Annotation of www/59.html, Revision 1.20
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
4: <title>OpenBSD 5.9</title>
5: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
6: <meta name="description" content="OpenBSD 5.9">
7: <meta name="copyright" content="This document copyright 2015 by OpenBSD.">
8: <link rel="canonical" href="http://www.openbsd.org/59.html">
9: </head>
10:
11: <body bgcolor="#ffffff" text="#000000" link="#24248E">
12:
13: <a href="index.html">
14: <img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
15: <p>
16:
17: <a href="images/XXX.jpg">
18: <img align="left" width="227" height="343" hspace="24" vspace="10" src="images/XXX.jpg"></a>
19: <h2><font color="#0000e0">OpenBSD 5.9</font></h2>
20: <p>
1.11 tedu 21: To be released May 1, 2016<br>
1.1 deraadt 22: Copyright 1997-2016, Theo de Raadt.<br>
23: <font color="#e00000">ISBN 978-0-9881561-7-3</font>
24: <br>
25: 5.9 Songs: <a href="lyrics.html#59a">"xxx"</a>,
26: <a href="lyrics.html#59b">"xxx"</a>
27: <ul>
28: <li>Order a CDROM from our <a href="https://openbsdstore.com">ordering system</a>.
29: <li>See the information on <a href="ftp.html">the FTP page</a> for
30: a list of mirror machines.
31: <li>Go to the <font color="#e00000">pub/OpenBSD/5.9/</font> directory on
32: one of the mirror sites.
33: <li>Have a look at <a href="errata59.html">the 5.9 errata page</a> for a list
34: of bugs and workarounds.
35: <li>See a <a href="plus59.html">detailed log of changes</a> between the
36: 5.8 and 5.9 releases.
37: <p>
38: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=signify&sektion=1">signify(1)</a> pubkeys for this release:<br>
39: <pre>
1.4 jsg 40: base: RWQJVNompF3pwfIqbg+5sxfpxmZMa3tTBaW4qbUhWje/H/M7glrA6oVn
41: fw: RWSdmaNkytzh6BApmPSNSDLNg26ZaXlY8g/879UvLdo3rjbsby76Eda1
42: pkg: RWSLRYDCTJeWLIScncqwGuXK6JVXDcIyRT0q+0m30MXXG4W2xWS4NZBP
1.1 deraadt 43: </pre>
44: </ul>
45: <br clear=all>
46: All applicable copyrights and credits can be found in the applicable
47: file sources found in the files src.tar.gz, sys.tar.gz,
48: xenocara.tar.gz, or in the files fetched via ports.tar.gz. The
49: distribution files used to build packages from the ports.tar.gz file
50: are not included on the CDROM because of lack of space.
51: <p>
52:
53: <a name="new"></a>
54: <hr>
55: <p>
56: <h3><font color="#0000e0">What's New</font></h3>
57: <p>
58: This is a partial list of new features and systems included in OpenBSD 5.9.
59: For a comprehensive list, see the <a href="plus59.html">changelog</a> leading
60: to 5.9.
61: <p>
62:
63: <ul>
64: <li>Improved hardware support, including:
65: <ul>
66: <li>...
67: </ul>
68: <p>
69:
70: <li>Removed hardware support:
71: <ul>
72: <li>...
73: </ul>
74: <p>
75:
76: <li>Generic network stack improvements:
77: <ul>
1.9 tedu 78: <li>Remove support for obsolete IPv6 socket options
1.1 deraadt 79: <li>...
80: </ul>
81: <p>
82:
83: <li>Installer improvements:
84: <ul>
85: <li>...
86: </ul>
87: <p>
88:
89: <li>Routing daemons and other userland network improvements:
90: <ul>
91: <li>...
92: </ul>
93: <p>
94:
95: <li>Security improvements:
96: <ul>
97: <li>...
1.10 tedu 98: <li>Support for looking up hosts via YP has been removed from libc.
99: The 'yp' lookup method in
100: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=resolv.conf&sektion=5">resolv.conf</a>
101: is no longer available.
102: <li>Support for the HOSTALIASES environment variable has been removed from libc.
1.1 deraadt 103: </ul>
104: <p>
105:
106: <li>Assorted improvements:
107: <ul>
1.9 tedu 108: <li>doas is a little friendlier to use
109: <li>Updated flex
110: <li>Updated and improved less
1.1 deraadt 111: <li>...
