lukemftpd</ulink></entry>
145 <entry>07 January 2009</entry>
146 <entry><para>Cross-site request forgery in
147 &man.lukemftpd.8;</para></entry>
151 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:02.openssl.asc"
152 >SA-09:02.openssl</ulink></entry>
153 <entry>07 January 2009</entry>
154 <entry><para>OpenSSL incorrectly checks for malformed
155 signatures</para></entry>
159 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:03.ntpd.asc"
160 >SA-09:03.ntpd</ulink></entry>
161 <entry>13 January 2009</entry>
162 <entry><para>ntpd cryptographic signature
163 bypass</para></entry>
167 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc"
168 >SA-09:04.bind</ulink></entry>
169 <entry>13 January 2009</entry>
170 <entry><para>BIND DNSSEC incorrect checks for
171 malformed signatures</para></entry>
175 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc"
176 >SA-09:05.telnetd</ulink></entry>
177 <entry>16 February 2009</entry>
178 <entry><para>telnetd code execution
179 vulnerability</para></entry>
183 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc"
184 >SA-09:06.ktimer</ulink></entry>
185 <entry>23 March 2009</entry>
186 <entry><para>Local privilege escalation</para></entry>
190 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc"
191 >SA-09:07.libc</ulink></entry>
192 <entry>04 April 2009</entry>
193 <entry><para>Information leak in &man.db.3;</para></entry>
197 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:08.openssl.asc"
198 >SA-09:08.openssl</ulink></entry>
199 <entry>22 April 2009</entry>
200 <entry><para>Remotely exploitable crash in
201 OpenSSL</para></entry>
209 <title>Kernel Changes</title>
211 <para>The &man.ddb.8; kernel debugger now supports a
212 <command>show mount</command> subcommand.</para>
214 <para>The &os; DTrace subsystem now supports a probe for
215 process execution.</para>
217 <para arch="amd64">The &os; kernel virtual address space has
218 been increased to 6GB. This allows subsystems to use larger
219 virtual memory space than before. For example, &man.zfs.8;
220 adaptive replacement cache (ARC) requires large kernel memory
221 space to cache file system data, so it benefits from the
222 increased address space. Note that the ceiling on the kernel
223 map size is now 60% of the size rather than an absolute
226 <para>The &man.jail.8; subsystem has been updated. Changes include:</para>
230 <para>Multiple addresses of both IPv4 and IPv6 per jail has
231 been supported. It is even possible to have jails without
232 an IP address at all, which basically gives one a chrooted
233 environment with restricted process view and no
238 <para>SCTP (&man.sctp.4;) with IPv6 in jails has been
243 <para>Specific CPU binding by using &man.cpuset.1; has been
244 implemented. Note that the current implementation allows
245 the superuser inside of the jail to change the CPU
246 bindings specified. This behavior will be fixed in the
251 <para>A &man.jail.8; can start with a specific route
256 <para>A <literal>show jails</literal> subcommand in
257 &man.ddb.8; has been added.</para>
261 <para>Compatibility support which permits 32-bit jail
262 binaries to be used on 64-bit systems to manage jails has
267 <para>Note that both version numbers of
268 <literal>jail</literal> and <literal>prison</literal> in
269 the &man.jail.8; have been updated for the new
274 <para>The &man.kld.4; now supports installing 32-bit system
275 calls to the &os; system call translation layer from kernel
278 <para>The &man.ktr.4; now supports a new KTR tracepoint in the
279 <literal>KTR_CALLOUT</literal> class to note when a callout
280 routine finishes executing.</para>
282 <para>Types of variables used to track the amount of allocated
283 System V shared memory have been changed from
284 <literal>int</literal> to <literal>size_t</literal>. This
285 makes it possible to use more than 2 GB of memory for shared
286 memory segments on 64-bit architectures. Please note the new
287 BUGS section in &man.shmctl.2; and
288 <filename>/usr/src/UPDATING</filename> for limitations of this
289 temporary solution.</para>
291 <para>The &man.sysctl.3; leaf nodes have a flag to tag
292 themselves as MPSAFE now.</para>
294 <para>The &os; 32-bit system call translation layer now
295 supports installing 32-bit system calls for
296 <literal>VFS_AIO</literal>.</para>
298 <para arch="amd64,i386">The &os; virtual memory subsystem now
299 supports <application>Superpages</application>. The
300 <application>Superpages</application> is a feature that
