RELEASE NOTES FreeBSD Release 5.0-SNAP (alpha Architecture) This is a 5.0-CURRENT release SNAPshot of FreeBSD, an active development branch which will produce its first release in early March 2001. Those features which have also been back-ported to the 4.x-stable branch (the next release for which will be 4.3) are marked [MERGED]. Any installation failures or crashes should be reported by using the send-pr command (those preferring a Web-based interface can also see http://www.FreeBSD.org/send-pr.html). For information about FreeBSD and the layout of the 5.0-RELEASE directory (especially if you're installing from floppies!), see ABOUT.TXT. For installation instructions, see the INSTALL.TXT and HARDWARE.TXT files. For the latest of these 5.0-current snapshots, you should always see: ftp://current.FreeBSD.org/pub/FreeBSD If you wish to get the latest post-4.x-RELEASE technology. Table of contents: ------------------ 1. What's new since the 4.0/5.0 branch 1.1 KERNEL CHANGES 1.2 SECURITY FIXES 1.3 USERLAND CHANGES 2. Supported Configurations 2.1 Disk Controllers 2.2 Ethernet cards 2.3 FDDI 2.4 ATM 2.5 Misc 3. Obtaining FreeBSD 3.1 FTP/Mail 3.2 CDROM 4. Upgrading from previous releases of FreeBSD 5. Reporting problems, making suggestions, submitting code 6. Acknowledgements 1. What's new since the 4.0/5.0 branch -------------------------------------- All changes described here are unique to the 5.0 branch unless specifically marked as [MERGED] features. 1.1. KERNEL CHANGES ------------------- A new event notification facility called kqueue was added to the FreeBSD kernel. This is a new interface which is able to replace poll/select, offering improved performance, as well as the ability to report many different types of events. Support for monitoring changes in sockets, pipes, fifos, and files are present, as well as for signals and processes. [MERGED] Support for named extended attributes was added to the FreeBSD kernel. This allows the kernel, and appropriately privileged userland processes, to tag files and directories with attribute data. Extended attributes were added to support the TrustedBSD Project, in particular ACLs, capability data, and mandatory access control labels. POSIX.1b Shared Memory Objects are now supported. The implementation uses regular files, but automatically enables the MAP_NOSYNC flag when they are mmap(2)ed. [MERGED] Added support for PCI ethernet adapters based on the National Semiconductor DP83815 chipset, including the NetGear FA312-TX. Due to a licensing change, softupdates have been integrated into the main portion of the kernel source tree. As a consequence, softupdates are now available with the GENERIC kernel. [MERGED] ipfilter has been updated to 3.4.16. The tap driver, a virtual Ethernet device driver for bridged configurations, has been added. [MERGED] accept_filters, a kernel feature to reduce overheads when accepting and reading new connections on listening sockets, has been added. [MERGED] The ata(4) driver now has support for ATA100 controllers. In addition, it now supports the ServerWorks ROSB4 ATA33 chipset, the CMD 648 ATA66 and CMD 649 ATA100 chipsets, and the Cyrix 5530. [MERGED] The ata(4) driver now has support for tagged queueing, which is enabled by the ATA_ENABLE_TAGS option. [MERGED] The ata(4) driver now has support for ATA "pseudo" RAID controllers as the Promise Fasttrak and HighPoint HPT370 controllers. [MERGED] AlphaServer 1200 ("Tincup") has been tested and works OK. Currently it does not want to boot from CD or floppy but a transplanted disk that was installed on another Alpha works well. [MERGED] The ti(4) driver now supports the Alteon AceNIC 1000baseT Gigabit Ethernet and Netgear GA620T 1000baseT Gigabit cards. [MERGED] SMP support has been largely reworked, incorporating code from BSD/OS 5.0. One of the main features of SMPng ("SMP Next Generation") is to allow more processes to run in kernel, without the need for spin locks that can dramatically reduce the efficiency of multiple processors. Interrupt handlers now have contexts associated with them that allow them to be blocked, which reduces the need to lock out interrupts. The kernel and modules have been moved to the directory /boot/kernel, so they can be easily manipulated together. The boot loader has been updated to make this change as seamless as possible. A filesystem snapshot capability has been added to FFS. Details can be found in /usr/src/sys/ufs/ffs/README.snapshot. The ng_mppc(4) and ng_bridge(4) node types have been added to the netgraph subsystem. The ng_ether(4) node is now dynamically loadable. Miscellaneous bug fixes and enhancements have also been made. [MERGED] The pcn(4) driver, which supports the AMD PCnet/FAST, PCnet/FAST+, PCnet/FAST III, PCnet/PRO, PCnet/Home, and HomePNA adapters, has been added. Although these cards are already supported by the lnc(4) driver, the pcn driver runs these chips in 32-bit mode and uses the RX alignment feature to achieve zero-copy receive. This driver is also machine-independent, so it will work on both the i386 and alpha platforms. The lnc driver is still needed to support non-PCI cards. [MERGED] The ed(4) driver is now also supported on the Alpha. A bug in the ed(4) driver that could cause panics with very short packets and BPF or bridging active has been fixed. The pcm(4) driver now supports the ESS Solo 1, Maestro-1, Maestro-2, and Maestro-2e; Forte Media fm801, ESS Maestro-2e, and VIA Technologies VT82C686A sound card/chipsets, and has received some other updates. [MERGED] A driver for the ESS Maestro-3/Allegro has been added, however due to the amount of GPL firmware included, it will only be built as a module. Separate drivers for the SoundBlaster 