HardenedBSD/UPDATING
Warner Losh 9698f2c06e Update to note my dropping the strong lock on this file.
Clarify what my last note about USERCONFIG really means and how to
know if it is fixed.
2002-04-11 05:45:17 +00:00

1007 lines
37 KiB
Plaintext

Updating Information for FreeBSD current users
This file is maintained and copyrighted by M. Warner Losh
<imp@village.org>. See end of file for further details. For commonly
done items, please see the COMMON ITEMS: section later in the file.
NOTE TO PEOPLE WHO THINK THAT 5.0-CURRENT IS SLOW:
FreeBSD 5.0-CURRENT has many debugging features turned on, in
both the kernel and userland. These features attempt to detect
incorrect use of system primitives, and encourage loud failure
through extra sanity checking and fail stop semantics. They
also substantially impact system performance. If you want to
do performance measurement, benchmarking, and optimization,
you'll want to turn them off. This includes various WITNESS-
related kernel options, INVARIANTS, malloc debugging flags
in userland, and various verbose features in the kernel. Many
developers choose to disable these features on build machines
to maximize performance.
In addition, IDE write caching is currently disabled by default
due to on-going concerns about disk write order and file system
integrity. Re-enabling write caching can substantially improve
performance.
20020404:
New sendmail startup scripts have been installed to make it
easier to use alternative MTAs with FreeBSD. Setting the rc.conf
variable sendmail_enable to "NO" no longer prevents any sendmail
daemons from starting. Instead, either set sendmail_enable to
"NONE" or change mta_start_script to a script for starting
an alternative MTA. Setting mta_start_script to "" will
also prevent any MTA from being started at boot.
20020404:
Due to the import of sendmail 8.12.2 (see 20020217 entry), a new
user and group are required in order for sendmail to run as a
set-group-ID binary. A 'make installworld' will use the new user
and group to set the owner and group of /var/spool/clientmqueue
and will fail if the new user and group do not exist. The 'smmsp'
user and group must be merged from src/etc/group and
src/etc/master.passwd before using 'make installworld'.
20020315:
FreeBSD 5.0 DP-1 was basically branched today.
20020225:
Warnings are now errors in the kernel. Unless you are a developer,
you should add -DNO_WERROR to your make line.
20020217:
sendmail 8.12.2 has been imported. The sendmail binary is no
longer a set-user-ID root binary and the infrastructure to support
command line mail submission has changed. Be sure to run
mergemaster (especially for updating /etc/rc, /etc/defaults/rc.conf,
and /etc/mail) and read /etc/mail/README for more details.
20020112:
The preferred configuration method for PAM is now /etc/pam.d/
rather than /etc/pam.conf. If you have an unmodified
pam.conf, just delete it after your next mergemaster run. If
you have local modifications, you can use
/usr/src/etc/pam.d/convert.pl to incorporate them into your
/etc/pam.d.
Please see the following url for more details:
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<xzp6667fyoa.fsf@flood.ping.uio.no>
20011229:
If anyone here is already using the new rc.conf(5) variable
networkfs_types, please note that it has changed
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<9744.1009655556@axl.seasidesoftware.co.za>
20011220:
sys/i4b/driver/i4b_ispppsubr.c has been retired. This file
started out its life in the ISDN4BSD project as an offspring
from sys/net/if_spppsubr.c, which eventually got a life of its
own. All the accumulated features and bugfixes of the i4b
version have now been merged back into the base system's
version now. The only user-visible change resulting from this
is that i4b's sppp(4) interfaces are to be managed with
spppcontrol(8) again, since ispppcontrol(8) has been retired
as well. (There has never been rc file support for
ispppcontrol in -current, but only in -stable. That will be
reverted by the time the changes are MFCed.)
20011215:
The fdc(4) driver has been updated and now automatically
recognizes media in `standard' formats (like 1440 KB and
720 KB for a 3.5" high-density drive) when accessing the
default device node (e. g. /dev/fd0). The old variety of
floppy device nodes /dev/fd*.* is no longer present by
default, devices can be created (in DEVFS) on demand. They
will need to be customized then for `odd' densities using
fdcontrol(8).
