Annotation of www/55.html, Revision 1.26
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
1.14 deraadt 4: <title>OpenBSD 5.5</title>
1.1 deraadt 5: <meta name="resource-type" content="document">
6: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
7: <meta name="description" content="OpenBSD 5.5">
8: <meta name="keywords" content="openbsd,main">
9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 2013 by OpenBSD.">
11: </head>
12:
13: <body bgcolor="#ffffff" text="#000000" link="#24248E">
14:
15: <a href="index.html">
16: <img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
17: <hr>
18:
19: <p>
1.22 deraadt 20: <a href="images/McFishy.jpg">
21: <img align="left" width="227" height="343" hspace="24" src="images/McFishy.jpg"></a>
1.14 deraadt 22: <h2><font color="#0000e0">OpenBSD 5.5</font></h2>
1.1 deraadt 23: <p>
1.14 deraadt 24: To be released May 1, 2014<br>
1.1 deraadt 25: Copyright 1997-2014, Theo de Raadt.<br>
26: <font color="#e00000">ISBN 978-0-9881561-3-5</font>
27: <br>
28: <a href="lyrics.html#55">5.5 Song: "Wrap in Time"</a>
29: <p>
30:
31: <ul>
32: <li>Order a CDROM from our <a href="orders.html">ordering system</a>.
33: <li>See the information on <a href="ftp.html">The FTP page</a> for
34: a list of mirror machines.
35: <li>Go to the <font color="#e00000">pub/OpenBSD/5.5/</font> directory on
36: one of the mirror sites.
37: <li>Briefly read the rest of this document.
38: <li>Have a look at <a href="errata55.html">The 5.5 Errata page</a> for a list
39: of bugs and workarounds.
40: <li>See a <a href="plus55.html">detailed log of changes</a> between the
41: 5.4 and 5.5 releases.
42: </ul>
43: <br clear=all>
1.14 deraadt 44: <p>
45: All applicable copyrights and credits can be found in the applicable
46: file sources found in the files src.tar.gz, sys.tar.gz,
47: xenocara.tar.gz, or in the files fetched via ports.tar.gz. The
48: distribution files used to build packages from the ports.tar.gz file
49: are not included on the CDROM because of lack of space.
1.1 deraadt 50: <p>
51:
52: <a name="new"></a>
53: <hr>
54: <p>
55: <h3><font color="#0000e0">What's New</font></h3>
56: <p>
57: This is a partial list of new features and systems included in OpenBSD 5.5.
58: For a comprehensive list, see the <a href="plus55.html">changelog</a> leading
59: to 5.5.
60: <p>
61:
62: <ul>
1.24 guenther 63: <li>time_t is now 64 bits on all platforms.
64: While many filesystems are limited to 32 bits and thus cannot be
65: used to store times after Tue Jan 19 03:14:07 2038 UTC,
66: most system operations can now support times after that.
1.15 tedu 67: <li>Releases and packages are now cryptographically signed with the
1.10 tedu 68: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=signify&sektion=1">signify(1)</a> utility.
69: <ul>
70: <li>The installer will verify all sets before installing.
1.23 deraadt 71: <li>Installing without verification works, but is discouraged.
72: <li>Users are advised to verify the installer (bsd.rd, install55.iso, etc.)
73: ahead of time using the
1.25 deraadt 74: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=signify&sektion=1#end">signify(1)</a> tool if available.
1.23 deraadt 75: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_add&sektion=1">pkg_add(1)</a> now trusts signed packages only by default.
1.10 tedu 76: </ul>
77: <p>
78:
1.8 tedu 79: <li>New/extended platforms:
1.1 deraadt 80: <ul>
81: <li>...
82: </ul>
83: <p>
84:
85: <li>Improved hardware support, including:
86: <ul>
1.5 jsg 87: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmx&sektion=4">vmx(4)</a>
88: driver for VMware VMXNET3 Virtual Interface Controller devices.
89: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmwpvs&sektion=4">vmwpvs(4)</a>
90: driver for VMware Paravirtual SCSI.
91: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vioscsi&sektion=4">vioscsi(4)</a>
92: driver for VirtIO SCSI adapters.
93: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=viornd&sektion=4">viornd(4)</a>
94: driver for VirtIO random number devices.
95: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubcmtp&sektion=4">ubcmtp(4)</a>
96: driver for Broadcom multi-touch trackpads.
97: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ugold&sektion=4">ugold(4)</a>
98: driver for TEMPer gold HID thermometers.
99: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ugl&sektion=4">ugl(4)</a>
100: driver for Genesys Logic based USB host-to-host adapters.
101: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=radeondrm&sektion=4">radeondrm(4)</a>
102: has been overhauled, including:
103: <ul>
104: <li>New port of the Radeon code in Linux 3.8.13.19.
105: <li>Support for Kernel Mode Setting (KMS) including support for
106: additional output types such as DisplayPort.
