Annotation of www/53.html, Revision 1.66
1.21 matthew 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
1.1 sthen 2: <html>
3: <head>
4: <title>OpenBSD 5.3 Release</title>
5: <link rev=made href="mailto:www@openbsd.org">
6: <meta name="resource-type" content="document">
7: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
8: <meta name="description" content="OpenBSD 5.3">
9: <meta name="keywords" content="openbsd,main">
10: <meta name="distribution" content="global">
11: <meta name="copyright" content="This document copyright 2013 by OpenBSD.">
12: </head>
13:
14: <body bgcolor="#ffffff" text="#000000" link="#24248E">
15:
16: <a href="index.html">
17: <img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
18: <hr>
19:
20: <p>
1.62 sthen 21: <a href="images/RoyPuffy.jpg">
1.1 sthen 22: <img align="left" width="227" height="343" hspace="24" vspace="30"
1.61 deraadt 23: src="images/RoyPuffy.jpg" alt="OpenBSD 5.3 logo"></a>
1.1 sthen 24: <h2><font color="#0000e0">The OpenBSD 5.3 Release:</font></h2>
25: <p>
26: To be released May 1, 2013<br>
27: Copyright 1997-2013, Theo de Raadt.<br>
1.61 deraadt 28: <font color="#e00000">ISBN 978-0-9881561-1-1</font>
1.1 sthen 29: <br>
1.66 ! jturner 30: <a href="lyrics.html#53">5.3 Song: "Blade Swimmer"</a>
1.1 sthen 31: <p>
32:
33: <a href="#new">What's New</a><br>
34: <a href="#install">How to install</a><br>
35: <a href="#upgrade">How to upgrade</a><br>
36: <a href="#ports">How to use the ports tree</a><br>
37: <a href="orders.html">Ordering a CD set</a><br>
38:
39: <p>
1.50 sthen 40: <h3><font color="#0000e0">To get the files for this release:</font></h3>
41: <p>
1.1 sthen 42: <ul>
43: <li>Order a CDROM from our <a href="orders.html">ordering system</a>.
44: <li>See the information on <a href="ftp.html">The FTP page</a> for
45: a list of mirror machines.
46: <li>Go to the <font color="#e00000">pub/OpenBSD/5.3/</font> directory on
47: one of the mirror sites.
48: <li>Briefly read the rest of this document.
49: <li>Have a look at <a href="errata53.html">The 5.3 Errata page</a> for a list
50: of bugs and workarounds.
51: <li>See a <a href="plus53.html">detailed log of changes</a> between the
52: 5.2 and 5.3 releases.
53: </ul>
54: <br clear=all>
55:
56: <strong>Note:</strong> All applicable copyrights and credits can be found
57: in the applicable file sources found in the files src.tar.gz, sys.tar.gz,
58: xenocara.tar.gz, or in the files fetched via ports.tar.gz. The distribution
59: files used to build packages from the ports.tar.gz file are not included on
60: the CDROM because of lack of space.
61: <p>
62:
63: <a name="new"></a>
64: <hr>
65: <p>
66: <h3><font color="#0000e0">What's New</font></h3>
67: <p>
68: This is a partial list of new features and systems included in OpenBSD 5.3.
69: For a comprehensive list, see the <a href="plus53.html">changelog</a> leading
70: to 5.3.
71: <p>
72:
1.51 sthen 73: <ul>
1.1 sthen 74: <li>Improved hardware support, including:
75: <ul>
1.29 sthen 76: <li>New driver <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=oce&sektion=4">oce(4)</a> for Emulex OneConnect 10Gb Ethernet adapters.
77: <li>New driver <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rtsx&sektion=4">rtsx(4)</a> for the Realtek RTS5209 card reader.
78: <li>New driver <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mfii&sektion=4">mfii(4)</a> for the LSI Logic MegaRAID SAS Fusion controllers.
79: <li>New driver <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smsc&sektion=4">smsc(4)</a> for SMSC LAN95xx 10/100 USB Ethernet adapters.
80: <li>New drivers for Toradex OAK USB sensors: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uoaklux&sektion=4">uoaklux(4)</a> (illuminance), <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uoakrh&sektion=4">uoakrh(4)</a> (temperature and relative humidity) and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uoakv&sektion=4">uoakv(4)</a> (+/- 10V 8channel ADC).
81: <li>New drivers for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=virtio&sektion=4">virtio(4)</a> devices: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vio&sektion=4">vio(4)</a> (network), <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vioblk&sektion=4">vioblk(4)</a> (block devices, attaching as SCSI disks) and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=viomb&sektion=4">viomb(4)</a> (memory ballooning).
82: <li>Support for Adaptec 39320LPE added to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ahd&sektion=4">ahd(4)</a>.
1.35 sthen 83: <li>Broadcom 5718/5719/5720 Gigabit Ethernet devices supported in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>.
1.29 sthen 84: <li>Intel X540-based 10Gb Ethernet devices supported in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ix&sektion=4">ix(4)</a>.
85: <li>Support for SFP+ hot-plug (82599) and various other improvements in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ix&sektion=4">ix(4)</a>.
86: <li>TX interrupt mitigation, hardware VLAN tagging and checksum offload reduce CPU use in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4">vr(4)</a>.
87: <li>Baby jumbo frames supported in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4">vr(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sis&sektion=4">sis(4)</a> useful for e.g. MPLS, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vlan&sektion=4">vlan(4)</a> tag stacking (QinQ) and RFC4638 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pppoe&sektion=4">pppoe(4)</a>.
88: <li>TCP RX Checksum offload in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gem&sektion=4">gem(4)</a>.
89: <li>Improvements for NICs using 82579/pch2 in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=em&sektion=4">em(4)</a>.
