Annotation of www/53.html, Revision 1.95
1.91 bentley 1: <!doctype html>
2: <html lang=en id=release>
3: <meta charset=utf-8>
4:
1.75 deraadt 5: <title>OpenBSD 5.3</title>
1.1 sthen 6: <meta name="description" content="OpenBSD 5.3">
1.85 tj 7: <meta name="viewport" content="width=device-width, initial-scale=1">
8: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.87 tb 9: <link rel="canonical" href="https://www.openbsd.org/53.html">
1.1 sthen 10:
1.91 bentley 11: <h2 id=OpenBSD>
1.1 sthen 12: <a href="index.html">
1.91 bentley 13: <i>Open</i><b>BSD</b></a>
14: 5.3
1.85 tj 15: </h2>
1.1 sthen 16:
1.91 bentley 17: <table>
18: <tr>
19: <td>
1.62 sthen 20: <a href="images/RoyPuffy.jpg">
1.91 bentley 21: <img width="227" height="343" src="images/RoyPuffy.jpg" alt="Roy Puffy"></a>
22: <td>
1.73 sthen 23: Released May 1, 2013<br>
1.1 sthen 24: Copyright 1997-2013, Theo de Raadt.<br>
1.91 bentley 25: <cite class=isbn>ISBN 978-0-9881561-1-1</cite>
1.1 sthen 26: <br>
1.82 deraadt 27: 5.3 Song: <a href="lyrics.html#53">"Blade Swimmer"</a>
1.90 deraadt 28: <br>
29: <br>
1.1 sthen 30: <ul>
31: <li>See the information on <a href="ftp.html">The FTP page</a> for
32: a list of mirror machines.
1.91 bentley 33: <li>Go to the <code class=reldir>pub/OpenBSD/5.3/</code> directory on
1.1 sthen 34: one of the mirror sites.
35: <li>Have a look at <a href="errata53.html">The 5.3 Errata page</a> for a list
36: of bugs and workarounds.
37: <li>See a <a href="plus53.html">detailed log of changes</a> between the
38: 5.2 and 5.3 releases.
39: </ul>
1.85 tj 40: <p>
41: All applicable copyrights and credits are in the src.tar.gz,
42: sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
1.95 ! deraadt 43: files fetched via <code>ports.tar.gz</code>.
1.91 bentley 44: </table>
1.85 tj 45:
46: <hr>
1.1 sthen 47:
1.91 bentley 48: <section id=new>
49: <h3>What's New</h3>
1.1 sthen 50: <p>
51: This is a partial list of new features and systems included in OpenBSD 5.3.
52: For a comprehensive list, see the <a href="plus53.html">changelog</a> leading
53: to 5.3.
54: <p>
55:
1.51 sthen 56: <ul>
1.1 sthen 57: <li>Improved hardware support, including:
58: <ul>
1.91 bentley 59: <li>New driver <a href="https://man.openbsd.org/oce.4">oce(4)</a> for Emulex OneConnect 10Gb Ethernet adapters.
60: <li>New driver <a href="https://man.openbsd.org/rtsx.4">rtsx(4)</a> for the Realtek RTS5209 card reader.
61: <li>New driver <a href="https://man.openbsd.org/mfii.4">mfii(4)</a> for the LSI Logic MegaRAID SAS Fusion controllers.
62: <li>New driver <a href="https://man.openbsd.org/smsc.4">smsc(4)</a> for SMSC LAN95xx 10/100 USB Ethernet adapters.
63: <li>New drivers for Toradex OAK USB sensors: <a href="https://man.openbsd.org/uoaklux.4">uoaklux(4)</a> (illuminance), <a href="https://man.openbsd.org/uoakrh.4">uoakrh(4)</a> (temperature and relative humidity) and <a href="https://man.openbsd.org/uoakv.4">uoakv(4)</a> (+/- 10V 8channel ADC).
64: <li>New drivers for <a href="https://man.openbsd.org/virtio.4">virtio(4)</a> devices: <a href="https://man.openbsd.org/vio.4">vio(4)</a> (network), <a href="https://man.openbsd.org/vioblk.4">vioblk(4)</a> (block devices, attaching as SCSI disks) and <a href="https://man.openbsd.org/viomb.4">viomb(4)</a> (memory ballooning).
65: <li>Support for Adaptec 39320LPE added to <a href="https://man.openbsd.org/ahd.4">ahd(4)</a>.
66: <li>Broadcom 5718/5719/5720 Gigabit Ethernet devices supported in <a href="https://man.openbsd.org/bge.4">bge(4)</a>.
67: <li>Intel X540-based 10Gb Ethernet devices supported in <a href="https://man.openbsd.org/ix.4">ix(4)</a>.
68: <li>Support for SFP+ hot-plug (82599) and various other improvements in <a href="https://man.openbsd.org/ix.4">ix(4)</a>.
69: <li>TX interrupt mitigation, hardware VLAN tagging and checksum offload reduce CPU use in <a href="https://man.openbsd.org/vr.4">vr(4)</a>.
70: <li>Baby jumbo frames supported in <a href="https://man.openbsd.org/vr.4">vr(4)</a> and <a href="https://man.openbsd.org/sis.4">sis(4)</a> useful for e.g. MPLS, <a href="https://man.openbsd.org/vlan.4">vlan(4)</a> tag stacking (QinQ) and RFC4638 <a href="https://man.openbsd.org/pppoe.4">pppoe(4)</a>.
71: <li>TCP RX Checksum offload in <a href="https://man.openbsd.org/gem.4">gem(4)</a>.
72: <li>Improvements for NICs using 82579/pch2 in <a href="https://man.openbsd.org/em.4">em(4)</a>.
73: <li>Flow control is now supported on <a href="https://man.openbsd.org/bnx.4">bnx(4)</a> 5708S/5709S adapters, <a href="https://man.openbsd.org/gem.4">gem(4)</a> and <a href="https://man.openbsd.org/jme.4">jme(4)</a>.
74:
75: <li>Power-saving clients supported in hostap mode with <a href="https://man.openbsd.org/acx.4">acx(4)</a> and <a href="https://man.openbsd.org/athn.4">athn(4)</a>.
76: <li>A cause of RT2661 <a href="https://man.openbsd.org/ral.4">ral(4)</a> wedging in hostap mode was fixed.
77: <li><a href="https://man.openbsd.org/iwn.4">iwn(4)</a> supports additional devices (Centrino Advanced-N 6235 and initial support for Centrino Wireless-N 1030).
