freebsd-dev/UPDATING
bms b45ad80817 Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	jake (mentor)
Reported by:	Apple Product Security <product-security@apple.com>
2003-09-23 16:39:31 +00:00

1372 lines
52 KiB
Plaintext

Updating Information for FreeBSD current users
This file is maintained and copyrighted by M. Warner Losh
<imp@village.org>. See end of file for further details. For commonly
done items, please see the COMMON ITEMS: section later in the file.
NOTE TO PEOPLE WHO THINK THAT 5.0-CURRENT IS SLOW:
FreeBSD 5.0-CURRENT has many debugging features turned on, in
both the kernel and userland. These features attempt to detect
incorrect use of system primitives, and encourage loud failure
through extra sanity checking and fail stop semantics. They
also substantially impact system performance. If you want to
do performance measurement, benchmarking, and optimization,
you'll want to turn them off. This includes various WITNESS-
related kernel options, INVARIANTS, malloc debugging flags
in userland, and various verbose features in the kernel. Many
developers choose to disable these features on build machines
to maximize performance.
20030923:
Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests. See
FreeBSD-SA-03:14.arp.
20030915:
A change to /etc/defaults/rc.conf now causes inetd to be started
with `-C 60' if it is not overridden in /etc/rc.conf. This
causes inetd to stop accepting connections from an IP address
that exceeds the rate of 60 connections per minute.
20030829:
The following rc.d scripts have been removed and should be
deleted from your installation: atm2.sh atm3.sh devdb
localdaemons network1 network2 network3. Depending on when
you last updated world and used mergemaster(8) you may or
may not have problems during the rc boot sequence. The simplest
solution is an 'rm -rf /etc/rc.d/*' and then 'mergemaster -i'.
The atm2.sh atm3.sh and devdb scripts were removed some time
ago, so depending on when you installed -CURRENT these scripts
may or may not exist on your system.
20030824:
ATAng has been committed. You need to build world as sys/ata.h
has changed, and userland atacontrol depends on it.
If you use ATA SW raids you need "device ataraid" in your
kernel config file, as it is no longer pulled in automatically.
20030819:
The OFW_NEWPCI option has been turned on in the Sparc64 GENERIC kernel.
Among other things, this changes the device enumeration to be
closer to Solaris. Be aware that, this can even cause the machine
to not boot without manual intervention before the fstab is adjusted.
20030728:
All current USB and Firewire quirks in da(4) have been deprecated
and will be removed for 5.2. If this causes failure for your
umass(4) devices, enable "options DA_OLD_QUIRKS" in your kernel
and send the output of "camcontrol inquiry da0" to scsi@freebsd.org
so the quirk can be re-enabled.
20030722:
FPU-less support has been removed from FreeBSD. Chances are you won't
notice. 386+387 support should still work after this change, but
it is now a minimum requirement for the i386 port that you have real
FPU hardware.
20030714:
Some people are having problems with changes related to /rescue.
If you are building -j N, you will need to define NO_RESCUE. Others
will need to define it if /rescue has issues with their environment.
People should report those issues to current@.
20030711:
gcc was upgraded to 3.3. You are advised to not build -DNOCLEAN
across this point. Further, it might be a good idea to remove
/usr/obj.
20030613: [retrospective]
There was a small window in which sed(1) was broken. If you
happen to have sed(1) installed during that window, which is
evidenced by an inability to build world with the failure
given below, you need to manually build and install sed(1)
(and only sed(1)) before doing anything else. This is a one-
time snafu. Typical failure mode:
In file included from /usr/src/contrib/binutils/bfd/targets.c:1092:
targmatch.h:7:1: null character(s) ignored
targmatch.h:12:1: null character(s) ignored
targmatch.h:16:1: null character(s) ignored
:
The window of "sed(1)-uction" is from Wed Jun 4 15:31:55 2003 UTC
to Thu Jun 5 12:10:19 2003 UTC (from rev 1.30 to rev 1.31 of
usr.bin/sed/process.c).
20030610:
Remove deprecated locale names and transition period code
for them, finishing switching to the new scheme. Check your
LANG environment variable.
20030609:
CCD has been changed to be a fully GEOMified class. Kernel
and ccdconfig(8) needs to be in sync, this is particularly
important to remember beforehand if your source tree is on
a ccd device. Consider making a copy of the old ccdconfig
into /boot/kernel.good or wherever you keep your backup
kernel.
20030505:
Kerberos 5 (Heimdal) is now built by default. Setting
MAKE_KERBEROS5 no longer has any effect. If you do NOT
want the "base" Kerberos 5, you need to set NO_KERBEROS.
20030502:
groff has been updated. If you try to do a buildworld and
get an infinite loop in troff, update to May 4th or newer. If you
have a newer kernel than userland, you may need to set the OSRELDATE
to 500110 in your environment before starting a buildworld.
20030501:
The old rc system has been removed. Please report any problems
to freebsd-rc@yahoogroups.com, and/or freebsd-current@freebsd.org.
Your personal versions of these files will not be removed, so you can
continue to use them. However, you should take great care when updating,
especially when using mergemaster, since the compatibility code that
utilizes these old scripts has also been removed.
20030423:
A bug has been fixed in /dev/devctl which would cause devd
to hang on boot, were it not for a workaround in devd. The
work around in devd will be removed around 20030507. You
have until then to upgrade your kernel before updating
userland. In general, you should have a userland and
kernel that's in sync with each other. However, given the
effects of this bug (hang on boot when starting devd), some
allowances are made.
20030329:
Alphas with libc from between 20030312 and 20030329 exhibit
floating point exceptions (FPEs), most notably in awk(1)
while upgrading the system through a buildworld.