8 and Soundblaster 16 now replace an older, unified driver. [MERGED] A driver for the CMedia CMI8338/CMI8738 sound chips has been added. Replace the PQ_*CACHE options with a single PQ_CACHESIZE option to be set to the cache size in kilobytes. The old options are still supported for backwards compatibility. [MERGED] The ahc(4) driver has been updated. [MERGED] ACPI support has been merged in from the FreeBSD-ACPI project. devfs(5), which allows entries in the /dev directory to be built automatically and supports more flexible attachment of devices, has been largely reworked. devfs(5) is configured into the GENERIC kernel. Write combining for crashdumps has been implemented. This feature is useful when write caching is disabled on both SCSI and IDE disks, where large memory dumps could take up to an hour to complete. [MERGED] The bktr(4) driver has been updated to 2.15. New tuner types have been added, and improvememts to the KLD module and to memory allocation have been made. [MERGED] The bktr(4) driver has been updated to 2.17. This fixes bugs in devfs when unloading and reloading, and syncs with some NetBSD changes. [MERGED] The bktr(4) driver has been updated to 2.18. This adds support for new Hauppauge Model 44xxx WinTV Cards (the ones with no audio mux). Extremely large swap areas (>67 GB) no longer panic the system. The Inode Filesystem (IFS) has been added; more information can be found in /usr/src/sys/ufs/ifs/README. The cd(4) driver now has support for write operations. This allows writing to DVD-RAM, PD and similar drives that probe as CD devices. Note that change affects only random-access writeable devices, not sequential-only writeable devices such as CD-R drives, which are supported by cdrecord. [MERGED] Support for threads under Linux emulation has been added. The an(4) driver for Cisco Aironet cards now supports Wired Equivalent Privacy (WEP) encryption, settable via ancontrol(8). [MERGED] A new netgraph node type ng_one2many(4) for multiplexing and demultiplexing packets over multiple links has been added. [MERGED] Softupdates for FFS have received some bugfixes and enhancements. The DEC3000-series support has been removed from the mfsroot floppy image so that it fits on a 1.44Mbyte floppy again. As DEC3000 is currently only usable diskless this should not cause any problems. For the same reason SLIP has been removed from the mfsroot image as well. Support for AlphaServer 2100A ('Lynx') has been added. netgraph(4) has received some updates. sbufs, null-terminated string data structures, and their associated support routines, have been added to the kernel. Details are in sbuf(9). The vinum(4) volume manager has received some bugfixes and enhancements. ICMP ECHO and TSTAMP replies are now rate limited. TCP RSTs generated due to packets sent to open and unopen ports are now limited by separate counters. Each rate limiting queue now has its own description. ICMP UNREACH_FILTER_PROHIB messages can now RST TCP connections, as controlled by the net.inet.tcp.icmp_admin_prohib_like_rst sysctl. PECOFF (WIN32 Execution file format) support has been added. kernfs(5) is obsolete and has been retired. md(4), the memory disk device, has had the functionality of vn(4) incorporated into it. md(4) devices can now be configured by mdconfig(8). The ray(4) driver, which supports the Webgear Aviator wireless network cards, has been committed. The operation of ray(4) interfaces can be modified by raycontrol(8). [MERGED] FDDI networking using Digital Equipment DEFPA PCI FDDI adapters is now supported. A new API has been added for sound cards with hardware volume control. A new sysctl 'net.link.ether.inet.log_arp_wrong_iface' to controls the supression of logging when ARP replies arrive on the wrong interface. [MERGED] A bug in the NFS client that caused bogus access times with O_EXCL|O_CREAT opens was fixed. [MERGED] The bug that made certain CDROM drives fail to attach when connected to a SCSI card driven by 'isp' has been fixed. [MERGED] Condition variables have now been implemented in the FreeBSD kernel. See condvar(9) for more details. A bug in FFS that could cause superblock corruption on very large filesystems has been corrected. [MERGED] The "make buildkernel" target now gets the name of the configuration(s) to build from the KERNCONF variable, not KERNEL. It is no longer required, in some cases, for a "buildworld" to precede a "buildkernel". (The buildworld is still required when upgrading across major releases, across binutil upgrades and when config changes version.) The API UP1100 mainboard has been verified to work OK. bridge(4) and dummynet(4) have received some enhancements and bugfixes. The API CS20 1U high server has been verified to work OK. 1.2. SECURITY FIXES ------------------- sysinstall(8) now allows the user to select one of three "security profiles" at install-time. These profiles enable different levels of system security by enabling or disabling various system services in rc.conf(5) on new installs. [MERGED] A bug in which malformed ELF executable images can hang the system has been fixed (see security advisory FreeBSD-SA-00:41). [MERGED] A security hole in Linux emulation was fixed (see security advisory FreeBSD-SA-00:42). [MERGED] rlogind(8), rshd(8), and fingerd(8) are now disabled by default in /etc/inetd.conf. This only affects new installations. [MERGED] String-handling library calls in many programs were fixed to reduce the possibility of buffer overflow-related exploits. [MERGED] TCP now uses stronger randomness in choosing its initial sequence numbers (see security advisory FreeBSD-SA-00:52). [MERGED] Several buffer overflows in tcpdump(1) were corrected (see security advisory