107: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wsdisplay&sektion=4">wsdisplay(4)</a>
108: now attaches to
109: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=radeondrm&sektion=4">radeondrm(4)</a>
110: and provides a framebuffer console.
111: </ul>
112: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=inteldrm&sektion=4">inteldrm(4)</a>
1.20 sthen 113: has been updated to Linux 3.8.13.19 notably bringing Haswell stability fixes.
1.5 jsg 114: <li>Support for Intel 8 Series Ethernet with i217/i218 PHYs, and
115: i210/i211/i354 has been added to
116: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=em&sektion=4">em(4)</a>.
117: <li>Support for Intel Centrino Wireless-N 2200, 2230 and 105/135 has been added to
118: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=iwn&sektion=4">iwn(4)</a>.
1.1 deraadt 119: </ul>
120: <p>
121:
122: <li>Generic network stack improvements:
123: <ul>
1.17 jsg 124: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vxlan&sektion=4">vxlan(4)</a>
125: a virtual extensible local area network tunnel interface.
1.19 florian 126: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pflow&sektion=4">pflow(4)</a>
127: sends 64 bit time values for pflowproto 10. The changed templates /
128: flows for pflowproto 10 are now parseable by existing receivers.
1.1 deraadt 129: <li>...
130: </ul>
131: <p>
132:
133: <li>Routing daemons and other userland network improvements:
134: <ul>
1.13 tedu 135: <li>The popa3d POP3 server has been removed.
1.17 jsg 136: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ntpctl&sektion=8">ntpctl(8)</a>
137: a program to control the Network Time Protocol daemon.
1.19 florian 138: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slowcgi&sektion=8">slowcgi(8)</a>
139: now works with a high number of concurrent connections.
1.1 deraadt 140: </ul>
141: <p>
142:
1.7 deraadt 143: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a> improvements:
1.1 deraadt 144: <ul>
145: <li>...
146: </ul>
147: <p>
148:
1.17 jsg 149: <li>OpenSMTPD 5.4.2:
1.1 deraadt 150: <ul>
151: <li>...
152: </ul>
153: <p>
154:
1.16 jsg 155: <li>Security improvements:
156: <ul>
1.23 deraadt 157: <li>Position-independent executables (PIE) are now used by default on i386.
1.17 jsg 158: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3">arc4random(3)</a>
159: functions now use the ChaCha20 cipher.
1.18 tedu 160: <li>The kernel random number system is initially seeded by the bootloader,
161: providing better random very early.
1.17 jsg 162: <li>-Wbounded is now enabled in GCC by default.
163: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=explicit_bzero&sektion=3">explicit_bzero(3)</a>.
1.16 jsg 164: </ul>
165: <p>
166:
1.1 deraadt 167: <li>Performance improvements:
168: <ul>
1.11 tedu 169: <li>Relations between the buffer cache and swap daemon have been improved.
1.1 deraadt 170: </ul>
171: <p>
172:
173: <li>Threading improvements:
174: <ul>
1.12 tedu 175: <li>Interprocess semaphores via <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sem_open&sektion=3">sem_open(3)</a>.
1.26 ! guenther 176: <li>Running threaded processes under a debugger no longer causes panics.
! 177: <li>SIGPROF and SIGVTALRM are now reliably delivered to the thread that was running when they were triggered.
! 178: <li>Thread stacks now have a random bias.
! 179: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fork&sektion=2">fork(2)</a> no longer changes the pthread_t of the forking thread in the child.
! 180: <li>Signaling races eliminated from <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pthread_kill&sektion=3">pthread_kill(3)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pthread_cancel&sektion=3">pthread_cancel(3)</a>.
1.1 deraadt 181: </ul>
182: <p>
183:
184: <li>Assorted improvements:
185: <ul>
1.23 deraadt 186: <li>New in-memory file system, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mount_tmpfs&sektion=8">tmpfs</a>
1.12 tedu 187: <li>POSIX required <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nl&sektion=1">nl(1)</a> utility.
1.16 jsg 188: <li>OpenBSD/vax has switched to GCC 3.
1.26 ! guenther 189: <li>Replaced <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getdirentries&sektion=2&manpath=OpenBSD+5.4">getdirentries(2)</a> with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getdents&sektion=2">getdents(2)</a>, vastly improving the performance and memory usage of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=telldir&sektion=3">telldir(3)</a>.
! 190: <li>amd64 and i386 now use the MWAIT instruction for their idle loop where available to reduce latency.
! 191: <li>Added CLOCK_UPTIME.
! 192: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcgetsid&sektion=3">tcgetsid(3)</a>.
! 193: <li>clock_t is now a 64 bit type, so it no longer wraps around in only 248 days.
! 194: <li>ino_t is now a 64 bit type, mostly to support large NFS filesystems.
! 195: <li>Corrected handling of UTIME_OMIT.
! 196: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pax&sektion=1">pax</a> now sets the mode and timestamps correctly on symlinks, and makes hardlinks to symlinks when requested.
! 197: <li>Corrected handling of shared-library destructors when libc is staticly linked.