90: <li>Flow control is now supported on <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bnx&sektion=4">bnx(4)</a> 5708S/5709S adapters, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gem&sektion=4">gem(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=jme&sektion=4">jme(4)</a>.
91:
92: <li>Power-saving clients supported in hostap mode with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=acx&sektion=4">acx(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=athn&sektion=4">athn(4)</a>.
93: <li>A cause of RT2661 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ral&sektion=4">ral(4)</a> wedging in hostap mode was fixed.
94: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=iwn&sektion=4">iwn(4)</a> supports additional devices (Centrino Advanced-N 6235 and initial support for Centrino Wireless-N 1030).
95:
1.36 brad 96: <li>Improvements to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ahci&sektion=4">ahci(4)</a>.
1.29 sthen 97: <li>Support for the fixed-function performance counter on newer x86 chips with constant time stamp counters.
98: <li>Elantech touchpads supported in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pms&sektion=4">pms(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=synaptics&sektion=4">synaptics(4)</a>.
99: <li>Support for "physical devices" on skinny <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mfi&sektion=4">mfi(4)</a> controllers.
100: <li>VMware emulated SAS adapters supported by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mpi&sektion=4">mpi(4)</a>.
101: <li>Support for Intel's Supervisor Mode Execution Protection (SMEP) and Supervisor Mode Access Prevention (SMAP) features on i386 and amd64.
102: <li>Support for the RDRAND instruction to read the hardware random number generator on recent Intel processors.
103: <li>amd64 PCI memory extent changed to cover the whole 64-bit memory space; fixes erroneous extent allocation panic on IBM x3100.
104: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ulpt&sektion=4">ulpt(4)</a> can now upload firmware to certain HP LaserJet printers.
105: <li>Added stat clock to Loongson machines, improving accuracy of CPU usage statistics.
106: <li>CPU throttling supported on Loongson 2F.
107: <li>Support for Apple UniNorth and U3 AGP added to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=agp&sektion=4">agp(4)</a>.
108: <li>DRM support for macppc.
1.1 sthen 109: </ul>
110: <p>
111:
112: <li>Generic network stack improvements:
113: <ul>
1.29 sthen 114: <li>Restriction on writing to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=trunk&sektion=4">trunk(4)</a> member interfaces relaxed; BPF can now write to interfaces directly (useful for LLDP).
115: <li>UDP support added to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sosplice&sektion=9">sosplice(9)</a> (zero-copy socket splicing).
116: <li>IPv6 autoconfprivacy is enabled by default (can be disabled per-interface with an <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ifconfig&sektion=8">ifconfig(8)</a> flag).
117: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ifconfig&sektion=8">ifconfig(8)</a> <tt>hwfeatures</tt> displays the maximum MTU supported by the driver (indicating support for jumbo/baby-jumbo frames).
1.34 mikeb 118: <li>Vastly improved IPsec v3 compatibility, including support for Extended Sequence Numbers in the AES-NI driver for AES-GCM and other modes.
1.1 sthen 119: </ul>
120: <p>
121:
122: <li>Routing daemons and other userland network improvements:
123: <ul>
1.29 sthen 124: <li>OpenBSD now includes <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=npppd&sektion=8">npppd(8)</a>, a server-side daemon for L2TP, L2TP/IPsec, PPTP and PPPoE.
125: <li>New standalone <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tftp-proxy&sektion=8">tftp-proxy(8)</a> to replace the old <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=inetd&sektion=8">inetd(8)</a>-based implementation.
126: <li>SNMPv3 supported in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=snmpd&sektion=8">snmpd(8)</a>.
127: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bgpd&sektion=8">bgpd(8)</a> is more tolerant of unknown capabilities when bringing up a session (logs a warning rather than fails).
1.47 florian 128: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bgpd&sektion=8">bgpd(8)</a> now handles client side of "graceful restart".
1.29 sthen 129: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bgpd&sektion=8">bgpd(8)</a> can now filter based on the NEXTHOP attribute.
130: <li>A stratum can now be assigned to hardware sensors in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ntpd&sektion=8">ntpd(8)</a>.
1.16 beck 131: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=authpf&sektion=8">authpf(8)</a> now supports the use of per-group rules files.
1.18 rpe 132: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a> client now supports basic HTTP authentication as per RFC 2617 and 3986 like "ftp http[s]://user:pass@host/file".
1.53 bluhm 133: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a> client's mput command allows to upload a directory tree recursively using the -r switch.
1.49 sthen 134: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=relayd&sektion=8">relayd(8)</a> has various improvements including additional scheduling algorithms (least-states, for redirections, and random/source-hash, for relays).
135: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=iked&sektion=8">iked(8)</a> IKEv2 daemon supports NAT-T. (The isakmpd daemon for IKEv1 has supported this for a long time).
136: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=iked&sektion=8">iked(8)</a> blocks IPv6 traffic unless there are v6 VPN flows; this is to prevent leakages as described in <a href="http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages">draft-gont-opsec-vpn-leakages</a>.
1.1 sthen 137: </ul>
138: <p>
139:
1.40 krw 140: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a> improvements:
141: <ul>
142: <li>dhclient-script eliminated, all configuration is done with ioctl's and routing sockets.
143: <li>interface configuration is much faster.
144: <li>HUP signals cause dhclient to restart; making it re-read the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient.conf&sektion=5">dhclient.conf(5)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=resolv.conf.tail&sektion=5">resolv.conf.tail(5)</a> files, and obtain a new lease.
145: <li>INIT, USR1, USR2 signals cause dhclient to exit after attempting to remove routes and addresses it configured.