20011209:
The bugs in procfs' debugging support code have been fixed,
and truss(1) now works again.
20011207:
Daily security checks have been split out to use the periodic(8)
scripts. Some change in configuration may be necessary. Please
see
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<20011207155805.R8975@blossom.cjclark.org>
for details.
20011204:
sos added VCD/SVCD support to ata driver and that needs the
kernel and burncd to be in sync.
20011203:
The procfs pseudo-filesystem has now been converted to use the
pseudofs framework. If you have 'options PROCFS' in your
kernel config, you'll need to add 'options PSEUDOFS' if it's
not there already.
This change temporarily breaks truss(1); use ktrace(1) instead
until the issue has been resolved.
20011202:
A security hole in OpenSSH involving `UseLogin yes' has been
patched.
20011126:
You need to remove /usr/obj/.../usr.bin/tip before rebuilding
after this date. You need to do this only once.
20011103:
Most of the awk issues have been resolved. Some rough
edges may be left, but for the most part things should be
back to "normal." For CURRENT's usual definition of "normal."
20011030:
Awk has been upgraded to the one true awk from bell labs. Expect
choppy waves in the upgrade process.
20011030:
The asr driver problem has been resolved.
20011027:
Due to changes in other parts of the system, the asr driver
now causes the system to panic on boot. Do not use it pending
correction. Comment it out of any kernel config file that you
try to use from this date forward.
20011025:
When crossbuilding, use TARGET=xxx where you used to use
MACHINE=xxx. You don't need to set TARGET_ARCH and TARGET,
unless you are changing both of them. To cross build pc98 on
an alpha, for example, you need to set TARGET=pc98 and
TARGET_ARCH=i386.
20011001:
The kernel interface that burncd depends on has changed.
You must recompile both the kernel and userland applications
at the same time.
20010929:
When crossbuilding, please set TARGET_ARCH rather than
MACHINE_ARCH to indicate the target. In the future, one will
set TARGET_MACHINE where you set MACHINE now. At the moment,
setting MACHINE alone for same MACHINE_ARCH machines works
(eg, you can build pc98 on a i386 machine and vice versa).
20010927:
Some weird problems result from using ACPI on some machines.
To disable ACPI you can add
hint.acpi.0.disable="1"
to /boot/loader.conf (or by putting set X=Y at the boot
loader "ok" prompt).
Alternatively, you can remove it from /boot/kernel/acpi.ko
or use the MODULES_OVERRIDE function in your kernel config
file and not list acpi in that list.
20010924:
The buildworld has been fixed. You may need to install
the 4.x compatibility libraries for some old binaries
to work. Add COMPAT4X=true to your /etc/make.conf to
get them installed on every installworld, or execute the
following to get them installed only once:
cd src/lib/compat/compat4x.<arch>
make all install
You will see ``__stdoutp undefined'' until you do this.
20010919:
There's a bug in the world build process. The cross-tools
are build with the NEW headers, but the OLD libc.a. This
leads to all kinds of problems with the new libc. A temporary
workaround is to add
CFLAGS="-O -pipe -D_OLD_STDIO"
before building world when upgrading from 4.x to current. This
can be removed afterwards.
A proper fix to the buildworld target is needed.
20010918:
Peter has committed his new kthread nfs client/server code.
NFS may be unstable after this date.
20010912:
KSE has hit the tree. Lots of things are now different in
the kernel. While a few problems were introduced in the
initial commit, most of the major ones have been found and
corrected.
20010901:
In OLDCARD, CardBus bridges appear to be stable. The work
arounds described in the 20010604 entry are now no longer
necessary and will be ignored. Most insert/remove problems
have been rectified around this date.
20010823:
named now runs as user bind and group bind rather than as
root. If named_enable is set to YES in /etc/rc.conf, ensure
that user bind is available in /etc/passwd (using vipw(8))
and that group bind is available in /etc/group. Also make
sure that user or group bind has read (and not write)
permission for your name server configuration and that it
has read and write permission for your slave zone files and
directory.
If you wish to continue to run named as root (a less secure
alternative), add a line to /etc/rc.conf saying
named_flags=
20010709:
The PAM libraries have had an API upgrade that is beyond
the ability of the shared library major number to handle.
