mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-21 11:13:30 +00:00
0acc635e6d
o cvs 1.11 o /dev/random o sendmail o password default change Please look at these entries and let me know if I've forgotten anything, or if my understanding doesn't match reality.
482 lines
18 KiB
Plaintext
482 lines
18 KiB
Plaintext
Updating Information for FreeBSD current users
|
|
|
|
This file is maintained by imp@village.org. Please send new entries
|
|
directly to him. See end of file for further details. For commonly
|
|
done items, please see the end of the file. Search for 'COMMON
|
|
ITEMS:'
|
|
|
|
20001031:
|
|
cvs updated to 1.11.
|
|
|
|
20001020:
|
|
The random device needs more entropy, so you need to make sure
|
|
that you've run mergemaster to get a /etc/rc which will seed
|
|
/dev/random. If you don't and the system hangs after ldconfig,
|
|
then banging on the keyboard randomly until it unhangs is one
|
|
workaround.
|
|
|
|
20001010:
|
|
****************************** WARNING ******************************
|
|
Sendmail has been updated.
|
|
****************************** WARNING ******************************
|
|
o mail.local(8) is no longer installed as a set-user-id binary.
|
|
o sendmail(8) is now built with STARTTLS support unless NO_OPENSSL
|
|
is set.
|
|
o The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY
|
|
commands.
|
|
o Now using sendmail's version of vacation(1).
|
|
o The sendmail cf building tools (contrib/sendmail/cf) are installed
|
|
in /usr/share/sendmail/cf.
|
|
o sendmail.cw changed to local-host-names
|
|
|
|
More details can be found at
|
|
http://people.freebsd.org/~imp/UPDATING/sendmail-20001010
|
|
|
|
20001009:
|
|
The ports tree's new layout is in place. Be sure to update
|
|
your entire ports tree, or you will have problems.
|
|
|
|
20001006:
|
|
The perl build proceedure no longer installs miniperl, nor uses
|
|
the installed miniperl. It is recommended that you delete
|
|
/usr/bin/miniperl.
|
|
|
|
20001005:
|
|
This weekend the ports tree will be updated to a new layout.
|
|
It will be in an inconsistant state until noted in the UPDATING
|
|
file, or with asami-san's message to the relevant mailing
|
|
lists. With this new layout, you'll need to update the whole
|
|
tree for anything to work.
|
|
|
|
20000928:
|
|
There was a change in the passwd format. Need more information.
|
|
|
|
20000916:
|
|
/boot/kernel/kernel.ko -> /boot/kernel/kernel change has taken
|
|
place. Please update boot loader (not the boot blocks) at the
|
|
same time as your kernel.
|
|
|
|
20000914:
|
|
The new pmtimer device is necessary for laptops. Failure to
|
|
include the device will cause suspended laptops losing time
|
|
when they resume. Include
|
|
device pmtimer
|
|
in your config file and
|
|
hint.pmtimer.0.at="isa"
|
|
to your /boot/device.hints file.
|
|
|
|
20000911:
|
|
The random device has been turned into a (pseudo-)device,
|
|
rather than an option. The supplied kernel config files have
|
|
been updated. You will need to do something similar in your
|
|
own kernel config file.
|
|
Remove:
|
|
options RANDOMDEV
|
|
Add:
|
|
device random
|
|
If you prefer to load the loadable module, you need to do
|
|
nothing.
|
|
|
|
20000909:
|
|
The random device module has been renamed from randomdev.ko to
|
|
random.ko. You will need to edit your /boot/loader.conf to
|
|
reflect this if you load this module at boot time.
|
|
The line should read:
|
|
random_load="YES"
|
|
|
|
20000907:
|
|
The SMPNG commit has happened. It should work, but if it
|
|
doesn't, fallback to the PRE_SMPNG CVS tag. There are likely
|
|
to be a variety of minor issues. Please see 20000905 to make
|
|
sure you don't have model loading problems which might at
|
|
first blush appear related to SMP.
|
|
|
|
20000906:
|
|
nsswitch has been imported from NetBSD. Among other things,
|
|
this means that /etc/host.conf is no longer used. See
|
|
nsswitch.conf(5) instead. Note that at boot time rc.network
|
|
will attempt to produce a new nsswitch.conf file for you if you
|
|
don't have one, and you have host.conf.