112: </ul>
113: <p>
114:
115: <li>OpenBSD <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>:
116: <ul>
117: <li>...
118: </ul>
119: <p>
120:
121: <li>OpenSMTPD
122: <ul>
123: <li>...
124: </ul>
125: <p>
126:
1.3 jsg 127: <li>OpenSSH 7.1
1.1 deraadt 128: <ul>
129: <li>Security:
130: <ul>
1.16 sobrado 131: <li>Qualys Security identified vulnerabilities in the
132: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
1.18 sobrado 133: client experimental support for resuming SSH-connections (roaming).
1.16 sobrado 134: In the default configuration, this could potentially leak client keys
135: to a hostile server. The authentication of the server host key
136: prevents exploitation by a man-in-the-middle, so this information leak
137: is restricted to connections to malicious or compromised servers.
138: This feature has been disabled in the
139: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
140: client, and it has been removed from the source tree. The matching
141: server code has never been shipped.
142: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
143: OpenSSH 7.0 contained a logic error in
144: <tt>PermitRootLogin=prohibit-password/without-password</tt> that could,
145: depending on compile-time configuration, permit password authentication
146: to root while preventing other forms of authentication.
147: <li>Eliminate the fallback from untrusted X11-forwarding to trusted
148: forwarding for cases when the X server disables the <tt>SECURITY</tt>
149: extension.
150: <li>Fix an out of-bound read access in the packet handling code.
1.18 sobrado 151: <li>Further use of
152: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bzero&sektion=3">explicit_bzero(3)</a>
153: has been added in various buffer handling code paths to guard against
154: compilers aggressively doing dead-store removal.
1.1 deraadt 155: </ul>
156: <li>The following significant bugs have been fixed in this release:
157: <ul>
1.16 sobrado 158: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
159: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
1.18 sobrado 160: add compatibility workarounds for FuTTY.
1.16 sobrado 161: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
162: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
1.18 sobrado 163: refine compatibility workarounds for WinSCP.
1.16 sobrado 164: <li>Fix a number of memory faults (double-free, free of uninitialised
165: memory, etc) in
166: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
167: and
168: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>.
1.18 sobrado 169: <li>Correctly interpret the <tt>first_kex_follows</tt> option during the
170: initial key exchange.
1.1 deraadt 171: </ul>
172: </ul>
173: <p>
1.17 sobrado 174: <li>LibreSSL 2.3.2
1.1 deraadt 175: <ul>
176: <li>User-visible features:
177: <ul>
1.17 sobrado 178: <li>This release corrects the handling of <tt>ClientHello</tt> messages
179: that do not include TLS extensions, resulting in such handshakes being
180: aborted.
181: <li>When loading a DSA key from an raw (without DH parameters) ASN.1
182: serialization, perform some consistency checks on its `p' and `q'
183: values, and return an error if the checks failed.
184: <li>Fixed a bug in <tt>ECDH_compute_key</tt> that can lead to silent
185: truncation of the result key without error. A coding error could cause
186: software to use much shorter keys than intended.
187: <li>Removed support for <tt>DTLS_BAD_VER</tt>. Pre-DTLSv1 implementations
188: are no longer supported.
189: <li>The engine command and parameters are removed from
190: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openssl&sektion=1">openssl(1)</a>.
191: Previous releases removed dynamic and builtin engine support already.
192: <li>SHA-0 is removed, which was withdrawn shortly after publication
193: twenty years ago.
194: <li>Added <tt>Certplus CA</tt> root certificate to the default
195: <tt>cert.pem</tt> file.
1.19 sobrado 196: <li>Fixed a leak in
197: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=SSL_new&sektion=3">SSL_new(3)</a>
198: in the error path.
1.17 sobrado 199: <li>Fixed a memory leak and out-of-bounds access in <tt>OBJ_obj2txt</tt>.
200: <li>Fixed an up-to 7 byte overflow in RC4 when len is not a multiple of
201: <tt>sizeof(RC4_CHUNK)</tt>.
1.19 sobrado 202: <li>Added
203: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=EVP_AEAD_CTX_init&sektion=3">EVP_aead_chacha20_poly1305(3)</a>
204: which matches the
1.18 sobrado 205: <tt>AEAD</tt> construction introduced in RFC 7539, which is different
206: than that already used in TLS with
1.19 sobrado 207: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=EVP_AEAD_CTX_init&sektion=3">EVP_aead_chacha20_poly1305(3)</a>.
