Release notes for FreeBSD 15.0. This file describes new user-visible features, changes and updates relevant to users of binary FreeBSD releases. Each entry should describe the change in no more than several sentences and should reference manual pages where an interested user can find more information. Entries should wrap after 80 columns. Each entry should begin with one or more commit IDs on one line, specified as a comma separated list and/or range, followed by a colon and a newline. Entries should be separated by a newline. Changes to this file should not be MFCed. ddfc6f84f242: Update unicode to 16.0.0 and CLDR to 45.0.0. b22be3bbb2de: Basic Cloudinit images no longer generate RSA host keys by default for SSH. 000000000000: RSA host keys for SSH are deprecated and will no longer be generated by default in FreeBSD 16. 0aabcd75dbc2: EC2 AMIs no longer generate RSA host keys by default for SSH. RSA host key generation can be re-enabled by setting sshd_rsa_enable="YES" in /etc/rc.conf if it is necessary to support very old SSH clients. a1da7dc1cdad: The SO_SPLICE socket option was added. It allows TCP connections to be spliced together, enabling proxy-like functionality without the need to copy data in and out of user memory. e962b37bf0ff: When running bhyve(8) guests with a boot ROM, i.e., bhyveload(8) is not used, bhyve now assumes that the boot ROM will enable PCI BAR decoding. This is incompatible with some boot ROMs, particularly outdated builds of edk2-bhyve. To restore the old behavior, add "pci.enable_bars='true'" to your bhyve configuration. Note in particular that the uefi-edk2-bhyve package has been renamed to edk2-bhyve. 43caa2e805c2: amd64 bhyve(8)'s "lpc.bootrom" and "lpc.bootvars" options are deprecated. Use the top-level "bootrom" and "bootvars" options instead. 822ca3276345: byacc was updated to 20240109. 21817992b331: ncurses was updated to 6.5. 1687d77197c0: Filesystem manual pages have been moved to section four. Please check ports you are maintaining for crossreferences. 8aac90f18aef: new MAC/do policy and mdo(1) utility which enables a user to become another user without the requirement of setuid root. 7398d1ece5cf: hw.snd.version is removed. a15f7c96a276,a8089ea5aee5: NVMe over Fabrics controller. The nvmft(4) kernel module adds a new frontend to the CAM target layer which exports ctl(4) LUNs as NVMe namespaces to remote hosts. The nvmfd(8) daemon is responsible for accepting incoming connection requests and handing off connected queue pairs to nvmft(4). a1eda74167b5,1058c12197ab: NVMe over Fabrics host. New commands added to nvmecontrol(8) to establish connections to remote controllers. Once connections are established they are handed off to the nvmf(4) kernel module which creates nvmeX devices and exports remote namespaces as nda(4) disks. 25723d66369f: As a side-effect of retiring the unit.* code in sound(4), the hw.snd.maxunit loader(8) tunable is also retired. eeb04a736cb9: date(1) now supports nanoseconds. For example: `date -Ins` prints "2024-04-22T12:20:28,763742224+02:00" and `date +%N` prints "415050400". 6d5ce2bb6344: The default value of the nfs_reserved_port_only rc.conf(5) setting has changed. The FreeBSD NFS server now requires the source port of requests to be in the privileged port range (i.e., <= 1023), which generally requires the client to have elevated privileges on their local system. The previous behavior can be restored by setting nfs_reserved_port_only=NO in rc.conf. aea973501b19: ktrace(2) will now record detailed information about capability mode violations. The kdump(1) utility has been updated to display such information. f32a6403d346: One True Awk updated to 2nd Edition. See https://awk.dev for details on the additions. Unicode and CSVs (Comma Separated Values) are now supported. fe86d923f83f: usbconfig(8) now reads the descriptions of the usb vendor and products from usb.ids when available, similarly to what pciconf(8) does. 4347ef60501f: The powerd(8) utility is now enabled in /etc/rc.conf by default on images for the arm64 Raspberry Pi's (arm64-aarch64-RPI img files). This prevents the CPU clock from running slow all the time. 0b49e504a32d: rc.d/jail now supports the legacy variable jail_${jailname}_zfs_dataset to allow unmaintained jail managers like ezjail to make use of this feature (simply rename jail_${jailname}_zfs_datasets in the ezjail config to jail_${jailname}_zfs_dataset. e0dfe185cbca: jail(8) now support zfs.dataset to add a list of ZFS datasets to a jail. 61174ad88e33: newsyslog(8) now supports specifying a global compression method directly at the beginning of the newsyslog.conf file, which will make newsyslog(8) to behave like the corresponding option was passed to the newly added '-c' option. For example: none 906748d208d3: newsyslog(8) now accepts a new option, '-c' which overrides all historical compression flags by treating their meaning as "treat the file as compressible" rather than "compress the file with that specific method." The following choices are available: * none: Do not compress, regardless of flag. * legacy: Historical behavior (J=bzip2, X=xz, Y=zstd, Z=gzip). * bzip2, xz, zstd, gzip: apply the specified compression method. We plan to change the default to 'none' in FreeBSD 15.0. 1a878807006c: This commit added some statistics collection to the NFS-over-TLS code in the NFS server so that sysadmins can moditor usage. The statistics are available via the kern.rpc.tls.* sysctls. 7c5146da1286: Mountd has been modified to use strunvis(3) to decode directory names in exports(5) file(s). This allows special characters, such as blanks, to be embedded in the directory name(s). "vis -M" may be used to encode such directory name(s). c5359e2af5ab: bhyve(8) has a new network backend, "slirp", which makes use of the libslirp package to provide a userspace network stack. This backend makes it possible to access the guest network from the host without requiring any extra network configuration on the host. bb830e346bd5: Set the IUTF8 flag by default in tty(4). 128f63cedc14 and 9e589b093857 added proper UTF-8 backspacing handling in the tty(4) driver, which is enabled by setting the new IUTF8 flag through stty(1). Since the default locale is UTF-8, enable IUTF8 by default. ff01d71e48d4: dialog(1) has been replaced by bsddialog(1) 41582f28ddf7: FreeBSD 15.0 will not include support for 32-bit platforms. However, 64-bit systems will still be able to run older 32-bit binaries. Support for executing 32-bit binaries on 64-bit platforms via COMPAT_FREEBSD32 will remain supported for at least the stable/15 and stable/16 branches. Support for compiling individual 32-bit applications via `cc -m32` will also be supported for at least the stable/15 branch which includes suitable headers in /usr/include and libraries in /usr/lib32. Support for 32-bit platforms in ports for 15.0 and later releases is also deprecated, and these future releases may not include binary packages for 32-bit platforms or support for building 32-bit applications from ports. stable/14 and earlier branches will retain existing 32-bit kernel and world support. Ports will retain existing support for building ports and packages for 32-bit systems on stable/14 and earlier branches as long as those branches are supported by the ports system. However, all 32-bit platforms are Tier-2 or Tier-3 and support for individual ports should be expected to degrade as upstreams deprecate 32-bit platforms. With the current support schedule, stable/14 will be EOLed 5 years after the release of 14.0. The EOL of stable/14 would mark the end of support for 32-bit platforms including source releases, pre-built packages, and support for building applications from ports. Given an estimated release date of October 2023 for 14.0, support for 32-bit platforms would end in October 2028. The project may choose to alter this approach when 15.0 is released by extending some level of 32-bit support for one or more platforms in 15.0 or later. Users should use the stable/14 branch to migrate off of 32-bit platforms.