So, to successfully upgrade your Alpha, you must either
downgrade your libc.so to a pre-20030312 version, or update
/usr/share/mk/bsd.cpu.mk to revision 1.26 which adds -mieee
to CFLAGS, then forcibly rebuild and install libc:
cd /usr/src/lib/libc && \
make cleandir && make obj && \
make -DNOMAN -DNOPROFILE all && \
make -DNOMAN -DNOPROFILE install
20030208:
sendmail 8.12.7 has been imported. It has one important
change for IPv6 users. The default submit.mc now uses
'[127.0.0.1]' instead of 'localhost' meaning only IPv4 is
used to connect to the MTA. Users on IPv6-only machines
will need to edit /etc/mail/submit.mc appropriately.
20030128:
NODEVFS option has been removed and DEVFS thereby made standard.
This makes all references to MAKEDEV obsolete, and they should
be removed when convenient.
20030126:
The name of the device for the ofw console has changed, sparc64 users
must run mergemaster to update their installed /etc/ttys.
20030125:
The scheduler framework has grown a second scheduler and consequently
you must specify one and only one scheduler in your kernel config.
The cvs config files have been updated to use the old scheduler
which may be selected via 'options SCHED_4BSD'. If you would like
to try the new, much more experimental, scheduler please try
'options SCHED_ULE' and contribute to the arch@ discussion.
20030115:
A new version of the wi driver has been imported into the tree.
One now must have device wlan in the config file for it to operate
properly.
In addition, there have been some changes to how wi devices are
configured for point to point links to bring it more in line
with the former way of doing things, as well as compatibility
with NetBSD.
20021222:
For a period after the GCC 3.2.1 import (from 12/04 to 12/22), GCC
used an incompatible form of ABI for returning structures and unions
which FreeBSD's GCC maintainers were not aware of relative to previous
versions of FreeBSD. We have gone back to the ABI for now, and any
code compiled which is required to interoperate with other code (not
built at the same time) returning structs or unions should be
rebuilt.
20021216:
A name change in /etc/netconfig has been reverted to stay
compatible with suns TIRPC and also with NetBSD. You need
to run mergemaster after make world. A new libc does still work
with an outdated /etc/netconfig for some time, but you'll get
a warning. This warning will be removed in 20030301.
20021202:
The recent binutils upgrade marks a kernel flag day on
sparc64: modules built with the old binutils will not work
with new kernels and vice versa. Mismatches will result in
panics. Make sure your kernel and modules are in sync.
20021029:
The value of IPPROTO_DIVERT has changed. Make sure to keep
your kernel, netstat, natd and any third-party DIVERT
consumers in sync.
20021024:
Old, compatibility slices have been removed in GEOM kernels.
This means that you will have to update your /etc/fstab to
not use disk devices of the form /dev/ad0a. Instead, you
now must specify /dev/ad0s1a, or whatever slice your FreeBSD
partition really is on. The old device names have gone
away, so if you use them anywhere else, you must also adjust
those uses. (This doesn't affect the disks formatted in
the ``dangerously-dedicated'' mode.)
20021023:
Alphas with kernels from between 20020830 and 20021023 and/or
rtld (ld-elf.so.1) older than 20021023 may experience problems
with groff while doing a buildworld (kernel: "out of memory",
fixed in rev 1.129 of kern/imgact_elf.c; rtld: "too few PT_LOAD
segments", fixed in rev 1.8 of libexec/rtld-elf/map_object.c).
So, to successfully upgrade your Alpha, you must either
upgrade your kernel and rtld first (which might be a bit
tricky), or avoid running the bootstrapped groff during the
"transitional" buildworld. To avoid running groff during the
transitional upgrade run make buildworld with -DNOMAN,
-DNO_SHAREDOCS, and -DNO_LPR.
20020831:
gcc has been upgraded to 3.2. It is not all binary compatible
with earlier versions of gcc for c++ programs. All c++
programs and libraries need to be recompiled.
Also, if you encounter g++ issues, rm /usr/include/g++/* before
doing an installworld to make sure that stale files are removed.
20020827:
Our /etc/termcap now has all the entries from the XFree86 xterm
almost unchanged. This means xterm now supports color by default.
If you used TERM=xterm-color in the past you now should use
TERM=xterm. (xterm-color will lead to benign warnings).
20020815:
A "bug" in gcc(1) that was hiding warning in system headers was
fixed. It's probably time to add -DNO_WERROR to your make line
again.
20020729:
COPY is being deprecated. The 20010530 change was reverted, as
it causes far more pain than was expected, and to always compare
before installing, please use INSTALL="install -C" again. The
-C option is now silently ignored when used with the -d option.
20020702:
Problems with libc_r clients like KDE and GNOME have been resolved.
There are still some minor problems with some signals but the
system is stable enough for general use again. SMP is less so than UP
but each can successfully complete multiple buildworlds.
Libkvm needs to be recompiled due to KSE.
20020701:
Now would be a bad time to upgrade. Something in or near the
KSE commit totally broke programs using libc_r like KDE and
GNOME.
20020511:
The k5su utility installed as part of Kerberos 5 is no longer
installed with the set-user-ID bit set by default. Add
ENABLE_SUID_K5SU=yes to /etc/make.conf to have it installed
with the set-user-ID bit set.
20020510:
Gcc 3.1 debugging format (cc -g) has changed from STABS to DWARF2.
Unfortunately our native GDB (at version 4.18) does not understand
the DWARF2 debugging format. Thus you must use `gcc -gstabs+' to
generated debugging information for our native GDB.
20020510:
Due to the way CVS works, it may not properly update src/contrib/gcc
to the 3.1 sources. The easiest fix is to `rm -rf' src/contrib/gcc
and then do a cvs update.
20020421:
When exec'ing set[ug]id executables, the kernel now ensures that the
stdio file descriptors (0..2) are open. See FreeBSD-SA-02:23.stdio.
