1 Updating Information for FreeBSD current users.
3 This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>.
4 See end of file for further details. For commonly done items, please see the
5 COMMON ITEMS: section later in the file. These instructions assume that you
6 basically know what you are doing. If not, then please consult the FreeBSD
9 https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
11 Items affecting the ports and packages system can be found in
12 /usr/ports/UPDATING. Please read that file before running portupgrade.
14 NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping
15 from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to
16 the tip of head, and then rebuild without this option. The bootstrap process
17 from older version of current across the gcc/clang cutover is a bit fragile.
19 20200708 p11 FreeBSD-EN-20:14.linuxkpi
21 FreeBSD-SA-20:19.unbound
24 Fix kernel panic in LinuxKPI subsystem. [EN-20:14.linuxpki]
26 Fix kernel panic in mps(4) driver. [EN-20:15.mps]
28 Fix multiple vulnerabilities in unbound. [SA-20:19.unbound]
30 Fix IPv6 socket option race condition and use after free. [SA-20:20.ipv6]
32 20200609 p10 FreeBSD-SA-20:17.usb
34 Fix USB HID descriptor parsing error. [SA-20:17.usb]
36 20200512 p9 FreeBSD-EN-20:08.tzdata
37 FreeBSD-EN-20:10.build
38 FreeBSD-SA-20:12.libalias
39 FreeBSD-SA-20:13.libalias
41 FreeBSD-SA-20:15.cryptodev
43 Import tzdata 2020a. [EN-20:08.tzdata]
45 Fix incorrect build host Clang version detection [EN-20:10.build]
47 Fix insufficient packet length validation in libalias [SA-20:12.libalias]
49 Fix memory disclosure vulnerability in libalias [SA-20:13.libalias]
51 Fix improper checking in SCTP-AUTH shared key update [SA-20:14.sctp]
53 Fix use after free in cryptodev module [SA-20:15.cryptodev]
55 20200421 p8 FreeBSD-EN-20:07.quotad
58 Fix regression in rpc.rquotad with certain NFS servers [EN-20:07.quotad]
60 Fix ipfw invalid mbuf handling [SA-20:10.ipfw]
62 20200319 p7 FreeBSD-EN-20:04.pfctl
65 FreeBSD-SA-20:05.if_oce_ioctl
66 FreeBSD-SA-20:07.epair
70 Fix missing pfctl(8) tunable [EN-20:04.pfctl]
72 Fix incorrect checksum calculations with IPv6 extension headers [EN-20:06.ipv6]
74 Fix TCP IPv6 SYN cache kernel information disclosure [SA-20:04.tcp]
76 Fix insufficient oce(4) ioctl(2) privilege checking [SA-20:05.if_oce_ioctl]
78 Fix incorrect user-controlled pointer use in epair [SA-20:07.epair]
80 Fix kernel memory disclosure with nested jails [SA-20:08.jail]
82 Fix multiple denial of service in ntpd [SA-20:09.ntp]
84 20200128 p6 FreeBSD-EN-20:01.ssp
85 FreeBSD-EN-20:02.nmount
86 FreeBSD-SA-20:01.libfetch
87 FreeBSD-SA-20:03.thrmisc
89 Fix imprecise ordering of SSP canary initialization [EN-20:01.ssp]
91 Fix nmount invalid pointer dereference [EN-20:02.nmount]
93 Fix libfetch buffer overflow [SA-20:01.libfetch]
95 Fix kernel stack data disclosure [SA-20:03.thrmisc]
97 20191112 p5 FreeBSD-SA-19:25.mcepsc
99 Fix Machine Check Exception on Page Size Change [SA-19:25.mcepsc]
101 20191023 p4 FreeBSD-EN-19:18.tzdata
103 Import tzdata 2019c. [EN-19:18.tzdata]
105 20190820 p3 FreeBSD-EN-19:16.bhyve
106 FreeBSD-EN-19:17.ipfw
107 FreeBSD-SA-19:22.mbuf
108 FreeBSD-SA-19:23.midi
109 FreeBSD-SA-19:24.mqueuefs
111 Bhyve instruction emulation improvements (opcode 03H and F7H).
114 Fix ipfw(8) jail keyword prior to jail startup. [EN-19:17.ipfw]
116 Fix IPv6 remote denial of service. [SA-19:22.mbuf]
118 Fix kernel memory disclosure from /dev/midistat. [SA-19:23.midi]
120 Fix reference count overflow in mqueuefs. [SA-19:24.mqueuefs]
122 20190806 p2 FreeBSD-SA-19:18.bzip2
123 FreeBSD-SA-19:19.mldv2
124 FreeBSD-SA-19:20.bsnmp
125 FreeBSD-SA-19:21.bhyve
127 Fix multiple vulnerabilities in bzip2. [SA-19:18.bzip2]
129 Fix ICMPv6 / MLDv2 out-of-bounds memory access. [SA-19:19.mldv2]
131 Fix insufficient message length validation in bsnmp library.
134 Fix insufficient validation of guest-supplied data (e1000 device).
137 20190724 p1 FreeBSD-EN-19:13.mds
138 FreeBSD-SA-19:12.telnet
140 FreeBSD-SA-19:14.freebsd32
141 FreeBSD-SA-19:15.mqueuefs
142 FreeBSD-SA-19:16.bhyve
145 Fix panic from Intel CPU vulnerability mitigation. [EN-19:13.mds]
147 Fix multiple telnet client vulnerabilities. [SA-19:12.telnet]
149 Fix pts write-after-free. [SA-19:13.pts]
151 Fix kernel memory disclosure in freebsd32_ioctl. [SA-19:14.freebsd32]
153 Fix reference count overflow in mqueuefs. [SA-19:15.mqueuefs]
155 Fix byhve out-of-bounds read in XHCI device. [SA-19:16.bhyve]
157 Fix file descriptor reference count leak. [SA-19:17.fd]
162 20190702 FreeBSD-EN-19:12.tzdata
163 FreeBSD-SA-19:09.iconv
164 FreeBSD-SA-19:11.cd_ioctl
166 Import tzdata 2019b. [EN-19:12.tzdata]
168 Fix iconv buffer overflow. [SA-19:09.iconv]
170 Fix privilege escalation in cd(4) driver. [SA-19:11.cd_ioctl]
173 CARP now sets DSCP value CS7(Network Traffic) in the flowlabel field
174 of packets by default instead of only setting TOS_LOWDELAY in IPv4,
175 which was deprecated in 1998. Original behavior can be restored by
176 setting sysctl net.inet.carp.dscp=4.
179 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
180 8.0.0. Please see the 20141231 entry below for information about
181 prerequisites and upgrading, if you are not already using clang 3.5.0
185 geom_uzip(4) depends on the new module xz. If geom_uzip is statically
186 compiled into your custom kernel, add 'device xz' statement to the
190 Co-existance for Forth and Lua interpreters in bootloaders has now been
191 merged to ease testing of lualoader. LOADER_DEFAULT_INTERP, documented
192 in build(7), may be used to control which interpreter flavor is used in
193 the default loader to be installed. For systems where Lua and Forth
194 coexist, this switch can also be made on a running system by creating a
195 link from /boot/loader{,.efi} to /boot/loader_${flavor}{,.efi} rather
196 than requiring a rebuild.
198 The default flavor in this branch will remain Forth. As indicated in
199 the 20190216 UPDATING entry, booting is a complex environment; it would
200 be prudent to assume that lualoader may not work for your setup and make
201 provisions for backup boot methods.
204 zfsloader's functionality has now been folded into loader.
205 zfsloader is no longer necesasary once you've updated your
206 boot blocks. For a transition period, we will install a
207 hardlink for zfsloader to loader to allow a smooth transition
208 until the boot blocks can be updated (hard link because old
209 zfs boot blocks don't understand symlinks).
212 Lualoader has been merged to facilitate testing on this branch. It's
213 purely opt-in for now by building WITH_LOADER_LUA and WITHOUT_FORTH in
214 /etc/src.conf, but co-existance will come shortly. Booting is a complex
215 environment and test coverage for Lua-enabled loaders has been thin, so
216 it would be prudent to assume it might not work and make provisions for
220 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
221 7.0.1. Please see the 20141231 entry below for information about
222 prerequisites and upgrading, if you are not already using clang 3.5.0
226 r342562 modifies the NFSv4 server so that it obeys vfs.nfsd.nfs_privport
227 in the same as it is applied to NFSv2 and 3. This implies that NFSv4
228 servers that have vfs.nfsd.nfs_privport set will only allow mounts
229 from clients using a reserved port#. Since both the FreeBSD and Linux
230 NFSv4 clients use reserved port#s by default, this should not affect
234 The '%I' format in the kern.corefile sysctl limits the number of
235 core files that a process can generate to the number stored in the
236 debug.ncores sysctl. The '%I' format is replaced by the single digit
237 index. Previously, if all indexes were taken the kernel would overwrite
238 only a core file with the highest index in a filename.
239 Currently the system will create a new core file if there is a free
240 index or if all slots are taken it will overwrite the oldest one.
243 WITH_OFED option now only enables the build for the OFED libraries
244 and some fundamental client utilities. OpenSM and rest of the
245 debugging tools are enabled by WITH_OFED_EXTRA build switch.