1.29 sthen 78:
1.91 bentley 79: <li>Improvements to <a href="https://man.openbsd.org/ahci.4">ahci(4)</a>.
1.29 sthen 80: <li>Support for the fixed-function performance counter on newer x86 chips with constant time stamp counters.
1.91 bentley 81: <li>Elantech touchpads supported in <a href="https://man.openbsd.org/pms.4">pms(4)</a> and <a href="https://man.openbsd.org/synaptics.4">synaptics(4)</a>.
82: <li>Support for "physical devices" on skinny <a href="https://man.openbsd.org/mfi.4">mfi(4)</a> controllers.
83: <li>VMware emulated SAS adapters supported by <a href="https://man.openbsd.org/mpi.4">mpi(4)</a>.
1.29 sthen 84: <li>Support for Intel's Supervisor Mode Execution Protection (SMEP) and Supervisor Mode Access Prevention (SMAP) features on i386 and amd64.
85: <li>Support for the RDRAND instruction to read the hardware random number generator on recent Intel processors.
86: <li>amd64 PCI memory extent changed to cover the whole 64-bit memory space; fixes erroneous extent allocation panic on IBM x3100.
1.91 bentley 87: <li><a href="https://man.openbsd.org/ulpt.4">ulpt(4)</a> can now upload firmware to certain HP LaserJet printers.
1.29 sthen 88: <li>Added stat clock to Loongson machines, improving accuracy of CPU usage statistics.
89: <li>CPU throttling supported on Loongson 2F.
1.91 bentley 90: <li>Support for Apple UniNorth and U3 AGP added to <a href="https://man.openbsd.org/agp.4">agp(4)</a>.
1.29 sthen 91: <li>DRM support for macppc.
1.1 sthen 92: </ul>
93: <p>
94:
95: <li>Generic network stack improvements:
96: <ul>
1.91 bentley 97: <li>Restriction on writing to <a href="https://man.openbsd.org/trunk.4">trunk(4)</a> member interfaces relaxed; BPF can now write to interfaces directly (useful for LLDP).
98: <li>UDP support added to <a href="https://man.openbsd.org/sosplice.9">sosplice(9)</a> (zero-copy socket splicing).
99: <li>IPv6 autoconfprivacy is enabled by default (can be disabled per-interface with an <a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a> flag).
100: <li><a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a> <code>hwfeatures</code> displays the maximum MTU supported by the driver (indicating support for jumbo/baby-jumbo frames).
1.34 mikeb 101: <li>Vastly improved IPsec v3 compatibility, including support for Extended Sequence Numbers in the AES-NI driver for AES-GCM and other modes.
1.1 sthen 102: </ul>
103: <p>
104:
105: <li>Routing daemons and other userland network improvements:
106: <ul>
1.91 bentley 107: <li>OpenBSD now includes <a href="https://man.openbsd.org/npppd.8">npppd(8)</a>, a server-side daemon for L2TP, L2TP/IPsec, PPTP and PPPoE.
108: <li>New standalone <a href="https://man.openbsd.org/tftp-proxy.8">tftp-proxy(8)</a> to replace the old <a href="https://man.openbsd.org/inetd.8">inetd(8)</a>-based implementation.
109: <li>SNMPv3 supported in <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>.
110: <li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> is more tolerant of unknown capabilities when bringing up a session (logs a warning rather than fails).
111: <li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> now handles client side of "graceful restart".
112: <li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> can now filter based on the NEXTHOP attribute.
113: <li>A stratum can now be assigned to hardware sensors in <a href="https://man.openbsd.org/ntpd.8">ntpd(8)</a>.
114: <li><a href="https://man.openbsd.org/authpf.8">authpf(8)</a> now supports the use of per-group rules files.
115: <li><a href="https://man.openbsd.org/ftp.1">ftp(1)</a> client now supports basic HTTP authentication as per RFC 2617 and 3986 like "ftp http[s]://user:pass@host/file".
116: <li><a href="https://man.openbsd.org/ftp.1">ftp(1)</a> client's mput command allows to upload a directory tree recursively using the -r switch.
117: <li><a href="https://man.openbsd.org/relayd.8">relayd(8)</a> has various improvements including additional scheduling algorithms (least-states, for redirections, and random/source-hash, for relays).
118: <li>The <a href="https://man.openbsd.org/iked.8">iked(8)</a> IKEv2 daemon supports NAT-T. (The isakmpd daemon for IKEv1 has supported this for a long time).
119: <li><a href="https://man.openbsd.org/iked.8">iked(8)</a> blocks IPv6 traffic unless there are v6 VPN flows; this is to prevent leakages as described in <a href="http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages">draft-gont-opsec-vpn-leakages</a>.
1.1 sthen 120: </ul>
121: <p>
122:
1.91 bentley 123: <li><a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a> improvements:
1.40 krw 124: <ul>
125: <li>dhclient-script eliminated, all configuration is done with ioctl's and routing sockets.
126: <li>interface configuration is much faster.
1.91 bentley 127: <li>HUP signals cause dhclient to restart; making it re-read the <a href="https://man.openbsd.org/dhclient.conf.5">dhclient.conf(5)</a> and <a href="https://man.openbsd.org/resolv.conf.tail.5">resolv.conf.tail(5)</a> files, and obtain a new lease.
1.40 krw 128: <li>INIT, USR1, USR2 signals cause dhclient to exit after attempting to remove routes and addresses it configured.
1.91 bentley 129: <li><a href="https://man.openbsd.org/resolv.conf.5">resolv.conf(5)</a> is written only when the in-use default route was inserted by dhclient. Possible changes to the default route are detected and cause dhclient to write out resolv.conf when appropriate.
1.49 sthen 130: <li>interface hardware address changes are detected and cause dhclient to restart.
1.40 krw 131: <li>dhclient.conf directive 'ignore' and command line option '-i' added, allowing the suppression of specific options offered by server.
132: <li>'-L' command line option added, allowing the creation of a complete record of the most recent offer and what we modified it to when binding the lease.
133: <li>rejected offers no longer prevent dhclient from trying recorded leases and going daemon.
134: <li>cleanup of routing tables when starting and exiting is more complete.
135: <li>log messages cleaned up and reduced.
136: <li>dhclient is automatically placed in the routing domain of the interface.