301 enables each entry in the TLB (translation lookaside buffer)
302 to map a large physical memory region into a virtual address
303 space in modern CPUs. This provides possible memory savings
304 for applications that share large amounts of memory between
305 the address spaces and performance improvements due to fewer
306 TLB misses. This is disabled by default and can be enabled by
307 setting a loader tunable
308 <varname>vm.pmap.pg_ps_enabled</varname> to
309 <literal>1</literal>.</para>
312 <title>Boot Loader Changes</title>
314 <para>The &man.boot.8; now supports 4-byte volume ID that
315 certain versions of &windows; put into the MBR and invoking
316 PXE by pressing F6 key on some supported BIOSes.</para>
318 <para arch="i386">The &man.boot.8; BTX loader has been
319 improved. This fixes several boot issues on recent machines
320 reported for 7.1-RELEASE and before.</para>
322 <para>The &man.loader.8; is now able to obtain DHCP options
323 from network boot via &man.kenv.2; variables.</para>
325 <para>A bug in the &man.loader.8; has been fixed. Now the
326 following line works as expected:</para>
328 <programlisting>loader_conf_files="<replaceable>foo</replaceable> <replaceable>bar</replaceable> ${<replaceable>variable</replaceable>}"</programlisting>
332 <title>Hardware Support</title>
334 <para arch="sparc64">The &os; now supports Ultra SPARC III
335 (Cheetah) processor family.</para>
337 <para>The &man.acpi.4; subsystem now supports a &man.sysctl.8;
338 variable <varname>debug.batt.batt_sleep_ms</varname>. On
339 some laptops with smart batteries, enabling battery
340 monitoring software causes keystrokes from &man.atkbd.4; to
341 be lost. This sysctl variable adds a delay in millisecond
342 to the status checking code as a workaround.</para>
344 <para>The &man.acpi.asus.4; driver now supports Asus A8Sr
347 <para arch="powerpc">Support for the AltiVec, a floating point
348 and integer SIMD instruction set has been added.</para>
350 <para>The &man.cpuctl.4; driver, which provides a special
351 device <filename>/dev/cpuctl</filename> as an interface to
352 the system CPU has been added. The &man.cpuctl.4;
353 functionality includes the ability to retrieve CPUID
354 information, read/write machine specific registers (MSR),
355 and perform CPU firmware updates.</para>
357 <para>The &man.cpufreq.4; driver now supports an
358 <varname>hw.est.msr_info</varname> loader tunable. When
359 this is set to <literal>1</literal>, it attempts to build a
360 simple list containing just the high and low frequencies if
361 it cannot obtain a frequency list from either ACPI or the
362 static tables. This is disabled by default.</para>
364 <para arch="amd64,i386">CPU frequency change notifiers are now
365 disabled when the TSC is P-state invariant. Also, a new
367 <varname>kern.timecounter.invariant_tsc</varname> has been
368 added to force this behavior by setting it to
371 <para>The &man.atkbd.4; driver now disables the interrupt
372 handler which is called from the keyboard callback function
373 when polled mode is enabled. This fixes the problem of
374 duplicated/missing characters at the mountroot prompt on
375 multi CPU systems while &man.kbdmux.4; is enabled.</para>
377 <para>In the &man.pci.4; subsystem INTx is now disabled when
378 MSI/MSIX is enabled. This change fixes interrupt storm
379 related issues.</para>
381 <para arch="sparc64">The schizo(4) driver for Schizo
382 Fireplane/Safari to PCI 2.1 and Tomatillo JBus to PCI 2.2
383 bridges has been added.</para>
385 <para>The &man.u3g.4; driver for USB based 3G cards and
386 dongles including Vodafone Mobile Connect Card 3G, Qualcomm
387 CDMA MSM, Huawei E220, Novatel U740, Sierra MC875U, and so
388 on has been added. This provides support for the multiple
389 USB-to-serial interfaces exposed by many 3G USB/PC Card
390 modems, and the device is accessed through the &man.ucom.4;
391 driver which makes it behave like a &man.tty.4;.</para>
393 <para>The &man.sched.ule.4; scheduler now supports a loader
394 tunable <varname>machdep.hyperthreading_enabled</varname> as
395 the &man.sched.4bsd.4; does. Note that it cannot be
396 modified at run-time.</para>
399 <title>Multimedia Support</title>
401 <para>The &man.agp.4; driver now supports Intel G4X series
402 graphics chipsets.</para>
404 <para>The DRM, a kernel module named Direct Rendering
405 Manager that gives direct hardware access to DRI clients,
406 has been updated. Support for AMD/ATI r500, r600, r700,