It is manifested by PAM-using ports dumping core. The
solution is to rebuild those ports.
20010628:
The kernel compile module has moved from src/sys/compile/FOO
to src/sys/${MACHINE}/compile/FOO.
20010625:
The pccard modem issue from 20010613 has been corrected.
OLDCARD support is still a little weak in -current. slot 1 is
known not to work on some TI based cardbus bridges. Some
cardbus bridges do not properly detect insert/removal events.
IRQ configuration needs more safety belts.
20010617:
Softupdates problems have been corrected.
20010614:
Peter ripped out the linkerset support. You must, as always,
rerun config after you cvsup if you are using the traditional
kernel building methods.
20010613:
pccard modems may not work with current after 20010604 date. Some
do, others result in panics. *MAKE*SURE* that you update your
config and /etc/rc.conf ala the 20010604 entry, or you will have
problems (this issue will be fixed, it just hasn't been yet).
20010613:
SOFTUPDATES seem to be broken since the middle of May or so. Do not
use them in current. You can disable softupdates on all mounted
partitions, or remove SOFTUPDATES the kernel config file.
20010612:
After Peter's commits to the hints code, people have been noticing
that certain devices are attached (or try to) twice. This is due
to having both static hints as well as a /boot/device.hints. To
work around this issue, please use only one or the other mechanism
until this bug is fixed.
Please note that a feature of config is that if you have config
file FOO and FOO.hints, it automatically adds FOO.hints to the
hints.c file, wheather you want it to or not.
20010610:
Locale names have changed to match other systems better.
20010604:
pccard support for pci cards has been committed. You must change
your /etc/pccard.conf irq lines. It must match the irq used by
pcic device. Interrupt storms may result if you fail to do this.
Interrupt storms look a lot like a hang.
You must also install a new pccardd, otherwise you will get an
interrupt storm at card reset time (just after it tells you what
it is).
pccardd_flags="-I" is necessary for the time being. It tells pccardd
not to ask the kernel if the interrupt is really free or not before
using it. You can either change the /etc/pccard.conf irq lines to
match pcic, or add "-i X" to the pccardd_flags.
20010530:
INSTALL=install -C is being deprecated. If you want to do this,
use COPY=-C instead. The former method will be supported for only
a limited time. If you see
install: warning: the -d and -C options may not be specified together
in your makeworld, then you need to migrate towards using
COPY=-C.
20010525:
It appears that vm is now stable enough to use again. However,
there may be other problems, so caution is still urged. alpha
definitely is in bad shape.
20010521:
Minor repo damange has happened. This may cause problems
with cvsup of ports. If you get errors, please see
http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27495
at the bottom for details on a workaround. The error message
is
Updater failed: Cannot delete "/usr/ports/www/jakarta-tomcat/files": Directory not empty
20010520:
Vm and/or swapping are busted on -current. Please be patient.
20010519:
pccard has had much reorganizational work done to it over
the past few days. Everything should still work, but if
not, please contact imp@freebsd.org.
20010517:
ata ioctl changed. Make sure to recompile both kernel and
userland at the same time.
20010517:
New ncurses imported.
20010512:
DEVFS is now opt out, not opt in. Barring major problems, this
will be the only way to go starting July 1.
20010504:
OpenSSH has been updated to 2.9. Some defaults are different,
including RhostsRSAAuthentication, which changes from yes to no.
20010502:
Perl breakage in 20010501 was corrected at 14:18:33 PDT.
20010501:
Building perl was broken at 02:25:25 PDT.
20010430:
The bug in 20010429 was corrected at 07:35:37 PDT. It is safe to
go back in the water.
20010429:
A bad bug was committed at 04:48:42 PDT. Don't use kernels after
this date, but before the correction date.
20010423:
old fsck and new kernel interactions appear to have been fixed.
20010411:
fsck and the kernel were changed to handle some optimizations
to directory layout. This breaks backward compatibility.
Update only if you understand that you must not use the old
fsck with the new kernel ever.
20010330:
fsck has changed the meaning of the pass column in /etc/fstab.
Please see the cvs commit to fsck.8 or the fsck.8 man page for
details. It is unclear if changes to /etc/fstab are necessary.
