Annotation of www/44.html, Revision 1.65
1.64 bentley 1: <!doctype html>
2: <html lang=en id=release>
3: <meta charset=utf-8>
4:
1.48 deraadt 5: <title>OpenBSD 4.4</title>
1.1 deraadt 6: <meta name="description" content="OpenBSD 4.4">
1.58 tj 7: <meta name="viewport" content="width=device-width, initial-scale=1">
8: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.60 tb 9: <link rel="canonical" href="https://www.openbsd.org/44.html">
1.64 bentley 10: <style>
11: #sourcecode h3 {
12: color: var(--red);
13: }
14:
15: #sourcecode p {
16: margin-left: 2.75em;
17: }
18:
19: #sourcecode blockquote {
20: margin-left: 4.5em;
21: }
22: </style>
1.1 deraadt 23:
1.64 bentley 24: <h2 id=OpenBSD>
1.1 deraadt 25: <a href="index.html">
1.64 bentley 26: <i>Open</i><b>BSD</b></a>
27: 4.4
1.58 tj 28: </h2>
1.1 deraadt 29:
1.64 bentley 30: <table>
31: <tr>
32: <td>
1.38 deraadt 33: <a href="images/SourceWars.jpg">
1.64 bentley 34: <img width="227" height="343"
35: src="images/SourceWars.jpg" alt="Source Wars"></a>
36: <td>
1.45 deraadt 37: Released Nov 1, 2008<br>
1.1 deraadt 38: Copyright 1997-2008, Theo de Raadt.<br>
1.64 bentley 39: <cite class=isbn>ISBN 978-0-9784475-2-6</cite>
1.1 deraadt 40: <br>
1.55 deraadt 41: 4.4 Song: <a href="lyrics.html#44">"Trial of the BSD Knights"</a>
1.63 deraadt 42: <br>
43: <br>
1.1 deraadt 44: <ul>
45: <li>See the information on <a href="ftp.html">The FTP page</a> for
46: a list of mirror machines.
1.64 bentley 47: <li>Go to the <code class=reldir>pub/OpenBSD/4.4/</code> directory on
1.1 deraadt 48: one of the mirror sites.
49: <li>Have a look at <a href="errata44.html">The 4.4 Errata page</a> for a list
50: of bugs and workarounds.
51: <li>See a <a href="plus44.html">detailed log of changes</a> between the
52: 4.3 and 4.4 releases.
53: </ul>
1.58 tj 54: <p>
55: All applicable copyrights and credits are in the src.tar.gz,
56: sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
57: files fetched via ports.tar.gz.
1.64 bentley 58: </table>
1.58 tj 59:
60: <hr>
1.1 deraadt 61:
1.64 bentley 62: <section id=new>
63: <h3>What's New</h3>
64:
1.1 deraadt 65: <p>
66: This is a partial list of new features and systems included in OpenBSD 4.4.
67: For a comprehensive list, see the <a href="plus44.html">changelog</a> leading
68: to 4.4.
69: <p>
70:
71: <ul>
72:
73: <li>New/extended platforms:
74: <ul>
75: <li><a href="sparc64.html">OpenBSD/sparc64</a><br>
1.37 brad 76: Much more platform support. Machines using the UltraSPARC IV/T1/T2
77: and Fujitsu SPARC64-V/VI/VII are now supported.
1.4 matthieu 78: <li><a href="socppc.html">OpenBSD/socppc</a><br>
1.65 ! deraadt 79: For machines based on the Freescale MPC8349E
! 80: System-on-Chip (SoC) platform that use Das U-Boot as a boot loader.
1.4 matthieu 81: <li><a href="landisk.html">OpenBSD/landisk</a><br>
1.65 ! deraadt 82: Added shared libraries support.
1.1 deraadt 83: </ul>
84: <p>
85:
86: <li>Improved hardware support, including:
87: <ul>
1.8 deraadt 88: <li>Several new/improved drivers for sensors, including:
1.28 cnst 89: <ul>
1.64 bentley 90: <li>New <a href="https://man.openbsd.org/fins.4">fins(4)</a>
1.28 cnst 91: driver for Fintek F71805F LPC Super I/O Hardware Monitor.
1.64 bentley 92: <li>New <a href="https://man.openbsd.org/andl.4">andl(4)</a>
1.28 cnst 93: driver for Andigilog aSC7611 Hardware Monitor.
1.64 bentley 94: <li>New <a href="https://man.openbsd.org/kate.4">kate(4)</a>
1.28 cnst 95: driver for AMD K8 embedded temperature sensor.
1.64 bentley 96: <li>New <a href="https://man.openbsd.org/sdtemp.4">sdtemp(4)</a>
1.28 cnst 97: driver for JEDEC JC-42.4 memory module thermal sensors.
1.64 bentley 98: <li>New <a href="https://man.openbsd.org/adtfsm.4">adtfsm(4)</a>
1.28 cnst 99: driver for Analog Devices ADT7462.
1.64 bentley 100: <li>New <a href="https://man.openbsd.org/km.4">km(4)</a>
1.28 cnst 101: driver for AMD K10 (Phenom, Opteron Barcelona et alia) embedded temperature sensor.
1.64 bentley 102: <li>The <a href="https://man.openbsd.org/it.4">it(4)</a>
1.28 cnst 103: driver now has better probing procedure.
1.64 bentley 104: <li>The <a href="https://man.openbsd.org/lmtemp.4">lmtemp(4)</a>
1.28 cnst 105: driver now support LM76.
106: </ul>
1.17 deraadt 107: <li>Support for the Intel G33 and G35 chipsets in
1.64 bentley 108: <a href="https://man.openbsd.org/agp.4">agp(4)</a>.
