mirror of https://github.com/openbsd/www.git
769 lines
36 KiB
HTML
769 lines
36 KiB
HTML
<!doctype html>
|
|
<html lang=en id=release>
|
|
<meta charset=utf-8>
|
|
|
|
<title>OpenBSD 5.2</title>
|
|
<meta name="description" content="OpenBSD 5.2">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
<link rel="stylesheet" type="text/css" href="openbsd.css">
|
|
<link rel="canonical" href="https://www.openbsd.org/52.html">
|
|
|
|
<h2 id=OpenBSD>
|
|
<a href="index.html">
|
|
<i>Open</i><b>BSD</b></a>
|
|
5.2
|
|
</h2>
|
|
|
|
<table>
|
|
<tr>
|
|
<td>
|
|
<a href="images/Brazil.jpg">
|
|
<img width="227" height="300" src="images/Brazil.jpg" alt="Brazil"></a>
|
|
<td>
|
|
Released Nov 1, 2012<br>
|
|
Copyright 1997-2012, Theo de Raadt.<br>
|
|
<cite class=isbn>ISBN 978-0-9881561-0-4</cite>
|
|
<br>
|
|
5.2 Song: <a href="lyrics.html#52">"Aquarela do Linux"</a>
|
|
<br>
|
|
<br>
|
|
<ul>
|
|
<li>See the information on <a href="ftp.html">the FTP page</a> for
|
|
a list of mirror machines.
|
|
<li>Go to the <code class=reldir>pub/OpenBSD/5.2/</code> directory on
|
|
one of the mirror sites.
|
|
<li>Have a look at <a href="errata52.html">The 5.2 Errata page</a> for a list
|
|
of bugs and workarounds.
|
|
<li>See a <a href="plus52.html">detailed log of changes</a> between the
|
|
5.1 and 5.2 releases.
|
|
</ul>
|
|
<p>
|
|
All applicable copyrights and credits are in the src.tar.gz,
|
|
sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
|
|
files fetched via <code>ports.tar.gz</code>.
|
|
</table>
|
|
|
|
<hr>
|
|
|
|
<section id=new>
|
|
<h3>What's New</h3>
|
|
<p>
|
|
This is a partial list of new features and systems included in OpenBSD 5.2.
|
|
For a comprehensive list, see the <a href="plus52.html">changelog</a> leading
|
|
to 5.2.
|
|
<p>
|
|
|
|
<ul>
|
|
<li><a href="https://man.openbsd.org/pthreads.3">pthreads(3)</a> support:
|
|
<ul>
|
|
<li>The most significant change in this release is the replacement of
|
|
the user-level uthreads by kernel-level rthreads, allowing multithreaded
|
|
programs to utilize multiple CPUs/cores.
|
|
<li>Use PTHREAD_MUTEX_STRICT_NP as default mutex type.
|
|
<li>Added pthread spinlock and barrier routines.
|
|
<li>Added <a href="https://man.openbsd.org/pthread_mutex_lock.3">pthread_mutex_timedlock(3)</a> and <a href="https://man.openbsd.org/sem_wait.3">sem_timedwait(3)</a>.
|
|
<li>Added <a href="https://man.openbsd.org/pthread_condattr_init.3">pthread_condattr_setclock(3)</a>.
|
|
<li>Added support for live multi-threaded debugging in <a href="https://man.openbsd.org/gdb.1">gdb(1)</a>.
|
|
<li>Improved handling for <a href="https://man.openbsd.org/getrusage.2">rusage</a> totals and <a href="https://man.openbsd.org/getitimer.2">interval timers</a> in threaded processes.
|
|
<li>Changed the RLIMIT_NPROC <a href="https://man.openbsd.org/getrlimit.2">rlimit</a> to count processes instead of threads.
|
|
<li>Added a new system limit <a href="https://man.openbsd.org/sysctl.8">kern.maxthread</a> for the max number of threads.
|
|
<li>Closed race conditions in thread creation, and in <a href="https://man.openbsd.org/fork.2">fork(2)</a> and <a href="https://man.openbsd.org/open.2">open(2)</a> in a threaded process.
|
|
<li>Improved handling of threaded processes in <a href="https://man.openbsd.org/ps.1">ps(1)</a>, <a href="https://man.openbsd.org/top.1">top(1)</a>, and <a href="https://man.openbsd.org/fstat.1">fstat(1)</a>.
|
|
<li>Changed the lock around <a href="https://man.openbsd.org/dlfcn.3">dlopen()</a> to be recursive, so that dl*() operations from <a href="https://man.openbsd.org/atexit.3">atexit()</a> handlers don't deadlock.
|
|
<li>Many fixes to pthread attribute and mutex error checking and cancellation handling.
|
|
</ul>
|
|
<p>
|
|
|
|
<li>Improved hardware support, including:
|
|
<ul>
|
|
<li>Added hibernation support on i386. Currently only working on <a href="https://man.openbsd.org/pciide.4">pciide(4)</a> and <a href="https://man.openbsd.org/wd.4">wd(4)</a> disks.