FreeBSD-SA-00:61). [MERGED] A security hole in top(1) was corrected (see security advisory FreeBSD-SA-00:62). [MERGED] A potential security hole caused by an off-by-one-error in gethostbyname(3) has been fixed (see security advisory FreeBSD-SA-00:63). [MERGED] A potential buffer overflow in the ncurses(3X) library, which could cause arbitrary code to be run from within systat(1), has been corrected (see security advisory FreeBSD-SA-00:68). [MERGED] A vulnerability in telnetd(8) that could cause it to consume large amounts of server resources has been fixed (see security advisory FreeBSD-SA-00:69). [MERGED] The "nat deny_incoming" command in ppp(8) now works correctly (see security advisory FreeBSD-SA-00:70). [MERGED] A vulnerability in csh(1)/tcsh(1) temporary files that could allow overwriting of arbitary user-writable files has been closed (see security advisory FreeBSD-SA-00:76). [MERGED] The ssh(1) binary is no longer SUID root by default. Some fixes were applied to the Kerberos IV implementation related to environment variables, a possible buffer overrun, and overwriting ticket files. [MERGED] telnet(1) now does a better job of sanitizing its environment. [MERGED] Several vulnerabilities in procfs(4) were fixed (see security advisory FreeBSD-SA-00:77). [MERGED] A bug in OpenSSH in which a server was unable to disable ssh-agent or X11 forwarding was fixed (see security advisory FreeBSD-SA-01:01). [MERGED] A bug in ipfw(8) and ipfw6(8) in which inbound TCP segments could incorrectly be treated as being part of an "established" connection has been fixed (see security advisory FreeBSD-SA-01:08). [MERGED] A bug in crontab(8) that could allow users to read any file on the system in valid crontab(5) syntax has been fixed (see security advisory FreeBSD-SA-01:09). [MERGED] A vulnerability in inetd(8) that could allow read-access to the initial 16 bytes of wheel-accessible files has been fixed (see security advisory FreeBSD-SA-01:11). [MERGED] A bug in periodic(8) that used insecure temporary files has been corrected (see security advisory FreeBSD-SA-01:12). [MERGED] A bug in sort(1) in which an attacker might be able to cause it to abort processing has been fixed (see security advisory FreeBSD-SA-01:13). [MERGED] To fix a remotely-exploitable buffer overflow, BIND has been updated to 8.2.3 (see security advisory FreeBSD-SA-01:18). [MERGED] 1.3. USERLAND CHANGES --------------------- cdcontrol(1) now supports a "cdid" command, which calculates and displays the CD serial number, using the same algorithm used by the CDDB database. [MERGED] mtree(8) now includes support for a file listing pathnames to be excluded when creating and verifying prototypes. This makes it easier to use mtree as a part of an intrusion-detection system. [MERGED] OpenSSL has been upgraded to 0.9.6. [MERGED] The OPIE one-time-password suite has been updated to 2.32. [MERGED] OpenSSH has been upgraded to 2.1.0, which provides support for the SSH2 protocol, including DSA keys. Therefore, OpenSSH users in the US no longer need to rely on the restrictively-licensed RSAREF toolkit which is required to handle RSA keys. OpenSSH 2.1 interoperates well with other SSH2 clients and servers, including the ssh2 port. See http://www.openssh.com for more details. [MERGED] OpenSSH can now authenticate using OPIE passwords in SSH1 mode. Support is not yet available in SSH2 mode. [MERGED] OpenSSH has been upgraded to 2.2.0. ssh-add(1) and ssh-agent(1) can now handle DSA keys. An sftp server interoperable with ssh.com clients and others has been added. scp(1) can now handle files >2GB. Interoperability with other ssh2 clients/servers has been improved. A new feature to limit the number of outstanding unauthenticated ssh connections in sshd has been added. [MERGED] OpenSSH has been upgraded to 2.3.0. This version adds support for the Rijndael encryption algorithm. [MERGED] PAM support for OpenSSH has been added. A long-standing bug in SSH, which sometimes resulted in a dropped session when an X11-forwarded client was closed, was fixed. Support for USB devices was added to the GENERIC kernel and to the installation programs to support USB devices out of the box. Note that SRM does not support USB devices at the moment, so you must still use an AT keyboard if you are not using a serial console. [MERGED] The csh(1) shell has been replaced by tcsh(1), although it can still be run as csh(1). [MERGED] tcsh has been updated to version 6.10. The more(1) command has been replaced by less(1), although it can still be run as more(1). [MERGED] ls(1) can produce colorized listings with the -G flag (and appropriate terminal support). [MERGED] sendmail upgraded from version 8.9.3 to version 8.11.2. Important changes include: new default file locations (see /usr/src/contrib/sendmail/cf/README); newaliases is limited to root and trusted users; STARTTLS encryption; and the MSA port (587) is turned on by default. See /usr/src/contrib/sendmail/RELEASE_NOTES for more information. [MERGED] mail.local(8) is no longer installed as a set-user-id binary. If you are using a /etc/mail/sendmail.cf from the default sendmail.cf included with FreeBSD any time after 3.1.0, you are fine. If you are using a hand-configured sendmail.cf and mail.local for delivery, check to make sure the F=S flag is set on the Mlocal line. Those with .mc files who need to add the flag can do so by adding the following line to their your .mc file and regenerating the sendmail.cf file: MODIFY_MAILER_FLAGS(`LOCAL', `+S')dnl Note that FEATURE(`local_lmtp') already does this. [MERGED] The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY commands. [MERGED] vacation(1) has been updated to use the version included with sendmail. [MERGED] The