Annotation of www/47.html, Revision 1.76
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
1.68 deraadt 4: <title>OpenBSD 4.7</title>
1.1 deraadt 5: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
6: <meta name="description" content="OpenBSD 4.7">
1.17 jasper 7: <meta name="copyright" content="This document copyright 2010 by OpenBSD.">
1.73 sthen 8: <link rel="canonical" href="http://www.openbsd.org/47.html">
1.1 deraadt 9: </head>
10:
11: <body bgcolor="#ffffff" text="#000000" link="#24248E">
12:
13: <a href="index.html">
14: <img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
1.70 deraadt 15: <p>
1.1 deraadt 16:
1.33 deraadt 17: <a href="images/Superfish.jpg">
1.68 deraadt 18: <img align="left" width="227" height="343" hspace="24" src="images/Superfish.jpg"></a>
19: <h2><font color="#0000e0">OpenBSD 4.7</font></h2>
1.1 deraadt 20: <p>
21: Released May 19, 2010<br>
22: Copyright 1997-2010, Theo de Raadt.<br>
23: <font color="#e00000">ISBN 978-0-9784475-5-7</font>
24: <br>
1.75 deraadt 25: 4.7 Song: <a href="lyrics.html#47">"I'm still here"</a>
1.1 deraadt 26: <p>
27: <ul>
1.72 deraadt 28: <li>Order a CDROM from our <a href="https://openbsdstore.com">ordering system</a>.
1.1 deraadt 29: <li>See the information on <a href="ftp.html">The FTP page</a> for
30: a list of mirror machines.
31: <li>Go to the <font color="#e00000">pub/OpenBSD/4.7/</font> directory on
32: one of the mirror sites.
33: <li>Have a look at <a href="errata47.html">The 4.7 Errata page</a> for a list
34: of bugs and workarounds.
35: <li>See a <a href="plus47.html">detailed log of changes</a> between the
36: 4.6 and 4.7 releases.
37: </ul>
38: <br clear=all>
1.69 deraadt 39: <p>
1.68 deraadt 40: All applicable copyrights and credits can be found in the applicable
41: file sources found in the files src.tar.gz, sys.tar.gz,
42: xenocara.tar.gz, or in the files fetched via ports.tar.gz. The
43: distribution files used to build packages from the ports.tar.gz file
44: are not included on the CDROM because of lack of space.
1.1 deraadt 45: <p>
46:
47: <a name="new"></a>
48: <hr>
49: <p>
50: <h3><font color="#0000e0">What's New</font></h3>
51: <p>
52: This is a partial list of new features and systems included in OpenBSD 4.7.
53: For a comprehensive list, see the <a href="plus47.html">changelog</a> leading
54: to 4.7.
55: <p>
56:
57: <ul>
58:
59: <li>New/extended platforms:
60: <ul>
1.7 kettenis 61: <li><a href="alpha.html">OpenBSD/alpha</a>
62: <ul>
63: <li>Added support for the DS15/DS25/ES45.
64: </ul>
65: <li><a href="loongson.html">OpenBSD/loongson</a><br>
66: New platform for systems based on the Loongson 2E and 2F
67: MIPS-compatible processors. Supported machines include:
68: <ul>
69: <li>Lemote Fuloong 2F mini-PC
70: <li>Lemote Lynloong all-in-one-PC
71: <li>Lemote Yeeloong netbook (8.9" and 10.1" models)
72: <li>EMTEC Gdium Liberty 1000 netbook
73: </ul>
74: <li><a href="sgi.html">OpenBSD/sgi</a>
75: <ul>
1.29 miod 76: <li>Added support for multi-node SGI Origin systems, in M mode.
77: <li>Added support for the SGI Origin 350, Onyx 350, Onyx 4 and Tezro
78: systems.
79: <li>Added SMP support on the SGI Octane.
80: <li>Support for many more onboard devices on Octane and Origin
81: systems. (see below)
1.7 kettenis 82: </ul>
83: <li><a href="socppc.html">OpenBSD/socppc</a>
84: <ul>
85: <li>Added support for the RouterBOARD RB600A.
86: </ul>
1.30 kettenis 87: <li><a href="sparc64.html">OpenBSD/sparc64</a>
88: <ul>
89: <li>Preliminary support for running OpenBSD in a guest domain
90: on top of an OpenBSD control domain on sun4v machines.
91: </ul>
1.1 deraadt 92: </ul>
93: <p>
94:
95: <li>Improved hardware support, including:
96: <ul>
1.12 matthieu 97: <li>Revamped SCSI midlayer and improved driver support.
1.32 miod 98: <li>UDF 2.5 and 2.6 (HDDVD and Blu-ray) disks support.
1.76 ! beck 99: <li>Added <a href="http://man.openbsd.org?query=mpath&sektion=4&format=html">mpath(4)</a>,
1.13 matthieu 100: a driver that steals paths to scsi devices if they could be
101: available via multiple paths and then made available
1.76 ! beck 102: via <a href="http://man.openbsd.org?query=mpath&sektion=4&format=html">mpath(4)</a>.
! 103: <li>New <a href="http://man.openbsd.org?query=aibs&sektion=4&format=html">aibs(4)</a>
1.32 miod 104: driver for ASUSTeK AI Booster hardware monitoring.
1.76 ! beck 105: <li>New <a href="http://man.openbsd.org?query=uthum&sektion=4">uthum(4)</a>
1.32 miod 106: driver for the TEMPerHUM USB temperature and humidity sensors.
1.76 ! beck 107: <li>New <a href="http://man.openbsd.org?query=utrh&sektion=4">utrh(4)</a>
1.20 jsg 108: driver for USBRH temperature and humidity sensors.
1.76 ! beck 109: <li>New <a href="http://man.openbsd.org?query=uyurex&sektion=4">uyurex(4)</a>
1.32 miod 110: driver for the Maywa-denki & KAYAC YUREX twitch/jiggle of knee sensor.
1.76 ! beck 111: <li>New <a href="http://man.openbsd.org?query=urndis&sektion=4">urndis(4)</a>
1.32 miod 112: driver for remote NDIS Ethernet over USB devices (phones).
1.76 ! beck 113: <li>New <a href="http://man.openbsd.org?query=wsudl&sektion=4">xf86-video-wsudl(4)</a>
1.32 miod 114: Xorg driver for USB DisplayLink devices supported by
1.76 ! beck 115: <a href="http://man.openbsd.org?query=udl&sektion=4">udl(4)</a>.