20020404:
New sendmail startup scripts have been installed to make it
easier to use alternative MTAs with FreeBSD. Setting the rc.conf
variable sendmail_enable to "NO" no longer prevents any sendmail
daemons from starting. Instead, either set sendmail_enable to
"NONE" or change mta_start_script to a script for starting
an alternative MTA. Setting mta_start_script to "" will
also prevent any MTA from being started at boot.
20020403:
UCONSOLE is no longer a valid kernel option.
20020315:
FreeBSD 5.0 DP-1 was basically branched today.
20020225:
Warnings are now errors in the kernel. Unless you are a developer,
you should add -DNO_WERROR to your make line.
20020217:
sendmail 8.12.2 has been imported. The sendmail binary is no
longer a set-user-ID root binary and the infrastructure to support
command line mail submission has changed. Be sure to run
mergemaster (especially for updating /etc/rc, /etc/defaults/rc.conf,
and /etc/mail) and read /etc/mail/README for more details.
Due to the import of sendmail 8.12.2, a new user and group are
required in order for sendmail to run as a set-group-ID
binary. A 'make installworld' will use the new user and group
to set the owner and group of /var/spool/clientmqueue and will
fail if the new user and group do not exist. The 'smmsp' user
and group must be merged from src/etc/group and
src/etc/master.passwd before using 'make installworld'.
'mergemaster -p' will do this. You may need to install
mergemaster before this will work if you are updating from a
very old version of current. The updating recipe has changed
as of this date.
20020112:
The preferred configuration method for PAM is now /etc/pam.d/
rather than /etc/pam.conf. If you have an unmodified
pam.conf, just delete it after your next mergemaster run. If
you have local modifications, you can use
/usr/src/etc/pam.d/convert.pl to incorporate them into your
/etc/pam.d.
Please see the following url for more details:
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<xzp6667fyoa.fsf@flood.ping.uio.no>
20011229:
If anyone here is already using the new rc.conf(5) variable
networkfs_types, please note that it has changed
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<9744.1009655556@axl.seasidesoftware.co.za>
20011220:
sys/i4b/driver/i4b_ispppsubr.c has been retired. This file
started out its life in the ISDN4BSD project as an offspring
from sys/net/if_spppsubr.c, which eventually got a life of its
own. All the accumulated features and bugfixes of the i4b
version have now been merged back into the base system's
version now. The only user-visible change resulting from this
is that i4b's sppp(4) interfaces are to be managed with
spppcontrol(8) again, since ispppcontrol(8) has been retired
as well. (There has never been rc file support for
ispppcontrol in -current, but only in -stable. That will be
reverted by the time the changes are MFCed.)
20011215:
The fdc(4) driver has been updated and now automatically
recognizes media in `standard' formats (like 1440 KB and
720 KB for a 3.5" high-density drive) when accessing the
default device node (e. g. /dev/fd0). The old variety of
floppy device nodes /dev/fd*.* is no longer present by
default, devices can be created (in DEVFS) on demand. They
will need to be customized then for `odd' densities using
fdcontrol(8).
20011209:
The bugs in procfs' debugging support code have been fixed,
and truss(1) now works again.
20011207:
Daily security checks have been split out to use the periodic(8)
scripts. Some change in configuration may be necessary. Please
see
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<20011207155805.R8975@blossom.cjclark.org>
for details.
20011204:
sos added VCD/SVCD support to ata driver and that needs the
kernel and burncd to be in sync.
20011203:
The procfs pseudo-filesystem has now been converted to use the
pseudofs framework. If you have 'options PROCFS' in your
kernel config, you'll need to add 'options PSEUDOFS' if it's
not there already.
This change temporarily breaks truss(1); use ktrace(1) instead
until the issue has been resolved.
20011202:
A security hole in OpenSSH involving `UseLogin yes' has been
patched.
20011126:
You need to remove /usr/obj/.../usr.bin/tip before rebuilding
after this date. You need to do this only once.
20011103:
Most of the awk issues have been resolved. Some rough
edges may be left, but for the most part things should be
back to "normal." For CURRENT's usual definition of "normal."
20011030:
Awk has been upgraded to the one true awk from bell labs. Expect
choppy waves in the upgrade process.
20011030:
The asr driver problem has been resolved.
20011027:
Due to changes in other parts of the system, the asr driver
now causes the system to panic on boot. Do not use it pending
correction. Comment it out of any kernel config file that you
try to use from this date forward.
20011025:
When crossbuilding, use TARGET=xxx where you used to use
MACHINE=xxx. You don't need to set TARGET_ARCH and TARGET,
unless you are changing both of them. To cross build pc98 on
an alpha, for example, you need to set TARGET=pc98 and
TARGET_ARCH=i386.
20011001:
The kernel interface that burncd depends on has changed.
You must recompile both the kernel and userland applications
at the same time.
20010929:
When crossbuilding, please set TARGET_ARCH rather than
MACHINE_ARCH to indicate the target. In the future, one will
set TARGET_MACHINE where you set MACHINE now. At the moment,
setting MACHINE alone for same MACHINE_ARCH machines works
(eg, you can build pc98 on an i386 machine and vice versa).
20010927:
Some weird problems result from using ACPI on some machines.
To disable ACPI you can add
hint.acpi.0.disabled="1"
to /boot/loader.conf (or by putting set X=Y at the boot
loader "ok" prompt).
Alternatively, you can remove it from /boot/kernel/acpi.ko
or use the MODULES_OVERRIDE function in your kernel config
file and not list acpi in that list.
20010924:
The buildworld has been fixed. You may need to install
the 4.x compatibility libraries for some old binaries
to work. Add COMPAT4X=true to your /etc/make.conf to
get them installed on every installworld, or execute the
following to get them installed only once:
cd src/lib/compat/compat4x.<arch>
make all install
You will see ``__stdoutp undefined'' until you do this.
20010919:
There's a bug in the world build process. The cross-tools
are build with the NEW headers, but the OLD libc.a. This
leads to all kinds of problems with the new libc. A temporary
workaround is to add
CFLAGS="-O -pipe -D_OLD_STDIO"
before building world when upgrading from 4.x to current. This
can be removed afterwards.