sendmail(8) configuration building tools are installed in /usr/share/sendmail/cf/. [MERGED] awk has been upgraded from gawk-3.0.4 to gawk-3.0.6. This fixes a number of non-critical bugs and includes a few performance tweaks. [MERGED] routed(8) has been updated to version 2.22. [MERGED] The truncate(1) utility, which truncates or extends the length of files, has been added. [MERGED] syslogd(8) can take a -n option to disable DNS queries for every request. [MERGED] kenv(1), a command to dump the kernel environment, has been added. [MERGED] The behavior of periodic(8) is now controlled by /etc/defaults/periodic.conf and /etc/periodic.conf. [MERGED] logger(1) can now send messages directly to a remote syslog. [MERGED] which(1) is now a C program, rather than a Perl script. killall(1) is now a C program, rather than a Perl script. As a result, killall's -m option now uses the regular expression syntax of regex(3), rather than that of perl(1). [MERGED] killall(1) now allows non-root users to kill SUID root processes that they started. finger(1) now has the ability to support fingering aliases, via the finger.conf(5) file. [MERGED] finger(1) now has support for a .pubkey file. nsswitch support has been merged from NetBSD. By creating an nsswitch.conf(5) file, FreeBSD can be configured so that various databases such as passwd(5) and group(5) can be looked up using flat files, NIS, or Hesiod. The old hosts.conf(5) file is no longer used. sshd X11Forwarding is now turned on by default on server (any risk is to the client, where it is already disabled by default). RSA Security has waived all patent rights to the RSA algorithm (two weeks before the patent was due to expire). As a result, the native OpenSSL implementation of the RSA algorithm is now activated by default, and the rsaref port and librsaUSA are no longer required for USA residents. [MERGED] sshd is now enabled by default on new installs. [MERGED] perl has been updated to version 5.6.0. Binutils have been upgraded to 2.10.1. [MERGED] libreadline has been upgraded to 4.1. [MERGED] The ifconfig(8) command can set the link-layer address of an interface. [MERGED] setproctitle(3) has been moved from libutil to libc. [MERGED] chio(1) now has the ability to specify elements by volume tag instead of by their physical location as well as the ability to return an element to its previous location. [MERGED] sed(1) now takes a -E option for extended regular expression support. [MERGED] ln(1) now takes an -i option to request user confirmation before overwriting an existing file. [MERGED] Version numbers of installed packages have a new (backward-compatible) syntax, which supports the "PORTREVISION" and "PORTEPOCH" variables in ports collection makefiles. These changes help keep track of changes in the ports collection entries such as security patches or FreeBSD-specific updates, which aren't reflected in the original, third-party software distributions. pkg_version(1) can now compare these new-style version numbers. [MERGED] cvs(1) has been updated to 1.11. [MERGED] tcpdump(1) has received some updates and bugfixes. [MERGED] User-land ppp(8) has received a number of updates and bugfixes. [MERGED] To improve performance and disk utilization, the "ports skeletons" in the FreeBSD Ports Collection have been restructured. Installed ports and packages should not be affected. [MERGED] make(1) has gained the :C/// (regexp substitution), :L (lowercase), and :U (uppercase) variable modifiers. These were added to reduce the differences between the FreeBSD and OpenBSD/NetBSD make programs. [MERGED] fsck wrappers have been imported; this feature provides infrastructure for fsck(8) to work on different types of filesystems (analogous to mount(8) and mount_*(8)). ncurses has been updated to ncurses-5.1-20001009. [MERGED] gperf has been updated to 2.7.2. style.perl.7, a style guide for Perl code in the FreeBSD base system, has been added. The ISC library from the BIND distribution is now built as libisc. [MERGED] The "in use" percentage metric displayed by netstat(1) now really reflects the percentage of network mbufs used. [MERGED] mergemaster(8) has gained some new features, has been cleaned up somewhat, and is now more cross-platform friendly. The compiler chain now uses the FSF-supplied C/C++ runtime initialization code. This change brings about better compatibility with code generated from the various egcs and gcc ports, as well as the stock public FSF source. [MERGED] The threads library has gained some signal handling changes, bug fixes, and performance enhancements (including zero system call thread switching). gdb(1) thread support has been updated to match these changes. [MERGED] chflags(1) has moved from /usr/bin to /bin. Use of the CSMG_* macros no longer require inclusion of . IP Filter is now supported by the rc.conf(5) boot-time configuration and initialization. [MERGED] The lastlogin(1) utility, which prints the last login time of each user, has been imported from NetBSD. newfs(1) now implements write combining, which can make creation of new filesystems up to seven times faster. [MERGED] A number of buffer overflows in config(8) have been fixed. [MERGED] pwd(1) can now double as realpath(1), a program to resolve pathnames to their underlying physical paths. [MERGED] file(1) has been contribify-ed, and imported as version 3.33. [MERGED] stty(1) now has support for an "erase2" control character, so that both "delete" and "backspace" can be used to erase characters. The ibcs2(8), linux(8), osf1(8), and svr4(8) scripts, whose sole purpose was to load emulation kernel modules, have been removed. The kernel module system will automatically load them as needed to fulfill