407 and IGP based chips, XGI V3XE/V5/V8, and Intel i915
408 chipsets has been improved.</para>
410 <para>A new loader tunable <varname>hw.drm.msi</varname> has
411 been added to control if DRM uses MSI or not. This is set
412 to <literal>1</literal> (enabled) by default.</para>
414 <para>The snd_au88x0(4) driver for Aureal Vortex
415 1/2/Advantage PCI has been removed because this was
416 broken for a long time.</para>
418 <para>The &man.snd.hda.4; driver has been updated. This
419 changes include support for multiple codec per HDA bus,
420 multiple functional groups per codec, multiple audio
421 devices per functional group, digital (SPDIF/HDMI) audio
422 input/output, suspend/resume, and part of multichannel
425 <para>Note that due to added HDMI audio and logical audio
426 devices support, the updated driver often provides several
427 PCM devices. This means that in some cases the system
428 default audio device no longer corresponds to the users's
429 habitual audio connectors. In such cases the default
430 device can be specified in audio applications' setup or
431 defined globally via <varname>hw.snd.default_unit
432 sysctl</varname>, as described in the &man.sound.4; manual
437 <title>Network Interface Support</title>
439 <para>The &man.ae.4; driver now supports WoL
440 (Wake on LAN).</para>
442 <para arch="amd64,i386">The &man.ale.4; driver is now
443 included in the <filename>GENERIC</filename>
446 <para>The &man.ath.hal.4;, Atheros Hardware Access Layer,
447 has been updated to the open source version.</para>
449 <para>The &man.axe.4; driver has been improved in
450 performance by eliminating extra context switches and now
451 supports Apple USB Ethernet adapter.</para>
453 <para>The &man.bce.4; driver's firmware has been updated to
454 the latest version (4.6.X).</para>
456 <para>The ciphy(4) driver now supports Vitesse VSC8211
459 <para>The &man.cxgb.4; driver has been updated to firmware
460 revision 4.7 and now supports hardware MAC
463 <para>The &man.fxp.4; driver has been improved. Changes include:</para>
467 <para>The checksum offload feature can be controlled by
468 &man.ifconfig.8; now.</para>
472 <para>Rx checksum offload support for 82559 or later
473 controllers has been added.</para>
477 <para>TSO (TCP Segmentation Offload) support for 82550
478 and 82551 controllers has been added.</para>
482 <para>WoL (Wake on LAN) support for 82550, 82551, 82558,
483 and 82559-based controllers has been added. Note that
484 ICH based controllers are treated as 82559, and 82557,
485 earlier revisions of 82558, and 82559ER have no WoL
490 <para>VLAN hardware tag insertion/stripping support and
491 Tx/Rx checksum offload for VLAN frames support have
492 been added. Note that the VLAN hardware assistance is
493 available only on 82550 or 82551-based
498 <para>A bug in the &man.igb.4; driver, which prevents the
499 loader tunable <varname>hw.igb.ave_latency</varname> from
500 working, has been fixed.</para>
502 <para>The &man.ixgbe.4; driver has been updated to
503 version 1.7.4.</para>
505 <para>The &man.jme.4; driver now supports newer JMicron
506 JMC250/JMC260 revisions.</para>
508 <para>The &man.msk.4; driver has been improved. An issue
509 which makes it hang up in a certain condition has been
510 fixed. Hardware MAC statistics support has been added
511 and users can get the information via sysctl variables
513 <varname>dev.msk.<replaceable>N</replaceable>.stats</varname>.</para>
515 <para>The &man.mxge.4; driver now supports some newer
516 revisions and 10GBASE-LRM and 10GBASE-Twinax media
519 <para>The &man.nfe.4; driver now supports hardware MAC
522 <para>The &man.re.4; driver has been improved. It now
523 detects the link status. A new loader tunable
524 <varname>hw.re.prefer_iomap</varname> has been added, to
525 disable memory register mapping. This tunable is
526 <literal>0</literal> for all controllers except RTL8169SC
529 <para>The &man.rl.4; driver has been improved. It now
530 detects the link status and a bug which prevents it from
531 working on systems with more than 4GB memory has been
534 <para>A bug in &man.sis.4; on VLAN tagged frame handling has
537 <para>The &man.txp.4; driver now works on all supported
538 architectures. Support has been added for &man.altq.4;,
539 WoL, checksum offload when VLAN enabled, and link state
540 change handling has been improved, and new sysctl
542 <varname>dev.txp.<replaceable>N</replaceable>.stats</varname>