! 116: <li>New <a href="http://man.openbsd.org?query=mpii&sektion=4">mpii(4)</a>
1.20 jsg 117: driver for LSI Logic Fusion MPT Message Passing Interface II based SAS 2 controllers.
1.76 ! beck 118: <li>New <a href="http://man.openbsd.org?query=athn&sektion=4">athn(4)</a>
1.20 jsg 119: driver for Atheros IEEE 802.11a/g/n wireless network devices.
1.76 ! beck 120: <li>New <a href="http://man.openbsd.org?query=alc&sektion=4">alc(4)</a>
1.20 jsg 121: driver for Atheros AR8131/AR8132 10/100/Gigabit Ethernet devices.
1.76 ! beck 122: <li>New <a href="http://man.openbsd.org?query=lisa&sektion=4">lisa(4)</a>
1.20 jsg 123: driver for STMicroelectronics LIS331DL MEMS motion sensors.
1.76 ! beck 124: <li>New <a href="http://man.openbsd.org?query=gcu&sektion=4">gcu(4)</a>
1.20 jsg 125: driver for Intel EP80579 Global Configuration Unit.
1.76 ! beck 126: <li>New <a href="http://man.openbsd.org?query=lom&sektion=4&arch=sparc64">lom(4)</a>
1.30 kettenis 127: driver for LOMLite and LOMLite2 as found on many of Sun's UltraSPARC-IIi
128: servers.
1.76 ! beck 129: <li>New <a href="http://man.openbsd.org?query=vsw&sektion=4&arch=sparc64">vsw(4)</a>
1.30 kettenis 130: driver for virtual switches on sun4v machines.
1.76 ! beck 131: <li>New <a href="http://man.openbsd.org?query=vds&sektion=4&arch=sparc64">vds(4)</a>
1.30 kettenis 132: driver for virtual disk servers on sun4v machines.
1.20 jsg 133: <li>Support for EP80579 integrated Ethernet and ICH9 M V has been added to
1.76 ! beck 134: <a href="http://man.openbsd.org?query=em&sektion=4">em(4)</a>.
1.20 jsg 135: <li>Support for 82599 and SFP+ 82598 devices has been added to
1.76 ! beck 136: <a href="http://man.openbsd.org?query=ix&sektion=4">ix(4)</a>.
1.30 kettenis 137: <li>Support for the Sun GigabitEthernet SBus Adapter 1.0/1.1 has been added
1.76 ! beck 138: to <a href="http://man.openbsd.org?query=ti&sektion=4">ti(4)</a>.
1.30 kettenis 139: <li>Support for SBus variants of the QLogic Fibre Channel host adapters has
1.76 ! beck 140: been added to <a href="http://man.openbsd.org?query=isp&sektion=4">isp(4)</a>.
1.32 miod 141: <li>Support for SBus variants of the Sun Gigabit Ethernet has
1.76 ! beck 142: been added to <a href="http://man.openbsd.org?query=gem&sektion=4">gem(4)</a>.
1.55 damien 143: <li>Support for Intel WiFi Link 1000 and Intel Centrino Advanced-N 6200/Ultimate-N 6300
1.76 ! beck 144: has been added to <a href="http://man.openbsd.org?query=iwn&sektion=4">iwn(4)</a>.
1.36 damien 145: <li>Support for Ralink RT3572 based 802.11n devices
1.76 ! beck 146: has been added to <a href="http://man.openbsd.org?query=run&sektion=4">run(4)</a>.
1.57 ratchov 147: <li>VIA Tremor 5.1, M-Audio Revolution 5.1 cards
1.76 ! beck 148: has been added to <a href="http://man.openbsd.org?query=envy&sektion=4">envy(4)</a>.
! 149: <li>New <a href="http://man.openbsd.org?query=uhts&sektion=4">uhts(4)</a>
1.46 deraadt 150: driver for USB HID touchscreens.
1.13 matthieu 151: <li>Improved touchscreen support in
1.76 ! beck 152: the <a href="http://man.openbsd.org?query=ws&sektion=4">xf86-input-ws(4)</a>
1.13 matthieu 153: Xorg driver and improved calibration using the new device
154: properties from Xinput.
1.32 miod 155: <li>Support for ON CAT6095 and ON CAT34TS02 temperature sensors added to
1.76 ! beck 156: <a href="http://man.openbsd.org?query=sdtemp&sektion=4">sdtemp(4)</a>.
1.43 jsg 157: <li>Several improvements and bug fixes to existing Ethernet
1.13 matthieu 158: drivers, including
1.76 ! beck 159: <a href="http://man.openbsd.org?query=em&sektion=4">em(4)</a>,
! 160: <a href="http://man.openbsd.org?query=re&sektion=4">re(4)</a>,
! 161: <a href="http://man.openbsd.org?query=ti&sektion=4">ti(4)</a>
! 162: and <a href="http://man.openbsd.org?query=vge&sektion=4">vge(4)</a>.
1.29 miod 163: <li>Support for the <i>PIC</i> PCI-X controller added to the SGI
1.76 ! beck 164: <a href="http://man.openbsd.org?query=xbridge&sektion=4&arch=sgi">xbridge(4)</a> driver.
1.29 miod 165: <li>Support for the onboard Fast Ethernet interface found on SGI Octane and
166: many SGI Origin family systems,
1.76 ! beck 167: <a href="http://man.openbsd.org?query=iec&sektion=4&arch=sgi">iec(4)</a>.
1.29 miod 168: <li>Support for more SGI input and video devices on Octane and Origin systems, with
1.76 ! beck 169: <a href="http://man.openbsd.org?query=iockbc&sektion=4&arch=sgi">iockbc(4)</a>,
! 170: <a href="http://man.openbsd.org?query=impact&sektion=4&arch=sgi">impact(4)</a>,
! 171: and <a href="http://man.openbsd.org?query=odyssey&sektion=4&arch=sgi">odyssey(4)</a>.
1.35 otto 172: <li>Improved PCI resource allocation; more hardware left unconfigured by
173: the machine's firmware (including hotplugged hardware) should work now.