dependencies. top(1) will now use the full width of its tty. groff(1) and its related utilities have been updated to FSF version 1.16.1. [MERGED] A number of cleanups and enhancements have been applied to the PCI subsystem. /usr/share/misc/pci_vendors now contains a vendor/device database, which can be used by pciconf(8). growfs(8), a utility for growing FFS filesystems, has been added. ffsinfo(8), a utility for dump all the meta-information of an existing filesystem, has also been added. indent(1) has gained some new formatting options. [MERGED] sysinstall now uses some more intuitive defaults thanks to some new dialog support functions. [MERGED] The default root partition in sysinstall is now 100MB on the i386 and 110MB on the alpha. gcc has been updated to 2.95.3. Shortly after the receipt of a SIGINFO signal (normally control-T from the controlling tty), fsck_ffs will now output a line indicating the current phase number and progress information relevant to the current phase. [MERGED] Catching up with most other network utilities in the base system, lpd(1), lpd(8), syslogd(8), and logger(1) are now all IPv6-capable. rm(1) -v now displays the entire pathname of a file being removed. [MERGED] lpr(1), lpq(1), and lpd(8) have received a few minor enhancements. [MERGED] pkg_update(1), a utility to update installed packages and update their dependencies, has been added. pkg_info(1) now supports globbing against names of installed packages. The -G option disables this behavior, and the -x option causes regular expression matching instead of shell globbing. If the first argument fo ancontrol(8) or wicontrol(8) doesn't start with a "-", it is assumed to be an interface. rdist(1) has been retired. Kerberos IV has been updated to 1.0.5. ppp(8) has gained the tcpmssfixup option, which adjusts outgoing TCP SYN packets so that the maximum receive segment size is no larger than allowed by the interface MTU. libcrypt and libdescrypt have been unified to provide a configurable password authentication hash library. Both the md5 and des hash methods are provided unless the des hash is specifically compiled out. passwd(1) and pw(8) now select the passwd hash algorithm at run time. See the "passwd_format" attribute in /etc/login.conf. In preparation for meeting SUSv2/POSIX requirements, 'struct selinfo' and related functions have been moved to . gcc now uses a unified libgcc rather than a separate one for threaded and non-threaded programs. /usr/lib/libgcc_r.a can be removed. [MERGED] syslogd(8) now supports a "LOG_CONSOLE" facility (disabled by default), which can be used to log /dev/console output. [MERGED] rpcgen now uses /usr/bin/cpp (as on NetBSD), not /usr/libexec/cpp. Boot-time syscons configuration was moved to a machine-independent rc.syscons. burncd(8) now supports a -m option for multisession mode (the default behavior now is to close disks as single-session). A -l option to take a list of image files from a filename was also added; '-' can be used as a filename for stdin. dmesg(8) now has a -a option to show the entire message buffer, including syslog records and /dev/console output. [MERGED] In /etc/ssh/sshd_config, the ConnectionsPerPeriod parameter has been deprecated in favor of MaxStartups. [MERGED] Entropy from the random(4) device is now periodically saved to files in /var/db/entropy. cdcontrol(1) now uses the CDROM environment variable to pick a default device. [MERGED] sysctl(8) now supports a -N option to print out variable names only. All packages and ports now contain an "origin" directive, which makes it easier for programs like pkg_version(1) to determine the directory from which a package was built. [MERGED] sysinstall(8) now lives in /usr/sbin, which simplifies the installation process. The sysinstall(8) manpage is also installed in a more consistent fashion now. config(8) is now better about converting various warnings that should have been errors into actual fatal errors with an exit code. This ensures that that 'make buildkernel' doesn't quitely ignore them and build a bogus kernel without a human to read the errors. [MERGED] pkg_create(1) and pkg_install(1) can now work with packages that have been compressed using bzip2(1). [MERGED] pkg_info(1) can now accept a -g flag for verifying an installed package against its recorded checksums (to see if it's been modified post-installation). Naturally, this mechanism is only as secure as the contents of /var/db/pkg if it's to be used for auditing purposes. [MERGED] libc is now thread-safe by default; libc_r contains only thread functions. find(1) now takes the -empty flag, which returns true if a file or directory is empty. [MERGED] tftpd(8) now takes the -c and -C options, which allow the server to chroot(2) based on the IP address of the connecting client. tftp(1) and tftpd(8) can now transfer files larger than 65535 blocks. vidcontrol(1) now accepts a -g parameter to select custom text geometry in the VESA_800x600 raster text mode. [MERGED] ldconfig(8) now checks directory ownerships and permissions for greater security; these checks can be disabled with the -i flag. [MERGED] The rfork_thread(3) library call has been added as a helper function to rfork(2). Using this function should avoid the need to implement complex stack swap code. [MERGED] 2. Supported Configurations --------------------------- For an extensive overview of supported Alpha machines/mainboards please refer to the HARDWARE.TXT file. 2.1. Disk Controllers --------------------- IDE ATA Adaptec 1535 ISA SCSI controllers Adaptec 154x series ISA SCSI controllers Adaptec AIC7850, AIC7860, AIC7880, AIC789x, on-board SCSI controllers. AdvanSys SCSI controllers (all models). BusLogic MultiMaster controllers: [ Please note that BusLogic/Mylex "Flashpoint" adapters are NOT yet supported ] BusLogic MultiMaster "W" Series Host Adapters: BT-948, BT-958, BT-958D BusLogic MultiMaster "C" Series Host Adapters: BT-946C, BT-956C, BT-956CD, BT-445C, BT-747C, BT-757C, BT-757CD, BT-545C, BT-540CF BusLogic MultiMaster "S" Series Host Adapters: BT-445S, BT-747S, BT-747D, BT-757S, BT-757D, BT-545S, BT-542D, BT-742A, BT-542B BusLogic MultiMaster "A" Series Host Adapters: BT-742A, BT-542B AMI FastDisk controllers that are true BusLogic MultiMaster clones are also supported. DPT SmartCACHE Plus, SmartCACHE III, SmartRAID III, SmartCACHE IV and SmartRAID IV SCSI/RAID controllers are supported. The DPT SmartRAID/CACHE V is not yet supported. AMI MegaRAID Express and Enterprise family RAID controllers: MegaRAID Series 418 MegaRAID Enterprise 1200 (Series 428) MegaRAID Enterprise 1300 (Series 434) MegaRAID Enterprise 1400 (Series 438) MegaRAID Enterprise 1500 (Series 467) MegaRAID Enterprise 1600 (Series 471) MegaRAID Elite 1500 (Series 467) MegaRAID Elite 1600 (Series 493) MegaRAID Express 100 (Series 466WS) MegaRAID Express 200 (Series 466) MegaRAID Express 300 (Series 490) MegaRAID Express 500 (Series 475) Dell PERC Dell PERC 2/SC Dell PERC 2/DC HP NetRAID-1si HP NetRAID-3si HP Embedded NetRAID Booting from these controllers is supported, but not possible due to SRM limitations. Mylex DAC960 and DAC1100 RAID controllers with 2.x, 3.x, 4.x and 5.x firmware: DAC960P DAC960PD DAC960PDU DAC960PL DAC960PJ DAC960PG AcceleRAID 150 AcceleRAID 250 eXtremeRAID 1100 This list includes controllers sold by Digital/Compaq in Alpha systems in the StorageWorks family, eg. KZPSC, KZPAC. Booting from these controllers is supported when recognised by SRM (typically Digital/ Compaq models only, and only in systems where they are supported). EISA adapters are not supported. SymBios (formerly NCR) 53C810, 53C810a, 53C815, 53C820, 53C825a, 53C860, 53C875, 53C875j, 53C885, 53C895 and 53C896 PCI SCSI controllers: ASUS SC-200 Data Technology DTC3130 (all variants) Diamond FirePort (all) NCR cards (all) Symbios cards (all) Tekram DC390W, 390U and 390F Tyan S1365 QLogic 1020, 1040, 1040B, 1080 and 1240 SCSI Host Adapters. QLogic 2100 Fibre Channel Adapters (private loop only). With all supported SCSI controllers, full support is provided for SCSI-I & SCSI-II peripherals, including hard disks, optical disks, tape drives (including DAT and 8mm Exabyte), medium changers, processor target devices and CDROM drives. WORM devices that support CDROM commands are supported for read-only access by the CDROM driver. WORM/CD-R/CD-RW writing support is provided by cdrecord, which is in the ports tree. The following CD-ROM type systems are supported at this time: (cd) SCSI interface (acd) ATAPI IDE interface 2.2. Ethernet cards ------------------- Adaptec Duralink PCI Fast Ethernet adapters based on the Adaptec AIC-6915 Fast Ethernet controller chip, including the following: ANA-62011 64-bit single port 10/100baseTX adapter ANA-62022 64-bit dual port 10/100baseTX adapter ANA-62044 64-bit quad port 10/100baseTX adapter ANA-69011 32-bit single port 10/100baseTX adapter ANA-62020 64-bit single port 100baseFX adapter Allied-Telesis AT1700 and RE2000 cards Alteon Networks PCI Gigabit Ethernet NICs based on the Tigon 1 and Tigon 2 chipsets, including the following: Alteon AceNIC (Tigon 1 and 2) 3Com 3c985-SX (Tigon 1 and 2) Netgear GA620 (Tigon 2) Silicon Graphics Gigabit Ethernet DEC/Compaq EtherWORKS 1000 NEC Gigabit Ethernet AMD PCnet/PCI (79c970 & 53c974 or 79c974) AMD PCnet/FAST, PCnet/FAST+, PCnet/FAST III, PCnet/PRO, PCnet/Home, and HomePNA. SMC Elite 16 WD8013 Ethernet interface, and most other WD8003E, WD8003EBT, WD8003W, WD8013W, WD8003S, WD8003SBT and WD8013EBT based clones. SMC Elite Ultra. SMC Etherpower II. RealTek 8129/8139 Fast Ethernet NICs including the following: Allied Telesyn AT2550 Allied Telesyn AT2500TX Genius GF100TXR (RTL8139) NDC Communications NE100TX-E OvisLink LEF-8129TX OvisLink LEF-8139TX Netronix Inc. EA-1210 NetEther 10/100 KTX-9130TX 10/100 Fast Ethernet Accton "Cheetah" EN1207D (MPX 5030/5038; RealTek 8139 clone) SMC EZ Card 10/100 PCI 1211-TX Lite-On 82c168/82c169 PNIC Fast Ethernet NICs including the following: LinkSys EtherFast LNE100TX NetGear FA310-TX Rev. D1 Matrox FastNIC 10/100 Kingston KNE110TX Macronix 98713, 98713A, 98715, 98715A and 98725 Fast Ethernet NICs NDC Communications SFA100A (98713A) CNet Pro120A (98713 or 98713A) CNet Pro120B (98715) SVEC PN102TX (98713) Macronix/Lite-On PNIC II LC82C115 Fast Ethernet NICs including the following: LinkSys EtherFast LNE100TX Version 2 Winbond W89C840F Fast Ethernet NICs including the following: Trendware TE100-PCIE VIA Technologies VT3043 "Rhine I" and VT86C100A "Rhine II" Fast Ethernet NICs including the following: Hawking Technologies PN102TX D-Link DFE-530TX AOpen/Acer ALN-320 Silicon Integrated Systems SiS 900 and SiS 7016 PCI Fast Ethernet NICs National Semiconductor DP83815 Fast Ethernet NICs including the following: NetGear FA312-TX Sundance Technologies ST201 PCI Fast Ethernet NICs including the following: D-Link DFE-550TX SysKonnect SK-984x PCI Gigabit Ethernet cards including the following: SK-9841 1000baseLX single mode fiber, single port SK-9842 1000baseSX multimode fiber, single port SK-9843 1000baseLX single mode fiber, dual port SK-9844 1000baseSX multimode fiber, dual port Texas Instruments ThunderLAN PCI NICs, including the following: Compaq Netelligent 10, 10/100, 10/100 Proliant, 10/100 Dual-Port Compaq Netelligent 10/100 TX Embedded UTP, 10 T PCI UTP/Coax, 10/100 TX UTP Compaq NetFlex 3P, 3P Integrated, 3P w/ BNC Olicom OC-2135/2138, OC-2325, OC-2326 10/100 TX UTP Racore 8165 