543 for MAC statistics have been added. New sysctl variables
544 <varname>dev.txp.<replaceable>N</replaceable>.process_limit</varname>
545 has been added, to control how many received frames should
546 be served in Rx handler (set to 64 by default and valid
547 ranges are 16 to 128 in unit of frames). The firmware has
548 been updated to the latest version.</para>
552 <sect3 id="net-proto">
553 <title>Network Protocols</title>
555 <para>IPv4 source address selection for unbound sockets has
556 been implemented as follows:</para>
560 <para>If we found a route, use the address corresponding
561 to the outgoing interface.</para>
565 <para>Otherwise we assume the foreign address is reachable
566 on a directly connected network and try to find a
567 corresponding interface to take the source address
572 <para>As a last resort use the default jail address.</para>
576 <para>This also changes the semantics of selecting the IP for
577 processes within a &man.jail.8; as it now uses the same
578 logic as outside the &man.jail.8;.</para>
580 <para>The TCP MD5 Signature Option (RFC 2385) for IPv6 has
581 been implemented in the same way it has been implemented for
584 <para>The &man.ng.netflow.4; Netgraph node now includes
585 support for generating egress netflow instead or in addition
586 to ingress. An <literal>NGM_NETFLOW_SETCONFIG</literal>
587 control message has been added to control the new
588 functionality.</para>
590 <para>The &man.tap.4; Ethernet tunnel software network
591 interface now supports a new <literal>TAPGIFNAME</literal>
592 character device ioctl. This is a convenient shortcut to
593 obtain the network interface name using a file descriptor to
594 a character device.</para>
596 <para>The &man.tap.4; now supports
597 <literal>SIOCSIFMTU</literal> ioctl to set a higher MTU than
598 1500 (ETHERMTU). This allows &man.tap.4; devices to be
599 added to the same bridge (which requires all interface
600 members to have the same MTU) with an interface configured
601 for jumbo frames.</para>
603 <para>The domains list for handling the list of supported
604 domains in the &man.unix.4; (UNIX domain protocol family)
605 subsystem is now MPSAFE.</para>
609 <title>Disks and Storage</title>
611 <para>The &man.ata.4; driver now supports Marvell PATA M88SX6121.</para>
613 <para>The &man.ata.4; driver now recognizes nForce MCP67 and
614 MCP73 SATA controllers as AHCI.</para>
616 <para>The &man.ataraid.4; driver now includes preliminary support
617 for DDF metadata found on Adaptec HostRAID controllers.
618 Note that spares and rebuilds are not supported yet.</para>
620 <para>The &man.cam.4; SCSI subsystem now supports a new sysctl
621 variable <varname>kern.cam.cd.retry_count</varname>. This
622 controls the number of retries for the CD media. When
623 trying to read scratched or damaged CDs and DVDs, the
624 default mechanism is sub-optimal, and programs like
625 <application>ddrescue</application> do much better if you
626 turn off the retries entirely since their algorithms do it
627 by themselves. This value is set to <literal>4</literal>
628 (for a total of 5 attempts) by default. Setting it to
629 <literal>0</literal> turns off all retry attempts.</para>
631 <para>A bug in the &man.ciss.4; driver which caused low
632 <quote>max device openings</quote> count and led to poor
633 performance has been fixed.</para>
635 <para>The &man.glabel.8; GEOM class now supports a new
636 UFS-based label called <literal>ufsid</literal> that can be
637 used to reference UFS-carrying devices by the unique file
638 system ID. This file system ID is automatically generated
639 and detected when the &man.glabel.8; GEOM class is enabled. An
640 example of this new label is:
641 <filename>/dev/ufsid/48e69c8b5c8e1b43</filename>. The
642 benefit of using GEOM labels in general is to avoid problems
643 of device renaming when shifting drives or
646 <para>The &man.gjournal.8; GEOM class now supports the root
647 file system. Previously, an unclean shutdown would make it
648 impossible to mount the root file system at boot.</para>
650 <para>The &man.gpart.8; utility has been updated. The APM
651 scheme now supports Tivo Series 1 partitions (read only), a
652 new EBR scheme to support Extended Boot Records has been
653 added, the BSD scheme now support bootcode, and bugs in the
654 PC98 and VTOC8 schemes have been fixed.</para>
656 <para>An issue in &man.gvinum.8; with access permissions
657 to underlying disks used by a gvinum plex has been fixed.