1.18 sobrado 208: <li>More man pages converted from pod to
209: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mdoc&sektion=7">mdoc(7)</a>
210: format.
1.17 sobrado 211: <li>Added <tt>COMODO RSA Certification Authority</tt> and
212: <tt>QuoVadis</tt> root certificates to <tt>cert.pem</tt>.
213: <li>Removed Remhve "<tt>C=US, O=VeriSign, Inc., OU=Class 3 Public Primary
214: Certification Authority</tt>"
215: (serial 3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be)
216: root certificate from <tt>cert.pem</tt>.
217: <li>Fixed incorrect TLS certificate loading by
218: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nc&sektion=1">nc(1)</a>.
219: <li>The following CVEs had been fixed:
220: <ul>
221: <li><tt>CVE-2015-3194</tt>—NULL pointer dereference in client
222: side certificate validation.
223: <li><tt>CVE-2015-3195</tt>—memory leak in PKCS7, not reachable
224: from TLS/SSL.
225: </ul>
226: <li>Note: The following OpenSSL CVEs did not apply to LibreSSL:
227: <ul>
228: <li><tt>CVE-2015-3193</tt>—carry propagating bug in the x86_64
229: Montgomery squaring procedure.
230: <li><tt>CVE-2015-3196</tt>—double free race condition of the
231: identify hint data.
232: </ul>
1.1 deraadt 233: </ul>
234: <li>Code improvements:
235: <ul>
1.17 sobrado 236: <li>Added install target for <tt>cmake</tt> builds.
237: <li>Updated <tt>pkgconfig</tt> files to correctly report the release
238: version number, not the individual library ABI version numbers.
239: <li>SSLv3 is now permanently removed from the tree.
240: <li>The <tt>libtls</tt> API is changed from the 2.2.x series:
241: <ul>
1.19 sobrado 242: <li>The
243: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tls_init&sektion=3">tls_read(3)</a>
244: and
245: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tls_init&sektion=3">tls_write(3)</a>
246: functions now work better with external event libraries.
1.17 sobrado 247: <li>Client-side verification is now supported, with the client
248: supplying the certificate to the server.
1.19 sobrado 249: <li>Also, when using
250: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tls_init&sektion=3">tls_connect_fds(3)</a>,
251: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tls_init&sektion=3">tls_connect_socket(3)</a>
252: or
253: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tls_init&sektion=3">tls_accept_fds(3)</a>,
1.17 sobrado 254: <tt>libtls</tt> no longer implicitly closes the passed in sockets.
255: The caller is responsible for closing them in this case.
256: </ul>
257: <li>New interface <tt>OPENSSL_cpu_caps</tt> is provided that does not
258: allow software to inadvertently modify cpu capability flags.
259: <tt>OPENSSL_ia32cap</tt> and <tt>OPENSSL_ia32cap_loc</tt> are removed.
1.18 sobrado 260: <li>The <tt>out_len</tt> argument of <tt>AEAD</tt> changed from
261: <tt>ssize_t</tt> to <tt>size_t</tt>.
1.17 sobrado 262: <li>Deduplicated DTLS code, sharing bugfixes and improvements with TLS.
263: <li>Converted
264: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nc&sektion=1">nc(1)</a>
265: to use <tt>libtls</tt> for client and server operations; it is
266: included in the libressl-portable distribution as an example of how
267: to use the <tt>libtls</tt> library. This is intended to be a simpler
268: and more robust replacement for <tt>openssl s_client</tt> and
269: <tt>openssl s_server</tt> for day-to-day operations.
270: <li>ASN.1 cleanups and RFC5280 compliance fixes.
271: <li>Time representations switched from <tt>unsigned long</tt> to
272: <tt>time_t</tt>. LibreSSL now checks if the host OS supports 64-bit
273: <tt>time_t</tt>.
274: <li>Support always extracting the peer cipher and version with
275: <tt>libtls</tt>.
276: <li>Added ability to check certificate validity times with
1.19 sobrado 277: <tt>libtls</tt>,
278: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tls_init&sektion=3">tls_peer_cert_notbefore(3)</a>
279: and
280: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tls_init&sektion=3">tls_peer_cert_notafter(3)</a>.
281: <li>Changed
282: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tls_init&sektion=3">tls_connect_servername(3)</a>
283: to use the first address that resolves with
1.18 sobrado 284: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getaddrinfo&sektion=3">getaddrinfo(3)</a>.