246 WITH_OFED is turned on by default on amd64.
249 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
250 6.0.1. Please see the 20141231 entry below for information about
251 prerequisites and upgrading, if you are not already using clang 3.5.0
255 The releng/11.2 branch has been created from stable/11@r334458.
258 The tz database (tzdb) has been updated to 2018e. This version more
259 correctly models time stamps in time zones with negative DST such as
260 Europe/Dublin (from 1971 on), Europe/Prague (1946/7), and
261 Africa/Windhoek (1994/2017). This does not affect the UT offsets, only
262 time zone abbreviations and the tm_isdst flag.
265 The use of RSS hash from the network card aka flowid has been
266 disabled by default for lagg(4) as it's currently incompatible with
267 the lacp and loadbalance protocols.
269 This can be re-enabled by setting the following in loader.conf:
270 net.link.lagg.default_use_flowid="1"
273 Clang, llvm, lld, lldb, compiler-rt and libc++ have been upgraded to
274 6.0.0. Please see the 20141231 entry below for information about
275 prerequisites and upgrading, if you are not already using clang 3.5.0
279 The LOADER_FIREWIRE_SUPPORT build variable as been renamed to
280 WITH/OUT_LOADER_FIREWIRE. LOADER_{NO_,}GELI_SUPPORT has been renamed
281 to WITH/OUT_LOADER_GELI.
284 The geli password typed at boot is now hidden. To restore the previous
285 behavior, see geli(8) for configuration options.
287 The SW_WATCHDOG option is no longer necessary to enable the
288 hardclock-based software watchdog if no hardware watchdog is
289 configured. As before, SW_WATCHDOG will cause the software
290 watchdog to be enabled even if a hardware watchdog is configured.
293 lint(1) binaries and library are no longer built by default. To
294 enable building them, define WITH_LINT in src.conf. If you are using
295 a FreeBSD 12 or later system to build 11-stable, you may need to
296 install a lint(1) binary to use WITH_LINT.
299 When building multiple kernels using KERNCONF, non-existent KERNCONF
300 files will produce an error and buildkernel will fail. Previously
301 missing KERNCONF files silently failed giving no indication as to
302 why, only to subsequently discover during installkernel that the
303 desired kernel was never built in the first place.
306 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 5.0.0.
307 Please see the 20141231 entry below for information about prerequisites
308 and upgrading, if you are not already using clang 3.5.0 or higher.
311 Since the switch to GPT disk labels, fsck for UFS/FFS has been
312 unable to automatically find alternate superblocks. As of r322806,
313 the information needed to find alternate superblocks has been
314 moved to the end of the area reserved for the boot block.
315 Filesystems created with a newfs of this vintage or later
316 will create the recovery information. If you have a filesystem
317 created prior to this change and wish to have a recovery block
318 created for your filesystem, you can do so by running fsck in
319 forground mode (i.e., do not use the -p or -y options). As it
320 starts, fsck will ask ``SAVE DATA TO FIND ALTERNATE SUPERBLOCKS''
321 to which you should answer yes.
324 The releng/11.1 branch has been created from stable/11@r320475.
327 arm64 builds now use the base system LLD 4.0.0 linker by default,
328 instead of requiring that the aarch64-binutils port or package be
329 installed. To continue using aarch64-binutils, set
330 CROSS_BINUTILS_PREFIX=/usr/local/aarch64-freebsd/bin .
333 The ctl.ko module no longer implements the iSCSI target frontend:
334 cfiscsi.ko does instead.
336 If building cfiscsi.ko as a kernel module, the module can be loaded
337 via one of the following methods:
338 - `cfiscsi_load="YES"` in loader.conf(5).
339 - Add `cfiscsi` to `$kld_list` in rc.conf(5).
340 - ctladm(8)/ctld(8), when compiled with iSCSI support
341 (`WITH_ISCSI=yes` in src.conf(5))
343 Please see cfiscsi(4) for more details.
346 The mmcsd.ko module now additionally depends on geom_flashmap.ko.
347 Also, mmc.ko and mmcsd.ko need to be a matching pair built from the
348 same source (previously, the dependency of mmcsd.ko on mmc.ko was
349 missing, but mmcsd.ko now will refuse to load if it is incompatible
353 Binds and sends to the loopback addresses, IPv6 and IPv4, will now
354 use any explicitly assigned loopback address available in the jail
355 instead of using the first assigned address of the jail.
358 As of r316810 for ipfilter, keep frags is no longer assumed when
359 keep state is specified in a rule. r316810 aligns ipfilter with
360 documentation in man pages separating keep frags from keep state.
361 This allows keep state to specified without forcing keep frags
362 and allows keep frags to be specified independently of keep state.
363 To maintain previous behaviour, also specify keep frags with
364 keep state (as documented in ipf.conf.5).
367 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 4.0.0.
368 Please see the 20141231 entry below for information about prerequisites
369 and upgrading, if you are not already using clang 3.5.0 or higher.
372 The code that provides support for ZFS .zfs/ directory functionality
373 has been reimplemented. It's not possible now to create a snapshot
374 by mkdir under .zfs/snapshot/. That should be the only user visible
378 Many changes in the IPsec code have been merged from the FreeBSD-CURRENT
379 branch. The IPSEC_FILTERTUNNEL kernel option is removed in favour of
380 corresponding sysctl. The IPSEC_NAT_T kernel option is also removed,
381 and now NAT-T is supported by default. Security associations now use
382 the single namespace for SPI allocation, so if you use several manually
383 configured security associations with the same SPI, this configuration
387 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.1.
388 Please see the 20141231 entry below for information about prerequisites
389 and upgrading, if you are not already using clang 3.5.0 or higher.
392 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.9.0.
393 Please see the 20141231 entry below for information about prerequisites
394 and upgrading, if you are not already using clang 3.5.0 or higher.
397 The layout of the pmap structure has changed for powerpc to put the pmap
398 statistics at the front for all CPU variations. libkvm(3) and all tools
399 that link against it need to be recompiled.
402 isl(4) and cyapa(4) drivers now require a new driver,
403 chromebook_platform(4), to work properly on Chromebook-class hardware.
404 On other types of hardware the drivers may need to be configured using
405 device hints. Please see the corresponding manual pages for details.
408 Relocatable object files with the extension of .So have been renamed
409 to use an extension of .pico instead. The purpose of this change is
410 to avoid a name clash with shared libraries on case-insensitive file
411 systems. On those file systems, foo.So is the same file as foo.so.
414 The releng/11.0 branch has been created from stable/11@r303970.
417 The stable/11 branch has been created from head@r302406.
420 The libc stub for the pipe(2) system call has been replaced with
421 a wrapper that calls the pipe2(2) system call and the pipe(2)
422 system call is now only implemented by the kernels that include
423 "options COMPAT_FREEBSD10" in their config file (this is the
424 default). Users should ensure that this option is enabled in
425 their kernel or upgrade userspace to r302092 before upgrading their
429 CAM will now strip leading spaces from SCSI disks' serial numbers.
430 This will effect users who create UFS filesystems on SCSI disks using
431 those disk's diskid device nodes. For example, if /etc/fstab
432 previously contained a line like
433 "/dev/diskid/DISK-%20%20%20%20%20%20%20ABCDEFG0123456", you should
434 change it to "/dev/diskid/DISK-ABCDEFG0123456". Users of geom
435 transforms like gmirror may also be affected. ZFS users should
439 The bitstring(3) API has been updated with new functionality and
440 improved performance. But it is binary-incompatible with the old API.
441 Objects built with the new headers may not be linked against objects
442 built with the old headers.
445 The brk and sbrk functions have been removed from libc on arm64.
446 Binutils from ports has been updated to not link to these
447 functions and should be updated to the latest version before
448 installing a new libc.
451 The armv6 port now defaults to hard float ABI. Limited support
452 for running both hardfloat and soft float on the same system
453 is available using the libraries installed with -DWITH_LIBSOFT.
454 This has only been tested as an upgrade path for installworld
455 and packages may fail or need manual intervention to run. New
456 packages will be needed.
458 To update an existing self-hosted armv6hf system, you must add
459 TARGET_ARCH=armv6 on the make command line for both the build
460 and the install steps.
463 Kernel modules compiled outside of a kernel build now default to
464 installing to /boot/modules instead of /boot/kernel. Many kernel
465 modules built this way (such as those in ports) already overrode
466 KMODDIR explicitly to install into /boot/modules. However,
467 manually building and installing a module from /sys/modules will
468 now install to /boot/modules instead of /boot/kernel.
471 The CAM I/O scheduler has been committed to the kernel. There should be
472 no user visible impact. This does enable NCQ Trim on ada SSDs. While the
473 list of known rogues that claim support for this but actually corrupt
474 data is believed to be complete, be on the lookout for data
475 corruption. The known rogue list is believed to be complete:
477 o Crucial MX100, M550 drives with MU01 firmware.
478 o Micron M510 and M550 drives with MU01 firmware.