20010319:
portmap had changed name to rpcbind for maximum POLA in your
current world. /etc/hosts.{allow,deny} needs changes. nfs and
other rpc based programs that rely on portmapper will not work
without updates to /etc/hosts.{allow,deny} and /etc/netconfig.
20010315:
ata subsystem changes. ATA_ENABLE_ATAPI_DMA, ATA_ENABLE_WC
and ATA_ENABEL_TAGS are no longer kernel options. They have
been replaced by tunables. See ata.4 for details.
20010312:
The fxp driver was converted to use miibus. If you compile
fxp into your kernel statically, you will need to add miibus.
20010312:
The wi device now defaults to BSS (infrastructure) mode
instead of ad-hoc.
20010310:
/dev/urandom should be a symbolic link to /dev/random now.
Users of current not using DEVFS need to run MAKEDEV std.
ssh might not work if you don't.
20010303:
The ed driver has been updated. It now allows mii attachments,
which means that you must include the miibus in your kernel if
you use the ed driver.
20010220:
The problems with libc have been corrected. It is now mostly
safe to go back into the water.
20010211:
The size of FILE was changed. This breaks upgrading. If
you must upgrade, be prepared for pain. It also breaks almost
all binaries that you've compiled on -current. You are warned
that before upgrading would be a good time to do a level 0
dump of your system. No, really, I mean it this time.
To get to the new system, you'll need to use the following
workaround. Hopefully this can be sorted out so that we
don't have to move this to the updating section.
To get around the installworld problem, do:
# cd /usr/src/usr.bin/sed
# make install
# cd /usr/src
# make installworld
If that doesn't work, then try:
# make -k installworld
# make installworld
20010207:
DEVFS is now the default. If you use vinum, make sure that you
do not include devfs in your kernel as problems result.
20010205:
FFS_ROOT and CD9660_ROOT have been removed or deprecated.
Remove them from your config.
20010122:
****************************** WARNING ******************************
buildkernel has been changed slightly
****************************** WARNING ******************************
KERNCONF replaces the variable KERNEL for buildkernel. You
should update your scripts and make.conf accordingly.
20010119:
config has changed to allow DEV_FOO as a replacement for NFOO.
This requires a new config to build correctly.
20010116:
The kerrnel option I386_CPU is now mutually exclusive with the
other cpu types. If you have an i386 system, be sure that it
only had this line. Remove it for all other configurations.
20010110:
Changes to the kernel require it and burncd be in sync.
20010102:
Everyone who has hw.sndunit set to something in
/etc/sysctl.conf, it is now hw.snd.unit.
20010101:
ex and vi were broken by some changes to sys/queue.h. If you
have a bad vi, you will see make buildworld fail with a core
dump while building termcap. You can work around this problem
by adding -k to your make buildworld. This will cause the
build to complete and install a new vi. Once that's done, you
can rebuild again without the -k to pick up anything that
might have been ignored by the -k option.
Others have suggested that you can just rebuild libc if your
vi/ex is dynamically linked, but I've not received any reports
of this working.
20001228:
There have been some changes to libcrypt in -current. The
libscrypt/libdescrypt symlink sillyness is gone and the installed
libcrypt is fully functional. Be aware of this.
20001218:
Linksys Fast Ethernet PCCARD cards supported by the ed driver
now require the addition of flag 0x80000 to their config line
in pccard.conf(5). This flag is not optional. These Linksys
cards will not be recognized without it.
20001205:
Important new FreeBSD-version stuff: PAM support has been worked
in, partially from the "Unix" OpenSSH version. This requires
adding the following in pam.conf:
sshd auth sufficient pam_skey.so
sshd auth required pam_unix.so try_first_pass
sshd session required pam_permit.so
20001031:
cvs updated to 1.11.
20001020:
The random device needs more entropy, so you need to make sure
that you've run mergemaster to get a /etc/rc which will seed
/dev/random. If you don't and the system hangs after ldconfig,
then banging on the keyboard randomly until it unhangs is one
workaround.
20001010:
****************************** WARNING ******************************
Sendmail has been updated.