1.17 sobrado 285: <li>Remove broken conditional <tt>EVP_CHECK_DES_KEY</tt> code
286: (non-functional since initial commit in 2004).
1.19 sobrado 287: <li>Reject too small bits value in
288: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=BN_generate_prime&sektion=3">BN_generate_prime_ex(3)</a>,
1.17 sobrado 289: so that it does not risk becoming negative in
290: <tt>probable_prime_dh_safe()</tt>.
1.18 sobrado 291: <li>Changed format of <tt>LIBRESSL_VERSION_NUMBER</tt> to match that of
1.17 sobrado 292: <tt>OPENSSL_VERSION_NUMBER</tt>.
293: <li>Avoid a potential undefined C99+ behavior due to shift overflow in
294: <tt>AES_decrypt</tt>.
295: <li>Deprecated the <tt>SSL_OP_SINGLE_DH_USE</tt> flag.
1.1 deraadt 296: </ul>
297: </ul>
298: <p>
299: <li>Syslogd:
300: <ul>
301: <li>...
302: </ul>
303: <p>
304: <li>Ports and packages:
305: <dl>
306: <dt>Many pre-built packages for each architecture:
307: <table border=0 cellspacing=0 cellpadding=2 width="95%">
308: <tr>
309: <td valign="top" width="25%">
310: <ul>
311: <li>alpha: xxxx
312: <li>amd64: xxxx
313: <li>hppa: xxxx
314: </ul></td><td valign=top width="25%"><ul>
315: <li>i386: xxxx
316: <li>mips64: xxxx
317: <li>mips64el: xxxx
318: </ul></td><td valign=top width="25%"><ul>
319: <li>powerpc: xxxx
320: <li>sh: xxxx
321: <li>sparc64: xxxx
322: </ul></td><td valign=top width="25%"><ul>
323: <li>vax: xxxx
324: </ul></td></tr></table>
325: <p>
326:
327: <dt>Some highlights:
328: <table border=0 cellspacing=0 cellpadding=2 width="95%">
329: <tr>
330: <td valign="top" width="33%"><ul>
1.15 lteo 331: <li>Chromium 48.0.2564.97
1.1 deraadt 332: <li>Emacs 21.4 and 24.5
1.3 jsg 333: <li>GCC 4.9.3
334: <li>GHC 7.10.3
335: <li>GNOME 3.18.2
1.5 sthen 336: <li>Go 1.5.3
1.1 deraadt 337: <li>Groff 1.22.3
338: <li>JDK 1.7.0.80 and 1.8.0.45
339: <li>KDE 3.5.10 and 4.14.3 (plus KDE4 core updates)
340: <li>LLVM/Clang 3.5 (20140228)
1.3 jsg 341: <li>LibreOffice 5.0.4.2
342: <li>MariaDB 10.0.23
343: <li>Mono 4.2.1.102
1.13 jsg 344: <li>Mozilla Firefox 38.6.0esr and 44.0
1.3 jsg 345: <li>Mozilla Thunderbird 38.5.1
1.1 deraadt 346: </ul></td><td valign=top width="33%"><ul>
1.14 abieber 347: <li>Node.js 4.2.6
1.3 jsg 348: <li>OpenLDAP 2.3.43 and 2.4.43
1.5 sthen 349: <li>PHP 5.4.45, 5.5.31 and 5.6.17
1.3 jsg 350: <li>Postfix 3.0.3
351: <li>PostgreSQL 9.4.5
352: <li>Python 2.7.11, 3.4.4 and 3.5.1
353: <li>R 3.2.3
354: <li>Ruby 1.8.7.374, 2.0.0.648, 2.1.8, 2.2.4 and 2.3.0
1.15 lteo 355: <li>Rust 1.6.0
1.1 deraadt 356: <li>Sendmail 8.15.2
1.3 jsg 357: <li>Sudo 1.8.15
1.1 deraadt 358: <li>Tcl/Tk 8.5.18 and 8.6.4
359: <li>TeX Live 2014
1.3 jsg 360: <li>Vim 7.4.900
1.1 deraadt 361: <li>Xfce 4.12
362: </ul></td><td valign=top width="34%">
363: </td></tr></table>
364: <p>
365:
366: <li>As usual, steady improvements in manual pages and other documentation.