137: <li>incoming and outgoing packet buffers are separate, eliminating possible transmission of inappropriate packets when re-trying DISCOVER and REQUEST.
138: <li>resolv.conf.tail read only once, at startup.
139: <li>both OFFER and ACK packets that lack required options are rejected.
1.49 sthen 140: <li>file names passed to '-L' and '-l' are constrained to be regular files.
1.40 krw 141: <li>bind success reported after binding complete, not when it is started.
142: <li>privileged process daemonizes, eliminating its controlling terminal.
143: <li>STDIN/STDOUT/STDERR no longer redirected to /dev/null when '-d' specified.
144: <li>all existing addresses on the interface are deleted when binding a new lease.
145: <li>leases which would cause routing problems because another interface is already configured with the same subnet are rejected.
146: <li>premature and repeated DISCOVER and/or REQUEST messages at startup are avoided.
147: <li>permanent ARP cache entries are no longer deleted during binding.
1.49 sthen 148: <li>allow empty lists of option names for 'ignore', 'request', and 'require' dhclient.conf directives, so lists can be reset in interface declarations.
1.91 bentley 149: <li><a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a> and dhclient recognize the same list of dhcp options.
150: <li>hand-rolled IMSG implementation replaced with <a href="https://man.openbsd.org/imsg_init.3">imsg_init(3)</a> and related functions..
151: <li>hand-rolled date string construction replaced with <a href="https://man.openbsd.org/strftime.3">strftime(3)</a> invocations.
152: <li>hand-rolled '%m' option replaced with <a href="https://man.openbsd.org/strerror.3">strerror(3)</a> invocations.
1.40 krw 153: <li>many other internal code improvements.
154: </ul>
155: <p>
156:
1.91 bentley 157: <li><a href="https://man.openbsd.org/pf.4">pf(4)</a> improvements:
1.1 sthen 158: <ul>
1.91 bentley 159: <li> The <a href="https://man.openbsd.org/divert.4">divert(4)</a>
1.46 lteo 160: socket now supports the new IP_DIVERTFL socket option to control whether both inbound and outbound packets are diverted (the default) or only packets travelling in one direction.
1.52 sthen 161: <li>Sloppy state tracking (a special mode occasionally needed with asymmetric routing) now works correctly with ICMP.
162: <li>PF now restricts the fragment limit to protect against a misconfiguration running the kernel out of mbuf clusters.
1.1 sthen 163: </ul>
164: <p>
165:
1.48 gilles 166: <li>OpenSMTPD 5.3:
167: <ul>
168: <li>New features:
169: <ul>
170: <li>code is now considered stable and suitable for use in production.
1.91 bentley 171: <li><a href="https://man.openbsd.org/smtpctl.8">smtpctl(8)</a> <i>trace</i> supports runtime tracing of various components, including imsg exchanges, incoming and outgoing sessions, aliases expansion and much more.
172: <li><a href="https://man.openbsd.org/smtpctl.8">smtpctl(8)</a> <i>monitor</i> can now be used to monitor in real-time an instance of <a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a>.
173: <li><a href="https://man.openbsd.org/smtpctl.8">smtpctl(8)</a> <i>show queue</i> now supports an "online" mode where the scheduler is queried instead of the disk-based queue to provide more accurate information.
1.49 sthen 174: <li>virtual domain support has been reworked to simplify and bring support for new features like global catch-alls and shared user mappings.
1.48 gilles 175: <li>new table API replaces the map API: better handling of transient errors, improved performances and a much better interface.
176: <li>the transfer process may now select the source IP address to use as well as the HELO hostname to advertise from a table.
177: <li>each listener may advertise a different banner hostname.
1.91 bentley 178: <li>an alternate user database may be provided instead of relying on <a href="https://man.openbsd.org/getpwnam.3">getpwnam(3)</a>.
1.48 gilles 179: <li>users may now be authenticated using credentials from a table.
180: <li>incoming sessions can be tagged, allowing for rules to only match envelopes that have been reinjected in the daemon after being passed to a proxy tool.
181: <li>intermediate bounces are now sent at configurable rates.
182: <li>rules can now check for a sender email address or domain.
1.50 sthen 183: <li>experimental (yet functional) support for aldap and sqlite as table backends.
1.48 gilles 184: </ul>
185:
186: <li>Improvements:
187: <ul>
188: <li>improved logging format to make it both easier to read and parse.
189: <li>improved memory use by scheduler, smtp, queue and transfer processes.
190: <li>more reliable and efficient disk-based queue.
191: <li>improved scheduler, dns and relaying logic that optimizes transfers.
1.91 bentley 192: <li>simplified grammar for <a href="https://man.openbsd.org/smtpd.conf.5">smtpd.conf(5)</a>.
1.48 gilles 193: <li>initial support for client and server SSL peer certificates validation.
194: <li>SSL certificate tree is now isolated and network-facing processes request SSL information on-demand by imsg.
195: <li>improved and simplified SMTP and MTA engines.
196: <li>much improved performances on both incoming and outgoing code paths.
197: <li>tons of cleanup and assorted minor bug fixes.
198: </ul>
199: </ul>
200: <p>
201:
1.59 tedu 202: <li>Security improvements:
203: <ul>
204: <li>Position-independent executables (PIE) are now used <b>by default</b> on alpha, amd64, hppa, landisk, loongson, sgi and sparc64.
1.91 bentley 205: <li><a href="https://man.openbsd.org/gcc.1">gcc(1)</a> stack smashing protector added for Alpha and MIPS (enabled by default).
1.59 tedu 206: <li>Shared libraries on GCC 4 platforms now each get their own stack protector cookies instead of sharing a single global cookie.
207: </ul>
208: <p>
209:
210: <li>Performance improvements:
211: <ul>
212: <li>Switch default disk I/O sort algorithm to NSCAN for improved fairness and response times.
213: <li>Softdep speedup improvements by the revert of a previously necessary workaround to prevent kva starvation.
1.92 deraadt 214: <li>Large performance and reliability improvements in
1.91 bentley 215: <a href="https://man.openbsd.org/make.1">make(1)</a>,
1.59 tedu 216: especially in parallel mode. make no longer does any busy waiting, it handles
217: concurrent targets correctly, and displays more accurate error messages.
218: <li>Increased stack alignment in constructor functions and new threads on i386 to meet requirements for SSE.
219: <li>Coredumping no longer hogs CPU or I/O and can be aborted by sending the process a SIGKILL signal.
