Annotation of www/44.html, Revision 1.24
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
4: <title>OpenBSD 4.4 Release</title>
5: <link rev=made href="mailto:www@openbsd.org">
6: <meta name="resource-type" content="document">
7: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
8: <meta name="description" content="OpenBSD 4.4">
9: <meta name="keywords" content="openbsd,main">
10: <meta name="distribution" content="global">
11: <meta name="copyright" content="This document copyright 2008 by OpenBSD.">
12: </head>
13:
14: <body bgcolor="#ffffff" text="#000000" link="#24248E">
15:
16: <a href="index.html">
17: <img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
18: <hr>
19:
20: <p>
21: <a href="images/Cryptonaut.jpg">
22: <img align="left" width="227" height="343" hspace="24" vspace="30"
23: src="images/???.jpg" alt="OpenBSD 4.4 logo"></a>
24: <h2><font color="#0000e0">The OpenBSD 4.4 Release:</font></h2>
25: <p>
26: Released Nov 1, 2008<br>
27: Copyright 1997-2008, Theo de Raadt.<br>
28: <font color="#e00000">ISBN 978-0-9784475-2-6</font>
29: <br>
30: <a href="lyrics.html#44">4.4 Song: "???"</a>
31: <p>
32:
33: <a href="#new">What's New</a><br>
34: <a href="#install">How to install</a><br>
35: <a href="#upgrade">How to upgrade</a><br>
36: <a href="#ports">How to use the ports tree</a><br>
37: <a href="orders.html">Ordering a CD set</a><br>
38:
39: <p>
40: <h3><font color="#0000e0">
41: To get the files for this release:
42: <ul>
43: <li>Order a CDROM from our <a href="orders.html">ordering system</a>.
44: <li>See the information on <a href="ftp.html">The FTP page</a> for
45: a list of mirror machines.
46: <li>Go to the <font color="#e00000">pub/OpenBSD/4.4/</font> directory on
47: one of the mirror sites.
48: <li>Briefly read the rest of this document.
49: <li>Have a look at <a href="errata44.html">The 4.4 Errata page</a> for a list
50: of bugs and workarounds.
51: <li>See a <a href="plus44.html">detailed log of changes</a> between the
52: 4.3 and 4.4 releases.
53: </ul>
54: </font></h3>
55: <br clear=all>
56:
57: <strong>Note:</strong> All applicable copyrights and credits can be found
58: in the applicable file sources found in the files src.tar.gz, sys.tar.gz,
59: xenocara.tar.gz, or in the files fetched via ports.tar.gz. The distribution
60: files used to build packages from the ports.tar.gz file are not included on
61: the CDROM because of lack of space.
62: <p>
63:
64: <a name="new"></a>
65: <hr>
66: <p>
67: <h3><font color="#0000e0">What's New</font></h3>
68: <p>
69: This is a partial list of new features and systems included in OpenBSD 4.4.
70: For a comprehensive list, see the <a href="plus44.html">changelog</a> leading
71: to 4.4.
72: <p>
73:
74: <ul>
75:
76: <li>New/extended platforms:
77: <ul>
78: <li><a href="sparc64.html">OpenBSD/sparc64</a><br>
79: Much more platform support. Machines using the Ultrasparc IV/T1/T2
80: and Fujitsu Sparc64-V/V/VII are now supported.
1.4 matthieu 81: <li><a href="socppc.html">OpenBSD/socppc</a><br>
1.8 deraadt 82: For machines based on the Freescale MPC8349E
83: System-on-Chip (SoC) platform that use Das U-Boot as a boot loader.
1.4 matthieu 84: <li><a href="landisk.html">OpenBSD/landisk</a><br>
1.8 deraadt 85: Added shared libraries support.
1.1 deraadt 86: </ul>
87: <p>
88:
89: <li>Improved hardware support, including:
90: <ul>
1.8 deraadt 91: <li>Several new/improved drivers for sensors, including:
92: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fins&sektion=4">fins(4)</a>,
93: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=andl&sektion=4">andl(4)</a>,
94: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=it&sektion=4">it(4)</a>,
95: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kate&sektion=4">kate(4)</a>,
96: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sdtemp&sektion=4">sdtemp(4)</a>,
97: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lmtemp&sektion=4">lmtemp(4)</a>,
98: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=adt&sektion=4">adt(4)</a> and
99: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=km&sektion=4">km(4)</a>.