658 If the plex is a raid5 plex and is being written to, parity data might
659 have to be read from the underlying disks, requiring them to be opened for
660 reading as well as writing.</para>
662 <para>The &man.hptmv.4; driver has been updated to version
663 1.16 from the vendor.</para>
665 <para>The &man.mmc.4; and &man.mmcsd.4; drivers now support MMC
666 and SDHC cards, high speed timing, wide bus, and multiblock
669 <para arch="sparc64">The &man.mpt.4; driver is now in the
670 <filename>GENERIC</filename> kernel.</para>
672 <para>The &man.sdhci.4; driver has been added. This supports
673 PCI devices with class 8 and subclass 5 according to the SD
674 Host Controller Specification.</para>
676 <para>The &man.sdhci.4; driver now supports kernel dumping and
677 a sysctl variable <varname>hw.sdhci.debug</varname> for debug
680 <para>The &man.twa.4; driver now supports 64-bit DMA.</para>
682 <para>The &man.mmc.4; &man.mmcsd.4;, and &man.sdhci.4; driver
683 are now included as kernel modules.</para>
687 <title>File Systems</title>
689 <para>The semantics of &man.acl.3; extended access control
690 lists has been changed as follows:</para>
694 <para>The inode modification time (mtime) is not updated
695 when extended attributes are added, modified, or removed.</para>
699 <para>The inode access time (atime) is not updated
700 when extended attributes are queried.</para>
704 <para>The &os; NFS file system now supports a sysctl variable
705 <varname>vfs.nfs.prime_access_cache</varname> to determine
706 whether or not <function>nfs_getattr()</function> will use
707 an ACCESS RPC to prime the access cache instead of a simple
708 GETATTR RPC. This is because on many NFS servers an ACCESS
709 RPC is much more expensive to service than a GETATTR RPC for
710 files in an NFSv3 mount. The sysctl variable is enabled by
711 default to maintain the previous behavior.</para>
713 <para>The &os; UDF file system now supports a fifo.</para>
715 <para>The shared vnode locking for pathname lookups in
716 the &man.VFS.9; subsystem has been improved. This is disabled
717 by default. Setting a sysctl variable
718 <varname>vfs.lookup_shared</varname> to <literal>1</literal>
719 enables it for better performance. Note that the
720 <literal>LOOKUP_SHARED</literal> kernel option equivalent to
721 the sysctl variable has been removed.</para>
725 <sect2 id="userland">
726 <title>Userland Changes</title>
728 <para>A bug in the &man.atacontrol.8; utility, which prevents it
729 from working when <filename>/usr</filename> is not mounted or
730 invoked from <filename>/rescue</filename>, has been
733 <para>The &man.btpand.8; daemon from NetBSD has been added.