A proper fix to the buildworld target is needed.
20010918:
Peter has committed his new kthread nfs client/server code.
NFS may be unstable after this date.
20010912:
KSE has hit the tree. Lots of things are now different in
the kernel. While a few problems were introduced in the
initial commit, most of the major ones have been found and
corrected.
20010901:
In OLDCARD, CardBus bridges appear to be stable. The work
arounds described in the 20010604 entry are now no longer
necessary and will be ignored. Most insert/remove problems
have been rectified around this date.
20010823:
named now runs as user bind and group bind rather than as
root. If named_enable is set to YES in /etc/rc.conf, ensure
that user bind is available in /etc/passwd (using vipw(8))
and that group bind is available in /etc/group. Also make
sure that user or group bind has read (and not write)
permission for your name server configuration and that it
has read and write permission for your slave zone files and
directory.
If you wish to continue to run named as root (a less secure
alternative), add a line to /etc/rc.conf saying
named_flags=
20010709:
The PAM libraries have had an API upgrade that is beyond
the ability of the shared library major number to handle.
It is manifested by PAM-using ports dumping core. The
solution is to rebuild those ports.
20010628:
The kernel compile module has moved from src/sys/compile/FOO
to src/sys/${MACHINE}/compile/FOO.
20010625:
The pccard modem issue from 20010613 has been corrected.
OLDCARD support is still a little weak in -current. slot 1 is
known not to work on some TI based cardbus bridges. Some
cardbus bridges do not properly detect insert/removal events.
IRQ configuration needs more safety belts.
20010617:
Softupdates problems have been corrected.
20010614:
Peter ripped out the linkerset support. You must, as always,
rerun config after you cvsup if you are using the traditional
kernel building methods.
20010613:
pccard modems may not work with current after 20010604 date. Some
do, others result in panics. *MAKE*SURE* that you update your
config and /etc/rc.conf ala the 20010604 entry, or you will have
problems (this issue will be fixed, it just hasn't been yet).
20010613:
SOFTUPDATES seem to be broken since the middle of May or so. Do not
use them in current. You can disable softupdates on all mounted
partitions, or remove SOFTUPDATES the kernel config file.
20010612:
After Peter's commits to the hints code, people have been noticing
that certain devices are attached (or try to) twice. This is due
to having both static hints as well as a /boot/device.hints. To
work around this issue, please use only one or the other mechanism
until this bug is fixed.
Please note that a feature of config is that if you have config
file FOO and FOO.hints, it automatically adds FOO.hints to the
hints.c file, whether you want it to or not.
20010610:
Locale names have changed to match other systems better.
20010604:
pccard support for pci cards has been committed. You must change
your /etc/pccard.conf irq lines. It must match the irq used by
pcic device. Interrupt storms may result if you fail to do this.
Interrupt storms look a lot like a hang.
You must also install a new pccardd, otherwise you will get an
interrupt storm at card reset time (just after it tells you what
it is).
pccardd_flags="-I" is necessary for the time being. It tells pccardd
not to ask the kernel if the interrupt is really free or not before
using it. You can either change the /etc/pccard.conf irq lines to
match pcic, or add "-i X" to the pccardd_flags.
20010530:
INSTALL=install -C is being deprecated. If you want to do this,
use COPY=-C instead. The former method will be supported for only
a limited time. If you see
install: warning: the -d and -C options may not be specified together
in your makeworld, then you need to migrate towards using
COPY=-C.
20010525:
It appears that vm is now stable enough to use again. However,
there may be other problems, so caution is still urged. alpha
definitely is in bad shape.
20010521:
Minor repo damage has happened. This may cause problems
with cvsup of ports. If you get errors, please see
http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27495
at the bottom for details on a workaround. The error message
is
Updater failed: Cannot delete "/usr/ports/www/jakarta-tomcat/files": Directory not empty
20010520:
Vm and/or swapping are busted on -current. Please be patient.
20010519:
pccard has had much reorganizational work done to it over
the past few days. Everything should still work, but if
not, please contact imp@freebsd.org.
20010517:
ata ioctl changed. Make sure to recompile both kernel and
userland at the same time.
20010517:
New ncurses imported.
20010512:
DEVFS is now opt out, not opt in. Barring major problems, this
will be the only way to go starting July 1.
20010504:
OpenSSH has been updated to 2.9. Some defaults are different,
including RhostsRSAAuthentication, which changes from yes to no.
20010502:
Perl breakage in 20010501 was corrected at 14:18:33 PDT.
20010501:
Building perl was broken at 02:25:25 PDT.
20010430:
The bug in 20010429 was corrected at 07:35:37 PDT. It is safe to
go back in the water.
20010429:
A bad bug was committed at 04:48:42 PDT. Don't use kernels after
this date, but before the correction date.
20010423:
old fsck and new kernel interactions appear to have been fixed.
20010411:
fsck and the kernel were changed to handle some optimizations
to directory layout. This breaks backward compatibility.
Update only if you understand that you must not use the old
fsck with the new kernel ever.
20010330:
fsck has changed the meaning of the pass column in /etc/fstab.
Please see the cvs commit to fsck.8 or the fsck.8 man page for
details. It is unclear if changes to /etc/fstab are necessary.
20010319:
portmap had changed name to rpcbind for maximum POLA in your
current world. /etc/hosts.{allow,deny} needs changes. nfs and
other rpc based programs that rely on portmapper will not work
without updates to /etc/hosts.{allow,deny} and /etc/netconfig.
20010315:
ata subsystem changes. ATA_ENABLE_ATAPI_DMA, ATA_ENABLE_WC
and ATA_ENABLE_TAGS are no longer kernel options. They have
been replaced by tunables. See ata.4 for details.
20010312:
The fxp driver was converted to use miibus. If you compile
fxp into your kernel statically, you will need to add miibus.