1.17 deraadt 100: <li>Support for the Intel G33 and G35 chipsets in
101: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=agp&sektion=4">agp(4)</a>.
102: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lii&sektion=4">lii(4)</a>
103: driver for Attansic L2 10/100 Ethernet devices.
104: <li>Preliminary support for UVC USB webcams:
105: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uvideo&sektion=4">uvideo(4)</a>
1.8 deraadt 106: and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=video&sektion=4">video(4)</a>.
107: <li>WPA/WPA2-PSK support for several models wireless cards.
1.17 deraadt 108: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openchrome&sektion=4">openchrome(4)</a>
109: driver replaces the via X.Org driver for VIA video cards.
1.8 deraadt 110: <li>AMD Geode video card driver for X.Org.
1.17 deraadt 111: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmt&sektion=4">vmt(4)</a>
112: driver, implements VMware Tools.
113: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=auglx&sektion=4&arch=i386">auglx(4)</a>
114: driver for AMD Geode LX CS5536 integrated AC'97 audio.
115: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ix&sektion=4">ix(4)</a>
116: driver for Intel 82598 PCI Express 10Gb Ethernet.
117: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=acpithinkpad&sektion=4">acpithinkpad(4)</a>
118: driver provides additional ACPI support for IBM/Lenovo ThinkPad laptops.
119: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=acpiasus&sektion=4">acpiasus(4)</a>
120: driver provides additional ACPI support for ASUS laptops including the EeePC.
121: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gecko&sektion=4">gecko(4)</a>
122: driver supporting the GeckoBOA BC GSC+ port found on some hppa systems.
123: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tsec&sektion=4">tsec(4)</a>
124: driver supporting the Freescale Triple Speed Ethernet Controller..
125: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=re&sektion=4">re(4)</a>
126: driver now supports RTL8102E and RTL8168 devices.
127: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cas&sektion=4">cas(4)</a>
128: driver now supports National Semiconductor Saturn devices.
129: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pccom&sektion=4">pccom(4)</a>
130: driver has been removed; all platforms use com(4) now.
131: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cardbus&sektion=4">cardbus(4)</a>
132: and
133: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pcmcia&sektion=4">pcmcia(4)</a>
134: now work on most sparc64 machines.
135: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=udcf&sektion=4">udcf(4)</a>
136: driver now supports mouseCLOCK USB II devices.
137: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=msk&sektion=4">msk(4)</a>
1.21 deraadt 138: driver now supports 88E8040T devices.
1.17 deraadt 139: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ath&sektion=4">ath(4)</a>
140: now now supports many more Atheros wireless devices.
141: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ciss&sektion=4">ciss(4)</a>
142: driver now supports HP Smart Array P212, P410, P411, P411i
143: and P812 devices.
144: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uftdi&sektion=4">uftdi(4)</a>
145: driver now supports ELV Elektronik and FTDI 2232L devices.
146: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=umsm&sektion=4">umsm(4)</a>
147: driver now supports Option GlobeTrotter 3G+, Huawei E220
148: and more HSDPA MSM devices.
149: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubsa&sektion=4">ubsa(4)</a>
150: driver now supports ZTE CMDMA MSM devices.
151: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=axe&sektion=4">axe(4)</a>
152: driver now supports Apple USB A1277 devices.
153: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=puc&sektion=4">puc(4)</a>
154: driver now supports more Netmos devices.
155: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mgx&sektion=4">mgx(4)</a>
156: driver now supports 2D acceleration on selected boards.
1.19 deraadt 157: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a>
158: driver firmware for some controllers has been updated.
159: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a>
160: driver no longer hangs during probe some machines.
1.21 deraadt 161: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
162: driver has better support for BCM5704 chipsets in fiber
163: mode which helps with some blade servers.
164: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
165: driver has better support for the BCM5906 chipset on some systems.
166: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
167: driver has much better support for PCI Express chipsets
168: resulting in much faster transit performance.
1.24 ! damien 169: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ral&sektion=4">ral(4)</a>
! 170: driver now supports Ralink Technology RT2700 devices.
