=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/57.html,v retrieving revision 1.108 retrieving revision 1.109 diff -c -r1.108 -r1.109 *** www/57.html 2019/04/24 15:54:54 1.108 --- www/57.html 2019/05/27 22:55:18 1.109 *************** *** 1,28 **** ! ! !
! ! |
Released May 1, 2015 Copyright 1997-2015, Theo de Raadt. ! ISBN 978-0-9881561-5-9 5.7 Song: "Source Fish" *************** *** 30,56 ****
|
This is a partial list of new features and systems included in OpenBSD 5.7. For a comprehensive list, see the changelog leading to 5.7.
*************** *** 129,171 ****
etc
and xetc
sets are now part of base
and
! xbase
and are not distributed separately anymore. They are extracted
! from base
and xbase
during installation and upgrades.rc
and rc.conf
files!
/auto_install.conf
or /auto_upgrade.conf
if present.
--- 174,188 ----
*************** *** 190,328 ****
!
--- 191,329 ----
SOCK_CLOEXEC
and SOCK_NONBLOCK
flags for socket(2) and socketpair(2), and the MSG_CMSG_CLOEXEC
flag for recvmsg(2). In addition, posix_spawn_file_actions_adddup2(3) now always clears the close-on-exec flag.
! kern.global_ptrace
sysctl(1) to disable, by default, the ability to ptrace(2) processes that aren't your descendent.
! -r
option. It also auto-selects between decimal and hex format for arguments, renders more types of flags, and is more robust when parsing corrupt ktrace files.
! -R
option is used, and are safe from race conditions when doing so.
! !
*************** *** 342,352 ****
UseDNS
now defaults to 'no'. Configurations that match
against the client host name (via
! sshd_config(5)
! or authorized_keys
) may need to re-enable it or convert to
matching against addresses.
FingerprintHash
option to
! ssh(1)
and
! sshd(8),
and equivalent command-line flags to the other tools to control
algorithm used for key fingerprints. The default changes from MD5
to SHA256 and format from hex to base64. Fingerprints now have the
hash algorithm prepended. Please note that visual host keys will also
be different.
! known_hosts
, allowing it to upgrade to better host key
algorithms and a server to gracefully rotate its keys. The client
! side of this is controlled by a UpdateHostkeys
config option
(default off).
! HostbasedKeyType
option to control which host public key types
are tried during host-based authentication.
! AuthenticationMethods=publickey,publickey
to require that
users authenticate using two different public keys.
! HostbasedAcceptedKeyTypes
and PubkeyAcceptedKeyTypes
options to allow
! sshd(8)
to control what public key types will be accepted. Currently defaults
to all.
! MaxAuthTries
.
! RevokedHostKeys
option for the client to allow text-file
or KRL-based revocation of host keys.
! Match
blocks to trigger only in the second config pass.
! -G
option to
! ssh(1)
that causes it to parse its configuration and dump the result to
! stdout, similar to "sshd -T
".
! Match
criteria to be negated
! (e.g. "Match !host
").
Port
options set in the second config parse phase to be
applied (they were being ignored). (bz#2286)
! TLS_FALLBACK_SCSV
.
/usr/sbin/openssl
to /usr/bin/openssl
.
X509_STORE_load_mem
API for loading certificates from
memory. This facilitates accessing certificates from a chrooted
environment.
certhash
' replaces the c_rehash
script.
!
|
|
|
|
|
| ! |
-
Following this are the instructions which you would have on a piece of paper if you had purchased a CDROM set instead of doing an alternate form of install. The instructions for doing an HTTP (or other style --- 655,669 ----
Following this are the instructions which you would have on a piece of paper if you had purchased a CDROM set instead of doing an alternate form of install. The instructions for doing an HTTP (or other style *************** *** 733,746 ****
Quick installer information for people familiar with OpenBSD, and the use of the "disklabel -E" command. If you are at all confused when installing OpenBSD, read the relevant INSTALL.* file as listed above! -
!
Quick installer information for people familiar with OpenBSD, and the use of the "disklabel -E" command. If you are at all confused when installing OpenBSD, read the relevant INSTALL.* file as listed above! !
The OpenBSD/i386 release is on CD1. Boot from the CD to begin the install - you may need to adjust your BIOS options first. *************** *** 758,768 **** If you are planning on dual booting OpenBSD with another OS, you will need to read INSTALL.i386. !