20010312:
The wi device now defaults to BSS (infrastructure) mode
instead of ad-hoc.
20010310:
/dev/urandom should be a symbolic link to /dev/random now.
Users of current not using DEVFS need to run MAKEDEV std.
ssh might not work if you don't.
20010303:
The ed driver has been updated. It now allows mii attachments,
which means that you must include the miibus in your kernel if
you use the ed driver.
20010220:
The problems with libc have been corrected. It is now mostly
safe to go back into the water.
20010211:
The size of FILE was changed. This breaks upgrading. If
you must upgrade, be prepared for pain. It also breaks almost
all binaries that you've compiled on -current. You are warned
that before upgrading would be a good time to do a level 0
dump of your system. No, really, I mean it this time.
To get to the new system, you'll need to use the following
workaround. Hopefully this can be sorted out so that we
don't have to move this to the updating section.
To get around the installworld problem, do:
# cd /usr/src/usr.bin/sed
# make install
# cd /usr/src
# make installworld
If that doesn't work, then try:
# make -k installworld
# make installworld
20010207:
DEVFS is now the default. If you use vinum, make sure that you
do not include devfs in your kernel as problems result.
20010205:
FFS_ROOT and CD9660_ROOT have been removed or deprecated.
Remove them from your config.
20010122:
****************************** WARNING ******************************
buildkernel has been changed slightly
****************************** WARNING ******************************
KERNCONF replaces the variable KERNEL for buildkernel. You
should update your scripts and make.conf accordingly.
20010119:
config has changed to allow DEV_FOO as a replacement for NFOO.
This requires a new config to build correctly.
20010116:
The kernel option I386_CPU is now mutually exclusive with the
other cpu types. If you have an i386 system, be sure that it
only had this line. Remove it for all other configurations.
20010110:
Changes to the kernel require it and burncd be in sync.
20010102:
Everyone who has hw.sndunit set to something in
/etc/sysctl.conf, it is now hw.snd.unit.
20010101:
ex and vi were broken by some changes to sys/queue.h. If you
have a bad vi, you will see make buildworld fail with a core
dump while building termcap. You can work around this problem
by adding -k to your make buildworld. This will cause the
build to complete and install a new vi. Once that's done, you
can rebuild again without the -k to pick up anything that
might have been ignored by the -k option.
Others have suggested that you can just rebuild libc if your
vi/ex is dynamically linked, but I've not received any reports
of this working.
20001228:
There have been some changes to libcrypt in -current. The
libscrypt/libdescrypt symlink silliness is gone and the installed
libcrypt is fully functional. Be aware of this.
20001218:
Linksys Fast Ethernet PCCARD cards supported by the ed driver
now require the addition of flag 0x80000 to their config line
in pccard.conf(5). This flag is not optional. These Linksys
cards will not be recognized without it.
20001205:
Important new FreeBSD-version stuff: PAM support has been worked
in, partially from the "Unix" OpenSSH version. This requires
adding the following in pam.conf:
sshd auth sufficient pam_skey.so
sshd auth required pam_unix.so try_first_pass
sshd session required pam_permit.so
20001031:
cvs updated to 1.11.
20001020:
The random device needs more entropy, so you need to make sure
that you've run mergemaster to get a /etc/rc which will seed
/dev/random. If you don't and the system hangs after ldconfig,
then banging on the keyboard randomly until it unhangs is one
workaround.
20001010:
****************************** WARNING ******************************
Sendmail has been updated.
****************************** WARNING ******************************
o mail.local(8) is no longer installed as a set-user-id binary.
o sendmail(8) is now built with STARTTLS support unless NO_OPENSSL
is set.
o The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY
commands.
o Now using sendmail's version of vacation(1).
o The sendmail cf building tools (contrib/sendmail/cf) are installed
in /usr/share/sendmail/cf.
o sendmail.cw changed to local-host-names
More details can be found at
http://people.freebsd.org/~imp/UPDATING/sendmail-20001010
20001009:
The ports tree's new layout is in place. Be sure to update
your entire ports tree, or you will have problems.
20001006:
The perl build procedure no longer installs miniperl, nor uses
the installed miniperl. It is recommended that you delete
/usr/bin/miniperl.
20001005:
This weekend the ports tree will be updated to a new layout.
It will be in an inconsistent state until noted in the UPDATING
file, or with asami-san's message to the relevant mailing
lists. With this new layout, you'll need to update the whole
tree for anything to work.
20000928:
There was a change in the passwd format. Need more information.
20000916:
/boot/kernel/kernel.ko -> /boot/kernel/kernel change has taken
place. Please update boot loader (not the boot blocks) at the
same time as your kernel.
20000914:
The new pmtimer device is necessary for laptops. Failure to
include the device will cause suspended laptops losing time
when they resume. Include
device pmtimer
in your config file and
hint.pmtimer.0.at="isa"
to your /boot/device.hints file.
20000911:
The random device has been turned into a (pseudo-)device,
rather than an option. The supplied kernel config files have
been updated. You will need to do something similar in your
own kernel config file.
Remove:
options RANDOMDEV
Add:
device random
If you prefer to load the loadable module, you need to do
nothing.
20000909:
The random device module has been renamed from randomdev.ko to
random.ko. You will need to edit your /boot/loader.conf to
reflect this if you load this module at boot time.
The line should read:
random_load="YES"
20000907:
The SMPNG commit has happened. It should work, but if it
doesn't, fallback to the PRE_SMPNG CVS tag. There are likely
to be a variety of minor issues. Please see 20000905 to make
sure you don't have model loading problems which might at
first blush appear related to SMP.
20000906:
nsswitch has been imported from NetBSD. Among other things,
this means that /etc/host.conf is no longer used. See
nsswitch.conf(5) instead. Note that at boot time rc.network
will attempt to produce a new nsswitch.conf file for you if you
don't have one, and you have host.conf.