109: <li>New <a href="https://man.openbsd.org/lii.4">lii(4)</a>
1.17 deraadt 110: driver for Attansic L2 10/100 Ethernet devices.
111: <li>Preliminary support for UVC USB webcams:
1.64 bentley 112: <a href="https://man.openbsd.org/uvideo.4">uvideo(4)</a>
113: and <a href="https://man.openbsd.org/video.4">video(4)</a>.
114: <li>The <a href="https://man.openbsd.org/openchrome.4">openchrome(4)</a>
1.65 ! deraadt 115: driver replaces the via X.Org driver for VIA video cards.
1.8 deraadt 116: <li>AMD Geode video card driver for X.Org.
1.64 bentley 117: <li>New <a href="https://man.openbsd.org/vmt.4">vmt(4)</a>
1.26 deraadt 118: driver which implements VMware Tools.
1.64 bentley 119: <li>New <a href="https://man.openbsd.org/i386/auglx.4">auglx(4)</a>
1.17 deraadt 120: driver for AMD Geode LX CS5536 integrated AC'97 audio.
1.64 bentley 121: <li>New <a href="https://man.openbsd.org/ix.4">ix(4)</a>
1.17 deraadt 122: driver for Intel 82598 PCI Express 10Gb Ethernet.
1.64 bentley 123: <li>New <a href="https://man.openbsd.org/acpithinkpad.4">acpithinkpad(4)</a>
1.17 deraadt 124: driver provides additional ACPI support for IBM/Lenovo ThinkPad laptops.
1.64 bentley 125: <li>New <a href="https://man.openbsd.org/acpiasus.4">acpiasus(4)</a>
1.26 deraadt 126: driver provides additional ACPI support for ASUS laptops, including the EeePC.
1.64 bentley 127: <li>New <a href="https://man.openbsd.org/hppa/gecko.4">gecko(4)</a>
1.17 deraadt 128: driver supporting the GeckoBOA BC GSC+ port found on some hppa systems.
1.64 bentley 129: <li>New <a href="https://man.openbsd.org/socppc/tsec.4">tsec(4)</a>
1.26 deraadt 130: driver supporting the Freescale Triple Speed Ethernet Controller.
1.64 bentley 131: <li>The <a href="https://man.openbsd.org/re.4">re(4)</a>
1.17 deraadt 132: driver now supports RTL8102E and RTL8168 devices.
1.64 bentley 133: <li>The <a href="https://man.openbsd.org/cas.4">cas(4)</a>
1.17 deraadt 134: driver now supports National Semiconductor Saturn devices.
1.64 bentley 135: <li>The <a href="https://man.openbsd.org/OpenBSD+4.3/pccom.4">pccom(4)</a>
1.65 ! deraadt 136: driver has been removed; all platforms use
1.64 bentley 137: <a href="https://man.openbsd.org/com.4">com(4)</a>
1.34 deraadt 138: now.
1.64 bentley 139: <li><a href="https://man.openbsd.org/cardbus.4">cardbus(4)</a>
1.17 deraadt 140: and
1.64 bentley 141: <a href="https://man.openbsd.org/pcmcia.4">pcmcia(4)</a>
1.17 deraadt 142: now work on most sparc64 machines.
1.64 bentley 143: <li>The <a href="https://man.openbsd.org/udcf.4">udcf(4)</a>
1.17 deraadt 144: driver now supports mouseCLOCK USB II devices.
1.64 bentley 145: <li>The <a href="https://man.openbsd.org/msk.4">msk(4)</a>
1.21 deraadt 146: driver now supports 88E8040T devices.
1.64 bentley 147: <li>The <a href="https://man.openbsd.org/ath.4">ath(4)</a>
1.39 pvalchev 148: driver now supports many more Atheros wireless devices.
1.64 bentley 149: <li>The <a href="https://man.openbsd.org/ciss.4">ciss(4)</a>
1.17 deraadt 150: driver now supports HP Smart Array P212, P410, P411, P411i
151: and P812 devices.
1.64 bentley 152: <li>The <a href="https://man.openbsd.org/uftdi.4">uftdi(4)</a>
1.17 deraadt 153: driver now supports ELV Elektronik and FTDI 2232L devices.
1.64 bentley 154: <li>The <a href="https://man.openbsd.org/umsm.4">umsm(4)</a>
1.17 deraadt 155: driver now supports Option GlobeTrotter 3G+, Huawei E220
156: and more HSDPA MSM devices.
1.64 bentley 157: <li>The <a href="https://man.openbsd.org/ubsa.4">ubsa(4)</a>
1.17 deraadt 158: driver now supports ZTE CMDMA MSM devices.
1.64 bentley 159: <li>The <a href="https://man.openbsd.org/axe.4">axe(4)</a>
1.17 deraadt 160: driver now supports Apple USB A1277 devices.
1.64 bentley 161: <li>The <a href="https://man.openbsd.org/puc.4">puc(4)</a>
1.17 deraadt 162: driver now supports more Netmos devices.
1.64 bentley 163: <li>The <a href="https://man.openbsd.org/sparc64/mgx.4">mgx(4)</a>
1.17 deraadt 164: driver now supports 2D acceleration on selected boards.
1.64 bentley 165: <li>The <a href="https://man.openbsd.org/isp.4">isp(4)</a>
1.19 deraadt 166: driver firmware for some controllers has been updated.
1.64 bentley 167: <li>The <a href="https://man.openbsd.org/isp.4">isp(4)</a>
1.30 deraadt 168: driver no longer hangs during probe on some machines.