479 o Micron M500 prior to MU07 firmware
480 o Samsung 830, 840, and 850 all firmwares
481 o FCCT M500 all firmwares
483 Crucial has firmware http://www.crucial.com/usa/en/support-ssd-firmware
484 with working NCQ TRIM. For Micron branded drives, see your sales rep for
485 updated firmware. Black listed drives will work correctly because these
486 drives work correctly so long as no NCQ TRIMs are sent to them. Given
487 this list is the same as found in Linux, it's believed there are no
488 other rogues in the market place. All other models from the above
491 To be safe, if you are at all concerned, you can quirk each of your
492 drives to prevent NCQ from being sent by setting:
493 kern.cam.ada.X.quirks="0x2"
494 in loader.conf. If the drive requires the 4k sector quirk, set the
498 The FAST_DEPEND build option has been removed and its functionality is
499 now the one true way. The old mkdep(1) style of 'make depend' has
500 been removed. See 20160311 for further details.
503 Resource range types have grown from unsigned long to uintmax_t. All
504 drivers, and anything using libdevinfo, need to be recompiled.
507 WITH_FAST_DEPEND is now enabled by default for in-tree and out-of-tree
508 builds. It no longer runs mkdep(1) during 'make depend', and the
509 'make depend' stage can safely be skipped now as it is auto ran
510 when building 'make all' and will generate all SRCS and DPSRCS before
511 building anything else. Dependencies are gathered at compile time with
512 -MF flags kept in separate .depend files per object file. Users should
513 run 'make cleandepend' once if using -DNO_CLEAN to clean out older
517 On amd64, clang 3.8.0 can now insert sections of type AMD64_UNWIND into
518 kernel modules. Therefore, if you load any kernel modules at boot time,
519 please install the boot loaders after you install the kernel, but before
523 make kernel KERNCONF=YOUR_KERNEL_HERE
524 make -C sys/boot install
525 <reboot in single user>
527 Then follow the usual steps, described in the General Notes section,
531 Clang, llvm, lldb and compiler-rt have been upgraded to 3.8.0. Please
532 see the 20141231 entry below for information about prerequisites and
533 upgrading, if you are not already using clang 3.5.0 or higher.
536 The AIO subsystem is now a standard part of the kernel. The
537 VFS_AIO kernel option and aio.ko kernel module have been removed.
538 Due to stability concerns, asynchronous I/O requests are only
539 permitted on sockets and raw disks by default. To enable
540 asynchronous I/O requests on all file types, set the
541 vfs.aio.enable_unsafe sysctl to a non-zero value.
544 The ELF object manipulation tool objcopy is now provided by the
545 ELF Tool Chain project rather than by GNU binutils. It should be a
546 drop-in replacement, with the addition of arm64 support. The
547 (temporary) src.conf knob WITHOUT_ELFCOPY_AS_OBJCOPY knob may be set
548 to obtain the GNU version if necessary.
551 Building ZFS pools on top of zvols is prohibited by default. That
552 feature has never worked safely; it's always been prone to deadlocks.
553 Using a zvol as the backing store for a VM guest's virtual disk will
554 still work, even if the guest is using ZFS. Legacy behavior can be
555 restored by setting vfs.zfs.vol.recursive=1.
558 The NONE and HPN patches has been removed from OpenSSH. They are
559 still available in the security/openssh-portable port.
562 With the addition of ypldap(8), a new _ypldap user is now required
563 during installworld. "mergemaster -p" can be used to add the user
564 prior to installworld, as documented in the handbook.
567 The tftp loader (pxeboot) now uses the option root-path directive. As a
568 consequence it no longer looks for a pxeboot.4th file on the tftp
569 server. Instead it uses the regular /boot infrastructure as with the
573 The code to start recording plug and play data into the modules has
574 been committed. While the old tools will properly build a new kernel,
575 a number of warnings about "unknown metadata record 4" will be produced
576 for an older kldxref. To avoid such warnings, make sure to rebuild
577 the kernel toolchain (or world). Make sure that you have r292078 or
578 later when trying to build 292077 or later before rebuilding.
581 Debug data files are now built by default with 'make buildworld' and
582 installed with 'make installworld'. This facilitates debugging but
583 requires more disk space both during the build and for the installed
584 world. Debug files may be disabled by setting WITHOUT_DEBUG_FILES=yes
588 r291527 changed the internal interface between the nfsd.ko and
589 nfscommon.ko modules. As such, they must both be upgraded to-gether.
590 __FreeBSD_version has been bumped because of this.
593 Add support for unicode collation strings leads to a change of
594 order of files listed by ls(1) for example. To get back to the old
595 behaviour, set LC_COLLATE environment variable to "C".
597 Databases administrators will need to reindex their databases given
598 collation results will be different.
600 Due to a bug in install(1) it is recommended to remove the ancient
601 locales before running make installworld.
603 rm -rf /usr/share/locale/*
606 The OpenSSL has been upgraded to 1.0.2d. Any binaries requiring
607 libcrypto.so.7 or libssl.so.7 must be recompiled.
610 Qlogic 24xx/25xx firmware images were updated from 5.5.0 to 7.3.0.
611 Kernel modules isp_2400_multi and isp_2500_multi were removed and
612 should be replaced with isp_2400 and isp_2500 modules respectively.
615 The build previously allowed using 'make -n' to not recurse into
616 sub-directories while showing what commands would be executed, and
617 'make -n -n' to recursively show commands. Now 'make -n' will recurse
618 and 'make -N' will not.
621 If you specify SENDMAIL_MC or SENDMAIL_CF in make.conf, mergemaster
622 and etcupdate will now use this file. A custom sendmail.cf is now
623 updated via this mechanism rather than via installworld. If you had
624 excluded sendmail.cf in mergemaster.rc or etcupdate.conf, you may
625 want to remove the exclusion or change it to "always install".
626 /etc/mail/sendmail.cf is now managed the same way regardless of
627 whether SENDMAIL_MC/SENDMAIL_CF is used. If you are not using
628 SENDMAIL_MC/SENDMAIL_CF there should be no change in behavior.
631 Compatibility shims for legacy ATA device names have been removed.
632 It includes ATA_STATIC_ID kernel option, kern.cam.ada.legacy_aliases
633 and kern.geom.raid.legacy_aliases loader tunables, kern.devalias.*
634 environment variables, /dev/ad* and /dev/ar* symbolic links.
637 Clang, llvm, lldb, compiler-rt and libc++ have been upgraded to 3.7.0.
638 Please see the 20141231 entry below for information about prerequisites
639 and upgrading, if you are not already using clang 3.5.0 or higher.
642 Kernel debug files have been moved to /usr/lib/debug/boot/kernel/,
643 and renamed from .symbols to .debug. This reduces the size requirements
644 on the boot partition or file system and provides consistency with
645 userland debug files.
647 When using the supported kernel installation method the
648 /usr/lib/debug/boot/kernel directory will be renamed (to kernel.old)
649 as is done with /boot/kernel.
651 Developers wishing to maintain the historical behavior of installing
652 debug files in /boot/kernel/ can set KERN_DEBUGDIR="" in src.conf(5).
655 The wireless drivers had undergone changes that remove the 'parent
656 interface' from the ifconfig -l output. The rc.d network scripts
657 used to check presence of a parent interface in the list, so old
658 scripts would fail to start wireless networking. Thus, etcupdate(3)
659 or mergemaster(8) run is required after kernel update, to update your
660 rc.d scripts in /etc.
663 pf no longer supports 'scrub fragment crop' or 'scrub fragment drop-ovl'
664 These configurations are now automatically interpreted as
665 'scrub fragment reassemble'.
668 Kernel-loadable modules for the random(4) device are back. To use
669 them, the kernel must have
672 options RANDOM_LOADABLE
674 kldload(8) can then be used to load random_fortuna.ko
675 or random_yarrow.ko. Please note that due to the indirect
676 function calls that the loadable modules need to provide,
677 the build-in variants will be slightly more efficient.
679 The random(4) kernel option RANDOM_DUMMY has been retired due to
680 unpopularity. It was not all that useful anyway.
683 The WITHOUT_ELFTOOLCHAIN_TOOLS src.conf(5) knob has been retired.
684 Control over building the ELF Tool Chain tools is now provided by
685 the WITHOUT_TOOLCHAIN knob.
688 The polarity of Pulse Per Second (PPS) capture events with the
689 uart(4) driver has been corrected. Prior to this change the PPS
690 "assert" event corresponded to the trailing edge of a positive PPS
691 pulse and the "clear" event was the leading edge of the next pulse.
693 As the width of a PPS pulse in a typical GPS receiver is on the
694 order of 1 millisecond, most users will not notice any significant
695 difference with this change.
697 Anyone who has compensated for the historical polarity reversal by
698 configuring a negative offset equal to the pulse width will need to
699 remove that workaround.
702 The default group assigned to /dev/dri entries has been changed
703 from 'wheel' to 'video' with the id of '44'. If you want to have
704 access to the dri devices please add yourself to the video group
707 # pw groupmod video -m $USER
710 The menu.rc and loader.rc files will now be replaced during
711 upgrades. Please migrate local changes to menu.rc.local and
712 loader.rc.local instead.
715 GNU Binutils versions of addr2line, c++filt, nm, readelf, size,
716 strings and strip have been removed. The src.conf(5) knob
717 WITHOUT_ELFTOOLCHAIN_TOOLS no longer provides the binutils tools.
720 As ZFS requires more kernel stack pages than is the default on some
721 architectures e.g. i386, it now warns if KSTACK_PAGES is less than
722 ZFS_MIN_KSTACK_PAGES (which is 4 at the time of writing).
724 Please consider using 'options KSTACK_PAGES=X' where X is greater
725 than or equal to ZFS_MIN_KSTACK_PAGES i.e. 4 in such configurations.