****************************** WARNING ******************************
o mail.local(8) is no longer installed as a set-user-id binary.
o sendmail(8) is now built with STARTTLS support unless NO_OPENSSL
is set.
o The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY
commands.
o Now using sendmail's version of vacation(1).
o The sendmail cf building tools (contrib/sendmail/cf) are installed
in /usr/share/sendmail/cf.
o sendmail.cw changed to local-host-names
More details can be found at
http://people.freebsd.org/~imp/UPDATING/sendmail-20001010
20001009:
The ports tree's new layout is in place. Be sure to update
your entire ports tree, or you will have problems.
20001006:
The perl build procedure no longer installs miniperl, nor uses
the installed miniperl. It is recommended that you delete
/usr/bin/miniperl.
20001005:
This weekend the ports tree will be updated to a new layout.
It will be in an inconsistent state until noted in the UPDATING
file, or with asami-san's message to the relevant mailing
lists. With this new layout, you'll need to update the whole
tree for anything to work.
20000928:
There was a change in the passwd format. Need more information.
20000916:
/boot/kernel/kernel.ko -> /boot/kernel/kernel change has taken
place. Please update boot loader (not the boot blocks) at the
same time as your kernel.
20000914:
The new pmtimer device is necessary for laptops. Failure to
include the device will cause suspended laptops losing time
when they resume. Include
device pmtimer
in your config file and
hint.pmtimer.0.at="isa"
to your /boot/device.hints file.
20000911:
The random device has been turned into a (pseudo-)device,
rather than an option. The supplied kernel config files have
been updated. You will need to do something similar in your
own kernel config file.
Remove:
options RANDOMDEV
Add:
device random
If you prefer to load the loadable module, you need to do
nothing.
20000909:
The random device module has been renamed from randomdev.ko to
random.ko. You will need to edit your /boot/loader.conf to
reflect this if you load this module at boot time.
The line should read:
random_load="YES"
20000907:
The SMPNG commit has happened. It should work, but if it
doesn't, fallback to the PRE_SMPNG CVS tag. There are likely
to be a variety of minor issues. Please see 20000905 to make
sure you don't have model loading problems which might at
first blush appear related to SMP.
20000906:
nsswitch has been imported from NetBSD. Among other things,
this means that /etc/host.conf is no longer used. See
nsswitch.conf(5) instead. Note that at boot time rc.network
will attempt to produce a new nsswitch.conf file for you if you
don't have one, and you have host.conf.
20000905:
The ucred structure changed size. This breaks the interface
that mountd uses. Trying to use an older mountd with a newer
kernel guarantees a panic. This means that you need to use
kernels newer than today only with matching mountd, but you
needed to do that anyway with the boot loader changes.
20000905:
The boot loader has been updated. The new default kernel is
now /boot/kernel/kernel.ko. The new default module location
is /boot/kernel.
You *MUST* upgrade your boot loader and kernel at the same time.
The easiest way to do this is to do the buildworld/buildkernel/
installkernel/installworld dance.
Furthermore, you are urged to delete your old /modules directory
before booting the new kernel, since kldload will find stale
modules in that directory instead of finding them in the correct
path, /boot/kernel. The most common complaint that this cures
is that the linux module crashes your machine after the update.
if [ ! -d /boot/kernel.old ]; then
mv /modules.old /boot/kernel.old
chflags noschg /kernel.old
mv /kernel.old /boot/kernel.old/kernel.ko
chflags schg /boot/kernel.old/kernel.ko
fi
20000904:
A new issue with the sendmail upgrade has come to light.
/etc/aliases has moved to /etc/mail/aliases. Mergemaster will
incorrectly install the default aliases in /etc/mail rather than
move the old one from /etc. So you'll need to manually move the
file, create a symbolic link, remove the old /etc/aliases.db and
run newaliases. For safety sake, you should stop sendmail
while doing this and run the upgrade when locally sourced email
is not likely to be generated.
20000825:
/boot/device.hints is now required for installkernel to
succeed. You should copy GENERIC.hints for your architecture
into /boot/device.hints. If and only if you compile hints
into your kernel, then this file may be empty. Please note,
if you have an empty or missing /boot/device.hints file and
you neglected to compile hints into your kernel, no boot
messages will appear after the boot loader tries to start the
kernel.