1.47 jakemsr 174: <li>Support for recording/full-duplex added to
1.76 ! beck 175: <a href="http://man.openbsd.org?query=mavb&sektion=4&arch=sgi">mavb(4)</a>.
1.47 jakemsr 176: <li>Improved support for USB audio devices in
1.76 ! beck 177: <a href="http://man.openbsd.org?query=uaudio&sektion=4">uaudio(4)</a>.
1.54 krw 178: <li>Improved support for
1.76 ! beck 179: <a href="http://man.openbsd.org?query=bwi&sektion=4">bwi(4)</a> devices on strict-alignment architectures like armish.
1.61 deraadt 180: <li>Eliminate usage of SCSI tagged queueing mechanisms other than simple queuing, thus avoiding incorrect implementations on various disk devices.
1.76 ! beck 181: <li>Eliminate spurious <a href="http://man.openbsd.org?query=dhclient&sektion=">dhclient(8)</a> error messages when the specified interface does not exist.
! 182: <li>Eliminate spurious <a href="http://man.openbsd.org?query=softraid&sektion=">softraid(4)</a> error messages for removable devices without media.
1.1 deraadt 183: </ul>
184: <p>
185:
186: <li>New tools:
187: <ul>
1.76 ! beck 188: <li><a href="http://man.openbsd.org?query=newfs_ext2fs&sektion=8">newfs_ext2fs(8)</a> for creating ext2 filesystems.
! 189: <li><a href="http://man.openbsd.org?query=mkuboot&sektion=8">mkuboot(8)</a> for creating U-Boot boot loader images.
! 190: <li><a href="http://man.openbsd.org?query=midicat&sektion=1">midicat(1)</a> MIDI server allowing MIDI programs to communicate
! 191: <li>POSIX-compliant <a href="http://man.openbsd.org?query=fuser&sektion=1">fuser(1)</a> to identify process IDs holding a file open
1.1 deraadt 192: </ul>
193: <p>
194:
1.43 jsg 195: <li>Filesystem midlayer improvements:
1.2 beck 196: <ul>
197: <li> Dynamic Buffer Cache now supported to a max size set with sysctl <tt>kern.bufcachepercent</tt>
198: <li> Dynamic VFS name cache rewrite, now uses Red/Black trees instead of linked lists.
1.32 miod 199: <li> Numerous NFS client stability fixes.
1.54 krw 200: <li> Fix FAT32 mounting.
201: <li> Fix cd9660 directory handling to eliminate looping and random
202: truncation of directory entries.
203: <li> Fix various internal locking problems with cd9660, udf, msdosfs and ffs file systems.
1.2 beck 204: </ul>
205: <p>
206:
1.76 ! beck 207: <li><a href="http://man.openbsd.org?query=pf&sektion=4">pf(4)</a> improvements:
1.1 deraadt 208: <ul>
1.34 claudio 209: <li>nat-to, rdr-to, binat-to options replace the nat, rdr and binat
210: translation rules. See
1.63 nick 211: <a href="http://www.openbsd.org/faq/upgrade47.html#newPFnat">
212: pf(4) address translation changes</a> for more info.
1.34 claudio 213: <li>The route-to, reply-to, dup-to and fastroute options in pf.conf move to
1.63 nick 214: filteropts. See <a href="http://www.openbsd.org/faq/upgrade47.html#newPFrouteto">
215: pf(4) route-to/reply-to syntax change</a> for more info.
1.34 claudio 216: <li>pf(4) can now <i>translate</i> packets between different routing
217: domains.
1.76 ! beck 218: <li>Added -S and -L options to <a href="http://man.openbsd.org?query=pfctl&sektion=8&format=html">pfctl(8)</a> to store and load pf state table from a file.
1.42 claudio 219: <li>Added support for IPV4 and IPv6 divert sockets.
1.1 deraadt 220: </ul>
221: <p>
222:
223: <li>OpenBGPD, OpenOSPFD and other routing daemon improvements:
224: <ul>
1.76 ! beck 225: <li>Update capability code in <a href="http://man.openbsd.org?query=bgpd&sektion=8&format=html">bgpd(8)</a> to follow RFC 5492.
1.34 claudio 226: <li>BGP MPLS VPN (RFC 4364) support added to the bgpd RIB.
1.76 ! beck 227: <li>In <a href="http://man.openbsd.org?query=bgpd&sektion=8&format=html">bgpd(8)</a>, implement the RFC4486 BGP Cease Notification Message subcodes.
1.34 claudio 228: <li>It is now possible to enable/disable specific BGP capabilities.
1.76 ! beck 229: <li>Update <a href="http://man.openbsd.org?query=bgpctl&sektion=8&format=html">bgpctl(8)</a> irrfilter to support IPv6 and 4-byte AS numbers.
1.41 claudio 230: <li>Minimal router-dead-time of 1 second and sub-second hello intervals
1.76 ! beck 231: added to <a href="http://man.openbsd.org?query=ospfd&sektion=8">ospfd(8)</a>.
1.49 stsp 232: Additionally it is now possible to specify sub-second SPF timers for faster
1.41 claudio 233: route fail-over.
1.76 ! beck 234: <li><a href="http://man.openbsd.org?query=ospf6d&sektion=8">ospf6d(8)</a> is now installed by default.
1.39 stsp 235: The RIB can be synced with the kernel routing table now.
236: Support for AS-ext LSA has been added.
237: This is still work-in-progress but testing is highly appreciated.
1.76 ! beck 238: <li><a href="http://man.openbsd.org?query=ldpd&sektion=8">ldpd</a> -- the MPLS label distribution protocol daemon -- is now installed by default. A custom kernel with option MPLS is needed to use it.
1.1 deraadt 239: </ul>
240: <p>
241:
1.43 jsg 242: <li>Generic network stack improvements:
1.1 deraadt 243: <ul>
1.34 claudio 244: <li>brconfig is now integrated into
1.76 ! beck 245: <a href="http://man.openbsd.org?query=ifconfig&sektion=8">ifconfig(8)</a>
! 246: <li>Added <a href="http://man.openbsd.org?query=vether&sektion=4&format=html">vether(4)</a>, a virtual Ethernet device.
1.49 stsp 247: <li>Two bugs in IPsec/HMAC-SHA2 were fixed, resulting in an incompatibility
1.34 claudio 248: with the HMAC-SHA-256/384/512 hash algorithms with previous versions of
249: OpenBSD and other IPsec implementations sharing the bugs.