1.64 bentley 169: <li>The <a href="https://man.openbsd.org/bge.4">bge(4)</a>
1.21 deraadt 170: driver has better support for BCM5704 chipsets in fiber
171: mode which helps with some blade servers.
1.64 bentley 172: <li>The <a href="https://man.openbsd.org/bge.4">bge(4)</a>
1.21 deraadt 173: driver has better support for the BCM5906 chipset on some systems.
1.64 bentley 174: <li>The <a href="https://man.openbsd.org/bge.4">bge(4)</a>
1.21 deraadt 175: driver has much better support for PCI Express chipsets
1.30 deraadt 176: resulting in much faster transmit performance.
1.64 bentley 177: <li>The <a href="https://man.openbsd.org/bge.4">bge(4)</a>
1.21 deraadt 178: driver has support for the BCM5714/5715/5780 chipsets using fiber interfaces.
1.64 bentley 179: <li>The <a href="https://man.openbsd.org/bnx.4">bnx(4)</a>
1.21 deraadt 180: driver has support for the BCM5706/5708 chipsets using fiber interfaces.
1.64 bentley 181: <li>The <a href="https://man.openbsd.org/ral.4">ral(4)</a>
1.26 deraadt 182: driver now supports Ralink Technology RT2700 devices.
1.30 deraadt 183: <li>Serial ports other than com0 can now be used for console on amd64.
184: <li>The serial console on i386 and amd64 has improved compatibility
185: with server management cards.
1.1 deraadt 186: </ul>
187: <p>
188:
189: <li>New tools:
190: <ul>
1.64 bentley 191: <li><a href="https://man.openbsd.org/rpc.statd.8">rpc.statd(8)</a>,
1.17 deraadt 192: the host status monitoring daemon for use with the NFS file locking daemon.
193: <li>Initial import of
1.64 bentley 194: <a href="https://man.openbsd.org/ypldap.8">ypldap(8)</a>,
1.17 deraadt 195: a drop-in replacement for ypserv to glue in an LDAP directory for
1.65 ! deraadt 196: get{pw,gr}ent family of functions.
1.64 bentley 197: <li>Deprecated <a href="https://man.openbsd.org/slattach.8">slattach(8)</a>
198: and <a href="https://man.openbsd.org/nmeaattach.8">nmeaattach(8)</a>
1.21 deraadt 199: in favor of
1.64 bentley 200: <a href="https://man.openbsd.org/ldattach.8">ldattach(8)</a>.
201: <li>Import of <a href="https://man.openbsd.org/tcpbench.1">tcpbench(1)</a>, a small TCP benchmarking tool.
1.1 deraadt 202: </ul>
203: <p>
204:
205: <li>New functionality:
206: <ul>
1.64 bentley 207: <li><a href="https://man.openbsd.org/aucat.1">aucat(1)</a>
1.26 deraadt 208: is now able to play and record audio in full-duplex,
209: mix unlimited number of streams, handle up to 16 channels,
210: resample streams on the fly, support various 24-bit and 32-bit
1.3 ratchov 211: encodings and does format conversions on the fly.
1.64 bentley 212: <li><a href="https://man.openbsd.org/httpd.8">httpd(8)</a> now supports IPv6.
213: <li><a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a>
1.26 deraadt 214: now supports basic synchronization of the /var/db/dhcpd.leases
215: file to allow running multiple instances for redundancy.
1.65 ! deraadt 216: <li>WPA/WPA2-PSK support for several models of wireless cards.
1.64 bentley 217: <li><a href="https://man.openbsd.org/rpc.lockd.8">rpc.lockd(8)</a>
1.17 deraadt 218: now supports NLMv4 and does actually do locking.
1.64 bentley 219: <li><a href="https://man.openbsd.org/ftp.1">ftp(1)</a>
1.65 ! deraadt 220: now supports recursive mget transfers.
1.64 bentley 221: <li><a href="https://man.openbsd.org/ftp.1">ftp(1)</a>
1.19 deraadt 222: now uses keep alive packets by default.
1.64 bentley 223: <li><a href="https://man.openbsd.org/ftp.1">ftp(1)</a>
1.26 deraadt 224: now accepts empty passwords in URLs.
1.64 bentley 225: <li><a href="https://man.openbsd.org/locate.1">locate(1)</a> now supports -b flag to perform search only on the last
1.30 deraadt 226: component of the path.
1.64 bentley 227: <li>Allow <a href="https://man.openbsd.org/cdio.1">cdio(1)</a>
1.17 deraadt 228: in TAO mode to set the write speed.
1.64 bentley 229: <li><a href="https://man.openbsd.org/cdio.1">cdio(1)</a>
1.19 deraadt 230: no longer blanks media twice.
1.64 bentley 231: <li>Add ability in <a href="https://man.openbsd.org/cdio.1">cdio(1)</a>
1.21 deraadt 232: to determine media capabilities and make it figure out if media supports TAO or blanking.
1.17 deraadt 233: <li>Initial version of
1.64 bentley 234: <a href="https://man.openbsd.org/softraid.4">softraid(4)</a>
1.30 deraadt 235: crypto support.
1.64 bentley 236: <li><a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a>
1.26 deraadt 237: now groks options tftp-config-file and auto-proxy-script in
1.64 bentley 238: <a href="https://man.openbsd.org/dhcpd.conf.5">dhcpd.conf(5)</a>.
239: <li><a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>
1.19 deraadt 240: option handling much more resistant to abuse.
1.64 bentley 241: <li><a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>
1.19 deraadt 242: now aware of interface link state and reacts to changes.
243: <li>DIOCRLDINFO, DIOCGPDINFO, and DIOCGPART support added to block devices
244: previously lacking it.