1.21 deraadt 171: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
172: driver has support for the BCM5714/5715/5780 chipsets using fiber interfaces.
173: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bnx&sektion=4">bnx(4)</a>
174: driver has support for the BCM5706/5708 chipsets using fiber interfaces.
1.17 deraadt 175: <li>For i386 and amd64, make serial console on non-primary ports work.
1.1 deraadt 176: <li>...
177: </ul>
178: <p>
179:
180: <li>New tools:
181: <ul>
1.17 deraadt 182: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rpc.statd&sektion=8">rpc.statd(8)</a>,
183: the host status monitoring daemon for use with the NFS file locking daemon.
184: <li>Initial import of
185: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=yplapd&sektion=8">ypldap(8)</a>,
186: a drop-in replacement for ypserv to glue in an LDAP directory for
187: get{pw,gr}ent family of functions.
1.21 deraadt 188: <li>Deprecated <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">slattach(8)</a>
189: and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">slattach(8)</a>
190: in favor of
191: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">ldattach(8)</a>.
192: <li>Import of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpbench&sektion=8">tcpbench(1)</a>, a small TCP benchmarking tool.
1.1 deraadt 193: <li>...
194: </ul>
195: <p>
196:
197: <li>New functionality:
198: <ul>
1.3 ratchov 199: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=aucat&sektion=1">aucat(1)</a>
200: is now able to play and record audio in fullduplex, it
201: can mix unlimited number of streams, handles up to 16 channels, can
202: resample streams on the fly, supports various 24-bit and 32-bit
203: encodings and does format conversions on the fly.
1.8 deraadt 204: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> now supports IPv6.
205: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a> now supports basic
206: synchronization of the /etc/dhcpd.leases file to allow for running multiple instances for redundancy.
207: <li>Many wireless network drivers now support WPA.
1.17 deraadt 208: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rpc.lockd&sektion=8">rpc.lockd(8)</a>
209: now supports NLMv4 and does actually do locking.
210: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
211: now supports recursive mget transfers.
1.19 deraadt 212: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
213: now uses keep alive packets by default.
1.21 deraadt 214: <li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
215: accept empty passwords in URLs.
1.17 deraadt 216: <li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
217: in TAO mode to set the write speed.
1.19 deraadt 218: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
219: no longer blanks media twice.
1.21 deraadt 220: <li>Add ability in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
221: to determine media capabilities and make it figure out if media supports TAO or blanking.
1.17 deraadt 222: <li>Initial version of
223: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=softraid&sektion=4">softraid(4)</a>
224: crypto support. Disabled for now.
1.19 deraadt 225: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a>
226: now groks options tftp-config-file and auto-proxy-script in dhcpd.conf.
227: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a>
228: option handling much more resistant to abuse.
229: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a>
230: now aware of interface link state and reacts to changes.
231: <li>DIOCRLDINFO, DIOCGPDINFO, and DIOCGPART support added to block devices
232: previously lacking it.
233: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
234: no longer supports the '-r' option, and obtains all disklabel information via ioctl's.
235: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
236: no longer suggests offsets and sizes that would result in partitions starting or ending
237: outside the OpenBSD section of the disk.
238: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
239: now correctly reads back the 'vendor' field from text disklabels.
240: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
241: editor mode '?' and 'p' commands are more compact and the 'l' command has been added
242: to produce previous verbose output.
243: <li>I/O's outside the bounds of the RAW_PART are now prevented, allowing
244: proper detection of invalid I/O's.
245: <li>USB floppies now have a valid cylinder count calculated, rather than 0.
246: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newfs&sektion=8">newfs(8)</a>
247: can now create filesystems on devices with sector sizes other than 512, although
248: such filesystems cannot yet be read.
249: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
250: probing displays less useless verbiage and fewer spurious error messages.
251: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=st&sektion=4">st(4)</a>
252: devices can now be detached.
253: <li>ATAPI devices are now identified as such, rather than as SCSIn devices.
254: <li>SATA tape drives now work.
255: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
256: probing now displays the ID of the initiator on the bus.
257: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
258: debug capabilities improved to show commands and input or output data as appropriate.
259: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
260: probing makes better use of the TEST UNIT READY command to clear errors and allow
261: successfull attachments.