1.76 ! beck 250: <li>In <a href="http://man.openbsd.org?query=dhcpd&sektion=8&format=html">dhcpd(8)</a>, echo back the Relay Agent Information option if present, and add support for the ipsec-tunnel hardware type.
! 251: <li>Make <a href="http://man.openbsd.org?query=dhcrelay&sektion=8&format=html">dhcrelay(8)</a> pick up the routing domain from the specified interface and use that rdomain for relaying the packets to the server.
! 252: <li>Added support in <a href="http://man.openbsd.org?query=dhcrelay&sektion=8&format=html">dhcrelay(8)</a> for RFC3046 "DHCP-over-ipsec".
! 253: <li>Make the <a href="http://man.openbsd.org?query=tcpdump&sektion=8&format=html">tcpdump(8)</a> BGP OPEN capability parser RFC 5492 compliant.
! 254: <li>Added an exec command to <a href="http://man.openbsd.org?query=route&sektion=8&format=html">route(8)</a> to run a process and its children in a specified routing domain.
! 255: <li><a href="http://man.openbsd.org?query=ifconfig&sektion=8">ifconfig(8)</a> now deals with more than 64 alias addresses.
1.61 deraadt 256: <li>Various fixes to mbuf defragmenting and mbuf chain copying improve reliability.
1.1 deraadt 257: </ul>
258: <p>
259:
1.9 otto 260: <li>Assorted improvements:
261: <ul>
1.76 ! beck 262: <li><a href="http://man.openbsd.org?query=malloc&sektion=3">malloc(3)</a>
1.9 otto 263: now has an <tt>S</tt> flag to turn on the options that help debugging
264: and improve security.
1.76 ! beck 265: <li>Updated <a href="http://man.openbsd.org?query=terminfo&sektion=3">terminfo(3)</a>
! 266: database and <a href="http://man.openbsd.org?query=ncurses&sektion=3">ncurses(3)</a>
1.9 otto 267: library.
1.76 ! beck 268: <li>Added support for lazy binding in <a href="http://man.openbsd.org?query=ld.so&sektion=1">ld.so(1)</a>
1.16 matthieu 269: on hppa.
1.61 deraadt 270: <li>Added POSIX silent check option (<tt>-C</tt>) to
1.76 ! beck 271: <a href="http://man.openbsd.org?query=sort&sektion=1">sort(1)</a>.
1.61 deraadt 272: <li>Added POSIX extended regular expression support to
1.76 ! beck 273: <a href="http://man.openbsd.org?query=sed&sektion=1">sed(1)</a> (<tt>-E</tt> option).
1.61 deraadt 274: <li>Added GNU-compatible macro prefix option (<tt>-P</tt>) to
1.76 ! beck 275: <a href="http://man.openbsd.org?query=m4&sektion=1">m4(1)</a>.
! 276: <li>Make it possible to specify a port in <a href="http://man.openbsd.org?query=resolv.conf&sektion=5&format=html">resolv.conf(5)</a>.
! 277: <li>Improved FILE locking support in <a href="http://man.openbsd.org?query=stdio&sektion=3">stdio(3)</a>.
! 278: <li>Added SO_SNDTIMEO and SO_RCVTIMEO support in <a href="http://man.openbsd.org?query=pthreads&sektion=3">pthreads(3)</a>.
! 279: <li><a href="http://man.openbsd.org?query=cdio&sektion=1">cdio(1)</a> no longer prints bogus information if no TOC is found on the disk.
! 280: <li>New -v flag causes <a href="http://man.openbsd.org?query=cdio&sektion=1">cdio(1)</a> to print profile and feature information.
! 281: <li><a href="http://man.openbsd.org?query=whois&sektion=1">whois(1)</a> no longer attempts to keep the memory of 6Bone alive.
! 282: <li>Added per-application MIDI-controlled volume knob to <a href="http://man.openbsd.org?query=aucat&sektion=1">aucat(1)</a>
! 283: <li>Added MMC and MTC support to <a href="http://man.openbsd.org?query=aucat&sektion=1">aucat(1)</a> making possible MIDI-to-audio synchronization
! 284: <li>Added <a href="http://man.openbsd.org?query=mio_open&sektion=3">mio_open(3)</a> interface to access hardware and software MIDI ports
1.54 krw 285: <li>Many memory leaks found by parfait and eliminated.
286: <li>Make handling of floppy disk disklabels more reliable by properly
287: initializing starting label.
1.61 deraadt 288: </ul>
1.9 otto 289: <p>
290:
1.1 deraadt 291: <li>Install/Upgrade process changes:
292: <ul>
1.61 deraadt 293: <li>Take more care to ensure all filesystems are umount'ed when
1.53 krw 294: restarting an install or upgrade.
1.61 deraadt 295: <li>If no possible root disk is found, keep checking until one
1.53 krw 296: appears.
1.61 deraadt 297: <li>The default ftp directory for -stable is now the release directory
1.53 krw 298: instead of the snapshot directory.
1.61 deraadt 299: <li>Selection of TZ during installs is no longer confused by
1.53 krw 300: trailing slashes.
1.61 deraadt 301: <li>If /etc/X11 is found during upgrades, add the X sets to the
1.53 krw 302: list of default sets to install.
1.1 deraadt 303: </ul>
304: <p>
305:
1.44 djm 306: <li>OpenSSH 5.5:
1.1 deraadt 307: <ul>
1.21 sobrado 308: <li>New features:
309: <ul>
310: <li>SSH protocol 1 is disabled by default.
311: <li>Remove the libsectok/OpenSC-based smartcard code and add support
312: for PKCS#11 tokens.
313: <li>Add support for certificate authentication of users and hosts using
314: a new, minimal OpenSSH certificate format (not X.509).
315: <li>Added a 'netcat mode' to
1.76 ! beck 316: <a href="http://man.openbsd.org?query=ssh&sektion=1">ssh(1)</a>.
1.21 sobrado 317: <li>Add the ability to revoke keys in
1.76 ! beck 318: <a href="http://man.openbsd.org?query=sshd&sektion=8">sshd(8)</a>
1.21 sobrado 319: and
1.76 ! beck 320: <a href="http://man.openbsd.org?query=ssh&sektion=1">ssh(1)</a>.