1.64 bentley 245: <li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.19 deraadt 246: no longer supports the '-r' option, and obtains all disklabel information via ioctl's.
1.64 bentley 247: <li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.19 deraadt 248: no longer suggests offsets and sizes that would result in partitions starting or ending
249: outside the OpenBSD section of the disk.
1.64 bentley 250: <li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.19 deraadt 251: now correctly reads back the 'vendor' field from text disklabels.
1.64 bentley 252: <li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.19 deraadt 253: editor mode '?' and 'p' commands are more compact and the 'l' command has been added
254: to produce previous verbose output.
255: <li>I/O's outside the bounds of the RAW_PART are now prevented, allowing
1.65 ! deraadt 256: proper detection of invalid I/O's.
1.19 deraadt 257: <li>USB floppies now have a valid cylinder count calculated, rather than 0.
1.64 bentley 258: <li><a href="https://man.openbsd.org/newfs.8">newfs(8)</a>
1.19 deraadt 259: can now create filesystems on devices with sector sizes other than 512, although
260: such filesystems cannot yet be read.
1.64 bentley 261: <li><a href="https://man.openbsd.org/rtadvd.8">rtadvd(8)</a>
262: now revokes its privileges and runs as its own user <code>_rtadvd</code>.
263: <li><a href="https://man.openbsd.org/scsi.4">scsi(4)</a>
1.19 deraadt 264: probing displays less useless verbiage and fewer spurious error messages.
1.64 bentley 265: <li><a href="https://man.openbsd.org/st.4">st(4)</a>
1.19 deraadt 266: devices can now be detached.
267: <li>ATAPI devices are now identified as such, rather than as SCSIn devices.
268: <li>SATA tape drives now work.
1.64 bentley 269: <li><a href="https://man.openbsd.org/scsi.4">scsi(4)</a>
1.19 deraadt 270: probing now displays the ID of the initiator on the bus.
1.64 bentley 271: <li><a href="https://man.openbsd.org/scsi.4">scsi(4)</a>
1.19 deraadt 272: debug capabilities improved to show commands and input or output data as appropriate.
1.64 bentley 273: <li><a href="https://man.openbsd.org/scsi.4">scsi(4)</a>
1.19 deraadt 274: probing makes better use of the TEST UNIT READY command to clear errors and allow
1.41 deraadt 275: successful attachments.
1.64 bentley 276: <li><a href="https://man.openbsd.org/scsi.4">scsi(4)</a>
1.19 deraadt 277: probing can now find more fibre channel attached devices.
1.21 deraadt 278: <li>Several mbuf pool cache corruption issues were fixed.
1.64 bentley 279: <li><a href="https://man.openbsd.org/identd.8">identd(8)</a>
1.21 deraadt 280: now supports IPv6 in standalone mode.
1.64 bentley 281: <li><a href="https://man.openbsd.org/cal.1">cal(1)</a>
1.21 deraadt 282: now shows week numbers too.
1.64 bentley 283: <li>In <a href="https://man.openbsd.org/pf.4">pf(4)</a>,
1.21 deraadt 284: implement a sloppy tcpstate tracker which does not look at sequence numbers at all.
1.64 bentley 285: <li><a href="https://man.openbsd.org/pf.4">pf(4)</a>
1.25 mpf 286: rule accounting now has a counter to record how many states in total have been
287: created by a rule.
288: <li>The kill states feature in
1.64 bentley 289: <a href="https://man.openbsd.org/pfctl.8">pfctl(8)</a>
1.25 mpf 290: now supports two additional match targets: Kill by rule label or state ID.
1.64 bentley 291: <li>Make <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>
1.21 deraadt 292: use sloppy
1.64 bentley 293: <a href="https://man.openbsd.org/pf.4">pf(4)</a>
1.21 deraadt 294: state keeping for routed sessions (Direct Server Return).
295: <li>Added support in
1.64 bentley 296: <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>
1.21 deraadt 297: for transparent L7 forwarding in relays.
1.30 deraadt 298: <li>Added support for dynamic IPv6-to-IPv4 or IPv4-to-IPv6 TCP relays in
1.64 bentley 299: <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>.
1.30 deraadt 300: <li>Improved the DNS mode and use OpenBSD's Id shuffle code from
1.64 bentley 301: <a href="https://man.openbsd.org/named.8">named(8)</a>.
302: in <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>.
303: <li>Extend <a href="https://man.openbsd.org/awk.1">awk(1)</a>
1.21 deraadt 304: with bitwise operations.
1.30 deraadt 305: <li>Updated the display code for
1.64 bentley 306: <a href="https://man.openbsd.org/systat.1">systat(1)</a>
1.30 deraadt 307: which adds views for
1.64 bentley 308: <a href="https://man.openbsd.org/pf.4">pf(4)</a>
1.30 deraadt 309: states, rules and queues.
310: <li>Imported initial support for IEEE 802.3ad/LACP in
1.64 bentley 311: <a href="https://man.openbsd.org/trunk.4">trunk(4)</a>.
1.1 deraadt 312: </ul>
313: <p>
314:
315: <li>Assorted improvements and code cleanup:
316: <ul>
1.8 deraadt 317: <li>A greatly changed buffer cache subsystem which maps cache pages only
318: when in use, resulting in improved filesystem performance, and
1.26 deraadt 319: allowing for the effective use of a much larger buffer cache.
1.11 espie 320: <li>A greatly improved implementation of
1.64 bentley 321: <a href="https://man.openbsd.org/malloc.3">
1.11 espie 322: malloc(3)</a>, the general purpose memory allocator,
1.65 ! deraadt 323: which catches more mistakes, reduces address space fragmentation,
1.11 espie 324: and is faster.