262: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
263: probing can now find more fibre channel attached devices.
1.21 deraadt 264: <li>Several mbuf pool cache corruption issues were fixed.
265: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=identd&sektion=8">identd(8)</a>
266: now supports IPv6 in standalone mode.
267: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cal&sektion=1">cal(1)</a>
268: now shows week numbers too.
269: <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>,
270: implement a sloppy tcpstate tracker which does not look at sequence numbers at all.
271: <li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=relayd&sektion=8">relayd(8)</a>
272: use sloppy
273: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>
274: state keeping for routed sessions (Direct Server Return).
275: <li>Added support in
276: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=relayd&sektion=8">relayd(8)</a>
277: for transparent L7 forwarding in relays.
278: <li>Extend <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=awk&sektion=1">awk(1)</a>
279: with bitwise operations.
1.8 deraadt 280: <li>...
1.1 deraadt 281: </ul>
282: <p>
283:
284: <li>Assorted improvements and code cleanup:
285: <ul>
1.8 deraadt 286: <li>A greatly changed buffer cache subsystem which maps cache pages only
287: when in use, resulting in improved filesystem performance, and
288: allowing for the effective use of a much larger buffer cache
1.11 espie 289: <li>A greatly improved implementation of
1.9 otto 290: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=malloc&sektion=3">
1.11 espie 291: malloc(3)</a>, the general purpose memory allocator,
292: which catches more mistakes, reduces address space fragmentation,
293: and is faster.
1.10 otto 294: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=statfs&sektion=2">
1.14 otto 295: statfs(2)</a> system call has been enhanced to support large
1.10 otto 296: filesystems.
1.20 deraadt 297: <li>Lots of features have been implemented in OpenCVS, which can now be used
1.19 deraadt 298: to do some real work.
299: <li>New APIs for arc4random, one to fill a buffer with random numbers
300: and the other to return a uniformly distributed random number without bias.
1.12 deraadt 301: <li>...
1.1 deraadt 302: </ul>
303: <p>
304:
305: <li>Install/Upgrade process changes:
306: <ul>
1.15 deraadt 307: <li>A new tool
1.18 sobrado 308: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysmerge&sektion=8">
309: sysmerge(8)</a>, derived from the old mergemaster port, makes
1.15 deraadt 310: it easier to merge configuration files changes during an upgrade.
1.16 deraadt 311: <li>Fully support OpenBSD inside extended partitions on i386 and amd64.
1.17 deraadt 312: <li>During installation 'dhcp' is now the initial default answer during
313: network configuration.
1.19 deraadt 314: <li>Fetching sets via FTP more reliable due to automatic use of keep alive.
315: <li>Fetching sets via NFS no longer hangs retrying a non-functional mount.
316: <li>Installation ensures hostname.* files are installed with mode 600.
317: <li>Serial console configuration now automatically detects speed.
318: <li>Serial console support extended to all architectures.
319: <li>Partition size display no longer limited to 32 bit sizes.
320: <li>Partition sizes now scaled and formatted to use human readable units.
321: <li>NTPD configuration questions improved.
322: <li>Sparc miniroot root disk detection fixed.
323: <li>Invocations of
324: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
325: by the scripts are now less verbose.
1.1 deraadt 326: </ul>
327: <p>
328:
1.15 deraadt 329: <li>OpenSSH 5.1:
1.1 deraadt 330: <ul>
1.15 deraadt 331: <li>New experimental fingerprint ASCII art visualisation system for easier
332: verification of remote keys.
333: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=chroot&sektion=2">
334: chroot(2)</a> support for
335: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>.
336: <li>Added an extended test mode (-T) to
337: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>.
338: <li>Make
339: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
340: support negation of groups in a "Match group" block.
1.16 deraadt 341: <li>Increased the ephemeral key size in protocol1 from 768 to 1024 bits.
1.15 deraadt 342: <li>Better tests of primes in /etc/moduli
1.16 deraadt 343: <li>Refuse to read .shosts or authorized_keys files that are not regular
1.15 deraadt 344: files.
345: <li>Enable ~ escapes for multiplex slave sessions.
1.16 deraadt 346: <li>Support CIDR address matching in Match blocks and authorized_keys
1.15 deraadt 347: from="..." stanzas.