1.21 sobrado 321: <li>Rewrite the
1.76 ! beck 322: <a href="http://man.openbsd.org?query=ssh&sektion=1">ssh(1)</a>
1.21 sobrado 323: multiplexing support to support non-blocking operation of the mux
324: master.
325: <li>Add a 'read-only' mode to
1.76 ! beck 326: <a href="http://man.openbsd.org?query=sftp-server&sektion=8">sftp-server(8)</a>
1.21 sobrado 327: that disables open in write mode and all other fs-modifying
328: protocol methods. (bz#430)
329: <li>Allow setting an explicit umask on the
1.76 ! beck 330: <a href="http://man.openbsd.org?query=sftp-server&sektion=8">sftp-server(8)</a>
1.21 sobrado 331: commandline to override whatever default the user has. (bz#1229)
332: <li>Many improvements to the
1.76 ! beck 333: <a href="http://man.openbsd.org?query=sftp&sektion=1">sftp(1)</a>
1.21 sobrado 334: client.
1.23 sobrado 335: <li>New RSA keys will be generated with a public exponent of 65537
336: instead of the previous value 35.
1.21 sobrado 337: <li>Passphrase-protected SSH protocol 2 private keys are now protected
338: with AES-128 instead of 3DES.
339: </ul>
340: <li>The following significant bugs have been fixed in this release:
341: <ul>
342: <li>Fixed a minor information leak of environment variables specified
343: in authorized_keys if an attacker happens to know the public key
344: in use.
345: <li>When using <em>ChrootDirectory</em>, make sure we test for the
346: existence of the user's shell inside the chroot and not outside.
347: (bz#1679)
348: <li>Cache user and group name lookups in sftp-server using
1.76 ! beck 349: <a href="http://man.openbsd.org?query=pwcache&sektion=3">user_from_[ug]id(3)</a>
1.21 sobrado 350: to improve performance on hosts where these operations are slow.
351: (bz#1495)
352: <li>Fix problem that prevented passphrase reading from being
353: interrupted in some circumstances. (bz#1590)
354: <li>Ignore and log any Protocol 1 keys where the claimed size is not
355: equal to the actual size.
356: <li>Make <em>HostBased</em> authentication work with a
357: <em>ProxyCommand</em>. (bz#1569)
358: <li>Avoid run-time failures when specifying hostkeys via a relative
359: path by prepending the current working directory in these cases.
360: (bz#1290)
361: <li>Do not prompt for a passphrase if we fail to open a keyfile, and
362: log the reason why the open failed to debug. (bz#1693)
363: <li>Document that the <em>PubkeyAuthentication</em> directive is
364: allowed in a
1.76 ! beck 365: <a href="http://man.openbsd.org?query=sshd_config&sektion=5">sshd_config(5)</a>
1.21 sobrado 366: <em>Match</em> block. (bz#1577)
367: <li>When converting keys, truncate key comments at 72 chars as per
368: RFC4716. (bz#1630)
369: <li>Do not allow logins if <em>/etc/nologin</em> exists but is not
370: readable by the user logging in.
371: <li>Output a debug log if
1.76 ! beck 372: <a href="http://man.openbsd.org?query=sshd&sektion=8">sshd(8)</a>
1.21 sobrado 373: can't open an existing <em>authorized_keys</em>. (bz#1694)
374: <li>Quell
1.76 ! beck 375: <a href="http://man.openbsd.org?query=tcsetattr&sektion=3">tc[gs]etattr(3)</a>
1.21 sobrado 376: warnings when forcing a tty (ssh -tt), since we usually don't
377: actually have a tty to read/set. (bz#1686)
378: <li>Prevent
1.76 ! beck 379: <a href="http://man.openbsd.org?query=sftp&sektion=1">sftp(1)</a>
1.21 sobrado 380: from crashing when given a "-" without a command; also, allow
381: whitespace to follow a "-". (bz#1691)
382: <li>After
1.76 ! beck 383: <a href="http://man.openbsd.org?query=sshd&sektion=8">sshd(8)</a>
1.21 sobrado 384: receives a SIGHUP, ignore subsequent HUPs while
1.76 ! beck 385: <a href="http://man.openbsd.org?query=sshd&sektion=8">sshd(8)</a>
1.21 sobrado 386: re-execs itself; prevents two HUPs in quick succession from
387: resulting in
1.76 ! beck 388: <a href="http://man.openbsd.org?query=sshd&sektion=8">sshd(8)</a>
1.21 sobrado 389: dying. (bz#1692)
390: <li>Clarify in
1.76 ! beck 391: <a href="http://man.openbsd.org?query=sshd_config&sektion=5">sshd_config(5)</a>
1.21 sobrado 392: that <em>StrictModes</em> does not apply to
393: <em>ChrootDirectory</em>; permissions and ownership are always
394: checked when chrooting. (bz#1532)
395: <li>Set close-on-exec on various descriptors so they don't get leaked
396: to child processes. (bz#1643)
397: <li>Fix very rare race condition in x11/agent channel allocation
398: <li>Fix incorrect exit status when multiplexing and channel ID 0 is
399: recycled. (bz#1570)
400: <li>Fail with an error when an attempt is made to connect to a server
401: with <em>ForceCommand=internal-sftp</em> with a shell session.
402: (bz#1606)
403: <li>Warn but do not fail if
1.76 ! beck 404: <a href="http://man.openbsd.org?query=stat&sektion=2">stat(2)</a>ing
1.21 sobrado 405: the subsystem binary fails. (bz#1599)
406: <li>Change "Connecting to host..." message to "Connected to host."
407: and delay it until after the sftp protocol connection has been
408: established. (bz#1588)
409: <li>Use the <em>HostKeyAlias</em> rather than the hostname specified
410: on the commandline when prompting for passwords. (bz#1039)
1.25 sobrado 411: <li>Correct off-by-one in percent_expand(). (bz#1607)
1.21 sobrado 412: <li>Fix passing of empty options from
1.76 ! beck 413: <a href="http://man.openbsd.org?query=scp&sektion=1">scp(1)</a>
1.21 sobrado 414: and
1.76 ! beck 415: <a href="http://man.openbsd.org?query=sftp&sektion=1">sftp(1)</a>
1.21 sobrado 416: to the underlying
1.76 ! beck 417: <a href="http://man.openbsd.org?query=ssh&sektion=1">ssh(1)</a>;
1.21 sobrado 418: also add support for the stop option "--".