1.64 bentley 325: <li>The <a href="https://man.openbsd.org/statfs.2">
1.14 otto 326: statfs(2)</a> system call has been enhanced to support large
1.10 otto 327: filesystems.
1.64 bentley 328: <li>The <a href="https://man.openbsd.org/strtof.3">strtof(3)</a>
1.30 deraadt 329: function has been added to libc.
330: <li>A lot of work has been done on libm to add several functions towards more
331: C99 compliance.
1.20 deraadt 332: <li>Lots of features have been implemented in OpenCVS, which can now be used
1.19 deraadt 333: to do some real work.
1.64 bentley 334: <li>New APIs for <a href="https://man.openbsd.org/arc4random.3">arc4random(3)</a>,
1.34 deraadt 335: one to fill a buffer with random numbers and the other to return a
336: uniformly distributed random number without bias.
1.1 deraadt 337: </ul>
338: <p>
339:
340: <li>Install/Upgrade process changes:
341: <ul>
1.15 deraadt 342: <li>A new tool
1.64 bentley 343: <a href="https://man.openbsd.org/sysmerge.8">
1.18 sobrado 344: sysmerge(8)</a>, derived from the old mergemaster port, makes
1.15 deraadt 345: it easier to merge configuration files changes during an upgrade.
1.16 deraadt 346: <li>Fully support OpenBSD inside extended partitions on i386 and amd64.
1.17 deraadt 347: <li>During installation 'dhcp' is now the initial default answer during
1.65 ! deraadt 348: network configuration.
1.19 deraadt 349: <li>Fetching sets via FTP more reliable due to automatic use of keep alive.
350: <li>Fetching sets via NFS no longer hangs retrying a non-functional mount.
351: <li>Installation ensures hostname.* files are installed with mode 600.
352: <li>Serial console configuration now automatically detects speed.
353: <li>Serial console support extended to all architectures.
354: <li>Partition size display no longer limited to 32 bit sizes.
355: <li>Partition sizes now scaled and formatted to use human readable units.
1.64 bentley 356: <li><a href="https://man.openbsd.org/ntpd.8">ntpd(8)</a>
1.26 deraadt 357: configuration questions improved.
1.19 deraadt 358: <li>Sparc miniroot root disk detection fixed.
359: <li>Invocations of
1.64 bentley 360: <a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.19 deraadt 361: by the scripts are now less verbose.
1.1 deraadt 362: </ul>
363: <p>
364:
1.15 deraadt 365: <li>OpenSSH 5.1:
1.1 deraadt 366: <ul>
1.15 deraadt 367: <li>New experimental fingerprint ASCII art visualisation system for easier
368: verification of remote keys.
1.64 bentley 369: <li>Added <a href="https://man.openbsd.org/chroot.2">
1.15 deraadt 370: chroot(2)</a> support for
1.64 bentley 371: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>.
1.15 deraadt 372: <li>Added an extended test mode (-T) to
1.64 bentley 373: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>.
1.15 deraadt 374: <li>Make
1.64 bentley 375: <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.15 deraadt 376: support negation of groups in a "Match group" block.
1.16 deraadt 377: <li>Increased the ephemeral key size in protocol1 from 768 to 1024 bits.
1.15 deraadt 378: <li>Better tests of primes in /etc/moduli
1.16 deraadt 379: <li>Refuse to read .shosts or authorized_keys files that are not regular
1.65 ! deraadt 380: files.
1.15 deraadt 381: <li>Enable ~ escapes for multiplex slave sessions.
1.16 deraadt 382: <li>Support CIDR address matching in Match blocks and authorized_keys
1.15 deraadt 383: from="..." stanzas.
384: <li>Make port forwarding code try additional addresses when connecting to
385: a destination whose DNS name resolves to more than one address.
386: <li>Make the maximum number of
1.64 bentley 387: <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.16 deraadt 388: sessions run-time controllable via MaxSessions in
1.64 bentley 389: <a href="https://man.openbsd.org/ssh_config.5">
1.15 deraadt 390: ssh_config(5)</a>.
1.64 bentley 391: <li><a href="https://man.openbsd.org/ssh-keyscan.1">
1.34 deraadt 392: ssh-keyscan(1)</a> now defaults to RSA protocol 2 keys, instead of RSA1.
1.15 deraadt 393: <li>Added an extension to sftp protocol to implement
1.64 bentley 394: <a href="https://man.openbsd.org/statvfs.3">
1.34 deraadt 395: statvfs(3)</a>-like operations and add a df command to
1.64 bentley 396: <a href="https://man.openbsd.org/sftp.1">
1.15 deraadt 397: sftp(1)</a>.
1.26 deraadt 398: <li>Disable execution of ~/.ssh/rc for sessions where a command has been
1.15 deraadt 399: forced by the sshd_config ForceCommand directive.
400: <li>And several bug fixes and performance enhancements.
1.1 deraadt 401: </ul>
402: <p>
403:
1.33 deraadt 404: <li>Over 5205 ports, minor robustness improvements in package tools.
1.1 deraadt 405: <li>Many pre-built packages for each architecture:
1.64 bentley 406: <ul style="column-count: 4">
1.8 deraadt 407: <li>i386: 5033
408: <li>sparc64: 4862
1.40 deraadt 409: <li>alpha: 4852
1.43 deraadt 410: <li>sh: 1285
1.23 deraadt 411: <li>amd64: 4940
1.32 deraadt 412: <li>powerpc: 4466
1.43 deraadt 413: <li>sparc: 3381
414: <li>arm: 4018
1.40 deraadt 415: <li>hppa: 1595
1.43 deraadt 416: <li>vax: 1954
1.40 deraadt 417: <li>mips64: 3099
1.64 bentley 418: </ul>
1.1 deraadt 419: Some highlights:
420: <ul>
1.30 deraadt 421: <li>Gnome 2.20.3.