220: </ul>
221: <p>
222:
223: <li>Threading improvements:
224: <ul>
225: <li>Threaded programs and libraries can now be linked with the POSIX-standard -lpthread flag instead of the OpenBSD-specific -pthread flag
1.91 bentley 226: <li><a href="https://man.openbsd.org/abort.3">abort(3)</a> and <a href="https://man.openbsd.org/raise.3">raise(3)</a> now direct the signal to the calling thread, as specified by POSIX.
227: <li>Whether a thread is currently executing on an alternate signal stack (c.f. <a href="https://man.openbsd.org/sigaltstack.2">sigaltstack(2)</a>) is now determined dynamically, so the stack can be reused if <a href="https://man.openbsd.org/siglongjmp.3">siglongjmp(3)</a> is used to exit the signal handler.
1.59 tedu 228: <li>libpthread now caches automatically allocated, default size thread stacks.
229: <li>Improvements in the handling of profiling, tracing, and %cpu calculation of threaded processes.
230: </ul>
231: <p>
232:
1.1 sthen 233: <li>Assorted improvements:
234: <ul>
1.91 bentley 235: <li><a href="https://man.openbsd.org/sparc64/ldomctl.8">ldomctl(8)</a>
1.9 sthen 236: was added to manage logical domains on sun4v systems through
1.91 bentley 237: <a href="https://man.openbsd.org/sparc64/ldomd.8">ldomd(8)</a>.
1.29 sthen 238: <li>Support for WPA Enterprise was added to the wpa_supplicant package.
1.91 bentley 239: <li>OpenBSD/luna88k and OpenBSD/mvme88k have switched to GCC 3, <a href="https://man.openbsd.org/elf.5">elf(5)</a> and gained shared library support.
240: <li>OpenBSD/hp300 and OpenBSD/mvme68k have switched to GCC 3 and <a href="https://man.openbsd.org/elf.5">elf(5)</a>.
241: <li><a href="https://man.openbsd.org/softraid.4">softraid(4)</a> RAID1 and crypto volumes are now bootable on i386 and amd64 (full disk encryption).
242: <li>The <a href="https://man.openbsd.org/mg.1">mg(1)</a>
243: emacs-like editor now supports <code>diff-buffer-with-file</code>, <code>make-directory</code> and <code>revert-buffer</code>.
1.43 lum 244: Column numbers have been made configurable and locale is respected for ctype purposes, like displaying ISO Latin 1 characters.
1.91 bentley 245: <li>Improved our own <a href="https://man.openbsd.org/pkg-config.1">pkg-config(1)</a>
1.7 sthen 246: implementation to make it compatible with freedesktop.org's 0.27.1 release.
1.29 sthen 247: <li>A number of improvements to the buffer cache and page daemon interactions to avoid issues in low memory/low kva situations.
1.16 beck 248: <li>Various bug fixes in uvm to avoid potential races and deadlock issues.
1.29 sthen 249: <li>Memory filesystem (mfs) switched to bufq, giving us queue limits and FIFO queueing (rather than the current LIFO queueing).
1.91 bentley 250: <li>Many improvements to the <a href="https://man.openbsd.org/cwm.1">cwm(1)</a> window manager,
1.29 sthen 251: including tab completion and Xft support for menus, improved Xinerama support, and per-group vertical/horizontal manual tiling support.
1.91 bentley 252: <li>Added <a href="https://man.openbsd.org/dprintf.3">dprintf(3)</a>, <a href="https://man.openbsd.org/grantpt.3">grantpt(3)</a>, <a href="https://man.openbsd.org/posix_openpt.3">posix_openpt(3)</a>, <a href="https://man.openbsd.org/ptsname.3">ptsname(3)</a>, <a href="https://man.openbsd.org/unlockpt.3">unlockpt(3)</a>, and <a href="https://man.openbsd.org/vdprintf.3">vdprintf(3)</a>.
1.32 guenther 253: <li>Corrected the order of invocation of constructor and destruction functions.
254: <li>Improved compliance and/or cleanliness of header files, particularly
255: <dlfcn.h>, <netdb.h>, <net/if.h>,
256: <netinet/in.h>, <sys/socket.h>, <sys/uio.h>,
257: and <sys/un.h>.
1.1 sthen 258: </ul>
259: <p>
260:
261: <li>OpenSSH 6.2:
262: <ul>
263: <li>New features:
264: <ul>
1.91 bentley 265: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.37 sobrado 266: and
1.91 bentley 267: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
1.37 sobrado 268: Added support for AES-GCM authenticated encryption in SSH protocol 2.
269: The new cipher is available as "aes128-gcm@openssh.com" and
270: "aes256-gcm@openssh.com". It uses an identical packet format to the
271: AES-GCM mode specified in RFC 5647, but uses simpler and different
272: selection rules during key exchange.
1.91 bentley 273: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.37 sobrado 274: and
1.91 bentley 275: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
1.37 sobrado 276: Added support for encrypt-then-mac (EtM) MAC modes for SSH protocol 2.
277: These modes alter the packet format and compute the MAC over the
278: packet length and encrypted packet rather than over the plaintext
279: data. These modes are considered more secure and are used by default
280: when available.
1.91 bentley 281: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.37 sobrado 282: and
1.91 bentley 283: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
1.37 sobrado 284: Added support for the UMAC-128 MAC as "umac-128@openssh.com" and
285: "umac-128-etm@openssh.com". The latter being an encrypt-then-mac mode.
1.91 bentley 286: <li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
1.37 sobrado 287: Added support for multiple required authentication in SSH protocol 2
1.91 bentley 288: via an <code>AuthenticationMethods</code> option. This option lists one
1.37 sobrado 289: or more comma-separated lists of authentication method names.
290: Successful completion of all the methods in any list is required for
291: authentication to complete. This allows, for example, requiring a
292: user having to authenticate via public key or GSSAPI before they are
293: offered password authentication.
1.91 bentley 294: <li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>
1.37 sobrado 295: and
1.91 bentley 296: <a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>:
1.37 sobrado 297: Added support for Key Revocation Lists (KRLs), a compact binary
298: format to represent lists of revoked keys and certificates that take
299: as little as one bit per certificate when revoking by serial number.
300: KRLs may be generated using
1.91 bentley 301: <a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>
1.37 sobrado 302: and are loaded into
1.91 bentley 303: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>
304: via the existing <code>RevokedKeys</code>
305: <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>
1.37 sobrado 306: option.