1.1 deraadt 198: </ul>
199: <p>
200:
1.3 sobrado 201: <li>OpenSSH 6.6 (including changes to 6.5, a feature-focused release):
1.1 deraadt 202: <ul>
1.3 sobrado 203: <li>Security:
1.1 deraadt 204: <ul>
1.3 sobrado 205: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
206: when using environment passing with a
207: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
208: <tt>AcceptEnv</tt> pattern with a wildcard. OpenSSH prior to 6.6 could
209: be tricked into accepting any enviornment variable that contains the
210: characters before the wildcard character.
211: </ul>
212: <li>New/changed features:
213: <ul>
214: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
215: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
216: Add support for key exchange using <i>elliptic-curve Diffie Hellman</i>
217: in Daniel Bernstein's <i>Curve25519</i>. This key exchange method is
218: the default when both the client and server support it.
219: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
220: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
221: Add support for <i>ED25519</i> as a public key type. ED25519 is
222: a elliptic curve signature scheme that offers better security than
223: <i>ECDSA</i> and <i>DSA</i> and good performance. It may be used for
224: both <i>user</i> and <i>host</i> keys.
225: <li>Add a new private key format that uses a <i>bcrypt KDF</i> to better
226: protect keys at rest. This format is used unconditionally for
227: ED25519 keys, but may be requested when generating or saving
228: existing keys of other types via the <tt>-o</tt>
229: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>
230: option. We intend to make the new format the default in the near
231: future. Details of the new format are in the <tt>PROTOCOL.key</tt>
232: file.
233: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
234: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
235: Add a new transport cipher "chacha20-poly1305@openssh.com" that
236: combines Daniel Bernstein's <i>ChaCha20</i> stream cipher and
237: <i>Poly1305 MAC</i> to build an authenticated encryption mode. Details
238: are in the <tt>PROTOCOL.chacha20poly1305</tt> file.
239: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
240: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
241: Refuse <i>RSA</i> keys from old proprietary clients and servers that
242: use the obsolete <i>RSA+MD5</i> signature scheme. It will still be
243: possible to connect with these clients/servers but <b>only DSA keys
244: will be accepted, and OpenSSH will refuse connection entirely in a
245: future release</b>.
246: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
247: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
248: Refuse old proprietary clients and servers that use a weaker key
249: exchange hash calculation.
250: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
251: Increase the size of the <i>Diffie-Hellman groups</i> requested for
252: each symmetric key size. New values from <i>NIST Special Publication
253: 800-57</i> with the upper limit specified by <i>RFC 4419</i>.
254: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
255: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a>:
256: Support <i>PKCS#11</i> tokens that only provide <i>X.509</i> certs
257: instead of raw public keys. (requested as bz#1908)
258: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
259: Add a
260: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
261: <tt>Match</tt> keyword that allows conditional configuration to be
262: applied by matching on <i>hostname</i>, <i>user</i> and <i>result of
263: arbitrary commands</i>.
264: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
265: Add support for <i>client-side hostname canonicalisation</i> using a
266: set of <i>DNS suffixes</i> and rules in
267: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>.
268: This allows unqualified names to be canonicalised to fully-qualified
269: domain names to eliminate ambiguity when looking up keys in
270: <tt>known_hosts</tt> or checking host certificate names.
271: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server&sektion=8">sftp-server(8)</a>:
272: Add the ability to whitelist and/or blacklist sftp protocol requests by
273: name.
274: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server&sektion=8">sftp-server(8)</a>:
275: Add a sftp "fsync@openssh.com" to support calling
276: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fsync&sektion=2">fsync(2)</a>
277: on an open file handle.
278: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
279: Add a
280: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
281: <tt>PermitTTY</tt> to disallow <i>TTY</i> allocation, mirroring the
282: longstanding <tt>no-pty</tt> <tt>authorized_keys</tt> option.
283: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
284: Add a
285: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
286: <tt>ProxyUseFDPass</tt> option that supports the use of
287: <tt>ProxyCommands</tt> that establish a connection and then pass a
288: connected file descriptor back to
289: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>.
290: This allows the <tt>ProxyCommand</tt> to exit rather than staying
291: around to transfer data.
292: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
293: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
294: this release removes the <i>J-PAKE</i> authentication code. This code
295: was experimental, never enabled and had been unmaintained for some
296: time.
297: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
298: when processing <tt>Match</tt> blocks, skip '<tt>exec</tt>' clauses
299: other clauses predicates failed to match.
300: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
301: if hostname canonicalisation is enabled and results in the destination
302: hostname being changed, then re-parse
303: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
304: files using the new destination hostname. This gives '<tt>Host</tt>'
305: and '<tt>Match</tt>' directives that use the expanded hostname a chance
306: to be applied.
1.1 deraadt 307: </ul>
308: <li>The following significant bugs have been fixed in this release:
309: <ul>
1.3 sobrado 310: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
311: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
312: Fix potential stack exhaustion caused by nested certificates.