734 This daemon provides support for Bluetooth Network Access
735 Point (NAP), Group Ad-hoc Network (GN) and Personal Area
736 Network User (PANU) profiles.</para>
738 <para>The &man.ncal.1; utility now supports multibyte
741 <para>The &man.config.8; utility now supports
742 multiple <varname>makeoption</varname> lines.</para>
744 <para>The &man.csup.1; utility now supports CVSMode to fetch a
745 complete CVS repository. Note that the rsync transfer mode is
746 currently disabled.</para>
748 <para>The &man.dirname.1; utility now accepts multiple arguments
749 in the same way that &man.basename.1; does.</para>
751 <para>The &man.du.1; utility now supports an <option>-l</option>
752 flag. When specified, the &man.du.1; utility counts a file
753 with multiple hard links as multiple different files.</para>
755 <para>The &man.du.1; utility now supports an <option>-A</option> flag
756 to display the apparent size instead of the disk usage. This can be
757 helpful when operating on compressed volumes or sparse files.</para>
759 <para>The &man.du.1; utility now supports a <option>-B
760 <replaceable>blocksize</replaceable></option> option to
761 calculate block counts in blocks of
762 <replaceable>blocksize</replaceable> bytes. This is different
763 from the <option>-k</option> or <option>-m</option> options or
764 setting <varname>BLOCKSIZE</varname> and gives an estimate of
765 how much space the examined file hierarchy would require on a
766 file system with the given
767 <replaceable>blocksize</replaceable>. Unless in
768 <option>-A</option> mode, <replaceable>blocksize</replaceable>
769 is rounded up to the next multiple of 512.</para>
771 <para>The &man.dumpfs.8; utility now supports an
772 <option>-f</option> flag, which causes it to list all free
773 fragments in the file system by fragment (block) number. This
774 new mode does the necessary arithmetic to generate absolute
775 fragment numbers rather than the cg-relative numbers printed
776 in the default mode.</para>
778 <para>If <option>-f</option> is passed once, contiguous fragment
779 ranges are collapsed into an X-Y format as free block lists
780 are currently printed in regular dumpfs output. If specified
781 twice, all block numbers are printed individually, allowing
782 both compact and more script-friendly representation.</para>
784 <para>The &man.fetch.1; utility now supports an
785 <option>-i</option> flag which supports the If-Modified-Since
786 HTTP 1.1 request. If specified it will cause the file to be
787 downloaded only if it is more recent than the mtime of the
788 local file. Also, <application>libfetch</application> now
789 accepts the mtime in the url structure and a flag to indicate
790 when this behavior is desired.</para>
792 <para>The &man.fsck.8; utility now supports a
793 <option>-C</option> flag for <literal>check clean</literal>
794 mode. This checks if the file system was dismounted cleanly
795 first and then skip file system checks if true. Otherwise it
796 does full checks.</para>
798 <para>The &man.fsck.8; utility now supports a
799 <option>-D</option> flag for damaged recovery mode, which will
800 enable certain aggressive operations that can make
801 &man.fsck.8; to survive with file systems that has very
802 serious data damage. This is a useful last resort when on
803 disk data damage is very serious and causes &man.fsck.8; to
806 <para>The &man.getaddrinfo.3; function now supports SCTP.</para>
808 <para>A bug was fixed in the &man.ipfw.8; utility which displays
809 extra messages for a NAT rule even when a <option>-q</option>
810 flag is specified.</para>
812 <para>The &man.ln.1; utility now supports a <option>-w</option>
813 flag to check if the source file actually exists. When the
814 flag is specified and the file does not exist, &man.ln.1; will
815 issue a warning message.</para>
817 <para>The &man.make.1; utility now supports a
818 <option>-p</option> flag to print the input graph only,
819 without executing any commands. The output is the same as
820 <option>-d g1</option>. When combined with <option>-f
821 /dev/null</option>, only the built-in rules of make are
824 <para>The &man.make.1; utility now supports a
825 <option>-Q</option> flag to cause file banners not to be
826 generated in addition to the same effect of a
827 <option>-q</option> flag when a <option>-j</option> option is
830 <para>The &man.make.1; utility now supports the
831 <varname>.MAKE.JOB.PREFIX</varname> variable. If
832 <option>-j</option> and <option>-v</option> are specified, its
833 output for each target is prefixed with a token <literal>---
834 <replaceable>target</replaceable> ---</literal> the first part
835 of which can be controlled via the variable.</para>
837 <para>The &man.make.1; utility now supports
838 <varname>.MAKE.PID</varname> and <varname>.MAKE.PPID</varname>
839 variable. These are set to process ID of the &man.make.1;
840 process and its parent process respectively.</para>
842 <para>The &man.makefs.8; utility to create a file system image
843 from a directory tree has been added.</para>
845 <para>The &man.mergemaster.8; utility now supports an