|
|
<li>Improved support for ALPS based touchpads in <a href="https://man.openbsd.org/wsmouse.4">wsmouse(4)</a> and the <a href="https://man.openbsd.org/synaptics.4">synaptics(4)</a> X.Org input driver.
|
|
<li>Performance improvements with <a href="https://man.openbsd.org/ix.4">ix(4)</a> Intel 10Gb Ethernet NICs.
|
|
<li>Support for i350 based devices in <a href="https://man.openbsd.org/em.4">em(4)</a>.
|
|
<li>Flow control support for <a href="https://man.openbsd.org/bnx.4">bnx(4)</a>.
|
|
<li>Hardware watchdog and HPET support for <a href="https://man.openbsd.org/amd64/tcpcib.4">tcpcib(4)</a> (Intel Atom E600) as found in some embedded x86 systems.
|
|
<li><a href="https://man.openbsd.org/urndis.4">urndis(4)</a> supports additional Android devices.
|
|
<li>Support for Winbond W83627UHG has been added to <a href="https://man.openbsd.org/wbsio.4">wbsio(4)</a>.
|
|
<li>Support for the SMBus controller of the AMD CS5536 in <a href="https://man.openbsd.org/i386/i386/glxpcib.4">glxpcib(4)</a> and the NVIDIA MCP89 in <a href="https://man.openbsd.org/nviic.4">nviic(4)</a>.
|
|
<li>Support for AX88772B based devices has been added to <a href="https://man.openbsd.org/axe.4">axe(4)</a>.
|
|
<li>Support for MCS7832 based devices has been added to <a href="https://man.openbsd.org/mos.4">mos(4)</a>.
|
|
<li>Support for the Roland UM-ONE has been added to <a href="https://man.openbsd.org/umidi.4">umidi(4)</a>.
|
|
<li>Support for the AMD Hudson-2 chipset has been added to <a href="https://man.openbsd.org/azalia.4">azalia(4)</a> and <a href="https://man.openbsd.org/piixpm.4">piixpm(4)</a>.
|
|
<li>Support for NetMos NM9820 cardbus serial cards has been added to <a href="https://man.openbsd.org/com.4">com(4)</a>.
|
|
<li>Support for Huawei Mobile E303 has been added to <a href="https://man.openbsd.org/umsm.4">umsm(4)</a>.
|
|
<li>The <a href="sgi.html">sgi</a> port now supports the R4000 Indigo (IP20), Indy (IP22), R4000 Indigo2 (IP24) and POWER Indigo2 R10000 (IP28) families.
|
|
</ul>
|
|
<p>
|
|
|
|
<li>Generic network stack improvements:
|
|
<ul>
|
|
<li>Increased TCP initial window to 14600 bytes as proposed in
|
|
draft-ietf-tcpm-initcwnd.
|
|
<li>Cleanup handling of sockaddrs in degenerate use cases.
|
|
<li>Improved handling of error and limit cases in file descriptor passing.
|
|
<li>Improved socketbuffer handling for AF_UNIX sockets.
|
|
<li>Fix yet another file descriptor leak in message passing.
|
|
<li>Improved error handling in socket splicing.
|
|
<li>IPv6 privacy addresses now appear alongside SLAAC addresses.
|
|
<li>Support for Extended Sequence Numbers has been added to the IPsec stack and <a href="https://man.openbsd.org/iked.8">iked(8)</a>.
|
|
<li>Bridging two IPv4 networks over an IPv6 link with <a href="https://man.openbsd.org/gif.4">gif(4)</a> is now possible.
|
|
</ul>
|
|
<p>
|
|
|
|
<li>Routing daemons and other userland network improvements:
|
|
<ul>
|
|
<li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>,
|
|
<a href="https://man.openbsd.org/dvmrpd.8">dvmrpd(8)</a>,
|
|
<a href="https://man.openbsd.org/ftp-proxy.8">ftp-proxy(8)</a>,
|
|
<a href="https://man.openbsd.org/iked.8">iked(8)</a>,
|
|
<a href="https://man.openbsd.org/iscsid.8">iscsid(8)</a>,
|
|
<a href="https://man.openbsd.org/ldapd.8">ldapd(8)</a>,
|
|
<a href="https://man.openbsd.org/ldpd.8">ldpd(8)</a>,
|
|
<a href="https://man.openbsd.org/nsd.8">nsd(8)</a>,
|
|
<a href="https://man.openbsd.org/ospf6d.8">ospf6d(8)</a>,
|
|
<a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>,
|
|
<a href="https://man.openbsd.org/relayd.8">relayd(8)</a>,
|
|
<a href="https://man.openbsd.org/ripd.8">ripd(8)</a>,
|
|
<a href="https://man.openbsd.org/sndiod.8">sndiod(8)</a>,
|
|
<a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>,
|
|
<a href="https://man.openbsd.org/spamd.8">spamd(8)</a>,
|
|
<a href="https://man.openbsd.org/sshd.8">sshd(8)</a>,
|
|
<a href="https://man.openbsd.org/tcpbench.1">tcpbench(1)</a> and
|
|
<a href="https://man.openbsd.org/tmux.1">tmux(1)</a>
|
|
now rate limit their accepting of new connections when experiencing file descriptor exhaustion.