146: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=resolv.conf&sektion=5">resolv.conf(5)</a> is written only when the in-use default route was inserted by dhclient. Possible changes to the default route are detected and cause dhclient to write out resolv.conf when appropriate.
1.49 sthen 147: <li>interface hardware address changes are detected and cause dhclient to restart.
1.40 krw 148: <li>dhclient.conf directive 'ignore' and command line option '-i' added, allowing the suppression of specific options offered by server.
149: <li>'-L' command line option added, allowing the creation of a complete record of the most recent offer and what we modified it to when binding the lease.
150: <li>rejected offers no longer prevent dhclient from trying recorded leases and going daemon.
151: <li>cleanup of routing tables when starting and exiting is more complete.
152: <li>log messages cleaned up and reduced.
153: <li>dhclient is automatically placed in the routing domain of the interface.
154: <li>incoming and outgoing packet buffers are separate, eliminating possible transmission of inappropriate packets when re-trying DISCOVER and REQUEST.
155: <li>resolv.conf.tail read only once, at startup.
156: <li>both OFFER and ACK packets that lack required options are rejected.
1.49 sthen 157: <li>file names passed to '-L' and '-l' are constrained to be regular files.
1.40 krw 158: <li>bind success reported after binding complete, not when it is started.
159: <li>privileged process daemonizes, eliminating its controlling terminal.
160: <li>STDIN/STDOUT/STDERR no longer redirected to /dev/null when '-d' specified.
161: <li>all existing addresses on the interface are deleted when binding a new lease.
162: <li>leases which would cause routing problems because another interface is already configured with the same subnet are rejected.
163: <li>premature and repeated DISCOVER and/or REQUEST messages at startup are avoided.
164: <li>permanent ARP cache entries are no longer deleted during binding.
1.49 sthen 165: <li>allow empty lists of option names for 'ignore', 'request', and 'require' dhclient.conf directives, so lists can be reset in interface declarations.
1.41 krw 166: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a> and dhclient recognize the same list of dhcp options.
1.40 krw 167: <li>hand-rolled IMSG implementation replaced with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=imsg_init&sektion=3">imsg_init(3)</a> and related functions..
1.42 krw 168: <li>hand-rolled date string construction replaced with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strftime&sektion=3">strftime(3)</a> invocations.
1.40 krw 169: <li>hand-rolled '%m' option replaced with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strerror&sektion=3">strerror(3)</a> invocations.
170: <li>many other internal code improvements.
171: </ul>
172: <p>
173:
1.11 sthen 174: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> improvements:
1.1 sthen 175: <ul>
1.46 lteo 176: <li> The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=divert&sektion=4">divert(4)</a>
177: socket now supports the new IP_DIVERTFL socket option to control whether both inbound and outbound packets are diverted (the default) or only packets travelling in one direction.
1.52 sthen 178: <li>Sloppy state tracking (a special mode occasionally needed with asymmetric routing) now works correctly with ICMP.
179: <li>PF now restricts the fragment limit to protect against a misconfiguration running the kernel out of mbuf clusters.
1.1 sthen 180: </ul>
181: <p>
182:
1.48 gilles 183: <li>OpenSMTPD 5.3:
184: <ul>
185: <li>New features:
186: <ul>
187: <li>code is now considered stable and suitable for use in production.
1.65 gilles 188: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smtpctl&sektion=8">smtpctl(8)</a> <i>trace</i> supports runtime tracing of various components, including imsg exchanges, incoming and outgoing sessions, aliases expansion and much more.
1.48 gilles 189: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smtpctl&sektion=8">smtpctl(8)</a> <i>monitor</i> can now be used to monitor in real-time an instance of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smtpd&sektion=8">smtpd(8)</a>.
190: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smtpctl&sektion=8">smtpctl(8)</a> <i>show queue</i> now supports an "online" mode where the scheduler is queried instead of the disk-based queue to provide more accurate information.
1.49 sthen 191: <li>virtual domain support has been reworked to simplify and bring support for new features like global catch-alls and shared user mappings.
1.48 gilles 192: <li>new table API replaces the map API: better handling of transient errors, improved performances and a much better interface.
193: <li>the transfer process may now select the source IP address to use as well as the HELO hostname to advertise from a table.
194: <li>each listener may advertise a different banner hostname.
195: <li>an alternate user database may be provided instead of relying on <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getpwnam&sektion=3">getpwnam(3)</a>.
196: <li>users may now be authenticated using credentials from a table.
197: <li>incoming sessions can be tagged, allowing for rules to only match envelopes that have been reinjected in the daemon after being passed to a proxy tool.
198: <li>intermediate bounces are now sent at configurable rates.
199: <li>rules can now check for a sender email address or domain.
1.50 sthen 200: <li>experimental (yet functional) support for aldap and sqlite as table backends.
1.48 gilles 201: </ul>
202:
203: <li>Improvements:
204: <ul>
205: <li>improved logging format to make it both easier to read and parse.
206: <li>improved memory use by scheduler, smtp, queue and transfer processes.
207: <li>more reliable and efficient disk-based queue.
208: <li>improved scheduler, dns and relaying logic that optimizes transfers.
1.65 gilles 209: <li>simplified grammar for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smtpd.conf&sektion=5">smtpd.conf(5)</a>.
1.48 gilles 210: <li>initial support for client and server SSL peer certificates validation.
211: <li>SSL certificate tree is now isolated and network-facing processes request SSL information on-demand by imsg.
212: <li>improved and simplified SMTP and MTA engines.
213: <li>much improved performances on both incoming and outgoing code paths.
214: <li>tons of cleanup and assorted minor bug fixes.
215: </ul>
216: </ul>
217: <p>
218:
1.59 tedu 219: <li>Security improvements:
220: <ul>
221: <li>Position-independent executables (PIE) are now used <b>by default</b> on alpha, amd64, hppa, landisk, loongson, sgi and sparc64.