367: <p>
368:
369: <li>The system includes the following major components from outside suppliers:
370: <ul>
1.3 jsg 371: <li>Xenocara (based on X.Org 7.7 with xserver 1.17.4 + patches,
1.8 jsg 372: freetype 2.6.2, fontconfig 2.11.1, Mesa 11.0.9, xterm 322,
1.3 jsg 373: xkeyboard-config 2.16 and more)
1.1 deraadt 374: <li>Gcc 4.2.1 (+ patches) and 3.3.6 (+ patches)
375: <li>Perl 5.20.2 (+ patches)
1.3 jsg 376: <li>SQLite 3.9.2 (+ patches)
377: <li>NSD 4.1.7
378: <li>Unbound 1.5.7
1.1 deraadt 379: <li>Ncurses 5.7
380: <li>Binutils 2.17 (+ patches)
381: <li>Gdb 6.3 (+ patches)
382: <li>Less 458 (+ patches)
383: <li>Awk Aug 10, 2011 version
384: </ul>
385:
386: </ul>
387:
388: <a name="install"></a>
389: <hr>
390: <p>
391: <h3><font color="#0000e0">How to install</font></h3>
392: <p>
393: Following this are the instructions which you would have on a piece of
394: paper if you had purchased a CDROM set instead of doing an alternate
395: form of install. The instructions for doing an HTTP (or other style
396: of) install are very similar; the CDROM instructions are left intact
397: so that you can see how much easier it would have been if you had
398: purchased a CDROM instead.
399: <p>
400:
401: <hr>
402: Please refer to the following files on the three CDROMs or mirror site for
403: extensive details on how to install OpenBSD 5.9 on your machine:
404: <p>
405: <ul>
406: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/alpha/INSTALL.alpha">
407: .../OpenBSD/5.9/alpha/INSTALL.alpha (on CD1)</a>
408: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/i386/INSTALL.i386">
409: .../OpenBSD/5.9/i386/INSTALL.i386 (on CD1)</a>
410: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/hppa/INSTALL.hppa">
411: .../OpenBSD/5.9/hppa/INSTALL.hppa (on CD1)</a>
412: <p>
413: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/amd64/INSTALL.amd64">
414: .../OpenBSD/5.9/amd64/INSTALL.amd64 (on CD2)</a>
415: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/macppc/INSTALL.macppc">
416: .../OpenBSD/5.9/macppc/INSTALL.macppc (on CD2)</a>
417: <p>
418: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/sparc64/INSTALL.sparc64">
419: .../OpenBSD/5.9/sparc64/INSTALL.sparc64 (on CD3)</a>
420: <p>
421: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/alpha/INSTALL.alpha">
422: .../OpenBSD/5.9/alpha/INSTALL.alpha</a>
423: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/hppa/INSTALL.hppa">
424: .../OpenBSD/5.9/hppa/INSTALL.hppa</a>
425: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/landisk/INSTALL.landisk">
426: .../OpenBSD/5.9/landisk/INSTALL.landisk</a>
427: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/loongson/INSTALL.loongson">
428: .../OpenBSD/5.9/loongson/INSTALL.loongson</a>
429: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/luna88k/INSTALL.luna88k">
430: .../OpenBSD/5.9/luna88k/INSTALL.luna88k</a>
431: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/macppc/INSTALL.macppc">
432: .../OpenBSD/5.9/macppc/INSTALL.macppc</a>
433: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/octeon/INSTALL.octeon">
434: .../OpenBSD/5.9/octeon/INSTALL.octeon</a>
435: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/sgi/INSTALL.sgi">
436: .../OpenBSD/5.9/sgi/INSTALL.sgi</a>
437: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/socppc/INSTALL.socppc">
438: .../OpenBSD/5.9/socppc/INSTALL.socppc</a>
439: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/vax/INSTALL.vax">
440: .../OpenBSD/5.9/vax/INSTALL.vax</a>
441: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.9/zaurus/INSTALL.zaurus">
442: .../OpenBSD/5.9/zaurus/INSTALL.zaurus</a>
443: </ul>
444: <hr>
445:
446: <p>
447: Quick installer information for people familiar with OpenBSD, and the
448: use of the "disklabel -E" command. If you are at all confused when
449: installing OpenBSD, read the relevant INSTALL.* file as listed above!
450: <p>
451:
452: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
453: <ul>
454: The OpenBSD/i386 release is on CD1.
455: Boot from the CD to begin the install - you may need to adjust
456: your BIOS options first.