348: <li>Make port forwarding code try additional addresses when connecting to
349: a destination whose DNS name resolves to more than one address.
350: <li>Make the maximum number of
351: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
1.16 deraadt 352: sessions run-time controllable via MaxSessions in
1.15 deraadt 353: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">
354: ssh_config(5)</a>.
355: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_scan&sektion=1">
1.16 deraadt 356: ssh_scan(1)</a> now defaults to RSA protocol 2 keys, instead of RSA1.
1.15 deraadt 357: <li>Added an extension to sftp protocol to implement
358: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=statvfs&sektion=2">
359: statvfs(2)</a>-like operations and add a df command to
360: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">
361: sftp(1)</a>.
362: <li>Disable execution of /.ssh/rc for sessions where a command has been
363: forced by the sshd_config ForceCommand directive.
364: <li>And several bug fixes and performance enhancements.
1.1 deraadt 365: </ul>
366: <p>
367:
368: <li>Over ???? ports, minor robustness improvements in package tools.
369: <li>Many pre-built packages for each architecture:
370: <table border=0 cellspacing=0 cellpadding=2 width="95%">
371: <tr>
372: <td valign="top" width="25%">
373: <ul>
1.8 deraadt 374: <li>i386: 5033
375: <li>sparc64: 4862
1.1 deraadt 376: <li>alpha: ????
377: <li>sh: ????
378: </ul></td><td valign=top width="25%"><ul>
1.23 deraadt 379: <li>amd64: 4940
1.22 deraadt 380: <li>powerpc: 4258
1.1 deraadt 381: <li>sparc: ????
382: <li>m68k: ????
383: </ul></td><td valign=top width="25%"><ul>
384: <li>arm: ????
385: <li>hppa: ????
386: <li>vax: ????
387: <li>mips64: ????
388: </ul></td><td valign=top width="25%"><ul>
389: <li>m88k: ????
390: </ul></td></tr></table>
391: Some highlights:
392: <ul>
1.11 espie 393: <li>mozilla-firefox3
394: <li>drupal-5, core package and external modules, a modern CMS.
1.1 deraadt 395: </ul>
396: <p>
397:
398: <li>As usual, steady improvements in manual pages and other documentation.
399: <p>
400:
401: <li>The system includes the following major components from outside suppliers:
402: <ul>
403: <li>Xenocara (based on X.Org 7.3 + patches, freetype 2.3.5, fontconfig
1.2 matthieu 404: 2.4.2, Mesa 7.0.3, xterm 234 and more)
1.1 deraadt 405: <li>Gcc 2.95.3
406: (+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local&sektion=1">patches</a>)
407: and 3.3.5
408: (+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local&sektion=1">patches</a>)
409: <li>Perl 5.8.8 (+ patches)
410: <li>Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
411: <li>OpenSSL 0.9.7j (+ patches)
412: <li>Groff 1.15
1.8 deraadt 413: <li>Sendmail 8.14.3, with libmilter
414: <li>Bind 9.4.2-P2 (+ patches)
1.1 deraadt 415: <li>Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
1.8 deraadt 416: <li>Sudo 1.6.9p17
1.1 deraadt 417: <li>Ncurses 5.2
418: <li>Latest KAME IPv6
419: <li>Heimdal 0.7.2 (+ patches)
420: <li>Arla 0.35.7
421: <li>Binutils 2.15 (+ patches)
422: <li>Gdb 6.3 (+ patches)
423: </ul>
424: <p>
425:
426: </ul>
427:
428: <a name="install"></a>
429: <hr>
430: <p>
431: <h3><font color="#0000e0">How to install</font></h3>
432: <p>
433: Following this are the instructions which you would have on a piece of
434: paper if you had purchased a CDROM set instead of doing an alternate
435: form of install. The instructions for doing an FTP (or other style
436: of) install are very similar; the CDROM instructions are left intact
437: so that you can see how much easier it would have been if you had
438: purchased a CDROM instead.