728 sendmail has been updated to 8.15.2. Starting with FreeBSD 11.0
729 and sendmail 8.15, sendmail uses uncompressed IPv6 addresses by
730 default, i.e., they will not contain "::". For example, instead
731 of ::1, it will be 0:0:0:0:0:0:0:1. This permits a zero subnet
732 to have a more specific match, such as different map entries for
733 IPv6:0:0 vs IPv6:0. This change requires that configuration
734 data (including maps, files, classes, custom ruleset, etc.) must
735 use the same format, so make certain such configuration data is
736 upgrading. As a very simple check search for patterns like
737 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. To return to the old
738 behavior, set the m4 option confUSE_COMPRESSED_IPV6_ADDRESSES or
739 the cf option UseCompressedIPv6Addresses.
742 The default kernel entropy-processing algorithm is now
743 Fortuna, replacing Yarrow.
745 Assuming you have 'device random' in your kernel config
746 file, the configurations allow a kernel option to override
747 this default. You may choose *ONE* of:
749 options RANDOM_YARROW # Legacy /dev/random algorithm.
750 options RANDOM_DUMMY # Blocking-only driver.
752 If you have neither, you get Fortuna. For most people,
753 read no further, Fortuna will give a /dev/random that works
754 like it always used to, and the difference will be irrelevant.
756 If you remove 'device random', you get *NO* kernel-processed
757 entropy at all. This may be acceptable to folks building
758 embedded systems, but has complications. Carry on reading,
759 and it is assumed you know what you need.
761 *PLEASE* read random(4) and random(9) if you are in the
762 habit of tweaking kernel configs, and/or if you are a member
763 of the embedded community, wanting specific and not-usual
764 behaviour from your security subsystems.
766 NOTE!! If you use RANDOM_DUMMY and/or have no 'device
767 random', you will NOT have a functioning /dev/random, and
768 many cryptographic features will not work, including SSH.
769 You may also find strange behaviour from the random(3) set
770 of library functions, in particular sranddev(3), srandomdev(3)
771 and arc4random(3). The reason for this is that the KERN_ARND
772 sysctl only returns entropy if it thinks it has some to
773 share, and with RANDOM_DUMMY or no 'device random' this
777 An additional fix for the issue described in the 20150614 sendmail
778 entry below has been been committed in revision 284717.
781 FreeBSD's old make (fmake) has been removed from the system. It is
782 available as the devel/fmake port or via pkg install fmake.
785 The fix for the issue described in the 20150614 sendmail entry
786 below has been been committed in revision 284436. The work
787 around described in that entry is no longer needed unless the
788 default setting is overridden by a confDH_PARAMETERS configuration
789 setting of '5' or pointing to a 512 bit DH parameter file.
792 ALLOW_DEPRECATED_ATF_TOOLS/ATFFILE support has been removed from
793 atf.test.mk (included from bsd.test.mk). Please upgrade devel/atf
794 and devel/kyua to version 0.20+ and adjust any calling code to work
795 with Kyuafile and kyua.
798 The import of openssl to address the FreeBSD-SA-15:10.openssl
799 security advisory includes a change which rejects handshakes
800 with DH parameters below 768 bits. sendmail releases prior
801 to 8.15.2 (not yet released), defaulted to a 512 bit
802 DH parameter setting for client connections. To work around
803 this interoperability, sendmail can be configured to use a
804 2048 bit DH parameter by:
806 1. Edit /etc/mail/`hostname`.mc
807 2. If a setting for confDH_PARAMETERS does not exist or
808 exists and is set to a string beginning with '5',
810 3. If a setting for confDH_PARAMETERS exists and is set to
811 a file path, create a new file with:
812 openssl dhparam -out /path/to/file 2048
813 4. Rebuild the .cf file:
814 cd /etc/mail/; make; make install
816 cd /etc/mail/; make restart
818 A sendmail patch is coming, at which time this file will be
822 Generation of legacy formatted entries have been disabled by default
823 in pwd_mkdb(8), as all base system consumers of the legacy formatted
824 entries were converted to use the new format by default when the new,
825 machine independent format have been added and supported since FreeBSD
828 Please see the pwd_mkdb(8) manual page for further details.
831 Clang and llvm have been upgraded to 3.6.1 release. Please see the
832 20141231 entry below for information about prerequisites and upgrading,
833 if you are not already using 3.5.0 or higher.
836 TI platform code switched to using vendor DTS files and this update
837 may break existing systems running on Beaglebone, Beaglebone Black,
840 - dtb files should be regenerated/reinstalled. Filenames are the
841 same but content is different now
842 - GPIO addressing was changed, now each GPIO bank (32 pins per bank)
843 has its own /dev/gpiocX device, e.g. pin 121 on /dev/gpioc0 in old
844 addressing scheme is now pin 25 on /dev/gpioc3.
845 - Pandaboard: /etc/ttys should be updated, serial console device is
846 now /dev/ttyu2, not /dev/ttyu0
849 soelim(1) from gnu/usr.bin/groff has been replaced by usr.bin/soelim.
850 If you need the GNU extension from groff soelim(1), install groff
851 from package: pkg install groff, or via ports: textproc/groff.
854 chmod, chflags, chown and chgrp now affect symlinks in -R mode as
855 defined in symlink(7); previously symlinks were silently ignored.
858 The const qualifier has been removed from iconv(3) to comply with
859 POSIX. The ports tree is aware of this from r384038 onwards.
862 Libraries specified by LIBADD in Makefiles must have a corresponding
863 DPADD_<lib> variable to ensure correct dependencies. This is now
864 enforced in src.libnames.mk.
867 From legacy ata(4) driver was removed support for SATA controllers
868 supported by more functional drivers ahci(4), siis(4) and mvs(4).
869 Kernel modules ataahci and ataadaptec were removed completely,
870 replaced by ahci and mvs modules respectively.
873 Clang, llvm and lldb have been upgraded to 3.6.0 release. Please see
874 the 20141231 entry below for information about prerequisites and
875 upgrading, if you are not already using 3.5.0 or higher.
878 The 32-bit PowerPC kernel has been changed to a position-independent
879 executable. This can only be booted with a version of loader(8)
880 newer than January 31, 2015, so make sure to update both world and
881 kernel before rebooting.
884 If you are running a -CURRENT kernel since r273872 (Oct 30th, 2014),
885 but before r278950, the RNG was not seeded properly. Immediately
886 upgrade the kernel to r278950 or later and regenerate any keys (e.g.
887 ssh keys or openssl keys) that were generated w/ a kernel from that
888 range. This does not affect programs that directly used /dev/random
889 or /dev/urandom. All userland uses of arc4random(3) are affected.
892 The autofs(4) ABI was changed in order to restore binary compatibility
893 with 10.1-RELEASE. The automountd(8) daemon needs to be rebuilt to work
897 The powerpc64 kernel has been changed to a position-independent
898 executable. This can only be booted with a new version of loader(8),
899 so make sure to update both world and kernel before rebooting.
902 Clang and llvm have been upgraded to 3.5.1 release. This is a bugfix
903 only release, no new features have been added. Please see the 20141231
904 entry below for information about prerequisites and upgrading, if you
905 are not already using 3.5.0.
908 ELF tools addr2line, elfcopy (strip), nm, size, and strings are now
909 taken from the ELF Tool Chain project rather than GNU binutils. They
910 should be drop-in replacements, with the addition of arm64 support.
911 The WITHOUT_ELFTOOLCHAIN_TOOLS= knob may be used to obtain the
912 binutils tools, if necessary. See 20150805 for updated information.
915 The default Unbound configuration now enables remote control
916 using a local socket. Users who have already enabled the
917 local_unbound service should regenerate their configuration
918 by running "service local_unbound setup" as root.
921 The GNU texinfo and GNU info pages have been removed.
922 To be able to view GNU info pages please install texinfo from ports.
925 Clang, llvm and lldb have been upgraded to 3.5.0 release.
927 As of this release, a prerequisite for building clang, llvm and lldb is
928 a C++11 capable compiler and C++11 standard library. This means that to
929 be able to successfully build the cross-tools stage of buildworld, with
930 clang as the bootstrap compiler, your system compiler or cross compiler
931 should either be clang 3.3 or later, or gcc 4.8 or later, and your
932 system C++ library should be libc++, or libdstdc++ from gcc 4.8 or
935 On any standard FreeBSD 10.x or 11.x installation, where clang and
936 libc++ are on by default (that is, on x86 or arm), this should work out
939 On 9.x installations where clang is enabled by default, e.g. on x86 and
940 powerpc, libc++ will not be enabled by default, so libc++ should be
941 built (with clang) and installed first. If both clang and libc++ are
942 missing, build clang first, then use it to build libc++.
944 On 8.x and earlier installations, upgrade to 9.x first, and then follow
945 the instructions for 9.x above.
947 Sparc64 and mips users are unaffected, as they still use gcc 4.2.1 by
948 default, and do not build clang.
950 Many embedded systems are resource constrained, and will not be able to
951 build clang in a reasonable time, or in some cases at all. In those
952 cases, cross building bootable systems on amd64 is a workaround.