10/100baseTX Racore 8148 10baseT/100baseTX/100baseFX multi-personality ADMtek Inc. AL981-based PCI Fast Ethernet NICs ADMtek Inc. AN985-based PCI Fast Ethernet NICs ADMtek Inc. AN986-based USB Ethernet NICs including the following: LinkSys USB100TX Billionton USB100 Melco Inc. LUA-TX D-Link DSB-650TX SMC 2202USB CATC USB-EL1210A-based USB Ethernet NICs including the following: CATC Netmate CATC Netmate II Belkin F5U111 Kawasaki LSI KU5KUSB101B-based USB Ethernet NICs including the following: LinkSys USB10T Entrega NET-USB-E45 Peracom USB Ethernet Adapter 3Com 3c19250 ADS Technologies USB-10BT ATen UC10T Netgear EA101 D-Link DSB-650 SMC 2102USB SMC 2104USB Corega USB-T ASIX Electronics AX88140A PCI NICs, including the following: Alfa Inc. GFC2204 CNet Pro110B DEC EtherWORKS III NICs (DE203, DE204, and DE205) DEC EtherWORKS II NICs (DE200, DE201, DE202, and DE422) DEC DC21040, DC21041, or DC21140 based NICs (SMC Etherpower 8432T, DE245, etc) Davicom DM9100 and DM9102 PCI Fast Ethernet NICs, including the following: Jaton Corporation XpressNet Fujitsu MB86960A/MB86965A HP PC Lan+ cards (model numbers: 27247B and 27252A). Intel EtherExpress 16 Intel EtherExpress Pro/10 Intel EtherExpress Pro/100B PCI Fast Ethernet Isolan AT 4141-0 (16 bit) Isolink 4110 (8 bit) Novell NE1000, NE2000, and NE2100 Ethernet interface. PCI network cards emulating the NE2000: RealTek 8029, NetVin 5000, Winbond W89C940, Surecom NE-34, VIA VT86C926. 3Com 3C501 cards 3Com 3C503 Etherlink II 3Com 3c505 Etherlink/+ 3Com 3C507 Etherlink 16/TP 3Com 3C509, 3C579, 3C590/592/595/900/905/905B/905C PCI (Fast) Etherlink III / (Fast) Etherlink XL 3Com 3c980/3c980B Fast Etherlink XL server adapter 3Com 3cSOHO100-TX OfficeConnect adapter Toshiba Ethernet cards Crystal Semiconductor CS89x0-based NICs, including: IBM Etherjet ISA Note that NO token ring cards are supported at this time as we're still waiting for someone to donate a driver for one of them. Any takers? 2.3. FDDI --------- Digital Equipment DEFPA PCI adapters are supported., 2.4. ATM -------- o ATM Host Interfaces - FORE Systems, Inc. PCA-200E ATM PCI Adapters - Efficient Networks, Inc. ENI-155p ATM PCI Adapters o ATM Signalling Protocols - The ATM Forum UNI 3.1 signalling protocol - The ATM Forum UNI 3.0 signalling protocol - The ATM Forum ILMI address registration - FORE Systems's proprietary SPANS signalling protocol - Permanent Virtual Channels (PVCs) o IETF "Classical IP and ARP over ATM" model - RFC 1483, "Multiprotocol Encapsulation over ATM Adaptation Layer 5" - RFC 1577, "Classical IP and ARP over ATM" - RFC 1626, "Default IP MTU for use over ATM AAL5" - RFC 1755, "ATM Signaling Support for IP over ATM" - RFC 2225, "Classical IP and ARP over ATM" - RFC 2334, "Server Cache Synchronization Protocol (SCSP)" - Internet Draft draft-ietf-ion-scsp-atmarp-00.txt, "A Distributed ATMARP Service Using SCSP" o ATM Sockets interface 2.5. Misc --------- AST 4 port serial card using shared IRQ. ARNET 8 port serial card using shared IRQ. ARNET (now Digiboard) Sync 570/i high-speed serial. Boca BB1004 4-Port serial card (Modems NOT supported) Boca IOAT66 6-Port serial card (Modems supported) Boca BB1008 8-Port serial card (Modems NOT supported) Boca BB2016 16-Port serial card (Modems supported) Comtrol Rocketport card. Cyclades Cyclom-y Serial Board. STB 4 port card using shared IRQ. SDL Communications Riscom/8 Serial Board. SDL Communications RISCom/N2 and N2pci high-speed sync serial boards. Stallion multiport serial boards: EasyIO, EasyConnection 8/32 & 8/64, ONboard 4/16 and Brumby. Specialix SI/XIO/SX ISA, PCI serial expansion cards/modules. Advance Asound 100, 110 and Logic ALS120 Crystal Semiconductor CS461x/462x/428x ENSONIQ AudioPCI ES1370/1371 ESS ES1868, ES1869, ES1879 and ES1888 ESS Maestro-1, Maestro-2, and Maestro-2E ForteMedia fm801 Gravis UltraSound MAX/PnP MSS/WSS Compatible DSPs NeoMagic 256AV/ZX OPTi 931/82C931 SoundBlaster, Soundblaster Pro, Soundblaster AWE-32, Soundblaster AWE-64 Trident 4DWave DX/NX VIA Technologies VT82C686A Yamaha DS1 and DS1e (newpcm driver) Connectix QuickCam Matrox Meteor Video frame grabber Creative Labs Video Spigot frame grabber Cortex1 frame grabber Hauppauge Wincast/TV boards (PCI) STB TV PCI Intel Smart Video Recorder III Various Frame grabbers based on Brooktree Bt848 / Bt878 chip. HP4020, HP6020, Philips CDD2000/CDD2660 and Plasmon CD-R drives. PS/2 mice Standard PC Joystick X-10 power controllers GPIB and Transputer drivers. Genius and Mustek hand scanners. Xilinx XC6200 based reconfigurable hardware cards compatible with the HOT1 from Virtual Computers (www.vcc.com) Support for Dave Mills experimental Loran-C receiver. Lucent Technologies WaveLAN/IEEE 802.11 ISA standard speed (2Mbps) and turbo speed (6Mbps) wireless network adapters and workalikes (NCR WaveLAN/IEEE 802.11, Cabletron RoamAbout 802.11 DS). Note: the ISA versions of these adapters are actually PCMCIA cards combined with an ISA to PCMCIA bridge card, so both kinds of devices work with the same driver. Aironet 4500/4800 series 802.11 wireless adapters. The PCI and ISA models are supported for the Alpha architecture. 3. Obtaining FreeBSD -------------------- You may obtain FreeBSD in a variety of ways: 3.1. FTP/Mail ------------- You can ftp FreeBSD and any or all of its optional packages from `ftp.FreeBSD.org' - the official FreeBSD release site. For other locations that mirror the FreeBSD software see the file MIRROR.SITES. Please ftp the distribution from the site closest (in networking terms) to you. Additional mirror sites are always welcome! Contact freebsd-admin@FreeBSD.org for more details if you'd like to become an official mirror site. If you do not have access to the Internet and electronic mail is your only recourse, then you may still fetch the files by sending mail to `ftpmail@ftpmail.vix.com' - putting the keyword "help" in your message to get more information on how to fetch files using this mechanism. Please do note, however, that this will end up sending many *tens of megabytes* through the mail and should only be employed as an absolute LAST resort! 