222: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc&sektion=1">gcc(1)</a> stack smashing protector added for Alpha and MIPS (enabled by default).
223: <li>Shared libraries on GCC 4 platforms now each get their own stack protector cookies instead of sharing a single global cookie.
224: </ul>
225: <p>
226:
227: <li>Performance improvements:
228: <ul>
229: <li>Switch default disk I/O sort algorithm to NSCAN for improved fairness and response times.
230: <li>Softdep speedup improvements by the revert of a previously necessary workaround to prevent kva starvation.
231: <li>Large performance and reliability improvements in
232: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=make&sektion=1">make(1)</a>,
233: especially in parallel mode. make no longer does any busy waiting, it handles
234: concurrent targets correctly, and displays more accurate error messages.
235: <li>Increased stack alignment in constructor functions and new threads on i386 to meet requirements for SSE.
236: <li>Coredumping no longer hogs CPU or I/O and can be aborted by sending the process a SIGKILL signal.
237: </ul>
238: <p>
239:
240: <li>Threading improvements:
241: <ul>
242: <li>Threaded programs and libraries can now be linked with the POSIX-standard -lpthread flag instead of the OpenBSD-specific -pthread flag
243: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=abort&sektion=3">abort(3)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=raise&sektion=3">raise(3)</a> now direct the signal to the calling thread, as specified by POSIX.
244: <li>Whether a thread is currently executing on an alternate signal stack (c.f. <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sigaltstack&sektion=2">sigaltstack(2)</a>) is now determined dynamically, so the stack can be reused if <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=siglongjmp&sektion=3">siglongjmp(3)</a> is used to exit the signal handler.
245: <li>libpthread now caches automatically allocated, default size thread stacks.
246: <li>Improvements in the handling of profiling, tracing, and %cpu calculation of threaded processes.
247: </ul>
248: <p>
249:
1.1 sthen 250: <li>Assorted improvements:
251: <ul>
1.11 sthen 252: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ldomctl&sektion=8&arch=sparc64">ldomctl(8)</a>
1.9 sthen 253: was added to manage logical domains on sun4v systems through
1.29 sthen 254: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ldomd&sektion=8&arch=sparc64">ldomd(8)</a>.
255: <li>Support for WPA Enterprise was added to the wpa_supplicant package.
256: <li>OpenBSD/luna88k and OpenBSD/mvme88k have switched to GCC 3, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=elf&sektion=5">elf(5)</a> and gained shared library support.
257: <li>OpenBSD/hp300 and OpenBSD/mvme68k have switched to GCC 3 and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=elf&sektion=5">elf(5)</a>.
258: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=softraid&sektion=4">softraid(4)</a> RAID1 and crypto volumes are now bootable on i386 and amd64 (full disk encryption).
1.11 sthen 259: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mg&sektion=1">mg(1)</a>
1.7 sthen 260: emacs-like editor now supports <tt>diff-buffer-with-file</tt>, <tt>make-directory</tt> and <tt>revert-buffer</tt>.
1.43 lum 261: Column numbers have been made configurable and locale is respected for ctype purposes, like displaying ISO Latin 1 characters.
1.11 sthen 262: <li>Improved our own <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pkg-config&sektion=1">pkg-config(1)</a>
1.7 sthen 263: implementation to make it compatible with freedesktop.org's 0.27.1 release.
1.29 sthen 264: <li>A number of improvements to the buffer cache and page daemon interactions to avoid issues in low memory/low kva situations.
1.16 beck 265: <li>Various bug fixes in uvm to avoid potential races and deadlock issues.
1.29 sthen 266: <li>Memory filesystem (mfs) switched to bufq, giving us queue limits and FIFO queueing (rather than the current LIFO queueing).
267: <li>Many improvements to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cwm&sektion=1">cwm(1)</a> window manager,
268: including tab completion and Xft support for menus, improved Xinerama support, and per-group vertical/horizontal manual tiling support.
1.32 guenther 269: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dprintf&sektion=3">dprintf(3)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=grantpt&sektion=3">grantpt(3)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=posix_openpt&sektion=3">posix_openpt(3)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ptsname&sektion=3">ptsname(3)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=unlockpt&sektion=3">unlockpt(3)</a>, and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vdprintf&sektion=3">vdprintf(3)</a>.
270: <li>Corrected the order of invocation of constructor and destruction functions.
271: <li>Improved compliance and/or cleanliness of header files, particularly
272: <dlfcn.h>, <netdb.h>, <net/if.h>,
273: <netinet/in.h>, <sys/socket.h>, <sys/uio.h>,
274: and <sys/un.h>.
1.1 sthen 275: </ul>
276: <p>
277:
278: <li>OpenSSH 6.2:
279: <ul>
280: <li>New features:
281: <ul>
1.37 sobrado 282: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
283: and
284: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
285: Added support for AES-GCM authenticated encryption in SSH protocol 2.
286: The new cipher is available as "aes128-gcm@openssh.com" and
287: "aes256-gcm@openssh.com". It uses an identical packet format to the
288: AES-GCM mode specified in RFC 5647, but uses simpler and different
289: selection rules during key exchange.
290: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
291: and
292: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
293: Added support for encrypt-then-mac (EtM) MAC modes for SSH protocol 2.
294: These modes alter the packet format and compute the MAC over the
295: packet length and encrypted packet rather than over the plaintext
296: data. These modes are considered more secure and are used by default
297: when available.
298: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
299: and
300: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
301: Added support for the UMAC-128 MAC as "umac-128@openssh.com" and
302: "umac-128-etm@openssh.com". The latter being an encrypt-then-mac mode.