954 This new version of clang introduces a number of new warnings, of which
955 the following are most likely to appear:
959 This warns in two cases, for both C and C++:
960 * When the code is trying to take the absolute value of an unsigned
961 quantity, which is effectively a no-op, and almost never what was
962 intended. The code should be fixed, if at all possible. If you are
963 sure that the unsigned quantity can be safely cast to signed, without
964 loss of information or undefined behavior, you can add an explicit
965 cast, or disable the warning.
967 * When the code is trying to take an absolute value, but the called
968 abs() variant is for the wrong type, which can lead to truncation.
969 If you want to disable the warning instead of fixing the code, please
970 make sure that truncation will not occur, or it might lead to unwanted
973 -Wtautological-undefined-compare and
974 -Wundefined-bool-conversion
976 These warn when C++ code is trying to compare 'this' against NULL, while
977 'this' should never be NULL in well-defined C++ code. However, there is
978 some legacy (pre C++11) code out there, which actively abuses this
979 feature, which was less strictly defined in previous C++ versions.
981 Squid and openjdk do this, for example. The warning can be turned off
982 for C++98 and earlier, but compiling the code in C++11 mode might result
983 in unexpected behavior; for example, the parts of the program that are
984 unreachable could be optimized away.
987 The old NFS client and server (kernel options NFSCLIENT, NFSSERVER)
988 kernel sources have been removed. The .h files remain, since some
989 utilities include them. This will need to be fixed later.
990 If "mount -t oldnfs ..." is attempted, it will fail.
991 If the "-o" option on mountd(8), nfsd(8) or nfsstat(1) is used,
992 the utilities will report errors.
995 The handling of LOCAL_LIB_DIRS has been altered to skip addition of
996 directories to top level SUBDIR variable when their parent
997 directory is included in LOCAL_DIRS. Users with build systems with
998 such hierarchies and without SUBDIR entries in the parent
999 directory Makefiles should add them or add the directories to
1003 faith(4) and faithd(8) have been removed from the base system. Faith
1004 has been obsolete for a very long time.
1007 vt(4), the new console driver, is enabled by default. It brings
1008 support for Unicode and double-width characters, as well as
1009 support for UEFI and integration with the KMS kernel video
1012 You may need to update your console settings in /etc/rc.conf,
1013 most probably the keymap. During boot, /etc/rc.d/syscons will
1014 indicate what you need to do.
1016 vt(4) still has issues and lacks some features compared to
1017 syscons(4). See the wiki for up-to-date information:
1018 https://wiki.freebsd.org/Newcons
1020 If you want to keep using syscons(4), you can do so by adding
1021 the following line to /boot/loader.conf:
1025 pjdfstest has been integrated into kyua as an opt-in test suite.
1026 Please see share/doc/pjdfstest/README for more details on how to
1030 gperf has been removed from the base system for architectures
1031 that use clang. Ports that require gperf will obtain it from the
1035 pjdfstest has been moved from tools/regression/pjdfstest to
1039 At svn r271982, The default linux compat kernel ABI has been adjusted
1040 to 2.6.18 in support of the linux-c6 compat ports infrastructure
1041 update. If you wish to continue using the linux-f10 compat ports,
1042 add compat.linux.osrelease=2.6.16 to your local sysctl.conf. Users are
1043 encouraged to update their linux-compat packages to linux-c6 during
1044 their next update cycle.
1047 The ofwfb driver, used to provide a graphics console on PowerPC when
1048 using vt(4), no longer allows mmap() of all physical memory. This
1049 will prevent Xorg on PowerPC with some ATI graphics cards from
1050 initializing properly unless x11-servers/xorg-server is updated to
1054 The xdev targets have been converted to using TARGET and
1055 TARGET_ARCH instead of XDEV and XDEV_ARCH.
1058 The default unbound configuration has been modified to address
1059 issues with reverse lookups on networks that use private
1060 address ranges. If you use the local_unbound service, run
1061 "service local_unbound setup" as root to regenerate your
1062 configuration, then "service local_unbound reload" to load the
1066 The GNU texinfo and GNU info pages are not built and installed
1067 anymore, WITH_INFO knob has been added to allow to built and install
1069 UPDATE: see 20150102 entry on texinfo's removal
1072 The GNU readline library is now an INTERNALLIB - that is, it is
1073 statically linked into consumers (GDB and variants) in the base
1074 system, and the shared library is no longer installed. The
1075 devel/readline port is available for third party software that
1079 The Itanium architecture (ia64) has been removed from the list of
1080 known architectures. This is the first step in the removal of the
1084 Commit r268115 has added NFSv4.1 server support, merged from
1085 projects/nfsv4.1-server. Since this includes changes to the
1086 internal interfaces between the NFS related modules, a full
1087 build of the kernel and modules will be necessary.
1088 __FreeBSD_version has been bumped.
1091 The WITHOUT_VT_SUPPORT kernel config knob has been renamed
1092 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning
1093 which differs from the behaviour controlled by this knob.)
1096 Maximal length of the serial number in CTL was increased from 16 to
1097 64 chars, that breaks ABI. All CTL-related tools, such as ctladm
1098 and ctld, need to be rebuilt to work with a new kernel.
1101 The libatf-c and libatf-c++ major versions were downgraded to 0 and
1102 1 respectively to match the upstream numbers. They were out of
1103 sync because, when they were originally added to FreeBSD, the
1104 upstream versions were not respected. These libraries are private
1105 and not yet built by default, so renumbering them should be a
1106 non-issue. However, unclean source trees will yield broken test
1107 programs once the operator executes "make delete-old-libs" after a
1108 "make installworld".
1110 Additionally, the atf-sh binary was made private by moving it into
1111 /usr/libexec/. Already-built shell test programs will keep the
1112 path to the old binary so they will break after "make delete-old"
1115 If you are using WITH_TESTS=yes (not the default), wipe the object
1116 tree and rebuild from scratch to prevent spurious test failures.
1117 This is only needed once: the misnumbered libraries and misplaced
1118 binaries have been added to OptionalObsoleteFiles.inc so they will
1119 be removed during a clean upgrade.
1122 Clang and llvm have been upgraded to 3.4.1 release.
1125 We bogusly installed src.opts.mk in /usr/share/mk. This file should
1126 be removed to avoid issues in the future (and has been added to
1130 /etc/src.conf now affects only builds of the FreeBSD src tree. In the
1131 past, it affected all builds that used the bsd.*.mk files. The old
1132 behavior was a bug, but people may have relied upon it. To get this
1133 behavior back, you can .include /etc/src.conf from /etc/make.conf
1134 (which is still global and isn't changed). This also changes the
1135 behavior of incremental builds inside the tree of individual
1136 directories. Set MAKESYSPATH to ".../share/mk" to do that.
1137 Although this has survived make universe and some upgrade scenarios,
1138 other upgrade scenarios may have broken. At least one form of
1139 temporary breakage was fixed with MAKESYSPATH settings for buildworld
1140 as well... In cases where MAKESYSPATH isn't working with this
1141 setting, you'll need to set it to the full path to your tree.
1143 One side effect of all this cleaning up is that bsd.compiler.mk
1144 is no longer implicitly included by bsd.own.mk. If you wish to
1145 use COMPILER_TYPE, you must now explicitly include bsd.compiler.mk
1149 The lindev device has been removed since /dev/full has been made a
1150 standard device. __FreeBSD_version has been bumped.
1153 The knob WITHOUT_VI was added to the base system, which controls
1154 building ex(1), vi(1), etc. Older releases of FreeBSD required ex(1)
1155 in order to reorder files share/termcap and didn't build ex(1) as a
1156 build tool, so building/installing with WITH_VI is highly advised for
1157 build hosts for older releases.
1159 This issue has been fixed in stable/9 and stable/10 in r277022 and
1160 r276991, respectively.
1163 The YES_HESIOD knob has been removed. It has been obsolete for
1164 a decade. Please move to using WITH_HESIOD instead or your builds
1165 will silently lack HESIOD.
1168 The uart(4) driver has been changed with respect to its handling
1169 of the low-level console. Previously the uart(4) driver prevented
1170 any process from changing the baudrate or the CLOCAL and HUPCL
1171 control flags. By removing the restrictions, operators can make
1172 changes to the serial console port without having to reboot.
1173 However, when getty(8) is started on the serial device that is
1174 associated with the low-level console, a misconfigured terminal
1175 line in /etc/ttys will now have a real impact.
1176 Before upgrading the kernel, make sure that /etc/ttys has the
1177 serial console device configured as 3wire without baudrate to
1178 preserve the previous behaviour. E.g:
1179 ttyu0 "/usr/libexec/getty 3wire" vt100 on secure
1182 Support for libwrap (TCP wrappers) in rpcbind was disabled by default
1183 to improve performance. To re-enable it, if needed, run rpcbind
1184 with command line option -W.
1187 Switched back to the GPL dtc compiler due to updates in the upstream
1188 dts files not being supported by the BSDL dtc compiler. You will need
1189 to rebuild your kernel toolchain to pick up the new compiler. Core dumps
1190 may result while building dtb files during a kernel build if you fail
1191 to do so. Set WITHOUT_GPL_DTC if you require the BSDL compiler.
1194 Clang and llvm have been upgraded to 3.4 release.
1197 The nve(4) driver has been removed. Please use the nfe(4) driver
1198 for NVIDIA nForce MCP Ethernet adapters instead.