20000821:
If you do NOT have ``options RANDOMDEV'' in your kernel and
you DO want the random device then add randomdev_load="YES" to
/boot/loader.conf.
20000812:
suidperl is now always built and installed on the system, but
with permissions of 511. If you have applications that use
this program, you are now required to add ENABLE_SUIDPERL=true
to /etc/make.conf. If you forget to do this,
chmod 4511 /usr/bin/suidperl
will fix this until the next build.
20000812:
sendmail has been updated from 8.9.3 to 8.11.0. Some of the more
visible changes that may immediately affect your configuration
include:
- New default file locations from src/contrib/sendmail/cf/README
- newaliases limited to root and trusted users
- MSA port (587) turned on by default
- New queue file naming system so can't go from 8.11 -> 8.9
- FEATURE(`rbl') renamed to FEATURE(`dnsbl')
- FEATURE(`nullclient') is more full featured
- FEATURE(`nouucp') requires an argument: `reject' or `nospecial'
- mail.local FreeBSD-only -b option changed to -B
- See src/contrib/sendmail/RELEASE_NOTES for more info
20000810:
suidperl (aka sperl) is no longer build by default. You must
specifically define BUILD_SUIDPERL to "true" for it to be build.
Furthermore, we recommend that you remove /usr/bin/sperl* and
/usr/bin/suidperl files from your system unless you have a
specific use for it.
20000729:
Networking defaults have been tightened. Anybody upgrading
/etc/defaults/rc.conf needs to add the following lines to
/etc/rc.conf if they want to have the same setup
afterwards (unless the variables already are set, of course):
# Enable network daemons for user convenience.
inetd_enable="YES"
portmap_enable="YES"
sendmail_enable="YES"
20000728:
If you have null_load="YES" in your /boot/loader.conf, you
will need to change that to nullfs_load="YES".
20000728:
The "installkernel" target has changed slightly. Now even if
you override KERNEL e.g. 'make installkernel KERNEL=MYKERNEL'
it will install the MYKERNEL file (built with the buildkernel
target) as /kernel rather than /MYKERNEL. Those who have
updated their /boot/loader.conf files to point to /MYKERNEL
should remove that entry or perform manual rename of /kernel
to /MYKERNEL.
20000711:
If you use CVSUP or CTM to get CVS trees, AND you used to get
the old crypto files from internat.freebsd.org AND you check
out files from the CVS tree with the cvs command, please read
http://people.freebsd.org/~imp/internat.txt
for details on potential problems that you might have and how
to get around them.
If you are merely a mirror, or don't answer yes to each of the
clauses above, you needn't worry.
20000711:
/etc/security has been updated to print the inode number of
setuid programs that have changed. You will see a large spike
in the number of changed programs the first time when you run
mergemaster to get a new /etc/security.
20000710:
/dev/random now has good entropy collection (from the keyboard
and sysmouse drivers). Please ensure that either `options
RANDOMDEV' is present in your kernel config file or that
`randomdev_load="YES"' is in your /boot/loader.conf. If you do
not have the /dev/random driver, OpenSSL (and consequently
lots of crypto tools (like SSH)) will fail with strange
errors. (see below, 20000624).
FreeBSD-current is safe again to run Crypto.
20000709:
phk made the malloc default options AJ. This may slow things
down and uncover other latent bugs in the code. If you need to
run at full speed, you can disable this by doing the following:
ln -s aj /etc/malloc.conf
20000706:
libftpio's version was accidentally bumped a few days ago. This
has been corrected. You may need to remove /usr/lib/libftpio.so.6
before doing your next buildworld/installworld pair. It certainly
won't hurt to remove it before the update procedure. It will
break fetch until a new one is built, but ftp can be used in the
interim if needed.
20000705:
The crypto packages have changed for the cvsup. This has been done
in a backward compatible way, but the old packages will go away at
some point in the future. Look at /usr/share/examples/cvsup for
details.
20000704:
With the new sys/modules/sound/drivers/*, you will need to
set SYSDIR until you do an installworld after July 7th.
20000704:
rc.shutdown and rc will now call the rc.d scripts with start
or stop. This may cause some harmless warnings from older
rc.d scripts that haven't been updated.