422: <li>GNUstep 1.14.2.
1.44 brad 423: <li>KDE 3.5.9.
1.30 deraadt 424: <li>Mozilla Firefox 2.0.0.16 and 3.0.1.
425: <li>Mozilla Thunderbird 2.0.0.16.
426: <li>MySQL 5.0.51a
427: <li>OpenMotif 2.3.0.
428: <li>OpenOffice.org 2.4.1.
429: <li>PostgreSQL 8.3.3.
430: <li>Xfce 4.4.2.
1.1 deraadt 431: </ul>
432: <p>
433:
434: <li>As usual, steady improvements in manual pages and other documentation.
435: <p>
436:
437: <li>The system includes the following major components from outside suppliers:
438: <ul>
439: <li>Xenocara (based on X.Org 7.3 + patches, freetype 2.3.5, fontconfig
1.2 matthieu 440: 2.4.2, Mesa 7.0.3, xterm 234 and more)
1.1 deraadt 441: <li>Gcc 2.95.3
1.64 bentley 442: (+ <a href="https://man.openbsd.org/gcc-local.1">patches</a>)
1.1 deraadt 443: and 3.3.5
1.64 bentley 444: (+ <a href="https://man.openbsd.org/gcc-local.1">patches</a>)
1.1 deraadt 445: <li>Perl 5.8.8 (+ patches)
446: <li>Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
447: <li>OpenSSL 0.9.7j (+ patches)
448: <li>Groff 1.15
1.8 deraadt 449: <li>Sendmail 8.14.3, with libmilter
450: <li>Bind 9.4.2-P2 (+ patches)
1.1 deraadt 451: <li>Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
1.8 deraadt 452: <li>Sudo 1.6.9p17
1.1 deraadt 453: <li>Ncurses 5.2
454: <li>Latest KAME IPv6
455: <li>Heimdal 0.7.2 (+ patches)
456: <li>Arla 0.35.7
457: <li>Binutils 2.15 (+ patches)
458: <li>Gdb 6.3 (+ patches)
459: </ul>
460:
461: </ul>
1.64 bentley 462: </section>
1.1 deraadt 463:
464: <hr>
1.64 bentley 465:
466: <section id=install>
467: <h3>How to install</h3>
468:
1.1 deraadt 469: <p>
470: Following this are the instructions which you would have on a piece of
471: paper if you had purchased a CDROM set instead of doing an alternate
472: form of install. The instructions for doing an FTP (or other style
473: of) install are very similar; the CDROM instructions are left intact
474: so that you can see how much easier it would have been if you had
475: purchased a CDROM instead.
476: <p>
477:
478: <hr>
479: Please refer to the following files on the three CDROMs or FTP mirror for
480: extensive details on how to install OpenBSD 4.4 on your machine:
481: <p>
482: <ul>
483: <li>CD1:4.4/i386/INSTALL.i386
484: <p>
485: <li>CD2:4.4/amd64/INSTALL.amd64
486: <li>CD2:4.4/macppc/INSTALL.macppc
487: <p>
488: <li>CD3:4.4/sparc64/INSTALL.sparc64
489: <p>
490: <li>FTP:.../OpenBSD/4.4/alpha/INSTALL.alpha
491: <li>FTP:.../OpenBSD/4.4/armish/INSTALL.armish
492: <li>FTP:.../OpenBSD/4.4/hp300/INSTALL.hp300
493: <li>FTP:.../OpenBSD/4.4/hppa/INSTALL.hppa
494: <li>FTP:.../OpenBSD/4.4/landisk/INSTALL.landisk
495: <li>FTP:.../OpenBSD/4.4/mac68k/INSTALL.mac68k
496: <li>FTP:.../OpenBSD/4.4/mvme68k/INSTALL.mvme68k
497: <li>FTP:.../OpenBSD/4.4/mvme88k/INSTALL.mvme88k
498: <li>FTP:.../OpenBSD/4.4/sgi/INSTALL.sgi
499: <li>FTP:.../OpenBSD/4.4/sparc/INSTALL.sparc
500: <li>FTP:.../OpenBSD/4.4/vax/INSTALL.vax
501: <li>FTP:.../OpenBSD/4.4/zaurus/INSTALL.zaurus
502: </ul>
503: <hr>
504:
1.64 bentley 505: <section id=quickinstall>
506:
1.1 deraadt 507: <p>
508: Quick installer information for people familiar with OpenBSD, and the
509: use of the "disklabel -E" command. If you are at all confused when
510: installing OpenBSD, read the relevant INSTALL.* file as listed above!
1.64 bentley 511:
512: <h3>OpenBSD/i386:</h3>
513:
1.1 deraadt 514: <p>
515: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
516: release is on CD1. If your BIOS does not support booting from CD, you will need
517: to create a boot floppy to install from. To create a boot floppy write
518: <i>CD1:4.4/i386/floppy44.fs</i> to a floppy and boot via the floppy drive.
519:
520: <p>
521: Use <i>CD1:4.4/i386/floppyB44.fs</i> instead for greater SCSI controller
522: support, or <i>CD1:4.4/i386/floppyC44.fs</i> for better laptop support.
523:
524: <p>
525: If you can't boot from a CD or a floppy disk,
526: you can install across the network using PXE as described in
527: the included INSTALL.i386 document.
528:
529: <p>
530: If you are planning on dual booting OpenBSD with another OS, you will need to
531: read INSTALL.i386.