303: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
304: Added support for multiple required authentication in SSH protocol 2
305: via an <tt>AuthenticationMethods</tt> option. This option lists one
306: or more comma-separated lists of authentication method names.
307: Successful completion of all the methods in any list is required for
308: authentication to complete. This allows, for example, requiring a
309: user having to authenticate via public key or GSSAPI before they are
310: offered password authentication.
311: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>
312: and
313: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
314: Added support for Key Revocation Lists (KRLs), a compact binary
315: format to represent lists of revoked keys and certificates that take
316: as little as one bit per certificate when revoking by serial number.
317: KRLs may be generated using
318: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>
319: and are loaded into
320: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>
321: via the existing <tt>RevokedKeys</tt>
322: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
323: option.
324: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
325: <tt>IdentitiesOnly</tt> now applies to keys obtained from a
326: PKCS11Provider. This allows control of which keys are offered from
327: tokens using <tt>IdentityFile</tt>.
328: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
329: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>'s
330: AllowTcpForwarding now accepts "<tt>local</tt>" and "<tt>remote</tt>"
331: in addition to its previous "<tt>yes</tt>"/"<tt>no</tt>" keywords to
332: allow the server to specify whether just local or remote TCP
333: forwarding is enabled.
334: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
335: Added a
336: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
337: option <tt>AuthorizedKeysCommand</tt> to support fetching
338: authorized_keys from a command in addition to (or instead of) from
339: the filesystem. The command is run under an account specified by an
340: <tt>AuthorizedKeysCommandUser</tt>
341: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
342: option.
343: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server&sektion=8">sftp-server(8)</a>:
344: Now supports a <tt>-d</tt> option to allow the starting directory to
345: be something other than the user's home directory.
346: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
347: Now allows fingerprinting of keys hosted in PKCS#11 tokens using
348: "ssh-keygen -lD pkcs11_provider".
349: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
350: When SSH protocol 2 only is selected (the default),
351: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
352: now immediately sends its SSH protocol banner to the server without
353: waiting to receive the server's banner, saving time when connecting.
354: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
355: Added <tt>~v</tt> and <tt>~V</tt> escape sequences to raise and lower
356: the logging level respectively.
357: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
358: Made the escape command help (<tt>~?</tt>) context sensitive so that
359: only commands that will work in the current session are shown.
360: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
361: When deleting host lines from known_hosts using "ssh-keygen -R host",
362: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>
363: now prints details of which lines were removed.
1.1 sthen 364: </ul>
365: <li>The following significant bugs have been fixed in this release:
366: <ul>
1.37 sobrado 367: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
368: Force a clean shutdown of ControlMaster client sessions when the
369: <tt>~.</tt> escape sequence is used. This means that <tt>~.</tt>
370: should now work in mux clients even if the server is no longer
371: responding.
372: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
373: Correctly detect errors during local TCP forward setup in multiplexed
374: clients. (bz#2055)
375: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-add&sektion=1">ssh-add(1)</a>:
376: Made deleting explicit keys "ssh-add -d" symmetric with adding keys
377: with respect to certificates. It now tries to delete the
378: corresponding certificate and respects the <tt>-k</tt> option to
379: allow deleting of the key only.
380: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
381: Fix a number of parsing and command-editing bugs, including bz#1956.
382: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
383: When muxmaster is run with <tt>-N</tt>, ensured that it shuts down
384: gracefully when a client sends it "-O stop" rather than hanging
385: around. (bz#1985)
386: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
387: When screening moduli candidates, append to the file rather than
388: overwriting to allow resumption. (bz#1957)
389: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
390: Record "Received disconnect" messages at ERROR rather than INFO
391: priority. (bz#2057)
392: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
393: Loudly warn if explicitly-provided private key is unreadable.
394: (bz#1981)
1.1 sthen 395: </ul>
396: </ul>
397: <p>
398:
1.7 sthen 399: <li>Over 7,800 ports, major performance and stability improvements in
1.1 sthen 400: the package build process
401: <ul>
1.28 espie 402: <li>The parallel ports builder is more efficient. The main improvement is
403: that dpb consumes much less cpu on busy boxes, but there are lots of small
404: optimizations that amount to a large performance increase:
405: dpb can now build selected large ports using parallel make, and it
406: has a notion of affinity, so that ports failing on a cluster will be
1.29 sthen 407: preferentially restarted on the same machine.
1.1 sthen 408: </ul>
409: <p>
410: <li>Many pre-built packages for each architecture:
411: <table border=0 cellspacing=0 cellpadding=2 width="95%">
412: <tr>
413: <td valign="top" width="25%">
414: <ul>
1.38 deraadt 415: <li>i386: 7670
416: <li>sparc64: 6756
1.64 deraadt 417: <li>alpha: 6151
1.1 sthen 418: </ul></td><td valign=top width="25%"><ul>
419: <li>sh: XXXX
1.54 deraadt 420: <li>amd64: 7632
1.63 deraadt 421: <li>powerpc: 7215
1.1 sthen 422: </ul></td><td valign=top width="25%"><ul>
423: <li>sparc: XXXX
424: <li>arm: XXXX
1.56 deraadt 425: <li>hppa: 6401
1.1 sthen 426: </ul></td><td valign=top width="25%"><ul>
427: <li>vax: XXXX
1.56 deraadt 428: <li>mips64: 6519
1.60 sthen 429: <li>mips64el: 6539
1.1 sthen 430: </ul></td></tr></table>
431: <p>
432:
433: <li>Some highlights:
434: <ul>
435: <li>GNOME 3.6.2 <li>KDE 3.5.10
436: <li>Xfce 4.10 <li>MySQL 5.1.68
1.13 sthen 437: <li>PostgreSQL 9.2.3 <li>Postfix 2.9.6
1.1 sthen 438: <li>OpenLDAP 2.3.43 and 2.4.33 <li>Mozilla Firefox 3.6.28 and 18.0.2
439: <li>Mozilla Thunderbird 17.0.2 <li>GHC 7.4.2
440: <li>LibreOffice 3.6.5.2 <li>Emacs 21.4 and 24.2
441: <li>Vim 7.3.154 <li>PHP 5.2.17 and 5.3.21
1.39 lteo 442: <li>Python 2.5.4, 2.7.3 and 3.2.3 <li>Ruby 1.8.7.370 and 1.9.3.392
1.1 sthen 443: <li>Tcl/Tk 8.5.13 and 8.6.0 <li>Jdk 1.6.0.32 and 1.7.0.11
444: <li>Mono 2.10.9 <li>Chromium 24.0.1312.68
445: <li>Groff 1.21 <li>Go 1.0.3
446: <li>GCC 4.6.3 and 4.7.2 <li>LLVM/Clang 3.2
447: </ul>
448: <p>
449:
450: <li>As usual, steady improvements in manual pages and other documentation.