20000630:
The libfetch based version of fetch has gone into the tree.
Minor problems may result on some of the less popular sites,
which should be reported to des@freebsd.org.
20000625:
From approximately this date forward, one must have the crypto
system installed in order to build the system and kernel.
While not technically strictly true, one should treat it as
required and grab the crypto bits. If you are grabbing CVS
trees, src-all and cvs-crypto should be treated as if they
were required. You should check with the latest collections
to make sure that these haven't changed.
20000624:
Mark Murray just committed the first parts of a cleanup of
/dev/zero, et al. This is also cleaning up /dev/random.
The entropy is disconnected, so DO NOT USE VERSIONS OF FREEBSD
-CURRENT FROM THIS POINT to 2000710 for cryptographic services
until Mark can merge in the fixes to this work in progress.
openssh and openssl should not be used to generate keys from this
date to the completion of the work.
If you must operate at this reduced level of security, add '
options RANDOMDEV' to your kernel or modload the randomdev
module. You may also need to copy a new MAKEDEV to /dev and
recreate the random and urandom devices.
20000622:
The license on the softupdates is now a standard 2 clause
BSD license. You may need to remove your symbolic links
that used to be required when updating.
20000621:
Scott Flatman <sf@aracnet.com> sent in a decent write-up on
the config file update procedure.
http://people.freebsd.org/~imp/config-upd.html
NOTE: LINT is gone. It has been replaced with NOTES. NOTES
isn't buildable. However, you can generate a LINT file.
20000620:
Binutils 2.10 have hit the tree, or will shortly. As soon
as they do, the problem noted in 20000522 will be resolved and
that workaround will no longer be required.
20000615:
phk removed the compatibility creation of wd devices in the
ad driver. If you haven't done so already, you must update
your fstab, etc to use the ad devices instead of the wd
devices.
In addition, you'll need to update your boot blocks to a
more modern version, if you haven't already done so. Modern
here means 4.0 release or newer (although older releases
may work).
20000612:
Peter took an axe to config(8). Be sure that you read his mail
on the topic before even thinking about updating. You will
need to create a /boot/device.hints or add a hints directive
to your config file to compile them in statically. The format
of the config file has changed as well. Please see GENERIC or
NEWCARD for examples of the new format.
Indirectly, this also breaks USERCONFIG. Unless a newer entry
says that it has been fixed, assume that must use the hints mechanism
in the loader if you need to use a machine with very old ISA cards
in it.
20000522:
A new set of binutils went into the tree today. Anybody
building a kernel after this point is advised that they need
to rebuild their binutils (or better yet do a
buildworld/installworld) before building a new kernel.
Due to bugs in binutils, using malloc options (eg /etc/malloc.conf
or MALLOC_OPTIONS env var) J will cause ld to dump core. It
is recommended that you don't set this option until the problem
is resolved.
20000513:
The ethernet drivers were all updated to clean up the BPF handling.
20000510:
The problems with boot blocks on the alphas have been corrected.
This will require some care in updating alphas. A new libstand
is requires for the boot blocks to build properly.
20000503:
Recompile all kld modules. Proper version dependency info
is now available.
20000502:
Modules have been disconnected from the buildworld tree and
connected to the kernel building instead.
20000427:
You may need to build gperf
cd /usr/src/gnu/usr.bin/gperf && make depend all install
when upgrading from 4.0 -> current. The build system now uses
an option only in -current.
20000417:
The method that we brand ELF binaries has changed to be more
acceptable to the binutils maintainers. You will need to
rebrand your ELF binaries that aren't native. One problem
binary is the Linux ldconfig. After your make world, but
before you reboot, you'll need to issue:
brandelf -t Linux /compat/linux/sbin/ldconfig
if you have Linux compatibility enabled on your machine.
20000320:
If you have really bad/marginal IDE drives, you may find they
don't work well. Use pio mode instead. The easiest way to
cope if you have a problem combination is to add:
/sbin/sysctl -w hw.atamodes=pio,pio,pio,pio
to the start of /etc/rc.conf.