532:
533: <p>
534: To make a boot floppy under MS-DOS, use the "rawrite" utility located
535: at <i>CD1:4.4/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
536: use the
1.64 bentley 537: <a href="https://man.openbsd.org/dd.1">dd(1)</a>
1.1 deraadt 538: utility. The following is an example usage of
1.64 bentley 539: <a href="https://man.openbsd.org/dd.1">dd(1)</a>,
1.1 deraadt 540: where the device could be "floppy", "rfd0c", or
541: "rfd0a".
542:
1.64 bentley 543: <blockquote><pre>
1.1 deraadt 544: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
1.64 bentley 545: </pre></blockquote>
1.1 deraadt 546:
547: <p>
548: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
549: your install will most likely fail. For more information on creating a boot
550: floppy and installing OpenBSD/i386 please refer to
1.59 tj 551: <a href="faq/faq4.html#MkFlop">this page</a>.
1.64 bentley 552:
553: <h3>OpenBSD/amd64:</h3>
1.1 deraadt 554:
555: <p>
556: The 4.4 release of OpenBSD/amd64 is located on CD2.
557: Boot from the CD to begin the install - you may need to adjust
558: your BIOS options first.
559: If you can't boot from the CD, you can create a boot floppy to install from.
560: To do this, write <i>CD2:4.4/amd64/floppy44.fs</i> to a floppy, then
561: boot from the floppy drive.
562:
563: <p>
564: If you can't boot from a CD or a floppy disk,
565: you can install across the network using PXE as described in the included
566: INSTALL.amd64 document.
567:
568: <p>
569: If you are planning to dual boot OpenBSD with another OS, you will need to
570: read INSTALL.amd64.
1.64 bentley 571:
572: <h3>OpenBSD/macppc:</h3>
1.1 deraadt 573:
574: <p>
575: Put CD2 in your CDROM drive and poweron your machine while holding down the
576: <i>C</i> key until the display turns on and shows <i>OpenBSD/macppc boot</i>.
577:
578: <p>
579: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
580: /4.4/macppc/bsd.rd</i>
1.64 bentley 581:
582: <h3>OpenBSD/sparc64:</h3>
1.1 deraadt 583:
584: <p>
585: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
586:
587: <p>
588: If this doesn't work, or if you don't have a CDROM drive, you can write
589: <i>CD3:4.4/sparc64/floppy44.fs</i> or <i>CD3:4.4/sparc64/floppyB44.fs</i>
590: (depending on your machine) to a floppy and boot it with <i>boot
591: floppy</i>. Refer to INSTALL.sparc64 for details.
592:
593: <p>
594: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
595: will most likely fail.
596:
597: <p>
598: You can also write <i>CD3:4.4/sparc64/miniroot44.fs</i> to the swap partition on
599: the disk and boot with <i>boot disk:b</i>.
600:
601: <p>
602: If nothing works, you can boot over the network as described in INSTALL.sparc64.
1.64 bentley 603:
604: <h3>OpenBSD/alpha:</h3>
1.1 deraadt 605:
606: <p>
1.64 bentley 607: Write <i>FTP:4.4/alpha/floppy44.fs</i> or
1.1 deraadt 608: <i>FTP:4.4/alpha/floppyB44.fs</i> (depending on your machine) to a diskette and
609: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
610:
611: <p>
612: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
613: will most likely fail.
614:
1.64 bentley 615: <h3>OpenBSD/armish:</h3>
1.1 deraadt 616:
617: <p>
618: After connecting a serial port, Thecus can boot directly from the network
619: either tftp or http. Configure the network using fconfig, reset,
620: then load bsd.rd, see INSTALL.armish for specific details.
621: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
622: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
623: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
624: More details are available in INSTALL.armish.
625:
1.64 bentley 626: <h3>OpenBSD/hp300:</h3>
627:
1.1 deraadt 628: <p>
629: Boot over the network by following the instructions in INSTALL.hp300.
1.64 bentley 630:
631: <h3>OpenBSD/hppa:</h3>
1.1 deraadt 632:
633: <p>
634: Boot over the network by following the instructions in INSTALL.hppa or the
635: <a href="hppa.html#install">hppa platform page</a>.
636:
1.64 bentley 637: <h3>OpenBSD/landisk:</h3>
638:
1.1 deraadt 639: <p>
640: Write <i>miniroot44.fs</i> to the start of the CF
641: or disk, and boot normally.
1.64 bentley 642:
643: <h3>OpenBSD/mac68k:</h3>
1.1 deraadt 644:
645: <p>
646: Boot MacOS as normal and extract the Macside "BSD/Mac68k Booter" utility from
647: <i>FTP:4.4/mac68k/utils</i> onto your hard disk. Configure the "BSD/Mac68k
648: Booter" with the location of your bsd.rd kernel and boot into the installer.
649: Refer to the instructions in INSTALL.mac68k for more details.
650:
1.64 bentley 651: <h3>OpenBSD/mvme68k:</h3>
652:
1.1 deraadt 653: <p>
654: You can create a bootable installation tape or boot over the network.<br>
655: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
656: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
657: for more details.
1.64 bentley 658:
659: <h3>OpenBSD/mvme88k:</h3>
1.1 deraadt 660:
661: <p>
662: You can create a bootable installation tape or boot over the network.<br>
663: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
664: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
665: for more details.
1.64 bentley 666:
667: <h3>OpenBSD/sparc:</h3>
1.1 deraadt 668:
669: <p>
670: Boot from one of the provided install ISO images, using one of the two
671: commands listed below, depending on the version of your ROM.