|
|
|
|
20000905:
|
|
The ucred structure changed size. This breaks the interface
|
|
that mountd uses. Trying to use an older mountd with a newer
|
|
kernel guarantees a panic. This means that you need to use
|
|
kernels newer than today only with matching mountd, but you
|
|
needed to do that anyway with the boot loader changes.
|
|
|
|
20000905:
|
|
The boot loader has been updated. The new default kernel is
|
|
now /boot/kernel/kernel.ko. The new default module location
|
|
is /boot/kernel.
|
|
|
|
You *MUST* upgrade your boot loader and kernel at the same time.
|
|
The easiest way to do this is to do the buildworld/buildkernel/
|
|
installkernel/installworld dance.
|
|
|
|
Furthermore, you are urged to delete your old /modules directory
|
|
before booting the new kernel, since kldload will find stale
|
|
modules in that directory instead of finding them in the correct
|
|
path, /boot/kernel. The most common complaint that this cures
|
|
is that the linux module crashes your machine after the update.
|
|
|
|
if [ ! -d /boot/kernel.old ]; then
|
|
mv /modules.old /boot/kernel.old
|
|
chflags noschg /kernel.old
|
|
mv /kernel.old /boot/kernel.old/kernel.ko
|
|
chflags schg /boot/kernel.old/kernel.ko
|
|
fi
|
|
|
|
20000904:
|
|
A new issue with the sendmail upgrade has come to light.
|
|
/etc/aliases has moved to /etc/mail/aliases. Mergemaster will
|
|
incorrectly install the default aliases in /etc/mail rather than
|
|
move the old one from /etc. So you'll need to manually move the
|
|
file, create a symbolic link, remove the old /etc/aliases.db and
|
|
run newaliases. For safety sake, you should stop sendmail
|
|
while doing this and run the upgrade when locally sourced email
|
|
is not likely to be generated.
|
|
|
|
20000825:
|
|
/boot/device.hints is now required for installkernel to
|
|
succeed. You should copy GENERIC.hints for your architecture
|
|
into /boot/device.hints. If and only if you compile hints
|
|
into your kernel, then this file may be empty. Please note,
|
|
if you have an empty or missing /boot/device.hints file and
|
|
you neglected to compile hints into your kernel, no boot
|
|
messages will appear after the boot loader tries to start the
|
|
kernel.
|
|
|
|
20000821:
|
|
If you do NOT have ``options RANDOMDEV'' in your kernel and
|
|
you DO want the random device then add randomdev_load="YES" to
|
|
/boot/loader.conf.
|
|
|
|
20000812:
|
|
suidperl is now always built and installed on the system, but
|
|
with permissions of 511. If you have applications that use
|
|
this program, you are now required to add ENABLE_SUIDPERL=true
|
|
to /etc/make.conf. If you forget to do this,
|
|
chmod 4511 /usr/bin/suidperl
|
|
will fix this until the next build.
|
|
|
|
20000812:
|
|
sendmail has been updated from 8.9.3 to 8.11.0. Some of the more
|
|
visible changes that may immediately affect your configuration
|
|
include:
|
|
- New default file locations from src/contrib/sendmail/cf/README
|
|
- newaliases limited to root and trusted users
|
|
- MSA port (587) turned on by default
|
|
- New queue file naming system so can't go from 8.11 -> 8.9
|
|
- FEATURE(`rbl') renamed to FEATURE(`dnsbl')
|
|
- FEATURE(`nullclient') is more full featured
|
|
- FEATURE(`nouucp') requires an argument: `reject' or `nospecial'
|
|
- mail.local FreeBSD-only -b option changed to -B
|
|
- See src/contrib/sendmail/RELEASE_NOTES for more info
|
|
|
|
20000810:
|
|
suidperl (aka sperl) is no longer build by default. You must
|
|
specifically define BUILD_SUIDPERL to "true" for it to be build.
|
|
Furthermore, we recommend that you remove /usr/bin/sperl* and
|
|
/usr/bin/suidperl files from your system unless you have a
|
|
specific use for it.