457:
458: <p>
459: If your machine can boot from USB, you can write <i>install59.fs</i> or
460: <i>miniroot59.fs</i> to a USB stick and boot from it.
461:
462: <p>
463: If you can't boot from a CD, floppy disk, or USB,
464: you can install across the network using PXE as described in
465: the included INSTALL.i386 document.
466:
467: <p>
468: If you are planning on dual booting OpenBSD with another OS, you will need to
469: read INSTALL.i386.
470:
471: </ul>
472:
473: <p>
474: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
475: <ul>
476: The OpenBSD/amd64 release is on CD2.
477: Boot from the CD to begin the install - you may need to adjust
478: your BIOS options first.
479:
480: <p>
481: If your machine can boot from USB, you can write <i>install59.fs</i> or
482: <i>miniroot59.fs</i> to a USB stick and boot from it.
483:
484: <p>
485: If you can't boot from a CD, floppy disk, or USB,
486: you can install across the network using PXE as described in the included
487: INSTALL.amd64 document.
488:
489: <p>
490: If you are planning to dual boot OpenBSD with another OS, you will need to
491: read INSTALL.amd64.
492: </ul>
493:
494: <p>
495: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
496: <ul>
497: Burn the image from a mirror site to a CDROM, and power on your machine
498: while holding down the <i>C</i> key until the display turns on and
499: shows <i>OpenBSD/macppc boot</i>.
500:
501: <p>
502: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
503: /5.9/macppc/bsd.rd</i>
504: </ul>
505:
506: <p>
507: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
508: <ul>
509: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
510:
511: <p>
512: If this doesn't work, or if you don't have a CDROM drive, you can write
513: <i>CD3:5.9/sparc64/floppy59.fs</i> or <i>CD3:5.9/sparc64/floppyB59.fs</i>
514: (depending on your machine) to a floppy and boot it with <i>boot
515: floppy</i>. Refer to INSTALL.sparc64 for details.
516:
517: <p>
518: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
519: will most likely fail.
520:
521: <p>
522: You can also write <i>CD3:5.9/sparc64/miniroot59.fs</i> to the swap partition on
523: the disk and boot with <i>boot disk:b</i>.
524:
525: <p>
526: If nothing works, you can boot over the network as described in INSTALL.sparc64.
527: </ul>
528:
529: <p>
530: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
531: <ul>
532: <p>Write <i>FTP:5.9/alpha/floppy59.fs</i> or
533: <i>FTP:5.9/alpha/floppyB59.fs</i> (depending on your machine) to a diskette and
534: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
535:
536: <p>
537: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
538: will most likely fail.
539:
540: </ul>
541:
542: <p>
543: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
544: <ul>
545: <p>
546: Boot over the network by following the instructions in INSTALL.hppa or the
547: <a href="hppa.html#install">hppa platform page</a>.
548: </ul>
549:
550: <p>
551: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
552: <ul>
553: <p>
554: Write <i>miniroot59.fs</i> to the start of the CF
555: or disk, and boot normally.
556: </ul>
557:
558: <p>
559: <h3><font color="#e00000">OpenBSD/loongson:</font></h3>
560: <ul>
561: <p>
562: Write <i>miniroot59.fs</i> to a USB stick and boot bsd.rd from it
563: or boot bsd.rd via tftp.
564: Refer to the instructions in INSTALL.loongson for more details.
565: </ul>
566: <p>
567:
568: <p>
569: <h3><font color="#e00000">OpenBSD/luna88k:</font></h3>
570: <ul>
571: <p>
572: Copy `boot' and `bsd.rd' to a Mach or UniOS partition, and boot the bootloader
573: from the PROM, and then bsd.rd from the bootloader.
574: Refer to the instructions in INSTALL.luna88k for more details.
575: </ul>
576:
577: <p>
578: <h3><font color="#e00000">OpenBSD/octeon:</font></h3>
579: <ul>
580: <p>
581: After connecting a serial port, boot bsd.rd over the network via DHCP/tftp.
582: Refer to the instructions in INSTALL.octeon for more details.
583: </ul>
584:
585: <p>
586: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
587: <ul>
588: <p>
589: To install, burn cd59.iso on a CD-R, put it in the CD drive of your
590: machine and select <i>Install System Software</i> from the System Maintenance
591: menu. Indigo/Indy/Indigo2 (R4000) systems will not boot automatically from
592: CD-ROM, and need a proper invocation from the PROM prompt.
593: Refer to the instructions in INSTALL.sgi for more details.