313: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
314: make <tt>BindAddress</tt> work with <tt>UsePrivilegedPort</tt>.
315: (bz#1211)
316: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
317: fix the progress meter for resumed transfer. (bz#2137)
318: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-add&sektion=1">ssh-add(1)</a>:
319: do not request smartcard PIN when removing keys from
320: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a>.
321: (bz#2187)
322: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
323: fix re-exec fallback when original
324: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>
325: binary cannot be executed. (bz#2139)
326: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
327: Make relative-specified certificate expiry times relative to current
328: time and not the validity start time.
329: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
330: fix <tt>AuthorizedKeysCommand</tt> inside a <tt>Match</tt> block.
331: (bz#2161)
332: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
333: symlinking a file would incorrectly canonicalise the target path.
334: (bz#2129)
335: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a>:
336: fix a use-after-free in the PKCS#11 agent helper executable.
337: (bz#2175)
338: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
339: Improve logging of sessions to include the <i>user name</i>, <i>remote
340: host</i> and <i>port</i>, the <i>session type</i> (shell, command,
341: etc.) and <i>allocated TTY</i> (if any).
342: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
343: tell the client (via a debug message) when their preferred listen
344: address has been overridden by the server's <tt>GatewayPorts</tt>
345: setting. (bz#1297)
346: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
347: include report port in bad protocol banner message. (bz#2162)
348: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
349: fix memory leak in error path in <i>do_readdir()</i>. (bz#2163)
350: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
351: don't leak file descriptor on error. (bz#2171)
352: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
353: include the <i>local address</i> and <i>port</i> in "<tt>Connection
354: from ...</tt>" message. (only shown at <i>loglevel>=verbose</i>)
355: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
356: avoid spurious "<tt>getsockname failed: Bad file descriptor</tt>" in
357: <tt>ssh -W</tt>. (bz#2200, debian#738692)
358: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
359: allow the
360: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shutdown&sektion=2">shutdown(2)</a>
361: syscall in seccomp-bpf and systrace sandbox modes, as it is reachable
362: if the connection is terminated during the pre-auth phase.
363: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
364: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
365: fix unsigned overflow that in <i>SSH protocol 1 bignum parsing</i>.
366: Minimum key length checks render this bug unexploitable to compromise
367: SSH 1 sessions.
368: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
369: clarify behaviour of a keyword that appears in multiple matching
370: <tt>Match</tt> blocks. (bz#2184)
371: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
372: avoid unnecessary hostname lookups when canonicalisation is disabled.
373: (bz#2205)
374: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
375: avoid sandbox violation crashes in GSSAPI code by caching the supported
376: list of GSSAPI mechanism OIDs before entering the sandbox. (bz#2107)
377: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
378: fix possible crashes in SOCKS4 parsing caused by assumption that the
379: SOCKS username is nul-terminated.
380: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
381: fix regression for <tt>UsePrivilegedPort=yes</tt> when
382: <tt>BindAddress</tt> is not specified.
383: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
384: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
385: fix memory leak in ECDSA signature verification.
386: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
387: fix matching of '<tt>Host</tt>' directives in
388: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
389: files to be case-insensitive again. (regression in 6.5)
1.1 deraadt 390: </ul>
391: </ul>
392: <p>
393:
1.2 espie 394: <li>Major overhaul of the package tools:
1.1 deraadt 395: <ul>
1.23 deraadt 396: <li>Much better memory usage.
397: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_add&sektion=1">pkg_add(1)</a> now trusts signed packages only by default.
1.1 deraadt 398: </ul>
1.2 espie 399: <li>Over 8,700 ports
1.1 deraadt 400: <p>
1.2 espie 401: <li>The build process now allows some limited capability for
402: building conflicting packages, yielding kde4 packages as a result,
403: along with kde3.