20000319:
The ISA and PCI compatibility shims have been connected to the
options COMPAT_OLDISA and COMPAT_OLDPCI. If you are using old
style PCI or ISA drivers (i.e. tx, voxware, etc.) you must
include the appropriate option in your kernel config. Drivers
using the shims should be updated or they won't ship with
5.0-RELEASE, targeted for 2001.
20000318:
We've entered the traditional post release dumping party.
Large kernel changes are being committed and are in the
works. It is important to keep the systems' klds and kernel
in sync as kernel interfaces and structures are changing.
Before reporting kernel panics, make sure that all modules
that you are loading are up to date.
20000315:
If you are upgrading from an older version of FreeBSD, you
need to update your boot blocks as well. 'disklabel -B ad0'
will do the trick. This isn't critical until you remove your
wd device entries in /dev, at which point your system will not
boot.
20000315:
4.0 RELEASE shipped. Please see the 4.0 UPDATING file for how
to upgrade to 4.0 from 3.x.
COMMON ITEMS:
General Notes
-------------
Avoid using make -j when upgrading. From time to time in the
past there have been problems using -j with buildworld and/or
installworld. This is especially true when upgrading between
"distant" versions (eg one that cross a major release boundary
or several minor releases, or when several months have passed
on the -current branch).
Sometimes, obscure build problems are the result of environment
poisoning. This can happen because the make utility reads its
environment when searching for values for global variables.
To run your build attempts in an "environmental clean room",
prefix all make commands with 'env -i '. See the env(1) manual
page for more details.
To build a kernel
-----------------
If you are updating from a prior version of FreeBSD (even one just
a few days old), you should follow this procedure. With a
/usr/obj tree with a fresh buildworld,
make buildkernel KERNCONF=YOUR_KERNEL_HERE
make installkernel KERNCONF=YOUR_KERNEL_HERE
To just build a kernel when you know that it won't mess you up
--------------------------------------------------------------
cd src/sys/{i386,alpha}/conf
config KERNEL_NAME_HERE
cd ../../compile/KERNEL_NAME_HERE
make depend
make
make install
If this fails, go to the "To build a kernel" section.
To rebuild everything and install it on the current system.
-----------------------------------------------------------
make world
Build a new kernel, see above.
To upgrade from 4.x-stable to current
-------------------------------------
make buildworld
make buildkernel KERNCONF=YOUR_KERNEL_HERE
cp src/sys/${MACHINE_ARCH}/conf/GENERIC.hints /boot/device.hints [2]
make installkernel KERNCONF=YOUR_KERNEL_HERE
reboot in single user [3]
make installworld
mergemaster [4]
[1]
<reboot>
Make sure that you've read the UPDATING file to understand the
tweaks to various things you need. At this point in the life
cycle of current, things change often and you are on your own
to cope. The defaults can also change, so please read ALL of
the UPDATING entries.
Also, if you are tracking -current, you must be subscribed to
freebsd-current@freebsd.org. Make sure that before you update
your sources that you have read and understood all the recent
messages there. If in doubt, please track -stable which has
much fewer pitfalls.
[1] If you have third party modules, such as vmware, you
should disable them at this point so they don't crash your
system on reboot.
[2] If you have legacy ISA devices, you may need to create
your own device.hints to reflect your unique hardware
configuration.
[3] From the bootblocks, boot -s, and then do
fsck -p
mount -u /
mount -a
cd /usr/src
adjkerntz -i # if CMOS is wall time
[4] Note: This step is non-optional. Failure to do this step
can result in a significant reduction in the functionality of the
system. Attempting to do it by hand is not recommended and those
that pursue this avenue should read this file carefully, as well
as the archives of freebsd-current and freebsd-hackers mailing lists
for potential gotchas.
FORMAT:
This file contains a list, in reverse chronological order, of major
breakages in tracking -current. Not all things will be listed here,
and it only starts on March 15, 2000. Updating files can found in
previous releases if your system is older than this.
Copyright information:
Copyright 1998, 2002 M. Warner Losh. All Rights Reserved.
Redistribution, publication, translation and use, with or without
modification, in full or in part, in any form or format of this
document are permitted without further permission from the author.
THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
If you find this document useful, and you want to, you may buy the
author a beer.
Contact Warner Losh if you have any questions about your use of
this document.
$FreeBSD$