|
|
|
|
20000729:
|
|
Networking defaults have been tightened. Anybody upgrading
|
|
/etc/defaults/rc.conf needs to add the following lines to
|
|
/etc/rc.conf if they want to have the same setup
|
|
afterwards (unless the variables already are set, of course):
|
|
# Enable network daemons for user convenience.
|
|
inetd_enable="YES"
|
|
portmap_enable="YES"
|
|
sendmail_enable="YES"
|
|
|
|
20000728:
|
|
If you have null_load="YES" in your /boot/loader.conf, you
|
|
will need to change that to nullfs_load="YES".
|
|
|
|
20000728:
|
|
The "installkernel" target has changed slightly. Now even if
|
|
you override KERNEL e.g. 'make installkernel KERNEL=MYKERNEL'
|
|
it will install the MYKERNEL file (built with the buildkernel
|
|
target) as /kernel rather than /MYKERNEL. Those who have
|
|
updated their /boot/loader.conf files to point to /MYKERNEL
|
|
should remove that entry or perform manual rename of /kernel
|
|
to /MYKERNEL.
|
|
|
|
20000711:
|
|
If you use CVSUP or CTM to get CVS trees, AND you used to get
|
|
the old crypto files from internat.freebsd.org AND you check
|
|
out files from the CVS tree with the cvs command, please read
|
|
http://people.freebsd.org/~imp/internat.txt
|
|
for details on potential problems that you might have and how
|
|
to get around them.
|
|
|
|
If you are merely a mirror, or don't answer yes to each of the
|
|
clauses above, you needn't worry.
|
|
|
|
20000711:
|
|
/etc/security has been updated to print the inode number of
|
|
setuid programs that have changed. You will see a large spike
|
|
in the number of changed programs the first time when you run
|
|
mergemaster to get a new /etc/security.
|
|
|
|
20000710:
|
|
/dev/random now has good entropy collection (from the keyboard
|
|
and sysmouse drivers). Please ensure that either `options
|
|
RANDOMDEV' is present in your kernel config file or that
|
|
`randomdev_load="YES"' is in your /boot/loader.conf. If you do
|
|
not have the /dev/random driver, OpenSSL (and consequently
|
|
lots of crypto tools (like SSH)) will fail with strange
|
|
errors. (see below, 20000624).
|
|
|
|
FreeBSD-current is safe again to run Crypto.
|
|
|
|
20000709:
|
|
phk made the malloc default options AJ. This may slow things
|
|
down and uncover other latent bugs in the code. If you need to
|
|
run at full speed, you can disable this by doing the following:
|
|
ln -s aj /etc/malloc.conf
|
|
|
|
20000706:
|
|
libftpio's version was accidentally bumped a few days ago. This
|
|
has been corrected. You may need to remove /usr/lib/libftpio.so.6
|
|
before doing your next buildworld/installworld pair. It certainly
|
|
won't hurt to remove it before the update procedure. It will
|
|
break fetch until a new one is built, but ftp can be used in the
|
|
interim if needed.
|
|
|
|
20000705:
|
|
The crypto packages have changed for the cvsup. This has been done
|
|
in a backward compatible way, but the old packages will go away at
|
|
some point in the future. Look at /usr/share/examples/cvsup for
|
|
details.
|
|
|
|
20000704:
|
|
With the new sys/modules/sound/drivers/*, you will need to
|
|
set SYSDIR until you do an installworld after July 7th.
|
|
|
|
20000704:
|
|
rc.shutdown and rc will now call the rc.d scripts with start
|
|
or stop. This may cause some harmless warnings from older
|
|
rc.d scripts that haven't been updated.
|
|
|
|
20000630:
|
|
The libfetch based version of fetch has gone into the tree.
|
|
Minor problems may result on some of the less popular sites,
|
|
which should be reported to des@freebsd.org.
|
|
|
|
20000625:
|
|
From approximately this date forward, one must have the crypto
|
|
system installed in order to build the system and kernel.
|
|
While not technically strictly true, one should treat it as
|
|
required and grab the crypto bits. If you are grabbing CVS
|
|
trees, src-all and cvs-crypto should be treated as if they
|
|
were required. You should check with the latest collections
|
|
to make sure that these haven't changed.
|
|
|
|
20000624:
|
|
Mark Murray just committed the first parts of a cleanup of
|
|
/dev/zero, et al. This is also cleaning up /dev/random.