1.1 deraadt 404: <li>Many pre-built packages for each architecture:
405: <table border=0 cellspacing=0 cellpadding=2 width="95%">
406: <tr>
407: <td valign="top" width="25%">
408: <ul>
409: <li>i386: 8468
1.6 deraadt 410: <li>sparc64: 7969
1.21 sthen 411: <li>alpha: 6199
1.1 deraadt 412: <li>m68k: XXXX
413: </ul></td><td valign=top width="25%"><ul>
414: <li>sh: XXXX
415: <li>amd64: 8534
416: <li>powerpc: 8057
417: <li>m88k: XXXX
418: </ul></td><td valign=top width="25%"><ul>
1.21 sthen 419: <li>sparc: 3992
1.1 deraadt 420: <li>arm: XXXX
421: <li>hppa: 6549
422: </ul></td><td valign=top width="25%"><ul>
423: <li>vax: XXXX
1.21 sthen 424: <li>mips64: 4726
425: <li>mips64el: 6730
1.1 deraadt 426: </ul></td></tr></table>
427: <p>
428:
429: <li>Some highlights:
430: <ul>
1.4 jsg 431: <li>GNOME 3.10.2 <li>KDE 3.5.10
1.2 espie 432: <li>KDE 4.11.5
1.4 jsg 433: <li>Xfce 4.10 <li>MySQL 5.1.73
434: <li>PostgreSQL 9.3.2 <li>Postfix 2.11.0
435: <li>OpenLDAP 2.3.43 and 2.4.38 <li>Mozilla Firefox 24.3 and 26.0
436: <li>Mozilla Thunderbird 24.3.0 <li>GHC 7.6.3
437: <li>LibreOffice 4.1.4.2 <li>Emacs 21.4 and 24.3
438: <li>Vim 7.4.135 <li>PHP 5.3.28 and 5.4.24
439: <li>Python 2.7.6 and 3.3.2 <li>Ruby 1.8.7.374, 1.9.3.484, 2.0.0.353 and 2.1.0
440: <li>Tcl/Tk 8.5.15 and 8.6.1 <li>JDK 1.6.0.32 and 1.7.0.21
1.2 espie 441: <li>Mono 2.10.9 <li>Chromium 32.0.1700.102
1.4 jsg 442: <li>Groff 1.22.2 <li>Go 1.2
443: <li>GCC 4.6.4 and 4.8.2 <li>LLVM/Clang 3.3
444: <li>Node.js 0.10.24
1.1 deraadt 445: </ul>
446: <p>
447:
448: <li>As usual, steady improvements in manual pages and other documentation.
449: <p>
450:
451: <li>The system includes the following major components from outside suppliers:
452: <ul>
1.4 jsg 453: <li>Xenocara (based on X.Org 7.7 with xserver 1.14.5 + patches,
454: freetype 2.5.2, fontconfig 2.10.91, Mesa 9.2.5, xterm 301,
455: xkeyboard-config 2.10.1 and more)
1.16 jsg 456: <li>Gcc 4.2.1 (+patches) and 3.3.6 (+ patches)
1.1 deraadt 457: <li>Perl 5.16.3 (+ patches)
458: <li>Our improved and secured version of Apache 1.3, with
459: SSL/TLS and DSO support
1.4 jsg 460: <li>Nginx 1.4.4 (+ patches)
1.1 deraadt 461: <li>OpenSSL 1.0.1c (+ patches)
1.4 jsg 462: <li>SQLite 3.8.0.2 (+ patches)
463: <li>Sendmail 8.14.8, with libmilter
1.1 deraadt 464: <li>Bind 9.4.2-P2 (+ patches)
1.4 jsg 465: <li>NSD 4.0.1
1.1 deraadt 466: <li>Lynx 2.8.7rel.2 with HTTPS and IPv6 support (+ patches)
467: <li>Sudo 1.7.2p8
468: <li>Ncurses 5.7
469: <li>Heimdal 1.5.2 (+ patches)
470: <li>Binutils 2.15 (+ patches)
471: <li>Gdb 6.3 (+ patches)
472: <li>Less 444 (+ patches)
473: <li>Awk Aug 10, 2011 version
474: </ul>
475:
476: </ul>
477:
478: <a name="install"></a>
479: <hr>
480: <p>
481: <h3><font color="#0000e0">How to install</font></h3>
482: <p>
483: Following this are the instructions which you would have on a piece of
484: paper if you had purchased a CDROM set instead of doing an alternate
485: form of install. The instructions for doing an FTP (or other style
486: of) install are very similar; the CDROM instructions are left intact
487: so that you can see how much easier it would have been if you had
488: purchased a CDROM instead.
489: <p>
490:
491: <hr>
492: Please refer to the following files on the three CDROMs or FTP mirror for
493: extensive details on how to install OpenBSD 5.5 on your machine:
494: <p>
495: <ul>
1.9 deraadt 496: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/i386/INSTALL.i386">
1.7 deraadt 497: .../OpenBSD/5.5/i386/INSTALL.i386 (on CD1)</a>
1.9 deraadt 498: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/vax/INSTALL.vax">
1.7 deraadt 499: .../OpenBSD/vax/INSTALL.vax (on CD1)</a>
500: <p>
1.9 deraadt 501: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/amd64/INSTALL.amd64">
1.7 deraadt 502: .../OpenBSD/amd64/INSTALL.amd64 (on CD2)</a>
1.9 deraadt 503: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/hppa/INSTALL.hppa">
1.7 deraadt 504: .../OpenBSD/hppa/INSTALL.hppa (on CD2)</a>
1.9 deraadt 505: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/macppc/INSTALL.macppc">
1.7 deraadt 506: .../OpenBSD/macppc/INSTALL.macppc (on CD2)</a>
507: <p>
1.9 deraadt 508: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/sparc64/INSTALL.sparc64">
1.7 deraadt 509: .../OpenBSD/sparc64/INSTALL.sparc64 (on CD3)</a>
1.9 deraadt 510: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/sparc/INSTALL.sparc">
1.7 deraadt 511: .../OpenBSD/sparc/INSTALL.sparc (on CD3)</a>
512: <p>
1.9 deraadt 513: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/alpha/INSTALL.alpha">
1.7 deraadt 514: .../OpenBSD/5.5/alpha/INSTALL.alpha</a>
1.9 deraadt 515: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/armish/INSTALL.armish">