419: <li>Fix an incorrect magic number and typo in PROTOCOL. (bz#1688)
420: <li>Don't escape backslashes when displaying the SSH2 banner. (bz#1533)
421: <li>Don't unnecessarily dup() the in and out fds for
1.76 ! beck 422: <a href="http://man.openbsd.org?query=sftp-server&sektion=8">sftp-server(8)</a>.
1.21 sobrado 423: (bz#1566)
424: <li>Force use of the correct hash function for random-art signature
425: display. (bz#1611)
426: <li>Do not fall back to adding keys without constraints when the agent
427: refuses the constrained add request. (bz#1612)
428: <li>Fix a race condition in
1.76 ! beck 429: <a href="http://man.openbsd.org?query=ssh-agent&sektion=1">ssh-agent(1)</a>
1.21 sobrado 430: that could result in a wedged or spinning agent. (bz#1633)
1.49 stsp 431: <li>Flush stdio before exec() to ensure that everything has made it out
1.21 sobrado 432: before the streams go away. (bz#1596)
433: <li>Set <em>FD_CLOEXEC</em> on in/out sockets in
1.76 ! beck 434: <a href="http://man.openbsd.org?query=sshd&sektion=8">sshd(8)</a>.
1.21 sobrado 435: (bz#1706)
436: </ul>
1.1 deraadt 437: </ul>
438: <p>
439:
1.15 espie 440: <li>Over 5,800 ports, major robustness and speed improvements in package tools.
1.1 deraadt 441: <li>Many pre-built packages for each architecture:
442: <table border=0 cellspacing=0 cellpadding=2 width="95%">
443: <tr>
444: <td valign="top" width="25%">
445: <ul>
1.5 deraadt 446: <li>i386: 5951
447: <li>sparc64: 5745
1.60 deraadt 448: <li>alpha: 5641
1.1 deraadt 449: </ul></td><td valign=top width="25%"><ul>
1.62 deraadt 450: <li>sh: 768
1.58 deraadt 451: <li>amd64: 5879
452: <li>powerpc: 5785
1.1 deraadt 453: </ul></td><td valign=top width="25%"><ul>
1.58 deraadt 454: <li>sparc: 4053
1.62 deraadt 455: <li>arm: 3711
1.58 deraadt 456: <li>hppa: 5500
1.1 deraadt 457: </ul></td><td valign=top width="25%"><ul>
1.5 deraadt 458: <li>vax: 1785
1.58 deraadt 459: <li>mips64: 3690
460: <li>mips64el: 4316
1.1 deraadt 461: </ul></td></tr></table>
462: Some highlights:
463: <ul>
1.18 jasper 464: <li>Gnome 2.28.2.
1.1 deraadt 465: <li>KDE 3.5.10.
1.18 jasper 466: <li>Xfce 4.6.1.
1.11 otto 467: <li>MySQL 5.1.42.
1.18 jasper 468: <li>PostgreSQL 8.4.2.
469: <li>Postfix 2.6.5.
1.1 deraadt 470: <li>OpenLDAP 2.3.43.
1.22 jsg 471: <li>Mozilla Firefox 3.0.18 and 3.5.8.
1.11 otto 472: <li>Mozilla Thunderbird 2.0.0.23.
1.18 jasper 473: <li>OpenOffice.org 3.1.1.
1.1 deraadt 474: <li>Emacs 21.4 and 22.3
1.18 jasper 475: <li>Vim 7.2.267.
1.40 giovanni 476: <li>PHP 5.2.12.
477: <li>Python 2.4.6, 2.5.4 and 2.6.3.
1.1 deraadt 478: <li>Ruby 1.8.6.369.
479: </ul>
480: <p>
481:
482: <li>As usual, steady improvements in manual pages and other documentation.
483: <p>
484:
485: <li>The system includes the following major components from outside suppliers:
486: <ul>
1.32 miod 487: <li>Xenocara (based on X.Org 7.4 with xserver 1.6.5 + patches,
1.8 matthieu 488: freetype 2.3.9,
489: fontconfig 2.6.0, Mesa 7.4.2, xterm 250 and more)
1.1 deraadt 490: <li>Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
1.10 otto 491: <li>Perl 5.10.1 (+ patches)
1.1 deraadt 492: <li>Our improved and secured version of Apache 1.3, with SSL/TLS
493: and DSO support
494: <li>OpenSSL 0.9.8k (+ patches)
495: <li>Groff 1.15
496: <li>Sendmail 8.14.3, with libmilter
497: <li>Bind 9.4.2-P2 (+ patches)
498: <li>Lynx 2.8.6rel.5 with HTTPS and IPv6 support (+ patches)
499: <li>Sudo 1.7.2
1.10 otto 500: <li>Ncurses 5.7
1.1 deraadt 501: <li>Latest KAME IPv6
502: <li>Heimdal 0.7.2 (+ patches)
503: <li>Arla 0.35.7
504: <li>Binutils 2.15 (+ patches)
505: <li>Gdb 6.3 (+ patches)
506: </ul>
507: <p>
508:
509: </ul>
510:
511: <a name="install"></a>
512: <hr>
513: <p>
514: <h3><font color="#0000e0">How to install</font></h3>
515: <p>
516: Following this are the instructions which you would have on a piece of
517: paper if you had purchased a CDROM set instead of doing an alternate
518: form of install. The instructions for doing an FTP (or other style
519: of) install are very similar; the CDROM instructions are left intact
520: so that you can see how much easier it would have been if you had
521: purchased a CDROM instead.