|
|
The entropy is disconnected, so DO NOT USE VERSIONS OF FREEBSD
|
|
-CURRENT FROM THIS POINT FORWARD for cryptographic services
|
|
until Mark can merge in the fixes to this work in progress.
|
|
openssh and openssl should not be used to generate keys from this
|
|
date to the completion of the work.
|
|
|
|
If you must operate at this reduced level of security, add '
|
|
options RANDOMDEV' to your kernel or modload the randomdev
|
|
module. You may also need to copy a new MAKEDEV to /dev and
|
|
recreate the random and urandom devices.
|
|
|
|
20000622:
|
|
The license on the softupdates is now a standard 2 clause
|
|
BSD license. You may need to remove your symbolic links
|
|
that used to be required when updating.
|
|
|
|
20000621:
|
|
Scott Flatman <sf@aracnet.com> sent in a decent write-up on
|
|
the config file update procedure.
|
|
http://people.freebsd.org/~imp/config-upd.html
|
|
NOTE: LINT is gone. It has been replaced with NOTES. NOTES
|
|
isn't buildable. However, you can generate a LINT file.
|
|
|
|
20000620:
|
|
Binutils 2.10 have hit the tree, or will shortly. As soon
|
|
as they do, the problem noted in 20000522 will be resolved and
|
|
that workaround will no longer be required.
|
|
|
|
20000615:
|
|
phk removed the compatibility creation of wd devices in the
|
|
ad driver. If you haven't done so already, you must update
|
|
your fstab, etc to use the ad devices instead of the wd
|
|
devices.
|
|
|
|
In addition, you'll need to update your boot blocks to a
|
|
more modern version, if you haven't already done so. Modern
|
|
here means 4.0 release or newer (although older releases
|
|
may work).
|
|
|
|
20000612:
|
|
Peter took an axe to config(8). Be sure that you read his mail
|
|
on the topic before even thinking about updating. You will
|
|
need to create a /boot/device.hints or add a hints directive
|
|
to your config file to compile them in statically. The format
|
|
of the config file has changed as well. Please see GENERIC or
|
|
NEWCARD for examples of the new format.
|
|
|
|
20000522:
|
|
A new set of binutils went into the tree today. Anybody
|
|
building a kernel after this point is advised that they need
|
|
to rebuild their binutils (or better yet do a
|
|
buildworld/installworld) before building a new kernel.
|
|
|
|
Due to bugs in binutils, using malloc options (eg /etc/malloc.conf
|
|
or MALLOC_OPTIONS env var) J will cause ld to dump core. It
|
|
is recommended that you don't set this option until the problem
|
|
is resolved.
|
|
|
|
20000513:
|
|
The ethernet drivers were all updated to clean up the BPF handling.
|
|
|
|
20000510:
|
|
The problems with boot blocks on the alphas have been corrected.
|
|
This will require some care in updating alphas. A new libstand
|
|
is requires for the boot blocks to build properly.
|
|
|
|
20000503:
|
|
Recompile all kld modules. Proper version dependency info
|
|
is now available.
|
|
|
|
20000502:
|
|
Modules have been disconnected from the buildworld tree and
|
|
connected to the kernel building instead.
|
|
|
|
20000427:
|
|
You may need to build gperf
|
|
cd /usr/src/gnu/usr.bin/gperf && make depend all install
|
|
when upgrading from 4.0 -> current. The build system now uses
|
|
an option only in -current.
|
|
|
|
20000417:
|
|
The method that we brand ELF binaries has changed to be more
|
|
acceptable to the binutils maintainers. You will need to
|
|
rebrand your ELF binaries that aren't native. One problem
|
|
binary is the Linux ldconfig. After your make world, but
|
|
before you reboot, you'll need to issue:
|
|
brandelf -t Linux /compat/linux/sbin/ldconfig
|
|
if you have Linux compatibility enabled on your machine.
|
|
|
|
20000320:
|
|
If you have really bad/marginal IDE drives, you may find they
|
|
don't work well. Use pio mode instead. The easiest way to
|
|
cope if you have a problem combination is to add:
|
|
/sbin/sysctl -w hw.atamodes=pio,pio,pio,pio
|
|
to the start of /etc/rc.conf.