1.7 deraadt 516: .../OpenBSD/5.5/armish/INSTALL.armish</a>
1.9 deraadt 517: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/armv7/INSTALL.armv7">
1.7 deraadt 518: .../OpenBSD/5.5/armv7/INSTALL.armv7</a>
1.9 deraadt 519: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/beagle/INSTALL.beagle">
1.7 deraadt 520: .../OpenBSD/5.5/beagle/INSTALL.beagle</a>
1.9 deraadt 521: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/hp300/INSTALL.hp300">
1.7 deraadt 522: .../OpenBSD/5.5/hp300/INSTALL.hp300</a>
1.9 deraadt 523: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/hppa/INSTALL.hppa">
1.7 deraadt 524: .../OpenBSD/5.5/hppa/INSTALL.hppa</a>
1.9 deraadt 525: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/landisk/INSTALL.landisk">
1.7 deraadt 526: .../OpenBSD/5.5/landisk/INSTALL.landisk</a>
1.9 deraadt 527: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/loongson/INSTALL.loongson">
1.7 deraadt 528: .../OpenBSD/5.5/loongson/INSTALL.loongson</a>
1.9 deraadt 529: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/luna88k/INSTALL.luna88k">
1.7 deraadt 530: .../OpenBSD/5.5/luna88k/INSTALL.luna88k</a>
1.9 deraadt 531: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/macppc/INSTALL.macppc">
1.7 deraadt 532: .../OpenBSD/5.5/macppc/INSTALL.macppc</a>
1.9 deraadt 533: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/mvme68k/INSTALL.mvme68k">
1.7 deraadt 534: .../OpenBSD/5.5/mvme68k/INSTALL.mvme68k</a>
1.9 deraadt 535: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/mvme88k/INSTALL.mvme88k">
1.7 deraadt 536: .../OpenBSD/5.5/mvme88k/INSTALL.mvme88k</a>
1.9 deraadt 537: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/octeon/INSTALL.octeon">
1.7 deraadt 538: .../OpenBSD/5.5/octeon/INSTALL.octeon</a>
1.9 deraadt 539: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/sgi/INSTALL.sgi">
1.7 deraadt 540: .../OpenBSD/5.5/sgi/INSTALL.sgi</a>
1.9 deraadt 541: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/socppc/INSTALL.socppc">
1.7 deraadt 542: .../OpenBSD/5.5/socppc/INSTALL.socppc</a>
1.9 deraadt 543: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/sparc/INSTALL.sparc">
1.7 deraadt 544: .../OpenBSD/5.5/sparc/INSTALL.sparc</a>
1.9 deraadt 545: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/vax/INSTALL.vax">
1.7 deraadt 546: .../OpenBSD/5.5/vax/INSTALL.vax</a>
1.9 deraadt 547: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/zaurus/INSTALL.zaurus">
1.7 deraadt 548: .../OpenBSD/5.5/zaurus/INSTALL.zaurus</a>
1.1 deraadt 549: </ul>
550: <hr>
551:
552: <p>
553: Quick installer information for people familiar with OpenBSD, and the
554: use of the "disklabel -E" command. If you are at all confused when
555: installing OpenBSD, read the relevant INSTALL.* file as listed above!
556: <p>
557:
558: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
559: <ul>
560: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
561: release is on CD1. If your BIOS does not support booting from CD, you will need
562: to create a boot floppy to install from. To create a boot floppy write
563: <i>CD1:5.5/i386/floppy55.fs</i> to a floppy and boot via the floppy drive.
564:
565: <p>
566: Use <i>CD1:5.5/i386/floppyB55.fs</i> instead for greater SCSI controller
567: support, or <i>CD1:5.5/i386/floppyC55.fs</i> for better laptop support.
568:
569: <p>
570: If you can't boot from a CD or a floppy disk,
571: you can install across the network using PXE as described in
572: the included INSTALL.i386 document.
573:
574: <p>
575: If you are planning on dual booting OpenBSD with another OS, you will need to
576: read INSTALL.i386.
577:
578: <p>
579: To make a boot floppy under MS-DOS, use the "rawrite" utility located
580: at <i>CD1:5.5/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
581: use the
582: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>
583: utility. The following is an example usage of
584: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>,
585: where the device could be "floppy", "rfd0c", or
586: "rfd0a".
587:
588: <ul><pre>
589: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
590: </pre></ul>
591:
592: <p>
593: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
594: your install will most likely fail. For more information on creating a boot
595: floppy and installing OpenBSD/i386 please refer to
596: <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
597: </ul>
598:
599: <p>
600: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
601: <ul>
602: The 5.5 release of OpenBSD/amd64 is located on CD2.
603: Boot from the CD to begin the install - you may need to adjust
604: your BIOS options first.
605: If you can't boot from the CD, you can create a boot floppy to install from.