-
The OpenBSD/amd64 release is on CD2. Boot from the CD to begin the install - you may need to adjust your BIOS options first. *************** *** 779,789 ****
If you are planning to dual boot OpenBSD with another OS, you will need to read INSTALL.amd64. -
-
If you are planning to dual boot OpenBSD with another OS, you will need to read INSTALL.amd64. +
Burn the image from a mirror site to a CDROM, and power on your machine while holding down the C key until the display turns on and shows OpenBSD/macppc boot. *************** *** 791,807 ****
Alternatively, at the Open Firmware prompt, enter boot cd:,ofwboot /5.7/macppc/bsd.rd -
-
Put CD3 in your CDROM drive and type boot cdrom.
--- 782,798 ----
Alternatively, at the Open Firmware prompt, enter boot cd:,ofwboot /5.7/macppc/bsd.rd +
5.7 Errata 001: Unfortunately, 5.7 cannot boot from CDROM on some machines due a bootloader bug. ! !
Put CD3 in your CDROM drive and type boot cdrom.
*************** *** 820,831 ****
If nothing works, you can boot over the network as described in INSTALL.sparc64. -
!
Write FTP:5.7/alpha/floppy57.fs or FTP:5.7/alpha/floppyB57.fs (depending on your machine) to a diskette and enter boot dva0. Refer to INSTALL.alpha for more details. --- 811,821 ----
If nothing works, you can boot over the network as described in INSTALL.sparc64. +
! Write FTP:5.7/alpha/floppy57.fs or FTP:5.7/alpha/floppyB57.fs (depending on your machine) to a diskette and enter boot dva0. Refer to INSTALL.alpha for more details. *************** *** 833,844 **** Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install will most likely fail. !
-
After connecting a serial port, Thecus can boot directly from the network either tftp or http. Configure the network using fconfig, reset, then load bsd.rd, see INSTALL.armish for specific details. --- 823,831 ---- Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install will most likely fail. !
After connecting a serial port, Thecus can boot directly from the network either tftp or http. Configure the network using fconfig, reset, then load bsd.rd, see INSTALL.armish for specific details. *************** *** 846,900 **** and copy 'boot' and bsd.rd into the first partition on wd0 (hda1) then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition. More details are available in INSTALL.armish. -
-
Boot over the network by following the instructions in INSTALL.hppa or the hppa platform page. -
-
Write miniroot57.fs to the start of the CF or disk, and boot normally. -
-
Write miniroot57.fs to a USB stick and boot bsd.rd from it or boot bsd.rd via tftp. Refer to the instructions in INSTALL.loongson for more details. -
!
! Copy `boot' and `bsd.rd' to a Mach or UniOS partition, and boot the bootloader from the PROM, and the bsd.rd from the bootloader. Refer to the instructions in INSTALL.luna88k for more details. -
-
After connecting a serial port, boot bsd.rd over the network via DHCP/tftp. Refer to the instructions in INSTALL.octeon for more details. -
-
To install, burn cd57.iso on a CD-R, put it in the CD drive of your machine and select Install System Software from the System Maintenance menu. Indigo/Indy/Indigo2 (R4000) systems will not boot automatically from --- 833,874 ---- and copy 'boot' and bsd.rd into the first partition on wd0 (hda1) then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition. More details are available in INSTALL.armish. +
Boot over the network by following the instructions in INSTALL.hppa or the hppa platform page. +
Write miniroot57.fs to the start of the CF or disk, and boot normally. +
Write miniroot57.fs to a USB stick and boot bsd.rd from it or boot bsd.rd via tftp. Refer to the instructions in INSTALL.loongson for more details. +
! Copy 'boot' and 'bsd.rd' to a Mach or UniOS partition, and boot the bootloader from the PROM, and the bsd.rd from the bootloader. Refer to the instructions in INSTALL.luna88k for more details. +
After connecting a serial port, boot bsd.rd over the network via DHCP/tftp. Refer to the instructions in INSTALL.octeon for more details. +
To install, burn cd57.iso on a CD-R, put it in the CD drive of your machine and select Install System Software from the System Maintenance menu. Indigo/Indy/Indigo2 (R4000) systems will not boot automatically from *************** *** 905,931 **** If your machine doesn't have a CD drive, you can setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using the kernel matching your system type. Refer to the instructions in INSTALL.sgi for more details. -
-
After connecting a serial port, boot over the network via DHCP/tftp. Refer to the instructions in INSTALL.socppc for more details. -
-
! ok boot cdrom 5.7/sparc/bsd.rd or ! > b sd(0,6,0)5.7/sparc/bsd.rd !
If your SPARC system does not have a CD drive, you can alternatively boot from floppy. --- 879,902 ---- If your machine doesn't have a CD drive, you can setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using the kernel matching your system type. Refer to the instructions in INSTALL.sgi for more details. +
After connecting a serial port, boot over the network via DHCP/tftp. Refer to the instructions in INSTALL.socppc for more details. +
Boot from one of the provided install ISO images, using one of the two commands listed below, depending on the version of your ROM. !