|
|
|
|
20000319:
|
|
The ISA and PCI compatibility shims have been connected to the
|
|
options COMPAT_OLDISA and COMPAT_OLDPCI. If you are using old
|
|
style PCI or ISA drivers (i.e. tx, voxware, etc.) you must
|
|
include the appropriate option in your kernel config. Drivers
|
|
using the shims should be updated or they won't ship with
|
|
5.0-RELEASE, targeted for 2001.
|
|
|
|
20000318:
|
|
We've entered the traditional post release dumping party.
|
|
Large kernel changes are being committed and are in the
|
|
works. It is important to keep the systems' klds and kernel
|
|
in sync as kernel interfaces and structures are changing.
|
|
Before reporting kernel panics, make sure that all modules
|
|
that you are loading are up to date.
|
|
|
|
20000315:
|
|
If you are upgrading from an older version of FreeBSD, you
|
|
need to update your boot blocks as well. 'disklabel -B ad0'
|
|
will do the trick. This isn't critical until you remove your
|
|
wd device entries in /dev, at which point your system will not
|
|
boot.
|
|
|
|
20000315:
|
|
4.0 RELEASE shipped. Please see the 4.0 UPDATING file for how
|
|
to upgrade to 4.0 from 3.x.
|
|
|
|
COMMON ITEMS:
|
|
|
|
General Notes
|
|
-------------
|
|
Avoid using make -j when upgrading. From time to time in the
|
|
past there have been problems using -j with buildworld and/or
|
|
installworld. This is especially true when upgrading between
|
|
"distant" versions (eg one that cross a major release boundary
|
|
or several minor releases, or when several months have passed
|
|
on the -current branch).
|
|
|
|
To build a kernel
|
|
-----------------
|
|
If you are updating from a prior version of FreeBSD (even one just
|
|
a few days old), you should follow this procedure. With a
|
|
/usr/obj tree with a fresh buildworld,
|
|
make buildkernel KERNEL=YOUR_KERNEL_HERE
|
|
make installkernel KERNEL=YOUR_KERNEL_HERE
|
|
|
|
To just build a kernel when you know that it won't mess you up
|
|
--------------------------------------------------------------
|
|
cd src/sys/{i386,alpha}/conf
|
|
config KERNEL_NAME_HERE [1]
|
|
cd ../../compile/KERNEL_NAME_HERE
|
|
make depend
|
|
make
|
|
make install
|
|
|
|
[1] If in doubt, -r might help here.
|
|
|
|
If this fails, go to the "To build a kernel" section.
|
|
|
|
To rebuild everything and install it on the current system.
|
|
-----------------------------------------------------------
|
|
make world
|
|
Build a new kernel, see above.
|
|
|
|
To upgrade from 4.x-stable to current
|
|
-------------------------------------
|
|
make buildworld
|
|
make buildkernel KERNEL=YOUR_KERNEL_HERE
|
|
cp src/sys/${MACHINE_ARCH}/GENERIC.hints /boot/device.hints [2]
|
|
make installkernel KERNEL=YOUR_KERNEL_HERE
|
|
make installworld
|
|
[1]
|
|
<reboot>
|
|
|
|
Make sure that you've read the UPDATING file to understand the
|
|
tweaks to various things you need. At this point in the life
|
|
cycle of current, things change often and you are on your own
|
|
to cope. The defaults can also change, so please read ALL of
|
|
the UPDATING entries.
|
|
|
|
Also, if you are tracking -current, you must be subscribed to
|
|
freebsd-current@freebsd.org. Make sure that before you update
|
|
your sources that you have read and understood all the recent
|
|
messages there. If in doubt, please track -stable which has
|
|
much fewer pitfalls.
|
|
|
|
[1] If you have third party modules, such as vmware, you
|
|
should disable them at this point so they don't crash your
|
|
system on reboot.
|
|
|
|
[2] If you have legacy ISA devices, you may need to create
|
|
your own device.hints to reflect your unique hardware
|
|
configuration.
|
|
|
|
FORMAT:
|
|
|
|
This file contains a list, in reverse chronological order, of major
|
|
breakages in tracking -current. Not all things will be listed here,
|
|
and it only starts on March 15, 2000. Updating files can found in
|
|
previous releases if your system is older than this.
|
|
|
|
Please filter your entries through Warner Losh (imp@village.org) so
|
|
that the style, formatting, etc of this file can be maintained.
|
|
|
|
$FreeBSD$
|