1201 An ABI incompatibility crept into the libc++ 3.4 import in r261283.
1202 This could cause certain C++ applications using shared libraries built
1203 against the previous version of libc++ to crash. The incompatibility
1204 has now been fixed, but any C++ applications or shared libraries built
1205 between r261283 and r261801 should be recompiled.
1208 OpenSSH will now ignore errors caused by kernel lacking of Capsicum
1209 capability mode support. Please note that enabling the feature in
1210 kernel is still highly recommended.
1213 OpenSSH is now built with sandbox support, and will use sandbox as
1214 the default privilege separation method. This requires Capsicum
1215 capability mode support in kernel.
1218 The libelf and libdwarf libraries have been updated to newer
1219 versions from upstream. Shared library version numbers for
1220 these two libraries were bumped. Any ports or binaries
1221 requiring these two libraries should be recompiled.
1222 __FreeBSD_version is bumped to 1100006.
1225 If a Makefile in a tests/ directory was auto-generating a Kyuafile
1226 instead of providing an explicit one, this would prevent such
1227 Makefile from providing its own Kyuafile in the future during
1228 NO_CLEAN builds. This has been fixed in the Makefiles but manual
1229 intervention is needed to clean an objdir if you use NO_CLEAN:
1230 # find /usr/obj -name Kyuafile | xargs rm -f
1233 The behavior of gss_pseudo_random() for the krb5 mechanism
1234 has changed, for applications requesting a longer random string
1235 than produced by the underlying enctype's pseudo-random() function.
1236 In particular, the random string produced from a session key of
1237 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will
1238 be different at the 17th octet and later, after this change.
1239 The counter used in the PRF+ construction is now encoded as a
1240 big-endian integer in accordance with RFC 4402.
1241 __FreeBSD_version is bumped to 1100004.
1244 The WITHOUT_ATF build knob has been removed and its functionality
1245 has been subsumed into the more generic WITHOUT_TESTS. If you were
1246 using the former to disable the build of the ATF libraries, you
1247 should change your settings to use the latter.
1250 The default version of mtree is nmtree which is obtained from
1251 NetBSD. The output is generally the same, but may vary
1252 slightly. If you found you need identical output adding
1253 "-F freebsd9" to the command line should do the trick. For the
1254 time being, the old mtree is available as fmtree.
1257 libbsdyml has been renamed to libyaml and moved to /usr/lib/private.
1258 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg
1259 1.1.4_8 and verify bsdyml not linked in, before running "make
1261 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean
1263 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml
1266 The stable/10 branch has been created in subversion from head
1270 The rc.d/jail script has been updated to support jail(8)
1271 configuration file. The "jail_<jname>_*" rc.conf(5) variables
1272 for per-jail configuration are automatically converted to
1273 /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
1274 This is transparently backward compatible. See below about some
1275 incompatibilities and rc.conf(5) manual page for more details.
1277 These variables are now deprecated in favor of jail(8) configuration
1278 file. One can use "rc.d/jail config <jname>" command to generate
1279 a jail(8) configuration file in /var/run/jail.<jname>.conf without
1280 running the jail(8) utility. The default pathname of the
1281 configuration file is /etc/jail.conf and can be specified by
1282 using $jail_conf or $jail_<jname>_conf variables.
1284 Please note that jail_devfs_ruleset accepts an integer at
1285 this moment. Please consider to rewrite the ruleset name
1289 BIND has been removed from the base system. If all you need
1290 is a local resolver, simply enable and start the local_unbound
1291 service instead. Otherwise, several versions of BIND are
1292 available in the ports tree. The dns/bind99 port is one example.
1294 With this change, nslookup(1) and dig(1) are no longer in the base
1295 system. Users should instead use host(1) and drill(1) which are
1296 in the base system. Alternatively, nslookup and dig can
1297 be obtained by installing the dns/bind-tools port.
1300 With the addition of unbound(8), a new unbound user is now
1301 required during installworld. "mergemaster -p" can be used to
1302 add the user prior to installworld, as documented in the handbook.
1305 OpenSSH is now built with DNSSEC support, and will by default
1306 silently trust signed SSHFP records. This can be controlled with
1307 the VerifyHostKeyDNS client configuration setting. DNSSEC support
1308 can be disabled entirely with the WITHOUT_LDNS option in src.conf.
1311 The GNU Compiler Collection and C++ standard library (libstdc++)
1312 are no longer built by default on platforms where clang is the system
1313 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX
1314 options in src.conf.
1317 The PROCDESC kernel option is now part of the GENERIC kernel
1318 configuration and is required for the rwhod(8) to work.
1319 If you are using custom kernel configuration, you should include
1323 The API and ABI related to the Capsicum framework was modified
1324 in backward incompatible way. The userland libraries and programs
1325 have to be recompiled to work with the new kernel. This includes the
1326 following libraries and programs, but the whole buildworld is
1327 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl,
1328 kdump, procstat, rwho, rwhod, uniq.
1331 AES-NI intrinsic support has been added to gcc. The AES-NI module
1332 has been updated to use this support. A new gcc is required to build
1333 the aesni module on both i386 and amd64.
1336 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices.
1337 Thus "device padlock_rng" and "device rdrand_rng" should be
1338 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG".
1341 WITH_ICONV has been split into two feature sets. WITH_ICONV now
1342 enables just the iconv* functionality and is now on by default.
1343 WITH_LIBICONV_COMPAT enables the libiconv api and link time
1344 compatibility. Set WITHOUT_ICONV to build the old way.
1345 If you have been using WITH_ICONV before, you will very likely
1346 need to turn on WITH_LIBICONV_COMPAT.
1349 INVARIANTS option now enables DEBUG for code with OpenSolaris and
1350 Illumos origin, including ZFS. If you have INVARIANTS in your
1351 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG
1353 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS)
1354 locks if WITNESS option was set. Because that generated a lot of
1355 witness(9) reports and all of them were believed to be false
1356 positives, this is no longer done. New option OPENSOLARIS_WITNESS
1357 can be used to achieve the previous behavior.
1360 Timer values in IPv6 data structures now use time_uptime instead
1361 of time_second. Although this is not a user-visible functional
1362 change, userland utilities which directly use them---ndp(8),
1363 rtadvd(8), and rtsold(8) in the base system---need to be updated
1364 to r253970 or later.
1367 find -delete can now delete the pathnames given as arguments,
1368 instead of only files found below them or if the pathname did
1369 not contain any slashes. Formerly, the following error message
1372 find: -delete: <path>: relative path potentially not safe
1374 Deleting the pathnames given as arguments can be prevented
1375 without error messages using -mindepth 1 or by changing
1376 directory and passing "." as argument to find. This works in the
1377 old as well as the new version of find.
1380 Behavior of devfs rules path matching has been changed.
1381 Pattern is now always matched against fully qualified devfs
1382 path and slash characters must be explicitly matched by
1383 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs
1384 subdirectories must be reviewed.
1387 The default ARM ABI has changed to the ARM EABI. The old ABI is
1388 incompatible with the ARM EABI and all programs and modules will
1389 need to be rebuilt to work with a new kernel.
1391 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set.
1393 NOTE: Support for the old ABI will be removed in the future and
1394 users are advised to upgrade.
1397 pkg_install has been disconnected from the build if you really need it
1398 you should add WITH_PKGTOOLS in your src.conf(5).
1401 Most of network statistics structures were changed to be able
1402 keep 64-bits counters. Thus all tools, that work with networking
1403 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.)
1406 Fix a bug that allowed a tracing process (e.g. gdb) to write
1407 to a memory-mapped file in the traced process's address space
1408 even if neither the traced process nor the tracing process had
1409 write access to that file.
1412 CVS has been removed from the base system. An exact copy
1413 of the code is available from the devel/cvs port.
1416 Some people report the following error after the switch to bmake:
1418 make: illegal option -- J
1419 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable]
1421 *** [buildworld] Error code 2
1423 this likely due to an old instance of make in
1424 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE})
1425 which src/Makefile will use that blindly, if it exists, so if
1426 you see the above error:
1428 rm -rf `make -V MAKEPATH`
1433 Use bmake by default.
1434 Whereas before one could choose to build with bmake via
1435 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old
1436 make. The goal is to remove these knobs for 10-RELEASE.
1438 It is worth noting that bmake (like gmake) treats the command
1439 line as the unit of failure, rather than statements within the
1440 command line. Thus '(cd some/where && dosomething)' is safer
1441 than 'cd some/where; dosomething'. The '()' allows consistent
1442 behavior in parallel build.
1445 Fix a bug that allows NFS clients to issue READDIR on files.
1448 The WITHOUT_IDEA option has been removed because
1449 the IDEA patent expired.
1452 The sysctl which controls TRIM support under ZFS has been renamed
1453 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been
1457 The mergemaster command now uses the default MAKEOBJDIRPREFIX
1458 rather than creating it's own in the temporary directory in
1459 order allow access to bootstrapped versions of tools such as
1460 install and mtree. When upgrading from version of FreeBSD where
1461 the install command does not support -l, you will need to
1462 install a new mergemaster command if mergemaster -p is required.