672:
1.64 bentley 673: <blockquote><pre>
674: ok <kbd>boot cdrom 4.4/sparc/bsd.rd</kbd>
1.1 deraadt 675: or
1.64 bentley 676: > <kbd>b sd(0,6,0)4.4/sparc/bsd.rd</kbd>
677: </pre></blockquote>
1.1 deraadt 678:
679: <p>
680: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
681: To do so you need to write <i>floppy44.fs</i> to a floppy.
1.59 tj 682: For more information see <a href="faq/faq4.html#MkFlop">this page</a>.
1.1 deraadt 683: To boot from the floppy use one of the two commands listed below,
684: depending on the version of your ROM.
685:
1.64 bentley 686: <blockquote><pre>
687: ok <kbd>boot floppy</kbd>
1.1 deraadt 688: or
1.64 bentley 689: > <kbd>b fd()</kbd>
690: </pre></blockquote>
1.1 deraadt 691:
692: <p>
693: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
694: will most likely fail.
695:
696: <p>
697: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
698: setup a bootable tape, or install via network, as told in the
699: INSTALL.sparc file.
700:
1.64 bentley 701: <h3>OpenBSD/sgi:</h3>
702:
1.1 deraadt 703: <p>
704: Burn cd44.iso on a CD-R, put it in the CD drive of your machine and
705: select <i>Install System Software</i> from the System Maintenance menu.
706:
707: <p>
708: If your machine doesn't have a CD drive, you can
709: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd".
710: Refer to the instructions in INSTALL.sgi for more details.
1.64 bentley 711:
712: <h3>OpenBSD/vax:</h3>
1.1 deraadt 713:
714: <p>
715: Boot over the network via mopbooting as described in INSTALL.vax.
1.64 bentley 716:
717: <h3>OpenBSD/zaurus:</h3>
1.1 deraadt 718:
719: <p>
720: Using the Linux built-in graphical ipkg installer, install the
721: openbsd44_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
722: for a few important details.
1.64 bentley 723:
724: </section>
725:
726: <section id=sourcecode>
727: <h3>Notes about the source code:</h3>
1.1 deraadt 728:
729: <p>
730: src.tar.gz contains a source archive starting at /usr/src. This file
731: contains everything you need except for the kernel sources, which are
732: in a separate archive. To extract:
1.64 bentley 733:
734: <blockquote><pre>
735: # <kbd>mkdir -p /usr/src</kbd>
736: # <kbd>cd /usr/src</kbd>
737: # <kbd>tar xvfz /tmp/src.tar.gz</kbd>
738: </pre></blockquote>
739:
1.1 deraadt 740: <p>
741: sys.tar.gz contains a source archive starting at /usr/src/sys.
742: This file contains all the kernel sources you need to rebuild kernels.
743: To extract:
1.64 bentley 744:
745: <blockquote><pre>
746: # <kbd>mkdir -p /usr/src/sys</kbd>
747: # <kbd>cd /usr/src</kbd>
1.1 deraadt 748: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
1.64 bentley 749: </pre></blockquote>
750:
1.1 deraadt 751: <p>
752: Both of these trees are a regular CVS checkout. Using these trees it
753: is possible to get a head-start on using the anoncvs servers as
754: described <a href="anoncvs.html">here</a>.
755: Using these files
756: results in a much faster initial CVS update than you could expect from
757: a fresh checkout of the full OpenBSD source tree.
758:
1.64 bentley 759: </section>
760: </section>
761:
1.1 deraadt 762: <hr>
1.64 bentley 763:
764: <section id=upgrade>
765: <h3>How to upgrade</h3>
1.1 deraadt 766: <p>
767: If you already have an OpenBSD 4.3 system, and do not want to reinstall,
768: upgrade instructions and advice can be found in the
769: <a href="faq/upgrade44.html">Upgrade Guide</a>.
1.64 bentley 770: </section>
1.1 deraadt 771:
772: <hr>
1.64 bentley 773:
774: <section id=ports>
775: <h3>Ports Tree</h3>
1.1 deraadt 776: <p>
777: A ports tree archive is also provided. To extract:
778: <p>
1.64 bentley 779: <blockquote><pre>
780: # <kbd>cd /usr</kbd>
781: # <kbd>tar xvfz /tmp/ports.tar.gz</kbd>
782: # <kbd>cd ports</kbd>
783: </pre></blockquote>
1.1 deraadt 784: <p>
785: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
1.46 jasper 786: read the <a href="faq/faq15.html">ports</a> page
1.1 deraadt 787: if you know nothing about ports
788: at this point. This text is not a manual of how to use ports.
789: Rather, it is a set of notes meant to kickstart the user on the
790: OpenBSD ports system.
791: <p>
792: The <i>ports/</i> directory represents a CVS (see the manpage for
1.64 bentley 793: <a href="https://man.openbsd.org/cvs.1">
1.1 deraadt 794: cvs(1)</a> if
795: you aren't familiar with CVS) checkout of our ports. As with our complete
796: source tree, our ports tree is available via anoncvs. So, in
797: order to keep current with it, you must make the <i>ports/</i> tree
798: available on a read-write medium and update the tree with a command
799: like:
800: <p>
1.64 bentley 801: <blockquote><pre>
1.1 deraadt 802: # <strong>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_4_4</strong>
1.64 bentley 803: </pre></blockquote>
1.1 deraadt 804: <p>
805: [Of course, you must replace the local directory and server name here
806: with the location of your ports collection and a nearby anoncvs
807: server.]
808: <p>
809: Note that most ports are available as packages through FTP. Updated
810: packages for the 4.4 release will be made available if problems arise.
811: <p>
812: If you're interested in seeing a port added, would like to help out, or just
813: would like to know more, the mailing list ports@openbsd.org is a good
814: place to know.
1.64 bentley 815: </section>