! ok boot cdrom 5.7/sparc/bsd.rd or ! > b sd(0,6,0)5.7/sparc/bsd.rd !
If your SPARC system does not have a CD drive, you can alternatively boot from floppy. *************** *** 934,944 **** To boot from the floppy use one of the two commands listed below, depending on the version of your ROM. !
! ok boot floppy or ! > b fd() !
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install --- 905,915 ---- To boot from the floppy use one of the two commands listed below, depending on the version of your ROM. !
! ok boot floppy or ! > b fd() !
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install *************** *** 948,1003 **** If your SPARC system doesn't have a floppy drive nor a CD drive, you can either setup a bootable tape, or install via network, as told in the INSTALL.sparc file. -
-
-
Using the Linux built-in graphical ipkg installer, install the openbsd57_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus for a few important details. -
-
If you already have an OpenBSD 5.6 system, and do not want to reinstall, upgrade instructions and advice can be found in the Upgrade Guide. -
-
src.tar.gz contains a source archive starting at /usr/src. This file contains everything you need except for the kernel sources, which are in a separate archive. To extract:
!
! # mkdir -p /usr/src ! # cd /usr/src ! # tar xvfz /tmp/src.tar.gz !
sys.tar.gz contains a source archive starting at /usr/src/sys. This file contains all the kernel sources you need to rebuild kernels. To extract:
!
! # mkdir -p /usr/src/sys ! # cd /usr/src # tar xvfz /tmp/sys.tar.gz !
Both of these trees are a regular CVS checkout. Using these trees it is possible to get a head-start on using the anoncvs servers as --- 919,972 ---- If your SPARC system doesn't have a floppy drive nor a CD drive, you can either setup a bootable tape, or install via network, as told in the INSTALL.sparc file. +
Boot over the network via mopbooting as described in INSTALL.vax. +
Using the Linux built-in graphical ipkg installer, install the openbsd57_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus for a few important details. !
If you already have an OpenBSD 5.6 system, and do not want to reinstall, upgrade instructions and advice can be found in the Upgrade Guide. +
src.tar.gz contains a source archive starting at /usr/src. This file contains everything you need except for the kernel sources, which are in a separate archive. To extract:
!
! # mkdir -p /usr/src ! # cd /usr/src ! # tar xvfz /tmp/src.tar.gz !
sys.tar.gz contains a source archive starting at /usr/src/sys. This file contains all the kernel sources you need to rebuild kernels. To extract:
!
! # mkdir -p /usr/src/sys ! # cd /usr/src # tar xvfz /tmp/sys.tar.gz !
Both of these trees are a regular CVS checkout. Using these trees it is possible to get a head-start on using the anoncvs servers as *************** *** 1005,1023 **** Using these files results in a much faster initial CVS update than you could expect from a fresh checkout of the full OpenBSD source tree. !
-
A ports tree archive is also provided. To extract:
!
! # cd /usr ! # tar xvfz /tmp/ports.tar.gz !
Go read the ports page if you know nothing about ports --- 974,993 ---- Using these files results in a much faster initial CVS update than you could expect from a fresh checkout of the full OpenBSD source tree. !
A ports tree archive is also provided. To extract:
!
! # cd /usr ! # tar xvfz /tmp/ports.tar.gz !
Go read the ports page if you know nothing about ports *************** *** 1026,1032 **** OpenBSD ports system.
The ports/ directory represents a CVS (see the manpage for ! cvs(1) if you aren't familiar with CVS) checkout of our ports. As with our complete source tree, our ports tree is available via --- 996,1002 ---- OpenBSD ports system.
The ports/ directory represents a CVS (see the manpage for ! cvs(1) if you aren't familiar with CVS) checkout of our ports. As with our complete source tree, our ports tree is available via *************** *** 1035,1044 **** the ports/ tree available on a read-write medium and update the tree with a command like:
!
# cd /usr/ports # cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_7 !
[Of course, you must replace the server name here with a nearby anoncvs server.] --- 1005,1014 ---- the ports/ tree available on a read-write medium and update the tree with a command like:
!
# cd /usr/ports # cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_7 !
[Of course, you must replace the server name here with a nearby anoncvs server.] *************** *** 1049,1054 **** If you're interested in seeing a port added, would like to help out, or just would like to know more, the mailing list ports@openbsd.org is a good place to know. !
! ! --- 1019,1022 ---- If you're interested in seeing a port added, would like to help out, or just would like to know more, the mailing list ports@openbsd.org is a good place to know. !