1.91 bentley 307: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
308: <code>IdentitiesOnly</code> now applies to keys obtained from a
1.37 sobrado 309: PKCS11Provider. This allows control of which keys are offered from
1.91 bentley 310: tokens using <code>IdentityFile</code>.
311: <li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
312: <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>'s
313: AllowTcpForwarding now accepts "<code>local</code>" and "<code>remote</code>"
314: in addition to its previous "<code>yes</code>"/"<code>no</code>" keywords to
1.37 sobrado 315: allow the server to specify whether just local or remote TCP
316: forwarding is enabled.
1.91 bentley 317: <li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
1.37 sobrado 318: Added a
1.91 bentley 319: <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>
320: option <code>AuthorizedKeysCommand</code> to support fetching
1.37 sobrado 321: authorized_keys from a command in addition to (or instead of) from
322: the filesystem. The command is run under an account specified by an
1.91 bentley 323: <code>AuthorizedKeysCommandUser</code>
324: <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>
1.37 sobrado 325: option.
1.91 bentley 326: <li><a href="https://man.openbsd.org/sftp-server.8">sftp-server(8)</a>:
327: Now supports a <code>-d</code> option to allow the starting directory to
1.37 sobrado 328: be something other than the user's home directory.
1.91 bentley 329: <li><a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>:
1.37 sobrado 330: Now allows fingerprinting of keys hosted in PKCS#11 tokens using
331: "ssh-keygen -lD pkcs11_provider".
1.91 bentley 332: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
1.37 sobrado 333: When SSH protocol 2 only is selected (the default),
1.91 bentley 334: <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.37 sobrado 335: now immediately sends its SSH protocol banner to the server without
336: waiting to receive the server's banner, saving time when connecting.
1.91 bentley 337: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
338: Added <code>~v</code> and <code>~V</code> escape sequences to raise and lower
1.37 sobrado 339: the logging level respectively.
1.91 bentley 340: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
341: Made the escape command help (<code>~?</code>) context sensitive so that
1.37 sobrado 342: only commands that will work in the current session are shown.
1.91 bentley 343: <li><a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>:
1.37 sobrado 344: When deleting host lines from known_hosts using "ssh-keygen -R host",
1.91 bentley 345: <a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>
1.37 sobrado 346: now prints details of which lines were removed.
1.1 sthen 347: </ul>
348: <li>The following significant bugs have been fixed in this release:
349: <ul>
1.91 bentley 350: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
1.37 sobrado 351: Force a clean shutdown of ControlMaster client sessions when the
1.91 bentley 352: <code>~.</code> escape sequence is used. This means that <code>~.</code>
1.37 sobrado 353: should now work in mux clients even if the server is no longer
354: responding.
1.91 bentley 355: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
1.37 sobrado 356: Correctly detect errors during local TCP forward setup in multiplexed
357: clients. (bz#2055)
1.91 bentley 358: <li><a href="https://man.openbsd.org/ssh-add.1">ssh-add(1)</a>:
1.37 sobrado 359: Made deleting explicit keys "ssh-add -d" symmetric with adding keys
360: with respect to certificates. It now tries to delete the
1.91 bentley 361: corresponding certificate and respects the <code>-k</code> option to
1.37 sobrado 362: allow deleting of the key only.
1.91 bentley 363: <li><a href="https://man.openbsd.org/sftp.1">sftp(1)</a>:
1.37 sobrado 364: Fix a number of parsing and command-editing bugs, including bz#1956.
1.91 bentley 365: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
366: When muxmaster is run with <code>-N</code>, ensure that it shuts down
1.37 sobrado 367: gracefully when a client sends it "-O stop" rather than hanging
368: around. (bz#1985)
1.91 bentley 369: <li><a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>:
1.37 sobrado 370: When screening moduli candidates, append to the file rather than
371: overwriting to allow resumption. (bz#1957)
1.91 bentley 372: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
1.37 sobrado 373: Record "Received disconnect" messages at ERROR rather than INFO
374: priority. (bz#2057)
1.91 bentley 375: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
1.37 sobrado 376: Loudly warn if explicitly-provided private key is unreadable.
377: (bz#1981)
1.1 sthen 378: </ul>
379: </ul>
380: <p>
381:
1.92 deraadt 382: <li>Over 7,800 ports, major performance and stability improvements in
1.1 sthen 383: the package build process
384: <ul>
1.28 espie 385: <li>The parallel ports builder is more efficient. The main improvement is
386: that dpb consumes much less cpu on busy boxes, but there are lots of small
387: optimizations that amount to a large performance increase:
1.92 deraadt 388: dpb can now build selected large ports using parallel make, and it
389: has a notion of affinity, so that ports failing on a cluster will be
1.29 sthen 390: preferentially restarted on the same machine.
1.1 sthen 391: </ul>
392: <p>
393: <li>Many pre-built packages for each architecture:
1.91 bentley 394: <ul style="column-count: 4">
1.38 deraadt 395: <li>i386: 7670
396: <li>sparc64: 6756
1.64 deraadt 397: <li>alpha: 6151
1.71 pirofti 398: <li>sh: 1111
1.54 deraadt 399: <li>amd64: 7632
1.63 deraadt 400: <li>powerpc: 7215
1.70 sthen 401: <li>sparc: 4635
1.72 sthen 402: <li>arm: 4944
1.56 deraadt 403: <li>hppa: 6401
1.68 sebastia 404: <li>vax: 2081
1.56 deraadt 405: <li>mips64: 6519
1.60 sthen 406: <li>mips64el: 6539
1.91 bentley 407: </ul>
1.1 sthen 408: <p>
409:
410: <li>Some highlights:
411: <ul>
412: <li>GNOME 3.6.2 <li>KDE 3.5.10
413: <li>Xfce 4.10 <li>MySQL 5.1.68
1.13 sthen 414: <li>PostgreSQL 9.2.3 <li>Postfix 2.9.6
1.1 sthen 415: <li>OpenLDAP 2.3.43 and 2.4.33 <li>Mozilla Firefox 3.6.28 and 18.0.2
416: <li>Mozilla Thunderbird 17.0.2 <li>GHC 7.4.2
417: <li>LibreOffice 3.6.5.2 <li>Emacs 21.4 and 24.2
418: <li>Vim 7.3.154 <li>PHP 5.2.17 and 5.3.21
1.39 lteo 419: <li>Python 2.5.4, 2.7.3 and 3.2.3 <li>Ruby 1.8.7.370 and 1.9.3.392
1.1 sthen 420: <li>Tcl/Tk 8.5.13 and 8.6.0 <li>Jdk 1.6.0.32 and 1.7.0.11
421: <li>Mono 2.10.9 <li>Chromium 24.0.1312.68
422: <li>Groff 1.21 <li>Go 1.0.3
423: <li>GCC 4.6.3 and 4.7.2 <li>LLVM/Clang 3.2
424: </ul>
425: <p>
426:
427: <li>As usual, steady improvements in manual pages and other documentation.