451: <p>
452:
453: <li>The system includes the following major components from outside suppliers:
454: <ul>
1.12 matthieu 455: <li>Xenocara (based on X.Org 7.7 with xserver 1.12.3 + patches,
1.2 sthen 456: freetype 2.4.11, fontconfig 2.8.0, Mesa 7.11.2, xterm 287,
457: xkeyboard-config 2.7 and more)
1.33 jsg 458: <li>Gcc 4.2.1 (+patches), 3.3.6 (+ patches) and 2.95.3 (+ patches)
1.1 sthen 459: <li>Perl 5.12.2 (+ patches)
460: <li>Our improved and secured version of Apache 1.3, with
461: SSL/TLS and DSO support
1.2 sthen 462: <li>Nginx 1.2.6 (+ patches)
463: <li>OpenSSL 1.0.1c (+ patches)
464: <li>SQLite 3.7.14.1 (+ patches)
465: <li>Sendmail 8.14.6, with libmilter
1.1 sthen 466: <li>Bind 9.4.2-P2 (+ patches)
1.31 sthen 467: <li>NSD 3.2.15
1.1 sthen 468: <li>Lynx 2.8.7rel.2 with HTTPS and IPv6 support (+ patches)
469: <li>Sudo 1.7.2p8
470: <li>Ncurses 5.7
471: <li>Heimdal 0.7.2 (+ patches)
472: <li>Binutils 2.15 (+ patches)
473: <li>Gdb 6.3 (+ patches)
474: <li>Less 444 (+ patches)
475: <li>Awk Aug 10, 2011 version
476: </ul>
477:
478: </ul>
479:
480: <a name="install"></a>
481: <hr>
482: <p>
483: <h3><font color="#0000e0">How to install</font></h3>
484: <p>
485: Following this are the instructions which you would have on a piece of
486: paper if you had purchased a CDROM set instead of doing an alternate
487: form of install. The instructions for doing an FTP (or other style
488: of) install are very similar; the CDROM instructions are left intact
489: so that you can see how much easier it would have been if you had
490: purchased a CDROM instead.
491: <p>
492:
493: <hr>
494: Please refer to the following files on the three CDROMs or FTP mirror for
495: extensive details on how to install OpenBSD 5.3 on your machine:
496: <p>
497: <ul>
498: <li>CD1:5.3/i386/INSTALL.i386
499: <p>
500: <li>CD2:5.3/amd64/INSTALL.amd64
501: <p>
502: <li>CD3:5.3/sparc64/INSTALL.sparc64
503: <p>
504: <li>FTP:.../OpenBSD/5.3/alpha/INSTALL.alpha
505: <li>FTP:.../OpenBSD/5.3/armish/INSTALL.armish
506: <li>FTP:.../OpenBSD/5.3/hp300/INSTALL.hp300
507: <li>FTP:.../OpenBSD/5.3/hppa/INSTALL.hppa
508: <li>FTP:.../OpenBSD/5.3/landisk/INSTALL.landisk
509: <li>FTP:.../OpenBSD/5.3/loongson/INSTALL.loongson
510: <li>FTP:.../OpenBSD/5.3/luna88k/INSTALL.luna88k
511: <li>FTP:.../OpenBSD/5.3/macppc/INSTALL.macppc
512: <li>FTP:.../OpenBSD/5.3/mvme68k/INSTALL.mvme68k
513: <li>FTP:.../OpenBSD/5.3/mvme88k/INSTALL.mvme88k
514: <li>FTP:.../OpenBSD/5.3/sgi/INSTALL.sgi
515: <li>FTP:.../OpenBSD/5.3/socppc/INSTALL.socppc
516: <li>FTP:.../OpenBSD/5.3/sparc/INSTALL.sparc
517: <li>FTP:.../OpenBSD/5.3/vax/INSTALL.vax
518: <li>FTP:.../OpenBSD/5.3/zaurus/INSTALL.zaurus
519: </ul>
520: <hr>
521:
522: <p>
523: Quick installer information for people familiar with OpenBSD, and the
524: use of the "disklabel -E" command. If you are at all confused when
525: installing OpenBSD, read the relevant INSTALL.* file as listed above!
526: <p>
527:
528: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
529: <ul>
530: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
531: release is on CD1. If your BIOS does not support booting from CD, you will need
532: to create a boot floppy to install from. To create a boot floppy write
533: <i>CD1:5.3/i386/floppy53.fs</i> to a floppy and boot via the floppy drive.