846 <option>-F</option> option to automatically install files that
847 differ only in their version control ID strings.</para>
849 <para>The &man.mount.8; utility now supports an <option>-o
850 mountprog=<replaceable>/somewhere/mount_xxx</replaceable></option>
851 option to force it to use the specified program to mount the
852 file system instead of calling &man.nmount.2; directly. This
853 is useful when you want to use third party programs such as
854 FUSE, for example.</para>
856 <para>The &man.netstat.1; utility now reports &man.unix.4;
857 sockets' listen queue statistics when an <option>-L</option>
858 flag is specified.</para>
860 <para>A bug in the &man.netstat.1; utility has been fixed. It
861 crashed with the following options in the previous
864 <screen>&prompt.user; netstat -m -N foo</screen>
866 <para>A bug in the &man.netstat.1; utility has been fixed. The
867 <option>-ss</option> option now works in the icmp6 section as
870 <para>The &man.pciconf.8; utility now supports a
871 <option>-b</option> flag, which lists any base address
872 registers (BAR) that are assigned resources for each
875 <para>The &man.powerd.8; program has been improved. Changes
876 include reasonable CPU load estimation on SMP systems and a
877 new mode named as <literal>hiadaptive</literal> for AC-powered
878 systems. The <literal>hiadaptive</literal> mode raises the
879 CPU frequency twice as fast as <literal>adaptive</literal>, it
880 drops the CPU frequency 4 times slower, prefers twice lower
881 CPU load and has an additional delay before leaving the
882 highest frequency after the period of maximum load.</para>
884 <para>The &man.stat.1; utility now displays an octal
885 representation of suid, sgid and sticky bits when the
886 <option>-x</option> flag is specified.</para>
888 <para>The &man.strndup.3; function has been added.</para>
890 <para>The &man.wc.1; utility now supports an <option>-L</option>
891 flag to output the number of characters in the longest input
894 <para>A bug in the &man.rpc.yppasswdd.8; program, which causes
895 it to leave a zombie process when a password or default shell
896 is changed, has been fixed.</para>
899 <sect3 id="rc-scripts">
900 <title><filename>/etc/rc.d</filename> Scripts</title>
908 <title>Contributed Software</title>
910 <para><application>ISC BIND</application> has been updated to
911 version 9.4.3-P2.</para>
913 <para>The timezone database has been updated from
914 the <application>tzdata2008h</application> release to
915 the <application>tzdata2009f</application> release.</para>
919 <title>Ports/Packages Collection Infrastructure</title>
921 <para>A bug in the &man.pkg.create.1; utility, which prevents
922 the <option>-n</option> flag from working has been
925 <para>The &os; Ports Collection now supports multiple
926 &man.make.1; jobs in some supported ports. This is
927 automatically enabled when a port is marked as
928 <varname>MAKE_JOBS_SAFE</varname> and improves CPU utilization
929 at the build stage by passing an option
930 <option>-j<replaceable>X</replaceable></option> to the top
931 level <filename>Makefile</filename> from the vendor. The
932 number <replaceable>X</replaceable> is set to the number of
933 CPUs by default, and can be set by users via a &man.make.1;
934 variable <varname>MAKE_JOBS_NUMBER</varname>. For more
935 details, see <filename>ports/Mk/bsd.port.mk</filename>.</para>
939 <title>Release Engineering and Integration</title>
941 <para>The supported version of
942 the <application>GNOME</application> desktop environment
943 (<filename role="package">x11/gnome2</filename>) has been
944 updated from 2.22 to 2.26.</para>
946 <para>The supported version of
947 the <application>KDE</application> desktop environment has
948 been updated from 3.5.10 (<filename
949 role="package">x11/kde3</filename>) to 4.2.2 (<filename
950 role="package">x11/kde4</filename>).</para>
955 <title>Documentation</title>
963 <title>Upgrading from previous releases of &os;</title>
965 <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
966 upgrades between RELEASE versions (and snapshots of the various
967 security branches) are supported using the
968 &man.freebsd-update.8; utility. The binary upgrade procedure
969 will update unmodified userland utilities, as well as unmodified
970 GENERIC or SMP kernels distributed as a part of an official &os;
971 release. The &man.freebsd-update.8; utility requires that the
972 host being upgraded has Internet connectivity.</para>
974 <para>An older form of binary upgrade is supported through the
975 <command>Upgrade</command> option from the main
976 &man.sysinstall.8; menu on CDROM distribution media. This type
977 of binary upgrade may be useful on non-&arch.i386;,
978 non-&arch.amd64; machines or on systems with no Internet
981 <para>Source-based upgrades (those based on recompiling the &os;
982 base system from source code) from previous versions are
983 supported, according to the instructions in
984 <filename>/usr/src/UPDATING</filename>.</para>
987 <para>Upgrading &os; should, of course, only be attempted after
988 backing up <emphasis>all</emphasis> data and configuration