20000905:
The ucred structure changed size. This breaks the interface
that mountd uses. Trying to use an older mountd with a newer
kernel guarantees a panic. This means that you need to use
kernels newer than today only with matching mountd, but you
needed to do that anyway with the boot loader changes.
20000905:
The boot loader has been updated. The new default kernel is
now /boot/kernel/kernel.ko. The new default module location
is /boot/kernel.
You *MUST* upgrade your boot loader and kernel at the same time.
The easiest way to do this is to do the buildworld/buildkernel/
installkernel/installworld dance.
Furthermore, you are urged to delete your old /modules directory
before booting the new kernel, since kldload will find stale
modules in that directory instead of finding them in the correct
path, /boot/kernel. The most common complaint that this cures
is that the linux module crashes your machine after the update.
if [ ! -d /boot/kernel.old ]; then
mv /modules.old /boot/kernel.old
chflags noschg /kernel.old
mv /kernel.old /boot/kernel.old/kernel.ko
chflags schg /boot/kernel.old/kernel.ko
fi
20000904:
A new issue with the sendmail upgrade has come to light.
/etc/aliases has moved to /etc/mail/aliases. Mergemaster will
incorrectly install the default aliases in /etc/mail rather than
move the old one from /etc. So you'll need to manually move the
file, create a symbolic link, remove the old /etc/aliases.db and
run newaliases. For safety sake, you should stop sendmail
while doing this and run the upgrade when locally sourced email
is not likely to be generated.
20000825:
/boot/device.hints is now required for installkernel to
succeed. You should copy GENERIC.hints for your architecture
into /boot/device.hints. If and only if you compile hints
into your kernel, then this file may be empty. Please note,
if you have an empty or missing /boot/device.hints file and
you neglected to compile hints into your kernel, no boot
messages will appear after the boot loader tries to start the
kernel.
20000821:
If you do NOT have ``options RANDOMDEV'' in your kernel and
you DO want the random device then add randomdev_load="YES" to
/boot/loader.conf.
20000812:
suidperl is now always built and installed on the system, but
with permissions of 511. If you have applications that use
this program, you are now required to add ENABLE_SUIDPERL=true
to /etc/make.conf. If you forget to do this,
chmod 4511 /usr/bin/suidperl
will fix this until the next build.
20000812:
sendmail has been updated from 8.9.3 to 8.11.0. Some of the more
visible changes that may immediately affect your configuration
include:
- New default file locations from src/contrib/sendmail/cf/README
- newaliases limited to root and trusted users
- MSA port (587) turned on by default
- New queue file naming system so can't go from 8.11 -> 8.9
- FEATURE(`rbl') renamed to FEATURE(`dnsbl')
- FEATURE(`nullclient') is more full featured
- FEATURE(`nouucp') requires an argument: `reject' or `nospecial'
- mail.local FreeBSD-only -b option changed to -B
- See src/contrib/sendmail/RELEASE_NOTES for more info
20000810:
suidperl (aka sperl) is no longer build by default. You must
specifically define BUILD_SUIDPERL to "true" for it to be build.
Furthermore, we recommend that you remove /usr/bin/sperl* and
/usr/bin/suidperl files from your system unless you have a
specific use for it.
20000729:
Networking defaults have been tightened. Anybody upgrading
/etc/defaults/rc.conf needs to add the following lines to
/etc/rc.conf if they want to have the same setup
afterwards (unless the variables already are set, of course):
# Enable network daemons for user convenience.
inetd_enable="YES"
portmap_enable="YES"
sendmail_enable="YES"
20000728:
If you have null_load="YES" in your /boot/loader.conf, you
will need to change that to nullfs_load="YES".
20000728:
The "installkernel" target has changed slightly. Now even if
you override KERNEL e.g. 'make installkernel KERNEL=MYKERNEL'
it will install the MYKERNEL file (built with the buildkernel
target) as /kernel rather than /MYKERNEL. Those who have
updated their /boot/loader.conf files to point to /MYKERNEL
should remove that entry or perform manual rename of /kernel
to /MYKERNEL.
20000711:
If you use CVSUP or CTM to get CVS trees, AND you used to get
the old crypto files from internat.freebsd.org AND you check
out files from the CVS tree with the cvs command, please read
http://people.freebsd.org/~imp/internat.txt
for details on potential problems that you might have and how
to get around them.
If you are merely a mirror, or don't answer yes to each of the
clauses above, you needn't worry.
20000711:
/etc/security has been updated to print the inode number of
setuid programs that have changed. You will see a large spike
in the number of changed programs the first time when you run
mergemaster to get a new /etc/security.
20000710:
/dev/random now has good entropy collection (from the keyboard
and sysmouse drivers). Please ensure that either `options
RANDOMDEV' is present in your kernel config file or that
`randomdev_load="YES"' is in your /boot/loader.conf. If you do
not have the /dev/random driver, OpenSSL (and consequently
lots of crypto tools (like SSH)) will fail with strange
errors. (see below, 20000624).
FreeBSD-current is safe again to run Crypto.
20000709:
phk made the malloc default options AJ. This may slow things
down and uncover other latent bugs in the code. If you need to
run at full speed, you can disable this by doing the following:
ln -s aj /etc/malloc.conf
20000706:
libftpio's version was accidentally bumped a few days ago. This
has been corrected. You may need to remove /usr/lib/libftpio.so.6
before doing your next buildworld/installworld pair. It certainly
won't hurt to remove it before the update procedure. It will
break fetch until a new one is built, but ftp can be used in the
interim if needed.
20000705:
The crypto packages have changed for the cvsup. This has been done
in a backward compatible way, but the old packages will go away at
some point in the future. Look at /usr/share/examples/cvsup for
details.
20000704:
With the new sys/modules/sound/drivers/*, you will need to
set SYSDIR until you do an installworld after July 7th.