428: <p>
429:
430: <li>The system includes the following major components from outside suppliers:
431: <ul>
1.12 matthieu 432: <li>Xenocara (based on X.Org 7.7 with xserver 1.12.3 + patches,
1.2 sthen 433: freetype 2.4.11, fontconfig 2.8.0, Mesa 7.11.2, xterm 287,
434: xkeyboard-config 2.7 and more)
1.33 jsg 435: <li>Gcc 4.2.1 (+patches), 3.3.6 (+ patches) and 2.95.3 (+ patches)
1.1 sthen 436: <li>Perl 5.12.2 (+ patches)
437: <li>Our improved and secured version of Apache 1.3, with
438: SSL/TLS and DSO support
1.2 sthen 439: <li>Nginx 1.2.6 (+ patches)
440: <li>OpenSSL 1.0.1c (+ patches)
441: <li>SQLite 3.7.14.1 (+ patches)
442: <li>Sendmail 8.14.6, with libmilter
1.1 sthen 443: <li>Bind 9.4.2-P2 (+ patches)
1.31 sthen 444: <li>NSD 3.2.15
1.1 sthen 445: <li>Lynx 2.8.7rel.2 with HTTPS and IPv6 support (+ patches)
446: <li>Sudo 1.7.2p8
447: <li>Ncurses 5.7
448: <li>Heimdal 0.7.2 (+ patches)
449: <li>Binutils 2.15 (+ patches)
450: <li>Gdb 6.3 (+ patches)
451: <li>Less 444 (+ patches)
452: <li>Awk Aug 10, 2011 version
453: </ul>
454: </ul>
1.91 bentley 455: </section>
1.1 sthen 456:
457: <hr>
1.91 bentley 458:
459: <section id=install>
460: <h3>How to install</h3>
1.1 sthen 461: <p>
462: Following this are the instructions which you would have on a piece of
463: paper if you had purchased a CDROM set instead of doing an alternate
464: form of install. The instructions for doing an FTP (or other style
465: of) install are very similar; the CDROM instructions are left intact
466: so that you can see how much easier it would have been if you had
467: purchased a CDROM instead.
468: <p>
469:
470: <hr>
471: Please refer to the following files on the three CDROMs or FTP mirror for
472: extensive details on how to install OpenBSD 5.3 on your machine:
473: <p>
474: <ul>
1.93 deraadt 475: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/i386/INSTALL.i386">
476: .../OpenBSD/5.3/i386/INSTALL.i386 (on CD1)</a>
1.1 sthen 477: <p>
1.93 deraadt 478: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/amd64/INSTALL.amd64">
479: .../OpenBSD/5.3/amd64/INSTALL.amd64 (on CD2)</a>
1.1 sthen 480: <p>
1.93 deraadt 481: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/sparc64/INSTALL.sparc64">
482: .../OpenBSD/5.3/sparc64/INSTALL.sparc64 (on CD3)</a>
1.1 sthen 483: <p>
1.93 deraadt 484: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/alpha/INSTALL.alpha">
485: .../OpenBSD/5.3/alpha/INSTALL.alpha</a>
486: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/armish/INSTALL.armish">
487: .../OpenBSD/5.3/armish/INSTALL.armish</a>
488: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/hp300/INSTALL.hp300">
489: .../OpenBSD/5.3/hp300/INSTALL.hp300</a>
490: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/hppa/INSTALL.hppa">
491: .../OpenBSD/5.3/hppa/INSTALL.hppa</a>
492: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/landisk/INSTALL.landisk">
493: .../OpenBSD/5.3/landisk/INSTALL.landisk</a>
494: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/loongson/INSTALL.loongson">
495: .../OpenBSD/5.3/loongson/INSTALL.loongson</a>
496: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/luna88k/INSTALL.luna88k">
497: .../OpenBSD/5.3/luna88k/INSTALL.luna88k</a>
498: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/macppc/INSTALL.macppc">
499: .../OpenBSD/5.3/macppc/INSTALL.macppc</a>
500: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/mvme68k/INSTALL.mvme68k">
501: .../OpenBSD/5.3/mvme68k/INSTALL.mvme68k</a>
502: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/mvme88k/INSTALL.mvme88k">
503: .../OpenBSD/5.3/mvme88k/INSTALL.mvme88k</a>
504: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/sgi/INSTALL.sgi">
505: .../OpenBSD/5.3/sgi/INSTALL.sgi</a>
506: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/socppc/INSTALL.socppc">
507: .../OpenBSD/5.3/socppc/INSTALL.socppc</a>
508: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/sparc/INSTALL.sparc">
509: .../OpenBSD/5.3/sparc/INSTALL.sparc</a>
510: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/vax/INSTALL.vax">
511: .../OpenBSD/5.3/vax/INSTALL.vax</a>
512: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.3/zaurus/INSTALL.zaurus">
513: .../OpenBSD/5.3/zaurus/INSTALL.zaurus</a>
1.1 sthen 514: </ul>
1.93 deraadt 515: </section>
516:
1.1 sthen 517: <hr>
518:
1.91 bentley 519: <section id=quickinstall>
520:
1.1 sthen 521: <p>
522: Quick installer information for people familiar with OpenBSD, and the
523: use of the "disklabel -E" command. If you are at all confused when
524: installing OpenBSD, read the relevant INSTALL.* file as listed above!
1.91 bentley 525:
526: <h3>OpenBSD/i386:</h3>
527:
1.1 sthen 528: <p>
529: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
530: release is on CD1. If your BIOS does not support booting from CD, you will need
531: to create a boot floppy to install from. To create a boot floppy write
532: <i>CD1:5.3/i386/floppy53.fs</i> to a floppy and boot via the floppy drive.