606: To do this, write <i>CD2:5.5/amd64/floppy55.fs</i> to a floppy, then
607: boot from the floppy drive.
608:
609: <p>
610: If you can't boot from a CD or a floppy disk,
611: you can install across the network using PXE as described in the included
612: INSTALL.amd64 document.
613:
614: <p>
615: If you are planning to dual boot OpenBSD with another OS, you will need to
616: read INSTALL.amd64.
617: </ul>
618:
619: <p>
620: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
621: <ul>
622: Burn the image from the FTP site to a CDROM, and power on your machine
623: while holding down the <i>C</i> key until the display turns on and
624: shows <i>OpenBSD/macppc boot</i>.
625:
626: <p>
627: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
628: /5.5/macppc/bsd.rd</i>
629: </ul>
630:
631: <p>
632: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
633: <ul>
634: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
635:
636: <p>
637: If this doesn't work, or if you don't have a CDROM drive, you can write
638: <i>CD3:5.5/sparc64/floppy55.fs</i> or <i>CD3:5.5/sparc64/floppyB55.fs</i>
639: (depending on your machine) to a floppy and boot it with <i>boot
640: floppy</i>. Refer to INSTALL.sparc64 for details.
641:
642: <p>
643: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
644: will most likely fail.
645:
646: <p>
647: You can also write <i>CD3:5.5/sparc64/miniroot55.fs</i> to the swap partition on
648: the disk and boot with <i>boot disk:b</i>.
649:
650: <p>
651: If nothing works, you can boot over the network as described in INSTALL.sparc64.
652: </ul>
653:
654: <p>
655: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
656: <ul>
657: <p>Write <i>FTP:5.5/alpha/floppy55.fs</i> or
658: <i>FTP:5.5/alpha/floppyB55.fs</i> (depending on your machine) to a diskette and
659: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
660:
661: <p>
662: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
663: will most likely fail.
664:
665: </ul>
666:
667: <p>
668: <h3><font color="#e00000">OpenBSD/armish:</font></h3>
669: <ul>
670: <p>
671: After connecting a serial port, Thecus can boot directly from the network
672: either tftp or http. Configure the network using fconfig, reset,
673: then load bsd.rd, see INSTALL.armish for specific details.
674: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
675: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
676: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
677: More details are available in INSTALL.armish.
678: </ul>
679:
680: <p>
681: <h3><font color="#e00000">OpenBSD/hp300:</font></h3>
682: <ul>
683: <p>
684: Boot over the network by following the instructions in INSTALL.hp300.
685: </ul>
686:
687: <p>
688: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
689: <ul>
690: <p>
691: Boot over the network by following the instructions in INSTALL.hppa or the
692: <a href="hppa.html#install">hppa platform page</a>.
693: </ul>
694:
695: <p>
696: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
697: <ul>
698: <p>
699: Write <i>miniroot55.fs</i> to the start of the CF
700: or disk, and boot normally.
701: </ul>
702:
703: <p>
704: <h3><font color="#e00000">OpenBSD/loongson:</font></h3>
705: <ul>
706: <p>
707: Write <i>miniroot55.fs</i> to a USB stick and boot bsd.rd from it
708: or boot bsd.rd via tftp.
709: Refer to the instructions in INSTALL.loongson for more details.
710: </ul>
711: <p>
712:
713: <p>
714: <h3><font color="#e00000">OpenBSD/luna88k:</font></h3>
715: <ul>
716: <p>
717: Copy bsd.rd to a Mach or UniOS partition, and boot it from the PROM.
718: Alternatively, you can create a bootable tape and boot from it. Refer to
719: the instructions in INSTALL.luna88k for more details.
720: </ul>
721:
722: <p>
723: <h3><font color="#e00000">OpenBSD/mvme68k:</font></h3>
724: <ul>
725: <p>
726: You can create a bootable installation tape or boot over the network.<br>
727: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
728: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
729: for more details.
730: </ul>
731:
732: <p>
733: <h3><font color="#e00000">OpenBSD/mvme88k:</font></h3>
734: <ul>
735: <p>
736: You can create a bootable installation tape or boot over the network.<br>
737: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
738: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
739: for more details.
740: </ul>
741:
742: <p>
743: <h3><font color="#e00000">OpenBSD/octeon:</font></h3>
744: <ul>
745: <p>
746: After connecting a serial port, boot bsd.rd over the network via DHCP/tftp.
747: Refer to the instructions in INSTALL.octeon for more details.
748: </ul>
749:
750: <p>
751: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
752: <ul>
753: <p>
754: To install on an O2, burn cd55.iso on a CD-R, put it in the CD drive of your
755: machine and select <i>Install System Software</i> from the System Maintenance
756: menu.
757:
758: <p>
759: On other systems, or if your machine doesn't have a CD drive, you can
760: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using
761: the kernel matching your system type.
762: Refer to the instructions in INSTALL.sgi for more details.