439: <p>
440:
441: <hr>
442: Please refer to the following files on the three CDROMs or FTP mirror for
443: extensive details on how to install OpenBSD 4.4 on your machine:
444: <p>
445: <ul>
446: <li>CD1:4.4/i386/INSTALL.i386
447: <p>
448: <li>CD2:4.4/amd64/INSTALL.amd64
449: <li>CD2:4.4/macppc/INSTALL.macppc
450: <p>
451: <li>CD3:4.4/sparc64/INSTALL.sparc64
452: <p>
453: <li>FTP:.../OpenBSD/4.4/alpha/INSTALL.alpha
454: <li>FTP:.../OpenBSD/4.4/armish/INSTALL.armish
455: <li>FTP:.../OpenBSD/4.4/hp300/INSTALL.hp300
456: <li>FTP:.../OpenBSD/4.4/hppa/INSTALL.hppa
457: <li>FTP:.../OpenBSD/4.4/landisk/INSTALL.landisk
458: <li>FTP:.../OpenBSD/4.4/mac68k/INSTALL.mac68k
459: <li>FTP:.../OpenBSD/4.4/mvme68k/INSTALL.mvme68k
460: <li>FTP:.../OpenBSD/4.4/mvme88k/INSTALL.mvme88k
461: <li>FTP:.../OpenBSD/4.4/sgi/INSTALL.sgi
462: <li>FTP:.../OpenBSD/4.4/sparc/INSTALL.sparc
463: <li>FTP:.../OpenBSD/4.4/vax/INSTALL.vax
464: <li>FTP:.../OpenBSD/4.4/zaurus/INSTALL.zaurus
465: </ul>
466: <hr>
467:
468: <p>
469: Quick installer information for people familiar with OpenBSD, and the
470: use of the "disklabel -E" command. If you are at all confused when
471: installing OpenBSD, read the relevant INSTALL.* file as listed above!
472: <p>
473:
474: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
475: <ul>
476: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
477: release is on CD1. If your BIOS does not support booting from CD, you will need
478: to create a boot floppy to install from. To create a boot floppy write
479: <i>CD1:4.4/i386/floppy44.fs</i> to a floppy and boot via the floppy drive.
480:
481: <p>
482: Use <i>CD1:4.4/i386/floppyB44.fs</i> instead for greater SCSI controller
483: support, or <i>CD1:4.4/i386/floppyC44.fs</i> for better laptop support.
484:
485: <p>
486: If you can't boot from a CD or a floppy disk,
487: you can install across the network using PXE as described in
488: the included INSTALL.i386 document.
489:
490: <p>
491: If you are planning on dual booting OpenBSD with another OS, you will need to
492: read INSTALL.i386.
493:
494: <p>
495: To make a boot floppy under MS-DOS, use the "rawrite" utility located
496: at <i>CD1:4.4/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
497: use the
498: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>
499: utility. The following is an example usage of
500: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>,
501: where the device could be "floppy", "rfd0c", or
502: "rfd0a".
503:
504: <ul><pre>
505: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
506: </pre></ul>
507:
508: <p>
509: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
510: your install will most likely fail. For more information on creating a boot
511: floppy and installing OpenBSD/i386 please refer to
512: <a href="faq/faq4.html#MkFlop">FAQ 4.3.1</a>.
513: </ul>
514:
515: <p>
516: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
517: <ul>
518: The 4.4 release of OpenBSD/amd64 is located on CD2.
519: Boot from the CD to begin the install - you may need to adjust
520: your BIOS options first.
521: If you can't boot from the CD, you can create a boot floppy to install from.
522: To do this, write <i>CD2:4.4/amd64/floppy44.fs</i> to a floppy, then
523: boot from the floppy drive.
524:
525: <p>
526: If you can't boot from a CD or a floppy disk,
527: you can install across the network using PXE as described in the included
528: INSTALL.amd64 document.
529:
530: <p>
531: If you are planning to dual boot OpenBSD with another OS, you will need to
532: read INSTALL.amd64.
533: </ul>
534:
535: <p>
536: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
537: <ul>
538: Put CD2 in your CDROM drive and poweron your machine while holding down the
539: <i>C</i> key until the display turns on and shows <i>OpenBSD/macppc boot</i>.
540:
541: <p>
542: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
543: /4.4/macppc/bsd.rd</i>
544: </ul>
545:
546: <p>
547: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
548: <ul>
549: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
550:
551: <p>
552: If this doesn't work, or if you don't have a CDROM drive, you can write
553: <i>CD3:4.4/sparc64/floppy44.fs</i> or <i>CD3:4.4/sparc64/floppyB44.fs</i>
554: (depending on your machine) to a floppy and boot it with <i>boot
555: floppy</i>. Refer to INSTALL.sparc64 for details.