534:
535: <p>
536: Use <i>CD1:5.3/i386/floppyB53.fs</i> instead for greater SCSI controller
537: support, or <i>CD1:5.3/i386/floppyC53.fs</i> for better laptop support.
538:
539: <p>
540: If you can't boot from a CD or a floppy disk,
541: you can install across the network using PXE as described in
542: the included INSTALL.i386 document.
543:
544: <p>
545: If you are planning on dual booting OpenBSD with another OS, you will need to
546: read INSTALL.i386.
547:
548: <p>
549: To make a boot floppy under MS-DOS, use the "rawrite" utility located
550: at <i>CD1:5.3/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
551: use the
1.11 sthen 552: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>
1.1 sthen 553: utility. The following is an example usage of
1.11 sthen 554: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>,
1.1 sthen 555: where the device could be "floppy", "rfd0c", or
556: "rfd0a".
557:
558: <ul><pre>
559: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
560: </pre></ul>
561:
562: <p>
563: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
564: your install will most likely fail. For more information on creating a boot
565: floppy and installing OpenBSD/i386 please refer to
566: <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
567: </ul>
568:
569: <p>
570: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
571: <ul>
572: The 5.3 release of OpenBSD/amd64 is located on CD2.
573: Boot from the CD to begin the install - you may need to adjust
574: your BIOS options first.
575: If you can't boot from the CD, you can create a boot floppy to install from.
576: To do this, write <i>CD2:5.3/amd64/floppy53.fs</i> to a floppy, then
577: boot from the floppy drive.
578:
579: <p>
580: If you can't boot from a CD or a floppy disk,
581: you can install across the network using PXE as described in the included
582: INSTALL.amd64 document.
583:
584: <p>
585: If you are planning to dual boot OpenBSD with another OS, you will need to
586: read INSTALL.amd64.
587: </ul>
588:
589: <p>
590: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
591: <ul>
592: Burn the image from the FTP site to a CDROM, and poweron your machine
593: while holding down the <i>C</i> key until the display turns on and
594: shows <i>OpenBSD/macppc boot</i>.
595:
596: <p>
597: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
598: /5.3/macppc/bsd.rd</i>
599: </ul>
600:
601: <p>
602: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
603: <ul>
604: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
605:
606: <p>
607: If this doesn't work, or if you don't have a CDROM drive, you can write
608: <i>CD3:5.3/sparc64/floppy53.fs</i> or <i>CD3:5.3/sparc64/floppyB53.fs</i>
609: (depending on your machine) to a floppy and boot it with <i>boot
610: floppy</i>. Refer to INSTALL.sparc64 for details.
611:
612: <p>
613: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
614: will most likely fail.
615:
616: <p>
617: You can also write <i>CD3:5.3/sparc64/miniroot53.fs</i> to the swap partition on
618: the disk and boot with <i>boot disk:b</i>.
619:
620: <p>
621: If nothing works, you can boot over the network as described in INSTALL.sparc64.
622: </ul>
623:
624: <p>
625: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
626: <ul>
627: <p>Write <i>FTP:5.3/alpha/floppy53.fs</i> or
628: <i>FTP:5.3/alpha/floppyB53.fs</i> (depending on your machine) to a diskette and
629: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
630:
631: <p>
632: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
633: will most likely fail.
634:
635: </ul>
636:
637: <p>
638: <h3><font color="#e00000">OpenBSD/armish:</font></h3>
639: <ul>
640: <p>
641: After connecting a serial port, Thecus can boot directly from the network
642: either tftp or http. Configure the network using fconfig, reset,
643: then load bsd.rd, see INSTALL.armish for specific details.
644: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
645: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
646: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
647: More details are available in INSTALL.armish.
648: </ul>
649:
650: <p>
651: <h3><font color="#e00000">OpenBSD/hp300:</font></h3>
652: <ul>
653: <p>
654: Boot over the network by following the instructions in INSTALL.hp300.
655: </ul>
656:
657: <p>
658: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
659: <ul>
660: <p>
661: Boot over the network by following the instructions in INSTALL.hppa or the
662: <a href="hppa.html#install">hppa platform page</a>.
663: </ul>
664:
665: <p>
666: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
667: <ul>
668: <p>
669: Write <i>miniroot53.fs</i> to the start of the CF
670: or disk, and boot normally.
671: </ul>
672:
673: <p>
674: <h3><font color="#e00000">OpenBSD/loongson:</font></h3>
675: <ul>
676: <p>
677: Write <i>miniroot53.fs</i> to a USB stick and boot bsd.rd from it
678: or boot bsd.rd via tftp.
679: Refer to the instructions in INSTALL.loongson for more details.
680: </ul>
681: <p>
682:
683: <p>
684: <h3><font color="#e00000">OpenBSD/luna88k:</font></h3>
685: <ul>
686: <p>
687: Copy bsd.rd to a Mach or UniOS partition, and boot it from the PROM.
688: Alternatively, you can create a bootable tape and boot from it. Refer to
689: the instructions in INSTALL.luna88k for more details.
690: </ul>
691:
692: <p>
693: <h3><font color="#e00000">OpenBSD/mvme68k:</font></h3>
694: <ul>
695: <p>
696: You can create a bootable installation tape or boot over the network.<br>
697: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
698: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
699: for more details.
700: </ul>
701:
702: <p>
703: <h3><font color="#e00000">OpenBSD/mvme88k:</font></h3>
704: <ul>
705: <p>
706: You can create a bootable installation tape or boot over the network.<br>
707: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
708: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
709: for more details.
710: </ul>
711:
712: <p>
713: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
714: <ul>
715: <p>
716: To install on an O2, burn cd53.iso on a CD-R, put it in the CD drive of your
717: machine and select <i>Install System Software</i> from the System Maintenance
718: menu.