594:
595: <p>
596: If your machine doesn't have a CD drive, you can setup a DHCP/tftp network
597: server, and boot using "bootp()/bsd.rd.IP##" using the kernel matching your
598: system type. Refer to the instructions in INSTALL.sgi for more details.
599: </ul>
600:
601: <p>
602: <h3><font color="#e00000">OpenBSD/socppc:</font></h3>
603: <ul>
604: <p>
605: After connecting a serial port, boot over the network via DHCP/tftp.
606: Refer to the instructions in INSTALL.socppc for more details.
607: </ul>
608:
609: <p>
610: <h3><font color="#e00000">OpenBSD/vax:</font></h3>
611: <ul>
612: Boot over the network via mopbooting as described in INSTALL.vax.
613: </ul>
614:
615: <p>
616: <h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
617: <ul>
618: <p>
619: Using the Linux built-in graphical ipkg installer, install the
620: openbsd59_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
621: for a few important details.
622: </ul>
623:
624: <a name="upgrade"></a>
625: <hr>
626: <p>
627: <h3><font color="#0000e0">How to upgrade</font></h3>
628: <p>
1.6 tj 629: If you already have an OpenBSD 5.8 system, and do not want to reinstall,
1.1 deraadt 630: upgrade instructions and advice can be found in the
631: <a href="faq/upgrade59.html">Upgrade Guide</a>.
632:
633: <a name="sourcecode"></a>
634: <hr>
635: <p>
636: <h3><font color="#0000e0">Notes about the source code</font></h3>
637: <p>
638: src.tar.gz contains a source archive starting at /usr/src. This file
639: contains everything you need except for the kernel sources, which are
640: in a separate archive. To extract:
641: <p>
642: <ul><pre>
643: # <strong>mkdir -p /usr/src</strong>
644: # <strong>cd /usr/src</strong>
645: # <strong>tar xvfz /tmp/src.tar.gz</strong>
646: </pre></ul>
647: <p>
648: sys.tar.gz contains a source archive starting at /usr/src/sys.
649: This file contains all the kernel sources you need to rebuild kernels.
650: To extract:
651: <p>
652: <ul><pre>
653: # <strong>mkdir -p /usr/src/sys</strong>
654: # <strong>cd /usr/src</strong>
655: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
656: </pre></ul>
657: <p>
658: Both of these trees are a regular CVS checkout. Using these trees it
659: is possible to get a head-start on using the anoncvs servers as
660: described <a href="anoncvs.html">here</a>.
661: Using these files
662: results in a much faster initial CVS update than you could expect from
663: a fresh checkout of the full OpenBSD source tree.
664: <p>
665:
666: <a name="ports"></a>
667: <hr>
668: <p>
669: <h3><font color="#0000e0">Ports Tree</font></h3>
670: <p>
671: A ports tree archive is also provided. To extract:
672: <p>
673: <ul><pre>
674: # <strong>cd /usr</strong>
675: # <strong>tar xvfz /tmp/ports.tar.gz</strong>
676: </pre></ul>
677: <p>
678: Go read the <a href="faq/ports/index.html">ports</a> page
679: if you know nothing about ports
680: at this point. This text is not a manual of how to use ports.
681: Rather, it is a set of notes meant to kickstart the user on the
682: OpenBSD ports system.
683: <p>
684: The <i>ports/</i> directory represents a CVS (see the manpage for
685: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&arch=i386">
686: cvs(1)</a> if
687: you aren't familiar with CVS) checkout of our ports. As with our complete
688: source tree, our ports tree is available via
689: <a href="anoncvs.html">AnonCVS</a>.
690: So, in order to keep up to date with the <i>-stable</i> branch, you must make
691: the <i>ports/</i> tree available on a read-write medium and update the tree
692: with a command like:
693: <p>
694: <ul><pre>
695: # <strong>cd /usr/ports</strong>
696: # <strong>cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_9</strong>
697: </pre></ul>
698: <p>
699: [Of course, you must replace the server name here with a nearby anoncvs
700: server.]
701: <p>
702: Note that most ports are available as packages on our mirrors. Updated
703: ports for the 5.9 release will be made available if problems arise.
704: <p>
705: If you're interested in seeing a port added, would like to help out, or just
706: would like to know more, the mailing list
707: <a href="mail.html">ports@openbsd.org</a> is a good place to know.
708: <p>
709: </body>
710: </html>