522: <p>
523:
524: <hr>
525: Please refer to the following files on the three CDROMs or FTP mirror for
526: extensive details on how to install OpenBSD 4.7 on your machine:
527: <p>
528: <ul>
529: <li>CD1:4.7/i386/INSTALL.i386
530: <p>
531: <li>CD2:4.7/amd64/INSTALL.amd64
532: <li>CD2:4.7/macppc/INSTALL.macppc
533: <p>
534: <li>CD3:4.7/sparc64/INSTALL.sparc64
535: <p>
536: <li>FTP:.../OpenBSD/4.7/alpha/INSTALL.alpha
537: <li>FTP:.../OpenBSD/4.7/armish/INSTALL.armish
538: <li>FTP:.../OpenBSD/4.7/hp300/INSTALL.hp300
539: <li>FTP:.../OpenBSD/4.7/hppa/INSTALL.hppa
540: <li>FTP:.../OpenBSD/4.7/landisk/INSTALL.landisk
1.19 otto 541: <li>FTP:.../OpenBSD/4.7/loongson/INSTALL.loongson
1.1 deraadt 542: <li>FTP:.../OpenBSD/4.7/mvme68k/INSTALL.mvme68k
543: <li>FTP:.../OpenBSD/4.7/mvme88k/INSTALL.mvme88k
544: <li>FTP:.../OpenBSD/4.7/sgi/INSTALL.sgi
545: <li>FTP:.../OpenBSD/4.7/socppc/INSTALL.socppc
546: <li>FTP:.../OpenBSD/4.7/sparc/INSTALL.sparc
547: <li>FTP:.../OpenBSD/4.7/vax/INSTALL.vax
548: <li>FTP:.../OpenBSD/4.7/zaurus/INSTALL.zaurus
549: </ul>
550: <hr>
551:
552: <p>
553: Quick installer information for people familiar with OpenBSD, and the
554: use of the "disklabel -E" command. If you are at all confused when
555: installing OpenBSD, read the relevant INSTALL.* file as listed above!
556: <p>
557:
558: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
559: <ul>
560: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
561: release is on CD1. If your BIOS does not support booting from CD, you will need
562: to create a boot floppy to install from. To create a boot floppy write
563: <i>CD1:4.7/i386/floppy47.fs</i> to a floppy and boot via the floppy drive.
564:
565: <p>
566: Use <i>CD1:4.7/i386/floppyB47.fs</i> instead for greater SCSI controller
567: support, or <i>CD1:4.7/i386/floppyC47.fs</i> for better laptop support.
568:
569: <p>
570: If you can't boot from a CD or a floppy disk,
571: you can install across the network using PXE as described in
572: the included INSTALL.i386 document.
573:
574: <p>
575: If you are planning on dual booting OpenBSD with another OS, you will need to
576: read INSTALL.i386.
577:
578: <p>
579: To make a boot floppy under MS-DOS, use the "rawrite" utility located
580: at <i>CD1:4.7/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
581: use the
1.76 ! beck 582: <a href="http://man.openbsd.org?query=dd&sektion=1">dd(1)</a>
1.1 deraadt 583: utility. The following is an example usage of
1.76 ! beck 584: <a href="http://man.openbsd.org?query=dd&sektion=1">dd(1)</a>,
1.1 deraadt 585: where the device could be "floppy", "rfd0c", or
586: "rfd0a".
587:
588: <ul><pre>
589: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
590: </pre></ul>
591:
592: <p>
593: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
594: your install will most likely fail. For more information on creating a boot
595: floppy and installing OpenBSD/i386 please refer to
1.65 lum 596: <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
1.1 deraadt 597: </ul>
598:
599: <p>
600: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
601: <ul>
602: The 4.7 release of OpenBSD/amd64 is located on CD2.
603: Boot from the CD to begin the install - you may need to adjust
604: your BIOS options first.
605: If you can't boot from the CD, you can create a boot floppy to install from.
606: To do this, write <i>CD2:4.7/amd64/floppy47.fs</i> to a floppy, then
607: boot from the floppy drive.
608:
609: <p>
610: If you can't boot from a CD or a floppy disk,
611: you can install across the network using PXE as described in the included
612: INSTALL.amd64 document.
613:
614: <p>
615: If you are planning to dual boot OpenBSD with another OS, you will need to
616: read INSTALL.amd64.
617: </ul>
618:
619: <p>
620: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
621: <ul>
622: Put CD2 in your CDROM drive and poweron your machine while holding down the
623: <i>C</i> key until the display turns on and shows <i>OpenBSD/macppc boot</i>.
624:
625: <p>
626: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
627: /4.7/macppc/bsd.rd</i>
628: </ul>
629:
630: <p>
631: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
632: <ul>
633: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
634:
635: <p>
636: If this doesn't work, or if you don't have a CDROM drive, you can write
637: <i>CD3:4.7/sparc64/floppy47.fs</i> or <i>CD3:4.7/sparc64/floppyB47.fs</i>
638: (depending on your machine) to a floppy and boot it with <i>boot
639: floppy</i>. Refer to INSTALL.sparc64 for details.
640:
641: <p>
642: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
643: will most likely fail.
644:
645: <p>
646: You can also write <i>CD3:4.7/sparc64/miniroot47.fs</i> to the swap partition on
647: the disk and boot with <i>boot disk:b</i>.
648:
649: <p>
650: If nothing works, you can boot over the network as described in INSTALL.sparc64.
651: </ul>
652:
653: <p>
654: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
655: <ul>
656: <p>Write <i>FTP:4.7/alpha/floppy47.fs</i> or
657: <i>FTP:4.7/alpha/floppyB47.fs</i> (depending on your machine) to a diskette and
658: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
659:
660: <p>
661: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
662: will most likely fail.
663:
664: </ul>
665:
666: <p>
667: <h3><font color="#e00000">OpenBSD/armish:</font></h3>
668: <ul>
669: <p>
670: After connecting a serial port, Thecus can boot directly from the network
671: either tftp or http. Configure the network using fconfig, reset,
672: then load bsd.rd, see INSTALL.armish for specific details.
673: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
674: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
675: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
676: More details are available in INSTALL.armish.
677: </ul>
678:
679: <p>
680: <h3><font color="#e00000">OpenBSD/hp300:</font></h3>
681: <ul>
682: <p>
683: Boot over the network by following the instructions in INSTALL.hp300.
684: </ul>
685:
686: <p>
687: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
688: <ul>
689: <p>
690: Boot over the network by following the instructions in INSTALL.hppa or the
691: <a href="hppa.html#install">hppa platform page</a>.
692: </ul>
693:
694: <p>
695: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
696: <ul>
697: <p>
698: Write <i>miniroot47.fs</i> to the start of the CF
699: or disk, and boot normally.
700: </ul>
701:
702: <p>
1.19 otto 703: <h3><font color="#e00000">OpenBSD/loongson:</font></h3>
704: <ul>
705: <p>
706: Write <i>miniroot47.fs</i> to a USB stick and boot bsd.rd from it
707: or boot bsd.rd via tftp.