3.2. CDROM ---------- FreeBSD 4.x-RELEASE and 3.x-RELEASE CDs may be ordered on CDROM from: BSDi / Walnut Creek CDROM 4041 Pike Lane, Suite D Concord CA 94520 USA +1-800-786-9907, +1-925-674-0783, +1-925-674-0821 (FAX) Or via the Internet from orders@cdrom.com or http://www.cdrom.com. Their current catalog can be obtained via ftp from: ftp://ftp.cdrom.com/cdrom/catalog Cost per -RELEASE CD is $39.95 or $24.95 with a FreeBSD subscription. FreeBSD SNAPshot CDs, when available, are $39.95 or $14.95 with a FreeBSD-SNAP subscription (-RELEASE and -SNAP subscriptions are entirely separate). With a subscription, you will automatically receive updates as they are released. Your credit card will be billed when each disk is shipped and you may cancel your subscription at any time without further obligation. Shipping (per order not per disc) is $5 in the US, Canada or Mexico and $9.00 overseas. They accept Visa, Mastercard, Discover, American Express or checks in U.S. Dollars and ship COD within the United States. California residents please add 8.25% sales tax. Should you be dissatisfied for any reason, the CD comes with an unconditional return policy. 4. Upgrading from previous releases of FreeBSD ---------------------------------------------- If you're upgrading from a previous release of FreeBSD, most likely it's 3.0 and there may be some issues affecting you, depending of course on your chosen method of upgrading. There are two popular ways of upgrading FreeBSD distributions: o Using sources, via /usr/src o Using sysinstall's (binary) upgrade option. Please read the UPGRADE.TXT file for more information, preferably before beginning an upgrade. 5. Reporting problems, making suggestions, submitting code. ----------------------------------------------------------- Your suggestions, bug reports and contributions of code are always valued - please do not hesitate to report any problems you may find (preferably with a fix attached, if you can!). The preferred method to submit bug reports from a machine with Internet mail connectivity is to use the send-pr command or use the CGI script at http://www.FreeBSD.org/send-pr.html. Bug reports will be dutifully filed by our faithful bugfiler program and you can be sure that we'll do our best to respond to all reported bugs as soon as possible. Bugs filed in this way are also visible on our WEB site in the support section and are therefore valuable both as bug reports and as "signposts" for other users concerning potential problems to watch out for. If, for some reason, you are unable to use the send-pr command to submit a bug report, you can try to send it to: freebsd-bugs@FreeBSD.org Note that send-pr itself is a shell script that should be easy to move even onto a totally different system. We much prefer if you could use this interface, since it make it easier to keep track of the problem reports. However, before submitting, please try to make sure whether the problem might have already been fixed since. Otherwise, for any questions or tech support issues, please send mail to: freebsd-questions@FreeBSD.org If you're tracking the -current development efforts, you should definitely join the -current mailing list, in order to keep abreast of recent developments and changes that may affect the way you use and maintain the system: freebsd-current@FreeBSD.org Additionally, being a volunteer effort, we are always happy to have extra hands willing to help - there are already far more desired enhancements than we'll ever be able to manage by ourselves! To contact us on technical matters, or with offers of help, please send mail to: freebsd-hackers@FreeBSD.org Please note that these mailing lists can experience *significant* amounts of traffic and if you have slow or expensive mail access and are only interested in keeping up with significant FreeBSD events, you may find it preferable to subscribe instead to: freebsd-announce@FreeBSD.org All of the mailing lists can be freely joined by anyone wishing to do so. Send mail to MajorDomo@FreeBSD.org and include the keyword `help' on a line by itself somewhere in the body of the message. This will give you more information on joining the various lists, accessing archives, etc. There are a number of mailing lists targeted at special interest groups not mentioned here, so send mail to majordomo and ask about them! 6. Acknowledgements ------------------- FreeBSD represents the cumulative work of many hundreds, if not thousands, of individuals from around the world who have worked very hard to bring you this release. For a complete list of FreeBSD project staffers, please see: http://www.FreeBSD.org/handbook/staff.html or, if you've loaded the doc distribution: file:/usr/share/doc/handbook/staff.html Special mention to: The donors listed at http://www.FreeBSD.org/handbook/donors.html Justin M. Seger for almost single-handedly converting the ports collection to ELF. Doug Rabson and John Birrell for making FreeBSD/alpha happen and to the NetBSD project for substantial indirect aid. Peter Wemm for the new kernel module system (with substantial aid from Doug Rabson). And to the many thousands of FreeBSD users and testers all over the world, without whom this release simply would not have been possible. We sincerely hope you enjoy this release of FreeBSD! The FreeBSD Project $FreeBSD$