1463 This can be accomplished with the command (cd src/usr.sbin/mergemaster
1467 Legacy ATA stack, disabled and replaced by new CAM-based one since
1468 FreeBSD 9.0, completely removed from the sources. Kernel modules
1469 atadisk and atapi*, user-level tools atacontrol and burncd are
1470 removed. Kernel option `options ATA_CAM` is now permanently enabled
1474 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2)
1475 and socketpair(2). Software, in particular Kerberos, may
1476 automatically detect and use these during building. The resulting
1477 binaries will not work on older kernels.
1480 CTL_DISABLE has also been added to the sparc64 GENERIC (for further
1481 information, see the respective 20130304 entry).
1484 Recent commits to callout(9) changed the size of struct callout,
1485 so the KBI is probably heavily disturbed. Also, some functions
1486 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced
1487 by macros. Every kernel module using it won't load, so rebuild
1490 The ctl device has been re-enabled in GENERIC for i386 and amd64,
1491 but does not initialize by default (because of the new CTL_DISABLE
1492 option) to save memory. To re-enable it, remove the CTL_DISABLE
1493 option from the kernel config file or set kern.cam.ctl.disable=0
1494 in /boot/loader.conf.
1497 The ctl device has been disabled in GENERIC for i386 and amd64.
1498 This was done due to the extra memory being allocated at system
1499 initialisation time by the ctl driver which was only used if
1500 a CAM target device was created. This makes a FreeBSD system
1501 unusable on 128MB or less of RAM.
1504 A new compression method (lz4) has been merged to -HEAD. Please
1505 refer to zpool-features(7) for more information.
1507 Please refer to the "ZFS notes" section of this file for information
1508 on upgrading boot ZFS pools.
1511 A BSD-licensed patch(1) variant has been added and is installed
1512 as bsdpatch, being the GNU version the default patch.
1513 To inverse the logic and use the BSD-licensed one as default,
1514 while having the GNU version installed as gnupatch, rebuild
1515 and install world with the WITH_BSD_PATCH knob set.
1518 Due to the use of the new -l option to install(1) during build
1519 and install, you must take care not to directly set the INSTALL
1520 make variable in your /etc/make.conf, /etc/src.conf, or on the
1521 command line. If you wish to use the -C flag for all installs
1522 you may be able to add INSTALL+=-C to /etc/make.conf or
1526 The install(1) option -M has changed meaning and now takes an
1527 argument that is a file or path to append logs to. In the
1528 unlikely event that -M was the last option on the command line
1529 and the command line contained at least two files and a target
1530 directory the first file will have logs appended to it. The -M
1531 option served little practical purpose in the last decade so its
1532 use is expected to be extremely rare.
1535 After switching to Clang as the default compiler some users of ZFS
1536 on i386 systems started to experience stack overflow kernel panics.
1537 Please consider using 'options KSTACK_PAGES=4' in such configurations.
1540 GEOM_LABEL now mangles label names read from file system metadata.
1541 Mangling affect labels containing spaces, non-printable characters,
1542 '%' or '"'. Device names in /etc/fstab and other places may need to
1546 By default, only the 10 most recent kernel dumps will be saved. To
1547 restore the previous behaviour (no limit on the number of kernel dumps
1548 stored in the dump directory) add the following line to /etc/rc.conf:
1553 With the addition of auditdistd(8), a new auditdistd user is now
1554 required during installworld. "mergemaster -p" can be used to
1555 add the user prior to installworld, as documented in the handbook.
1558 The sin6_scope_id member variable in struct sockaddr_in6 is now
1559 filled by the kernel before passing the structure to the userland via
1560 sysctl or routing socket. This means the KAME-specific embedded scope
1561 id in sin6_addr.s6_addr[2] is always cleared in userland application.
1562 This behavior can be controlled by net.inet6.ip6.deembed_scopeid.
1563 __FreeBSD_version is bumped to 1000025.
1566 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default.
1567 This means that the world and kernel will be compiled with clang
1568 and that clang will be installed as /usr/bin/cc, /usr/bin/c++,
1569 and /usr/bin/cpp. To disable this behavior and revert to building
1570 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions
1571 of current may need to bootstrap WITHOUT_CLANG first if the clang
1572 build fails (its compatibility window doesn't extend to the 9 stable
1576 The IPFIREWALL_FORWARD kernel option has been removed. Its
1577 functionality now turned on by default.
1580 The ZERO_COPY_SOCKET kernel option has been removed and
1581 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP.
1582 NB: SOCKET_SEND_COW uses the VM page based copy-on-write
1583 mechanism which is not safe and may result in kernel crashes.
1584 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current
1585 driver supports disposeable external page sized mbuf storage.
1586 Proper replacements for both zero-copy mechanisms are under
1587 consideration and will eventually lead to complete removal
1588 of the two kernel options.
1591 The IPv4 network stack has been converted to network byte
1592 order. The following modules need to be recompiled together
1593 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4),
1594 pf(4), ipfw(4), ng_ipfw(4), stf(4).
1597 Support for non-MPSAFE filesystems was removed from VFS. The
1598 VFS_VERSION was bumped, all filesystem modules shall be
1602 All the non-MPSAFE filesystems have been disconnected from
1603 the build. The full list includes: codafs, hpfs, ntfs, nwfs,
1604 portalfs, smbfs, xfs.
1607 The interface cloning API and ABI has changed. The following
1608 modules need to be recompiled together with kernel:
1609 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4),
1610 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4),
1611 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4).
1614 The sdhci driver was split in two parts: sdhci (generic SD Host
1615 Controller logic) and sdhci_pci (actual hardware driver).
1616 No kernel config modifications are required, but if you
1617 load sdhc as a module you must switch to sdhci_pci instead.
1620 Import the FUSE kernel and userland support into base system.
1623 The GNU sort(1) program has been removed since the BSD-licensed
1624 sort(1) has been the default for quite some time and no serious
1625 problems have been reported. The corresponding WITH_GNU_SORT
1629 The pfil(9) API/ABI for AF_INET family has been changed. Packet
1630 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled
1634 The net80211(4) ABI has been changed to allow for improved driver
1635 PS-POLL and power-save support. All wireless drivers need to be
1636 recompiled to work with the new kernel.
1639 The random(4) support for the VIA hardware random number
1640 generator (`PADLOCK') is no longer enabled unconditionally.
1641 Add the padlock_rng device in the custom kernel config if
1642 needed. The GENERIC kernels on i386 and amd64 do include the
1643 device, so the change only affects the custom kernel
1647 The pf(4) packet filter ABI has been changed. pfctl(8) and
1648 snmp_pf module need to be recompiled to work with new kernel.
1651 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged
1652 to -HEAD. Pools that have empty_bpobj in active state can not be
1653 imported read-write with ZFS implementations that do not support
1654 this feature. For more information read the zpool-features(5)
1658 The sparc64 ZFS loader has been changed to no longer try to auto-
1659 detect ZFS providers based on diskN aliases but now requires these
1660 to be explicitly listed in the OFW boot-device environment variable.
1663 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring
1664 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are
1665 configuration changes. Make sure to merge /etc/ssl/openssl.cnf.
1668 The following sysctls and tunables have been renamed for consistency
1669 with other variables:
1670 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered
1671 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered
1674 The sort utility has been replaced with BSD sort. For now, GNU sort
1675 is also available as "gnusort" or the default can be set back to
1676 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be
1677 installed as "bsdsort".
1680 A new version of ZFS (pool version 5000) has been merged to -HEAD.
1681 Starting with this version the old system of ZFS pool versioning
1682 is superseded by "feature flags". This concept enables forward
1683 compatibility against certain future changes in functionality of ZFS
1684 pools. The first read-only compatible "feature flag" for ZFS pools
1685 is named "com.delphix:async_destroy". For more information
1686 read the new zpool-features(5) manual page.
1687 Please refer to the "ZFS notes" section of this file for information
1688 on upgrading boot ZFS pools.
1691 The malloc(3) implementation embedded in libc now uses sources imported
1692 as contrib/jemalloc. The most disruptive API change is to
1693 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf,
1694 delete it prior to installworld, and optionally re-create it using the
1695 new format after rebooting. See malloc.conf(5) for details
1696 (specifically the TUNING section and the "opt.*" entries in the MALLCTL
1700 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb
1701 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is
1702 now spelled mips. This is to aid compatibility with third-party
1703 software that expects this naming scheme in uname(3). Little-endian
1704 settings are unchanged. If you are updating a big-endian mips64 machine
1705 from before this change, you may need to set MACHINE_ARCH=mips64 in
1706 your environment before the new build system will recognize your machine.
1709 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported
1713 Now unix domain sockets behave "as expected" on nullfs(5). Previously
1714 nullfs(5) did not pass through all behaviours to the underlying layer,
1715 as a result if we bound to a socket on the lower layer we could connect
1716 only to the lower path; if we bound to the upper layer we could connect
1717 only to the upper path. The new behavior is one can connect to both the
1718 lower and the upper paths regardless what layer path one binds to.
1721 The getifaddrs upgrade path broken with 20111215 has been restored.
1722 If you have upgraded in between 20111215 and 20120209 you need to
1723 recompile libc again with your kernel. You still need to recompile
1724 world to be able to configure CARP but this restriction already
1725 comes from 20111215.
1728 The set_rcvar() function has been removed from /etc/rc.subr. All
1729 base and ports rc.d scripts have been updated, so if you have a
1730 port installed with a script in /usr/local/etc/rc.d you can either
1731 hand-edit the rcvar= line, or reinstall the port.