20000704:
rc.shutdown and rc will now call the rc.d scripts with start
or stop. This may cause some harmless warnings from older
rc.d scripts that haven't been updated.
20000630:
The libfetch based version of fetch has gone into the tree.
Minor problems may result on some of the less popular sites,
which should be reported to des@freebsd.org.
20000625:
From approximately this date forward, one must have the crypto
system installed in order to build the system and kernel.
While not technically strictly true, one should treat it as
required and grab the crypto bits. If you are grabbing CVS
trees, src-all and cvs-crypto should be treated as if they
were required. You should check with the latest collections
to make sure that these haven't changed.
20000624:
Mark Murray just committed the first parts of a cleanup of
/dev/zero, et al. This is also cleaning up /dev/random.
The entropy is disconnected, so DO NOT USE VERSIONS OF FREEBSD
-CURRENT FROM THIS POINT to 2000710 for cryptographic services
until Mark can merge in the fixes to this work in progress.
openssh and openssl should not be used to generate keys from this
date to the completion of the work.
If you must operate at this reduced level of security, add '
options RANDOMDEV' to your kernel or modload the randomdev
module. You may also need to copy a new MAKEDEV to /dev and
recreate the random and urandom devices.
20000622:
The license on the softupdates is now a standard 2 clause
BSD license. You may need to remove your symbolic links
that used to be required when updating.
20000621:
Scott Flatman <sf@aracnet.com> sent in a decent write-up on
the config file update procedure.
http://people.freebsd.org/~imp/config-upd.html
NOTE: LINT is gone. It has been replaced with NOTES. NOTES
isn't buildable. However, you can generate a LINT file:
cd /sys/<ARCH>/conf && make LINT
20000620:
Binutils 2.10 have hit the tree, or will shortly. As soon
as they do, the problem noted in 20000522 will be resolved and
that workaround will no longer be required.
20000615:
phk removed the compatibility creation of wd devices in the
ad driver. If you haven't done so already, you must update
your fstab, etc to use the ad devices instead of the wd
devices.
In addition, you'll need to update your boot blocks to a
more modern version, if you haven't already done so. Modern
here means 4.0 release or newer (although older releases
may work).
20000612:
Peter took an axe to config(8). Be sure that you read his mail
on the topic before even thinking about updating. You will
need to create a /boot/device.hints or add a hints directive
to your config file to compile them in statically. The format
of the config file has changed as well. Please see GENERIC or
NEWCARD for examples of the new format.
Indirectly, this also breaks USERCONFIG. Unless a newer entry
says that it has been fixed, assume that must use the hints mechanism
in the loader if you need to use a machine with very old ISA cards
in it.
20000522:
A new set of binutils went into the tree today. Anybody
building a kernel after this point is advised that they need
to rebuild their binutils (or better yet do a
buildworld/installworld) before building a new kernel.
Due to bugs in binutils, using malloc options (eg /etc/malloc.conf
or MALLOC_OPTIONS env var) J will cause ld to dump core. It
is recommended that you don't set this option until the problem
is resolved.
20000513:
The ethernet drivers were all updated to clean up the BPF handling.
20000510:
The problems with boot blocks on the alphas have been corrected.
This will require some care in updating alphas. A new libstand
is requires for the boot blocks to build properly.
20000503:
Recompile all kld modules. Proper version dependency info
is now available.
20000502:
Modules have been disconnected from the buildworld tree and
connected to the kernel building instead.
20000427:
You may need to build gperf
cd /usr/src/gnu/usr.bin/gperf && make depend all install
when upgrading from 4.0 -> current. The build system now uses
an option only in -current.
20000417:
The method that we brand ELF binaries has changed to be more
acceptable to the binutils maintainers. You will need to
rebrand your ELF binaries that aren't native. One problem
binary is the Linux ldconfig. After your make world, but
before you reboot, you'll need to issue:
brandelf -t Linux /compat/linux/sbin/ldconfig
if you have Linux compatibility enabled on your machine.
20000320:
If you have really bad/marginal IDE drives, you may find they
don't work well. Use pio mode instead. The easiest way to
cope if you have a problem combination is to add:
/sbin/sysctl hw.ata.ata_dma=0
to the start of /etc/rc.conf.
20000319:
The ISA and PCI compatibility shims have been connected to the
options COMPAT_OLDISA and COMPAT_OLDPCI. If you are using old
style PCI or ISA drivers (i.e. tx, voxware, etc.) you must
include the appropriate option in your kernel config. Drivers
using the shims should be updated or they won't ship with
5.0-RELEASE, targeted for 2001.
20000318:
We've entered the traditional post release dumping party.
Large kernel changes are being committed and are in the
works. It is important to keep the systems' klds and kernel
in sync as kernel interfaces and structures are changing.
Before reporting kernel panics, make sure that all modules
that you are loading are up to date.
20000315:
If you are upgrading from an older version of FreeBSD, you
need to update your boot blocks as well. 'disklabel -B ad0'
will do the trick. This isn't critical until you remove your
wd device entries in /dev, at which point your system will not
boot.
20000315:
4.0 RELEASE shipped. Please see the 4.0 UPDATING file for how
to upgrade to 4.0 from 3.x.
COMMON ITEMS:
General Notes
-------------
Avoid using make -j when upgrading. From time to time in the
past there have been problems using -j with buildworld and/or
installworld. This is especially true when upgrading between
"distant" versions (eg one that cross a major release boundary
or several minor releases, or when several months have passed
on the -current branch).
Sometimes, obscure build problems are the result of environment
poisoning. This can happen because the make utility reads its
environment when searching for values for global variables.
To run your build attempts in an "environmental clean room",
prefix all make commands with 'env -i '. See the env(1) manual
page for more details.