763: </ul>
764:
765: <p>
766: <h3><font color="#e00000">OpenBSD/socppc:</font></h3>
767: <ul>
768: <p>
769: After connecting a serial port, boot over the network via DHCP/tftp.
770: Refer to the instructions in INSTALL.socppc for more details.
771: </ul>
772:
773: <p>
774: <h3><font color="#e00000">OpenBSD/sparc:</font></h3>
775: <ul>
776: Boot from one of the provided install ISO images, using one of the two
777: commands listed below, depending on the version of your ROM.
778:
779: <ul><pre>
780: ok <strong>boot cdrom 5.5/sparc/bsd.rd</strong>
781: or
782: > <strong>b sd(0,6,0)5.5/sparc/bsd.rd</strong>
783: </pre></ul>
784:
785: <p>
786: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
787: To do so you need to write <i>floppy55.fs</i> to a floppy.
788: For more information see <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
789: To boot from the floppy use one of the two commands listed below,
790: depending on the version of your ROM.
791:
792: <ul><pre>
793: ok <strong>boot floppy</strong>
794: or
795: > <strong>b fd()</strong>
796: </pre></ul>
797:
798: <p>
799: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
800: will most likely fail.
801:
802: <p>
803: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
804: setup a bootable tape, or install via network, as told in the
805: INSTALL.sparc file.
806: </ul>
807:
808: <p>
809: <h3><font color="#e00000">OpenBSD/vax:</font></h3>
810: <ul>
811: Boot over the network via mopbooting as described in INSTALL.vax.
812: </ul>
813:
814: <p>
815: <h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
816: <ul>
817: <p>
818: Using the Linux built-in graphical ipkg installer, install the
819: openbsd55_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
820: for a few important details.
821: </ul>
822:
823: <p>
824: <h3><font color="#e00000">Notes about the source code:</font></h3>
825: <ul>
826: src.tar.gz contains a source archive starting at /usr/src. This file
827: contains everything you need except for the kernel sources, which are
828: in a separate archive. To extract:
829: <p>
830: <ul><pre>
831: # <strong>mkdir -p /usr/src</strong>
832: # <strong>cd /usr/src</strong>
833: # <strong>tar xvfz /tmp/src.tar.gz</strong>
834: </pre></ul>
835: <p>
836: sys.tar.gz contains a source archive starting at /usr/src/sys.
837: This file contains all the kernel sources you need to rebuild kernels.
838: To extract:
839: <p>
840: <ul><pre>
841: # <strong>mkdir -p /usr/src/sys</strong>
842: # <strong>cd /usr/src</strong>
843: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
844: </pre></ul>
845: <p>
846: Both of these trees are a regular CVS checkout. Using these trees it
847: is possible to get a head-start on using the anoncvs servers as
848: described <a href="anoncvs.html">here</a>.
849: Using these files
850: results in a much faster initial CVS update than you could expect from
851: a fresh checkout of the full OpenBSD source tree.
852: <p>
853: </ul>
854:
855: <a name="upgrade"></a>
856: <hr>
857: <p>
858: <h3><font color="#0000e0">How to upgrade</font></h3>
859: <p>
860: If you already have an OpenBSD 5.4 system, and do not want to reinstall,
861: upgrade instructions and advice can be found in the
862: <a href="faq/upgrade55.html">Upgrade Guide</a>.
863:
864: <a name="ports"></a>
865: <hr>
866: <p>
867: <h3><font color="#0000e0">Ports Tree</font></h3>
868: <p>
869: A ports tree archive is also provided. To extract:
870: <p>
871: <ul><pre>
872: # <strong>cd /usr</strong>
873: # <strong>tar xvfz /tmp/ports.tar.gz</strong>
874: </pre></ul>
875: <p>
876: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
877: read the <a href="faq/ports/index.html">ports</a> page
878: if you know nothing about ports
879: at this point. This text is not a manual of how to use ports.
880: Rather, it is a set of notes meant to kickstart the user on the
881: OpenBSD ports system.
882: <p>
883: The <i>ports/</i> directory represents a CVS (see the manpage for
884: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&arch=i386">
885: cvs(1)</a> if
886: you aren't familiar with CVS) checkout of our ports. As with our complete
887: source tree, our ports tree is available via
888: <a href="anoncvs.html">AnonCVS</a>.
889: So, in order to keep current with it, you must make the <i>ports/</i> tree
890: available on a read-write medium and update the tree with a command
891: like:
892: <p>
893: <ul><pre>
894: # <strong>cd /usr/ports</strong>
895: # <strong>cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_5</strong>
896: </pre></ul>
897: <p>
898: [Of course, you must replace the server name here with a nearby anoncvs
899: server.]
900: <p>
901: Note that most ports are available as packages through FTP. Updated
902: packages for the 5.5 release will be made available if problems arise.
903: <p>
904: If you're interested in seeing a port added, would like to help out, or just
905: would like to know more, the mailing list
906: <a href="mail.html">ports@openbsd.org</a> is a good place to know.
907: <p>
908: </body>
909: </html>