556:
557: <p>
558: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
559: will most likely fail.
560:
561: <p>
562: You can also write <i>CD3:4.4/sparc64/miniroot44.fs</i> to the swap partition on
563: the disk and boot with <i>boot disk:b</i>.
564:
565: <p>
566: If nothing works, you can boot over the network as described in INSTALL.sparc64.
567: </ul>
568:
569: <p>
570: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
571: <ul>
572: <p>Write <i>FTP:4.4/alpha/floppy44.fs</i> or
573: <i>FTP:4.4/alpha/floppyB44.fs</i> (depending on your machine) to a diskette and
574: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
575:
576: <p>
577: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
578: will most likely fail.
579:
580: </ul>
581:
582: <p>
583: <h3><font color="#e00000">OpenBSD/armish:</font></h3>
584: <ul>
585: <p>
586: After connecting a serial port, Thecus can boot directly from the network
587: either tftp or http. Configure the network using fconfig, reset,
588: then load bsd.rd, see INSTALL.armish for specific details.
589: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
590: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
591: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
592: More details are available in INSTALL.armish.
593: </ul>
594:
595: <p>
596: <h3><font color="#e00000">OpenBSD/hp300:</font></h3>
597: <ul>
598: <p>
599: Boot over the network by following the instructions in INSTALL.hp300.
600: </ul>
601:
602: <p>
603: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
604: <ul>
605: <p>
606: Boot over the network by following the instructions in INSTALL.hppa or the
607: <a href="hppa.html#install">hppa platform page</a>.
608: </ul>
609:
610: <p>
611: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
612: <ul>
613: <p>
614: Write <i>miniroot44.fs</i> to the start of the CF
615: or disk, and boot normally.
616: </ul>
617:
618: <p>
619: <h3><font color="#e00000">OpenBSD/mac68k:</font></h3>
620: <ul>
621: <p>
622: Boot MacOS as normal and extract the Macside "BSD/Mac68k Booter" utility from
623: <i>FTP:4.4/mac68k/utils</i> onto your hard disk. Configure the "BSD/Mac68k
624: Booter" with the location of your bsd.rd kernel and boot into the installer.
625: Refer to the instructions in INSTALL.mac68k for more details.
626: </ul>
627:
628: <p>
629: <h3><font color="#e00000">OpenBSD/mvme68k:</font></h3>
630: <ul>
631: <p>
632: You can create a bootable installation tape or boot over the network.<br>
633: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
634: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
635: for more details.
636: </ul>
637:
638: <p>
639: <h3><font color="#e00000">OpenBSD/mvme88k:</font></h3>
640: <ul>
641: <p>
642: You can create a bootable installation tape or boot over the network.<br>
643: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
644: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
645: for more details.
646: </ul>
647:
648: <p>
649: <h3><font color="#e00000">OpenBSD/sparc:</font></h3>
650: <ul>
651: Boot from one of the provided install ISO images, using one of the two
652: commands listed below, depending on the version of your ROM.
653:
654: <ul><pre>
655: ok <strong>boot cdrom 4.4/sparc/bsd.rd</strong>
656: or
657: > <strong>b sd(0,6,0)4.4/sparc/bsd.rd</strong>
658: </pre></ul>
659:
660: <p>
661: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
662: To do so you need to write <i>floppy44.fs</i> to a floppy.
663: For more information see <a href="faq/faq4.html#MkFlop">FAQ 4.3.1</a>.
664: To boot from the floppy use one of the two commands listed below,
665: depending on the version of your ROM.
666:
667: <ul><pre>
668: ok <strong>boot floppy</strong>
669: or
670: > <strong>b fd()</strong>
671: </pre></ul>
672:
673: <p>
674: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
675: will most likely fail.
676:
677: <p>
678: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
679: setup a bootable tape, or install via network, as told in the
680: INSTALL.sparc file.
681: </ul>
682:
683: <p>
684: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
685: <ul>
686: <p>
687: Burn cd44.iso on a CD-R, put it in the CD drive of your machine and
688: select <i>Install System Software</i> from the System Maintenance menu.