1733 An easy way to handle the mass-update of /etc/rc.d:
1734 rm /etc/rc.d/* && mergemaster -i
1737 panic(9) now stops other CPUs in the SMP systems, disables interrupts
1738 on the current CPU and prevents other threads from running.
1739 This behavior can be reverted using the kern.stop_scheduler_on_panic
1741 The new behavior can be incompatible with kern.sync_on_panic.
1744 The carp(4) facility has been changed significantly. Configuration
1745 of the CARP protocol via ifconfig(8) has changed, as well as format
1746 of CARP events submitted to devd(8) has changed. See manual pages
1747 for more information. The arpbalance feature of carp(4) is currently
1748 not supported anymore.
1750 Size of struct in_aliasreq, struct in6_aliasreq has changed. User
1751 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8),
1752 need to be recompiled.
1755 The acpi_wmi(4) status device /dev/wmistat has been renamed to
1759 The option VFS_ALLOW_NONMPSAFE option has been added in order to
1760 explicitely support non-MPSAFE filesystems.
1761 It is on by default for all supported platform at this present
1765 The broken amd(4) driver has been replaced with esp(4) in the amd64,
1766 i386 and pc98 GENERIC kernel configuration files.
1769 sysinstall has been removed
1772 The stable/9 branch created in subversion. This corresponds to the
1773 RELENG_9 branch in CVS.
1779 Avoid using make -j when upgrading. While generally safe, there are
1780 sometimes problems using -j to upgrade. If your upgrade fails with
1781 -j, please try again without -j. From time to time in the past there
1782 have been problems using -j with buildworld and/or installworld. This
1783 is especially true when upgrading between "distant" versions (eg one
1784 that cross a major release boundary or several minor releases, or when
1785 several months have passed on the -current branch).
1787 Sometimes, obscure build problems are the result of environment
1788 poisoning. This can happen because the make utility reads its
1789 environment when searching for values for global variables. To run
1790 your build attempts in an "environmental clean room", prefix all make
1791 commands with 'env -i '. See the env(1) manual page for more details.
1793 When upgrading from one major version to another it is generally best
1794 to upgrade to the latest code in the currently installed branch first,
1795 then do an upgrade to the new branch. This is the best-tested upgrade
1796 path, and has the highest probability of being successful. Please try
1797 this approach before reporting problems with a major version upgrade.
1799 When upgrading a live system, having a root shell around before
1800 installing anything can help undo problems. Not having a root shell
1801 around can lead to problems if pam has changed too much from your
1802 starting point to allow continued authentication after the upgrade.
1804 This file should be read as a log of events. When a later event changes
1805 information of a prior event, the prior event should not be deleted.
1806 Instead, a pointer to the entry with the new information should be
1807 placed in the old entry. Readers of this file should also sanity check
1808 older entries before relying on them blindly. Authors of new entries
1809 should write them with this in mind.
1813 When upgrading the boot ZFS pool to a new version, always follow
1816 1.) recompile and reinstall the ZFS boot loader and boot block
1817 (this is part of "make buildworld" and "make installworld")
1819 2.) update the ZFS boot block on your boot drive
1821 The following example updates the ZFS boot block on the first
1822 partition (freebsd-boot) of a GPT partitioned drive ada0:
1823 "gpart bootcode -p /boot/gptzfsboot -i 1 ada0"
1825 Non-boot pools do not need these updates.
1829 If you are updating from a prior version of FreeBSD (even one just
1830 a few days old), you should follow this procedure. It is the most
1831 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,
1833 make kernel-toolchain
1834 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
1835 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE
1837 To test a kernel once
1838 ---------------------
1839 If you just want to boot a kernel once (because you are not sure
1840 if it works, or if you want to boot a known bad kernel to provide
1841 debugging information) run
1842 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
1843 nextboot -k testkernel
1845 To just build a kernel when you know that it won't mess you up
1846 --------------------------------------------------------------
1847 This assumes you are already running a CURRENT system. Replace
1848 ${arch} with the architecture of your machine (e.g. "i386",
1849 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc).
1851 cd src/sys/${arch}/conf
1852 config KERNEL_NAME_HERE
1853 cd ../compile/KERNEL_NAME_HERE
1858 If this fails, go to the "To build a kernel" section.
1860 To rebuild everything and install it on the current system.
1861 -----------------------------------------------------------
1862 # Note: sometimes if you are running current you gotta do more than
1863 # is listed here if you are upgrading from a really old current.
1865 <make sure you have good level 0 dumps>
1867 make kernel KERNCONF=YOUR_KERNEL_HERE
1869 <reboot in single user> [3]
1876 To cross-install current onto a separate partition
1877 --------------------------------------------------
1878 # In this approach we use a separate partition to hold
1879 # current's root, 'usr', and 'var' directories. A partition
1880 # holding "/", "/usr" and "/var" should be about 2GB in
1883 <make sure you have good level 0 dumps>
1886 make buildkernel KERNCONF=YOUR_KERNEL_HERE
1887 <maybe newfs current's root partition>
1888 <mount current's root partition on directory ${CURRENT_ROOT}>
1889 make installworld DESTDIR=${CURRENT_ROOT} -DDB_FROM_SRC
1890 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
1891 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
1892 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd
1893 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
1894 <reboot into current>
1895 <do a "native" rebuild/install as described in the previous section>
1896 <maybe install compatibility libraries from ports/misc/compat*>
1900 To upgrade in-place from stable to current
1901 ----------------------------------------------
1902 <make sure you have good level 0 dumps>
1904 make kernel KERNCONF=YOUR_KERNEL_HERE [8]
1906 <reboot in single user> [3]
1913 Make sure that you've read the UPDATING file to understand the
1914 tweaks to various things you need. At this point in the life
1915 cycle of current, things change often and you are on your own
1916 to cope. The defaults can also change, so please read ALL of
1917 the UPDATING entries.
1919 Also, if you are tracking -current, you must be subscribed to
1920 freebsd-current@freebsd.org. Make sure that before you update
1921 your sources that you have read and understood all the recent
1922 messages there. If in doubt, please track -stable which has
1923 much fewer pitfalls.
1925 [1] If you have third party modules, such as vmware, you
1926 should disable them at this point so they don't crash your
1929 [3] From the bootblocks, boot -s, and then do
1934 adjkerntz -i # if CMOS is wall time
1935 Also, when doing a major release upgrade, it is required that
1936 you boot into single user mode to do the installworld.
1938 [4] Note: This step is non-optional. Failure to do this step
1939 can result in a significant reduction in the functionality of the
1940 system. Attempting to do it by hand is not recommended and those
1941 that pursue this avenue should read this file carefully, as well
1942 as the archives of freebsd-current and freebsd-hackers mailing lists
1943 for potential gotchas. The -U option is also useful to consider.
1944 See mergemaster(8) for more information.
1946 [5] Usually this step is a noop. However, from time to time
1947 you may need to do this if you get unknown user in the following
1948 step. It never hurts to do it all the time. You may need to
1949 install a new mergemaster (cd src/usr.sbin/mergemaster && make
1950 install) after the buildworld before this step if you last updated
1951 from current before 20130425 or from -stable before 20130430.
1953 [6] This only deletes old files and directories. Old libraries
1954 can be deleted by "make delete-old-libs", but you have to make
1955 sure that no program is using those libraries anymore.
1957 [8] The new kernel must be able to run existing binaries used by
1958 an installworld. When upgrading across major versions, the new
1959 kernel's configuration must include the correct COMPAT_FREEBSD<n>
1960 option for existing binaries (e.g. COMPAT_FREEBSD11 to run 11.x
1961 binaries). Failure to do so may leave you with a system that is
1962 hard to boot to recover. A GENERIC kernel will include suitable
1963 compatibility options to run binaries from older branches.
1965 Make sure that you merge any new devices from GENERIC since the
1966 last time you updated your kernel config file.
1968 [9] When checking out sources, you must include the -P flag to have
1969 cvs prune empty directories.
1971 If CPUTYPE is defined in your /etc/make.conf, make sure to use the
1972 "?=" instead of the "=" assignment operator, so that buildworld can
1973 override the CPUTYPE if it needs to.
1975 MAKEOBJDIRPREFIX must be defined in an environment variable, and
1976 not on the command line, or in /etc/make.conf. buildworld will
1977 warn if it is improperly defined.
1980 This file contains a list, in reverse chronological order, of major
1981 breakages in tracking -current. It is not guaranteed to be a complete
1982 list of such breakages, and only contains entries since September 23, 2011.
1983 If you need to see UPDATING entries from before that date, you will need
1984 to fetch an UPDATING file from an older FreeBSD release.
1986 Copyright information:
1988 Copyright 1998-2009 M. Warner Losh. All Rights Reserved.
1990 Redistribution, publication, translation and use, with or without
1991 modification, in full or in part, in any form or format of this
1992 document are permitted without further permission from the author.
1994 THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
1995 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
1996 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
1997 DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
1998 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1999 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
2000 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2001 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
2002 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
2003 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
2004 POSSIBILITY OF SUCH DAMAGE.
2006 Contact Warner Losh if you have any questions about your use of
projects / FreeBSD / FreeBSD.git / blob