533:
534: <p>
535: Use <i>CD1:5.3/i386/floppyB53.fs</i> instead for greater SCSI controller
536: support, or <i>CD1:5.3/i386/floppyC53.fs</i> for better laptop support.
537:
538: <p>
539: If you can't boot from a CD or a floppy disk,
540: you can install across the network using PXE as described in
541: the included INSTALL.i386 document.
542:
543: <p>
544: If you are planning on dual booting OpenBSD with another OS, you will need to
545: read INSTALL.i386.
546:
547: <p>
548: To make a boot floppy under MS-DOS, use the "rawrite" utility located
549: at <i>CD1:5.3/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
550: use the
1.91 bentley 551: <a href="https://man.openbsd.org/dd.1">dd(1)</a>
1.1 sthen 552: utility. The following is an example usage of
1.91 bentley 553: <a href="https://man.openbsd.org/dd.1">dd(1)</a>,
1.1 sthen 554: where the device could be "floppy", "rfd0c", or
555: "rfd0a".
556:
1.91 bentley 557: <blockquote><pre>
1.93 deraadt 558: # <kbd>dd if=<file> of=/dev/<device> bs=32k</kbd>
1.91 bentley 559: </pre></blockquote>
1.1 sthen 560:
561: <p>
562: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
563: your install will most likely fail. For more information on creating a boot
564: floppy and installing OpenBSD/i386 please refer to
1.86 tj 565: <a href="faq/faq4.html#MkFlop">this page</a>.
1.91 bentley 566:
567: <h3>OpenBSD/amd64:</h3>
1.1 sthen 568:
569: <p>
570: The 5.3 release of OpenBSD/amd64 is located on CD2.
571: Boot from the CD to begin the install - you may need to adjust
572: your BIOS options first.
573: If you can't boot from the CD, you can create a boot floppy to install from.
574: To do this, write <i>CD2:5.3/amd64/floppy53.fs</i> to a floppy, then
575: boot from the floppy drive.
576:
577: <p>
578: If you can't boot from a CD or a floppy disk,
579: you can install across the network using PXE as described in the included
580: INSTALL.amd64 document.
581:
582: <p>
583: If you are planning to dual boot OpenBSD with another OS, you will need to
584: read INSTALL.amd64.
1.91 bentley 585:
586: <h3>OpenBSD/macppc:</h3>
1.1 sthen 587:
588: <p>
589: Burn the image from the FTP site to a CDROM, and poweron your machine
590: while holding down the <i>C</i> key until the display turns on and
591: shows <i>OpenBSD/macppc boot</i>.
592:
593: <p>
594: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
595: /5.3/macppc/bsd.rd</i>
1.91 bentley 596:
597: <h3>OpenBSD/sparc64:</h3>
1.1 sthen 598:
599: <p>
600: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
601:
602: <p>
603: If this doesn't work, or if you don't have a CDROM drive, you can write
604: <i>CD3:5.3/sparc64/floppy53.fs</i> or <i>CD3:5.3/sparc64/floppyB53.fs</i>
605: (depending on your machine) to a floppy and boot it with <i>boot
606: floppy</i>. Refer to INSTALL.sparc64 for details.
607:
608: <p>
609: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
610: will most likely fail.
611:
612: <p>
613: You can also write <i>CD3:5.3/sparc64/miniroot53.fs</i> to the swap partition on
614: the disk and boot with <i>boot disk:b</i>.
615:
616: <p>
617: If nothing works, you can boot over the network as described in INSTALL.sparc64.
1.91 bentley 618:
619: <h3>OpenBSD/alpha:</h3>
1.1 sthen 620:
621: <p>
1.93 deraadt 622: Write <i>5.3/alpha/floppy53.fs</i> or
623: <i>5.3/alpha/floppyB53.fs</i> (depending on your machine) to a diskette and
1.1 sthen 624: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
625:
626: <p>
627: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
628: will most likely fail.
629:
1.91 bentley 630: <h3>OpenBSD/armish:</h3>
1.1 sthen 631:
632: <p>
633: After connecting a serial port, Thecus can boot directly from the network
634: either tftp or http. Configure the network using fconfig, reset,
635: then load bsd.rd, see INSTALL.armish for specific details.
636: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
637: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
638: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
639: More details are available in INSTALL.armish.
640:
1.91 bentley 641: <h3>OpenBSD/hp300:</h3>
642:
1.1 sthen 643: <p>
644: Boot over the network by following the instructions in INSTALL.hp300.
1.91 bentley 645:
646: <h3>OpenBSD/hppa:</h3>
1.1 sthen 647:
648: <p>
649: Boot over the network by following the instructions in INSTALL.hppa or the
650: <a href="hppa.html#install">hppa platform page</a>.
651:
1.91 bentley 652: <h3>OpenBSD/landisk:</h3>
653:
1.1 sthen 654: <p>
655: Write <i>miniroot53.fs</i> to the start of the CF
656: or disk, and boot normally.
657:
1.91 bentley 658: <h3>OpenBSD/loongson:</h3>
659:
1.1 sthen 660: <p>
661: Write <i>miniroot53.fs</i> to a USB stick and boot bsd.rd from it
662: or boot bsd.rd via tftp.
663: Refer to the instructions in INSTALL.loongson for more details.
664:
1.91 bentley 665: <h3>OpenBSD/luna88k:</h3>
666:
1.1 sthen 667: <p>
668: Copy bsd.rd to a Mach or UniOS partition, and boot it from the PROM.
669: Alternatively, you can create a bootable tape and boot from it. Refer to
670: the instructions in INSTALL.luna88k for more details.
671:
1.91 bentley 672: <h3>OpenBSD/mvme68k:</h3>
673:
1.1 sthen 674: <p>
675: You can create a bootable installation tape or boot over the network.<br>
676: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
677: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
678: for more details.
1.91 bentley 679:
680: <h3>OpenBSD/mvme88k:</h3>
1.1 sthen 681:
682: <p>
683: You can create a bootable installation tape or boot over the network.<br>
684: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
685: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
686: for more details.
687:
1.91 bentley 688: <h3>OpenBSD/sgi:</h3>
689:
1.1 sthen 690: <p>
691: To install on an O2, burn cd53.iso on a CD-R, put it in the CD drive of your
692: machine and select <i>Install System Software</i> from the System Maintenance
693: menu.
694:
695: <p>
696: On other systems, or if your machine doesn't have a CD drive, you can
697: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using
698: the kernel matching your system type.