708: Refer to the instructions in INSTALL.loongson for more details.
709: </ul>
710: <p>
711:
1.1 deraadt 712: <p>
713: <h3><font color="#e00000">OpenBSD/mvme68k:</font></h3>
714: <ul>
715: <p>
716: You can create a bootable installation tape or boot over the network.<br>
717: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
718: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
719: for more details.
720: </ul>
721:
722: <p>
723: <h3><font color="#e00000">OpenBSD/mvme88k:</font></h3>
724: <ul>
725: <p>
726: You can create a bootable installation tape or boot over the network.<br>
727: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
728: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
729: for more details.
730: </ul>
731:
732: <p>
1.29 miod 733: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
734: <ul>
735: <p>
736: To install on an O2, burn cd47.iso on a CD-R, put it in the CD drive of your
737: machine and select <i>Install System Software</i> from the System Maintenance
738: menu.
739:
740: <p>
741: On other systems, or if your machine doesn't have a CD drive, you can
742: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using
743: the kernel matching your system type.
744: Refer to the instructions in INSTALL.sgi for more details.
745: </ul>
746:
747: <p>
748: <h3><font color="#e00000">OpenBSD/socppc:</font></h3>
749: <ul>
750: <p>
751: After connecting a serial port, boot over the network via DHCP/tftp.
752: Refer to the instructions in INSTALL.socppc for more details.
753: </ul>
754:
755: <p>
1.1 deraadt 756: <h3><font color="#e00000">OpenBSD/sparc:</font></h3>
757: <ul>
758: Boot from one of the provided install ISO images, using one of the two
759: commands listed below, depending on the version of your ROM.
760:
761: <ul><pre>
762: ok <strong>boot cdrom 4.7/sparc/bsd.rd</strong>
763: or
764: > <strong>b sd(0,6,0)4.7/sparc/bsd.rd</strong>
765: </pre></ul>
766:
767: <p>
768: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
769: To do so you need to write <i>floppy47.fs</i> to a floppy.
1.66 lum 770: For more information see <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
1.1 deraadt 771: To boot from the floppy use one of the two commands listed below,
772: depending on the version of your ROM.
773:
774: <ul><pre>
775: ok <strong>boot floppy</strong>
776: or
777: > <strong>b fd()</strong>
778: </pre></ul>
779:
780: <p>
781: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
782: will most likely fail.
783:
784: <p>
785: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
786: setup a bootable tape, or install via network, as told in the
787: INSTALL.sparc file.
788: </ul>
789:
790: <p>
791: <h3><font color="#e00000">OpenBSD/vax:</font></h3>
792: <ul>
793: Boot over the network via mopbooting as described in INSTALL.vax.
794: </ul>
795:
796: <p>
797: <h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
798: <ul>
799: <p>
800: Using the Linux built-in graphical ipkg installer, install the
801: openbsd47_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
802: for a few important details.
803: </ul>
804:
805: <p>
806: <h3><font color="#e00000">Notes about the source code:</font></h3>
807: <ul>
808: src.tar.gz contains a source archive starting at /usr/src. This file
809: contains everything you need except for the kernel sources, which are
810: in a separate archive. To extract:
811: <p>
812: <ul><pre>
813: # <strong>mkdir -p /usr/src</strong>
814: # <strong>cd /usr/src</strong>
815: # <strong>tar xvfz /tmp/src.tar.gz</strong>
816: </pre></ul>
817: <p>
818: sys.tar.gz contains a source archive starting at /usr/src/sys.
819: This file contains all the kernel sources you need to rebuild kernels.
820: To extract:
821: <p>
822: <ul><pre>
823: # <strong>mkdir -p /usr/src/sys</strong>
824: # <strong>cd /usr/src</strong>
825: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
826: </pre></ul>
827: <p>
828: Both of these trees are a regular CVS checkout. Using these trees it
829: is possible to get a head-start on using the anoncvs servers as
830: described <a href="anoncvs.html">here</a>.
831: Using these files
832: results in a much faster initial CVS update than you could expect from
833: a fresh checkout of the full OpenBSD source tree.
834: <p>
835: </ul>
836:
837: <a name="upgrade"></a>
838: <hr>
839: <p>
840: <h3><font color="#0000e0">How to upgrade</font></h3>
841: <p>
842: If you already have an OpenBSD 4.6 system, and do not want to reinstall,
843: upgrade instructions and advice can be found in the
844: <a href="faq/upgrade47.html">Upgrade Guide</a>.
845:
846: <a name="ports"></a>
847: <hr>
848: <p>
849: <h3><font color="#0000e0">Ports Tree</font></h3>
850: <p>
851: A ports tree archive is also provided. To extract:
852: <p>
853: <ul><pre>
854: # <strong>cd /usr</strong>
855: # <strong>tar xvfz /tmp/ports.tar.gz</strong>
856: # <strong>cd ports</strong>
857: </pre></ul>
858: <p>
859: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
1.64 steven 860: read the <a href="faq/ports/index.html">ports</a> page
1.1 deraadt 861: if you know nothing about ports
862: at this point. This text is not a manual of how to use ports.
863: Rather, it is a set of notes meant to kickstart the user on the
864: OpenBSD ports system.
865: <p>
866: The <i>ports/</i> directory represents a CVS (see the manpage for
1.76 ! beck 867: <a href="http://man.openbsd.org?query=cvs&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386">
1.1 deraadt 868: cvs(1)</a> if
869: you aren't familiar with CVS) checkout of our ports. As with our complete
870: source tree, our ports tree is available via anoncvs. So, in
871: order to keep current with it, you must make the <i>ports/</i> tree
872: available on a read-write medium and update the tree with a command
873: like:
874: <p>
875: <ul><pre>
1.26 deraadt 876: # <strong>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_4_7</strong>
1.1 deraadt 877: </pre></ul>
878: <p>
879: [Of course, you must replace the local directory and server name here
880: with the location of your ports collection and a nearby anoncvs
881: server.]
882: <p>
883: Note that most ports are available as packages through FTP. Updated
884: packages for the 4.7 release will be made available if problems arise.
885: <p>
886: If you're interested in seeing a port added, would like to help out, or just
887: would like to know more, the mailing list ports@openbsd.org is a good
888: place to know.
889: <p>
890:
891: </body>
892: </html>