689:
690: <p>
691: If your machine doesn't have a CD drive, you can
692: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd".
693: Refer to the instructions in INSTALL.sgi for more details.
694: </ul>
695:
696: <p>
697: <h3><font color="#e00000">OpenBSD/vax:</font></h3>
698: <ul>
699: Boot over the network via mopbooting as described in INSTALL.vax.
700: </ul>
701:
702: <p>
703: <h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
704: <ul>
705: <p>
706: Using the Linux built-in graphical ipkg installer, install the
707: openbsd44_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
708: for a few important details.
709: </ul>
710:
711: <p>
712: <h3><font color="#e00000">Notes about the source code:</font></h3>
713: <ul>
714: src.tar.gz contains a source archive starting at /usr/src. This file
715: contains everything you need except for the kernel sources, which are
716: in a separate archive. To extract:
717: <p>
718: <ul><pre>
719: # <strong>mkdir -p /usr/src</strong>
720: # <strong>cd /usr/src</strong>
721: # <strong>tar xvfz /tmp/src.tar.gz</strong>
722: </pre></ul>
723: <p>
724: sys.tar.gz contains a source archive starting at /usr/src/sys.
725: This file contains all the kernel sources you need to rebuild kernels.
726: To extract:
727: <p>
728: <ul><pre>
729: # <strong>mkdir -p /usr/src/sys</strong>
730: # <strong>cd /usr/src</strong>
731: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
732: </pre></ul>
733: <p>
734: Both of these trees are a regular CVS checkout. Using these trees it
735: is possible to get a head-start on using the anoncvs servers as
736: described <a href="anoncvs.html">here</a>.
737: Using these files
738: results in a much faster initial CVS update than you could expect from
739: a fresh checkout of the full OpenBSD source tree.
740: <p>
741: </ul>
742:
743: <a name="upgrade"></a>
744: <hr>
745: <p>
746: <h3><font color="#0000e0">How to upgrade</font></h3>
747: <p>
748: If you already have an OpenBSD 4.3 system, and do not want to reinstall,
749: upgrade instructions and advice can be found in the
750: <a href="faq/upgrade44.html">Upgrade Guide</a>.
751:
752: <a name="ports"></a>
753: <hr>
754: <p>
755: <h3><font color="#0000e0">Ports Tree</font></h3>
756: <p>
757: A ports tree archive is also provided. To extract:
758: <p>
759: <ul><pre>
760: # <strong>cd /usr</strong>
761: # <strong>tar xvfz /tmp/ports.tar.gz</strong>
762: # <strong>cd ports</strong>
763: </pre></ul>
764: <p>
765: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
766: read the <a href="ports.html">ports</a> page
767: if you know nothing about ports
768: at this point. This text is not a manual of how to use ports.
769: Rather, it is a set of notes meant to kickstart the user on the
770: OpenBSD ports system.
771: <p>
772: The <i>ports/</i> directory represents a CVS (see the manpage for
773: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">
774: cvs(1)</a> if
775: you aren't familiar with CVS) checkout of our ports. As with our complete
776: source tree, our ports tree is available via anoncvs. So, in
777: order to keep current with it, you must make the <i>ports/</i> tree
778: available on a read-write medium and update the tree with a command
779: like:
780: <p>
781: <ul><pre>
782: # <strong>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_4_4</strong>
783: </pre></ul>
784: <p>
785: [Of course, you must replace the local directory and server name here
786: with the location of your ports collection and a nearby anoncvs
787: server.]
788: <p>
789: Note that most ports are available as packages through FTP. Updated
790: packages for the 4.4 release will be made available if problems arise.
791: <p>
792: If you're interested in seeing a port added, would like to help out, or just
793: would like to know more, the mailing list ports@openbsd.org is a good
794: place to know.
795: <p>
796:
797: <hr>
798: <a href="index.html"><img height="24" width="24" src="back.gif" border="0"
799: alt="OpenBSD"></a>
800: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
801: <br><small>
1.24 ! damien 802: $OpenBSD: 44.html,v 1.23 2008/08/25 22:42:22 deraadt Exp $
1.1 deraadt 803: </small>
804:
805: </body>
806: </html>