699: Refer to the instructions in INSTALL.sgi for more details.
700:
1.91 bentley 701: <h3>OpenBSD/socppc:</h3>
702:
1.1 sthen 703: <p>
704: After connecting a serial port, boot over the network via DHCP/tftp.
705: Refer to the instructions in INSTALL.socppc for more details.
1.91 bentley 706:
707: <h3>OpenBSD/sparc:</h3>
1.1 sthen 708:
709: <p>
710: Boot from one of the provided install ISO images, using one of the two
711: commands listed below, depending on the version of your ROM.
712:
1.91 bentley 713: <blockquote><pre>
714: ok <kbd>boot cdrom 5.3/sparc/bsd.rd</kbd>
1.1 sthen 715: or
1.91 bentley 716: > <kbd>b sd(0,6,0)5.3/sparc/bsd.rd</kbd>
717: </pre></blockquote>
1.1 sthen 718:
719: <p>
720: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
721: To do so you need to write <i>floppy53.fs</i> to a floppy.
1.86 tj 722: For more information see <a href="faq/faq4.html#MkFlop">this page</a>.
1.1 sthen 723: To boot from the floppy use one of the two commands listed below,
724: depending on the version of your ROM.
725:
1.91 bentley 726: <blockquote><pre>
727: ok <kbd>boot floppy</kbd>
1.1 sthen 728: or
1.91 bentley 729: > <kbd>b fd()</kbd>
730: </pre></blockquote>
1.1 sthen 731:
732: <p>
733: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
734: will most likely fail.
735:
736: <p>
737: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
738: setup a bootable tape, or install via network, as told in the
739: INSTALL.sparc file.
1.91 bentley 740:
741: <h3>OpenBSD/vax:</h3>
1.1 sthen 742:
743: <p>
744: Boot over the network via mopbooting as described in INSTALL.vax.
1.91 bentley 745:
746: <h3>OpenBSD/zaurus:</h3>
1.1 sthen 747:
748: <p>
749: Using the Linux built-in graphical ipkg installer, install the
750: openbsd53_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
751: for a few important details.
1.93 deraadt 752: </section>
1.91 bentley 753:
1.93 deraadt 754: <hr>
1.91 bentley 755:
756: <section id=sourcecode>
1.93 deraadt 757: <h3>Notes about the source code</h3>
1.1 sthen 758: <p>
1.95 ! deraadt 759: <code>src.tar.gz</code> contains a source archive starting at <code>/usr/src</code>.
! 760: This file contains everything you need except for the kernel sources, which are
1.1 sthen 761: in a separate archive. To extract:
1.91 bentley 762:
763: <blockquote><pre>
764: # <kbd>mkdir -p /usr/src</kbd>
765: # <kbd>cd /usr/src</kbd>
766: # <kbd>tar xvfz /tmp/src.tar.gz</kbd>
767: </pre></blockquote>
768:
1.1 sthen 769: <p>
1.95 ! deraadt 770: <code>sys.tar.gz</code> contains a source archive starting at <code>/usr/src/sys</code>.
1.1 sthen 771: This file contains all the kernel sources you need to rebuild kernels.
772: To extract:
1.91 bentley 773:
774: <blockquote><pre>
775: # <kbd>mkdir -p /usr/src/sys</kbd>
776: # <kbd>cd /usr/src</kbd>
1.93 deraadt 777: # <kbd>tar xvfz /tmp/sys.tar.gz</kbd>
1.91 bentley 778: </pre></blockquote>
779:
1.1 sthen 780: <p>
781: Both of these trees are a regular CVS checkout. Using these trees it
782: is possible to get a head-start on using the anoncvs servers as
783: described <a href="anoncvs.html">here</a>.
784: Using these files
785: results in a much faster initial CVS update than you could expect from
786: a fresh checkout of the full OpenBSD source tree.
1.91 bentley 787: </section>
788:
1.1 sthen 789: <hr>
1.91 bentley 790:
791: <section id=upgrade>
792: <h3>How to upgrade</h3>
1.1 sthen 793: <p>
794: If you already have an OpenBSD 5.2 system, and do not want to reinstall,
795: upgrade instructions and advice can be found in the
796: <a href="faq/upgrade53.html">Upgrade Guide</a>.
1.91 bentley 797: </section>
1.1 sthen 798:
799: <hr>
1.91 bentley 800:
801: <section id=ports>
802: <h3>Ports Tree</h3>
1.1 sthen 803: <p>
804: A ports tree archive is also provided. To extract:
1.91 bentley 805: <blockquote><pre>
806: # <kbd>cd /usr</kbd>
807: # <kbd>tar xvfz /tmp/ports.tar.gz</kbd>
808: </pre></blockquote>
1.1 sthen 809: <p>
810: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
811: read the <a href="faq/ports/index.html">ports</a> page
812: if you know nothing about ports
813: at this point. This text is not a manual of how to use ports.
814: Rather, it is a set of notes meant to kickstart the user on the
815: OpenBSD ports system.
816: <p>
817: The <i>ports/</i> directory represents a CVS (see the manpage for
1.94 bentley 818: <a href="https://man.openbsd.org/cvs.1">cvs(1)</a> if
1.1 sthen 819: you aren't familiar with CVS) checkout of our ports. As with our complete
1.17 rpe 820: source tree, our ports tree is available via
821: <a href="anoncvs.html">AnonCVS</a>.
822: So, in order to keep current with it, you must make the <i>ports/</i> tree
1.1 sthen 823: available on a read-write medium and update the tree with a command
824: like:
1.91 bentley 825: <blockquote><pre>
1.93 deraadt 826: # <kbd>cd /usr/ports</kbd>
827: # <kbd>cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_3</kbd>
1.91 bentley 828: </pre></blockquote>
1.1 sthen 829: <p>
1.67 rpe 830: [Of course, you must replace the server name here with a nearby anoncvs
1.1 sthen 831: server.]
832: <p>
1.93 deraadt 833: Note that most ports are available as packages on our mirrors. Updated
1.1 sthen 834: packages for the 5.3 release will be made available if problems arise.
835: <p>
836: If you're interested in seeing a port added, would like to help out, or just
837: would like to know more, the mailing list
838: <a href="mail.html">ports@openbsd.org</a> is a good place to know.
1.91 bentley 839: </section>
![[BACK]](/icons/back.gif){kind=icon}
Return to 53.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www