To build a kernel
-----------------
If you are updating from a prior version of FreeBSD (even one just
a few days old), you should follow this procedure. With a
/usr/obj tree with a fresh buildworld,
make buildkernel KERNCONF=YOUR_KERNEL_HERE
make installkernel KERNCONF=YOUR_KERNEL_HERE
To just build a kernel when you know that it won't mess you up
--------------------------------------------------------------
cd src/sys/{i386,alpha}/conf
config KERNEL_NAME_HERE
cd ../../compile/KERNEL_NAME_HERE
make depend
make
make install
If this fails, go to the "To build a kernel" section.
To rebuild everything and install it on the current system.
-----------------------------------------------------------
# Note: sometimes if you are running current you gotta do more than
# is listed here if you are upgrading from a really old current.
<make sure you have good level 0 dumps>
<maybe fix /etc/fstab> [7]
make buildworld
make buildkernel KERNCONF=YOUR_KERNEL_HERE
make installkernel KERNCONF=YOUR_KERNEL_HERE
[1]
<reboot in single user> [3]
mergemaster -p [5]
make installworld
mergemaster [4]
<reboot>
To cross-install current onto a separate partition
--------------------------------------------------
# In this approach we use a separate partition to hold
# current's root, 'usr', and 'var' directories. A partition
# holding "/", "/usr" and "/var" should be about 2GB in
# size.
<make sure you have good level 0 dumps>
<boot into -stable>
make buildworld
<maybe newfs current's root partition>
<mount current's root partition on directory ${CURRENT_ROOT}>
make installworld DESTDIR=${CURRENT_ROOT}
make buildkernel KERNCONF=YOUR_KERNEL_HERE
cp /usr/src/sys/${ARCH}/conf/GENERIC.hints \
${CURRENT_ROOT}/boot/device.hints # as needed
make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
cd /usr/src/etc; make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd
<edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
<reboot into current>
<do a "native" rebuild/install as described in the previous section>
<maybe install compatibility libraries from /usr/src/lib/compat>
<reboot>
To upgrade in-place from 4.x-stable to current
----------------------------------------------
# 5.x uses more space than 4.x. Also, the location of kernel
# modules has changed. If you are installing 5.0 onto a 4.x
# system, you'll need about 30MB of free disk space on your /
# partition. If you have less than this, you may encounter difficult
# to back out of problems with this procedure. If /tmp is on
# the / partition, you may want to completely remove all its content
# before upgrading, as this can be a common source of shortage of
# space on /.
<make sure you have good level 0 dumps>
<maybe fix /etc/fstab> [7]
make buildworld [9]
make buildkernel KERNCONF=YOUR_KERNEL_HERE [8]
cp src/sys/${MACHINE}/conf/GENERIC.hints /boot/device.hints [2]
make installkernel KERNCONF=YOUR_KERNEL_HERE
cd src/sys/boot ; make install [6]
[1]
<reboot in single user> [3]
mergemaster -p [5]
rm -rf /usr/include/g++
make installworld
mergemaster [4]
<reboot>
Make sure that you've read the UPDATING file to understand the
tweaks to various things you need. At this point in the life
cycle of current, things change often and you are on your own
to cope. The defaults can also change, so please read ALL of
the UPDATING entries.
Also, if you are tracking -current, you must be subscribed to
freebsd-current@freebsd.org. Make sure that before you update
your sources that you have read and understood all the recent
messages there. If in doubt, please track -stable which has
much fewer pitfalls.
[1] If you have third party modules, such as vmware, you
should disable them at this point so they don't crash your
system on reboot.
[2] If you have legacy ISA devices, you may need to create
your own device.hints to reflect your unique hardware
configuration.
[3] From the bootblocks, boot -s, and then do
fsck -p
mount -u /
mount -a
cd /usr/src
adjkerntz -i # if CMOS is wall time
Also, when doing a major release upgrade, it is required that
you boot into single user mode to do the installworld.
For the 4.x -> 5.0 upgrade, you will also see many messages about
needing to recompile your userland. These are harmless and can
be ignored while you proceed to the next step.
[4] Note: This step is non-optional. Failure to do this step
can result in a significant reduction in the functionality of the
system. Attempting to do it by hand is not recommended and those
that pursue this avenue should read this file carefully, as well
as the archives of freebsd-current and freebsd-hackers mailing lists
for potential gotchas.
[5] Usually this step is a noop. However, from time to time
you may need to do this if you get unknown user in the following
step. It never hurts to do it all the time. You may need to
install a new mergemaster (cd src/usr.sbin/mergemaster && make
install) after the buildworld before this step if you last updated
from current before 20020224 or from -stable before 20020408.
[6] 4.x boot loader can be used to boot a 5.x system, however
it is difficult to do that at best. If you wish to try, then
you should interrupt the boot and at the ok prompt type:
ok unload
ok boot /boot/kernel/kernel
If this fails to work, you must install a new boot loader as
described here.
[7] Before you upgrade, please make sure that you are not using
compatibility slices. These are device names of the form, on i386
and other architectures that use MBR slicing, /dev/ad0a without the
actual slice name. Chances are excellent that these will break.
You generally must update these entries to use the post FreeBSD
2.x form of /dev/ad0s1a.
[8] In order to have a kernel that can run the 4.x binaries
needed to do an installworld, you must include the COMPAT_FREEBSD4
option in your kernel. Failure to do so may leave you with a system
that is hard to boot to recover.
[9] When checking out sources, you must include the -P flag to have
cvs prune empty directories.
FORMAT:
This file contains a list, in reverse chronological order, of major
breakages in tracking -current. Not all things will be listed here,
and it only starts on March 15, 2000. Updating files can found in
previous releases if your system is older than this.
Copyright information:
Copyright 1998, 2002 M. Warner Losh. All Rights Reserved.
Redistribution, publication, translation and use, with or without
modification, in full or in part, in any form or format of this
document are permitted without further permission from the author.
THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
If you find this document useful, and you want to, you may buy the
author a beer.
Contact Warner Losh if you have any questions about your use of
this document.
$FreeBSD$