719:
720: <p>
721: On other systems, or if your machine doesn't have a CD drive, you can
722: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using
723: the kernel matching your system type.
724: Refer to the instructions in INSTALL.sgi for more details.
725: </ul>
726:
727: <p>
728: <h3><font color="#e00000">OpenBSD/socppc:</font></h3>
729: <ul>
730: <p>
731: After connecting a serial port, boot over the network via DHCP/tftp.
732: Refer to the instructions in INSTALL.socppc for more details.
733: </ul>
734:
735: <p>
736: <h3><font color="#e00000">OpenBSD/sparc:</font></h3>
737: <ul>
738: Boot from one of the provided install ISO images, using one of the two
739: commands listed below, depending on the version of your ROM.
740:
741: <ul><pre>
742: ok <strong>boot cdrom 5.3/sparc/bsd.rd</strong>
743: or
744: > <strong>b sd(0,6,0)5.3/sparc/bsd.rd</strong>
745: </pre></ul>
746:
747: <p>
748: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
749: To do so you need to write <i>floppy53.fs</i> to a floppy.
750: For more information see <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
751: To boot from the floppy use one of the two commands listed below,
752: depending on the version of your ROM.
753:
754: <ul><pre>
755: ok <strong>boot floppy</strong>
756: or
757: > <strong>b fd()</strong>
758: </pre></ul>
759:
760: <p>
761: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
762: will most likely fail.
763:
764: <p>
765: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
766: setup a bootable tape, or install via network, as told in the
767: INSTALL.sparc file.
768: </ul>
769:
770: <p>
771: <h3><font color="#e00000">OpenBSD/vax:</font></h3>
772: <ul>
773: Boot over the network via mopbooting as described in INSTALL.vax.
774: </ul>
775:
776: <p>
777: <h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
778: <ul>
779: <p>
780: Using the Linux built-in graphical ipkg installer, install the
781: openbsd53_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
782: for a few important details.
783: </ul>
784:
785: <p>
786: <h3><font color="#e00000">Notes about the source code:</font></h3>
787: <ul>
788: src.tar.gz contains a source archive starting at /usr/src. This file
789: contains everything you need except for the kernel sources, which are
790: in a separate archive. To extract:
791: <p>
792: <ul><pre>
793: # <strong>mkdir -p /usr/src</strong>
794: # <strong>cd /usr/src</strong>
795: # <strong>tar xvfz /tmp/src.tar.gz</strong>
796: </pre></ul>
797: <p>
798: sys.tar.gz contains a source archive starting at /usr/src/sys.
799: This file contains all the kernel sources you need to rebuild kernels.
800: To extract:
801: <p>
802: <ul><pre>
803: # <strong>mkdir -p /usr/src/sys</strong>
804: # <strong>cd /usr/src</strong>
805: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
806: </pre></ul>
807: <p>
808: Both of these trees are a regular CVS checkout. Using these trees it
809: is possible to get a head-start on using the anoncvs servers as
810: described <a href="anoncvs.html">here</a>.
811: Using these files
812: results in a much faster initial CVS update than you could expect from
813: a fresh checkout of the full OpenBSD source tree.
814: <p>
815: </ul>
816:
817: <a name="upgrade"></a>
818: <hr>
819: <p>
820: <h3><font color="#0000e0">How to upgrade</font></h3>
821: <p>
822: If you already have an OpenBSD 5.2 system, and do not want to reinstall,
823: upgrade instructions and advice can be found in the
824: <a href="faq/upgrade53.html">Upgrade Guide</a>.
825:
826: <a name="ports"></a>
827: <hr>
828: <p>
829: <h3><font color="#0000e0">Ports Tree</font></h3>
830: <p>
831: A ports tree archive is also provided. To extract:
832: <p>
833: <ul><pre>
834: # <strong>cd /usr</strong>
835: # <strong>tar xvfz /tmp/ports.tar.gz</strong>
836: # <strong>cd ports</strong>
837: </pre></ul>
838: <p>
839: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
840: read the <a href="faq/ports/index.html">ports</a> page
841: if you know nothing about ports
842: at this point. This text is not a manual of how to use ports.
843: Rather, it is a set of notes meant to kickstart the user on the
844: OpenBSD ports system.
845: <p>
846: The <i>ports/</i> directory represents a CVS (see the manpage for
1.11 sthen 847: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&arch=i386">
1.1 sthen 848: cvs(1)</a> if
849: you aren't familiar with CVS) checkout of our ports. As with our complete
1.17 rpe 850: source tree, our ports tree is available via
851: <a href="anoncvs.html">AnonCVS</a>.
852: So, in order to keep current with it, you must make the <i>ports/</i> tree
1.1 sthen 853: available on a read-write medium and update the tree with a command
854: like:
855: <p>
856: <ul><pre>
857: # <strong>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_3</strong>
858: </pre></ul>
859: <p>
860: [Of course, you must replace the local directory and server name here
861: with the location of your ports collection and a nearby anoncvs
862: server.]
863: <p>
864: Note that most ports are available as packages through FTP. Updated
865: packages for the 5.3 release will be made available if problems arise.
866: <p>
867: If you're interested in seeing a port added, would like to help out, or just
868: would like to know more, the mailing list
869: <a href="mail.html">ports@openbsd.org</a> is a good place to know.
870: <p>
871:
872: <hr>
873: <a href="index.html"><img height="24" width="24" src="back.gif" border="0"
874: alt="OpenBSD"></a>
875: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
876: <br><small>
1.66 ! jturner 877: $OpenBSD: 53.html,v 1.65 2013/03/22 13:30:00 gilles Exp $
1.1 sthen 878: </small>
879:
880: </body>
881: </html>