|
|
<li>Allow <a href="https://man.openbsd.org/route.8">route(8)</a> destination/prefixlen syntax for IPv6 routes.
|
|
<li>ASCII packet dumping support in <a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a>.
|
|
<li>Better etherip and BGP protocol support in <a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a>.
|
|
<li><a href="https://man.openbsd.org/isakmpd.8">isakmpd(8)</a> and
|
|
<a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a>
|
|
now recognize additional Internet Key Exchange DH groups.
|
|
<li>Various improvements in <a href="https://man.openbsd.org/iked.8">iked(8)</a>
|
|
including support for retransmits.
|
|
<li><a href="https://man.openbsd.org/ipsecctl.8">ipsecctl(8)</a>
|
|
now allows SA lifetimes to be specified in its
|
|
<a href="https://man.openbsd.org/ipsec.conf.5">ipsec.conf(5)</a>
|
|
file.
|
|
<li><a href="https://man.openbsd.org/tftpd.8">tftpd(8)</a> rewritten as a persistent, non-blocking daemon.
|
|
<li><a href="https://man.openbsd.org/tftp.1">tftp(1)</a> client now supports IPv6.
|
|
<li><a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> now supports PF-MIB, UCD-DISKIO-MIB, and
|
|
additional OIDs in HOST-RESOURCES-MIB.
|
|
<li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> is now more robust when encountering network instability.
|
|
<li>Adjust the <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> route decision code to cover checks needed due to route reflection.
|
|
<li>Various fixes to improve error reporting in <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> including support of RFC 6608.
|
|
<li>For debugging purposes <a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> can load MRT dumps into <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>.
|
|
<li>Fixed distribution of MPLS VPN routes in <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>.
|
|
<li>Introduced a new option "selected" to the <a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> "show rib" command to show only selected routes.
|
|
<li>Correctly support the LSA_TYPE_AREA_OPAQ and LSA_TYPE_AS_OPAQ types in <a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>.
|
|
<li>Make <a href="https://man.openbsd.org/relayd.8">relayd(8)</a> able to handle transactions larger than 2GB in size.
|
|
<li>Various bug fixes and better HTTP standard compliance in <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>.
|
|
<li><a href="https://man.openbsd.org/rtadvd.8">rtadvd(8)</a>
|
|
can now advertise DNS servers and search paths in router advertisements.
|
|
<li><a href="https://man.openbsd.org/rtadvd.8">rtadvd(8)</a>
|
|
can now send router advertisements with no prefix information using the noifprefix option.
|
|
<li><a href="https://man.openbsd.org/ftp.1">ftp(1)</a>
|
|
client now allows the source IP address of the connection to be specified.
|
|
<li><a href="https://man.openbsd.org/ypldap.8">ypldap(8)</a>
|
|
now handles larger directories and is more tolerant when processing groups.
|
|
<li>Added support for AF_INET6 to <a href="https://man.openbsd.org/inet_net_pton.3">inet_net_pton(3)</a> and <a href="https://man.openbsd.org/inet_net_ntop.3">inet_net_ntop(3)</a>.
|
|
</ul>
|
|
<p>
|
|
|
|
<li><a href="https://man.openbsd.org/pf.4">pf(4)</a> improvements:
|
|
<ul>
|
|
<li><a href="https://man.openbsd.org/pf.4">pf(4)</a> now ignores/preserves the lower 2 bits of the tos-header (used for Explicit Congestion Notification).
|
|
<li>Allow more than 16 <a href="https://man.openbsd.org/pflog.4">pflog(4)</a> interfaces.
|
|
<li><a href="https://man.openbsd.org/pf.4">pf(4)</a> now supports weighted least-states load balancing.
|
|
<li>The prio and tos options are now part of the "set { }" block.
|
|
See <a href="https://man.openbsd.org/pf.conf.5">pf.conf(5)</a>.
|
|
<li>Allow setting the tos on IPv6 packets.
|
|
<li>Better demotion handling in <a href="https://man.openbsd.org/pfsync.4">pfsync(4)</a> to prevent failovers without having a full state table.
|
|
<li>Fixed printing of wildcard anchors in <a href="https://man.openbsd.org/pfctl.8">pfctl(8)</a>.
|
|
</ul>
|
|
<p>
|
|
|
|
<li>Assorted improvements:
|
|
<ul>
|
|
<li>Added <a href="https://man.openbsd.org/nginx.8">nginx(8)</a>,
|
|
an HTTP server, reverse proxy server and mail proxy server.
|
|
<li>Added SQLite 3.7.13, a self-contained SQL database engine.
|
|
<li><a href="https://man.openbsd.org/pcap.3">libpcap</a>
|
|
has been updated with several core functions from tcpdump.org's libpcap-1.2.0 API, without
|
|
the clutter.
|
|
<li>Disabled SSLv2 in OpenSSL.
|
|
<li>Moved <a href="https://man.openbsd.org/libtool.1">libtool(1)</a> into the base system. Much work remains to be done.
|
|
<li>Removed <a href="https://man.openbsd.org/OpenBSD+5.1/lint.1">lint(1)</a>.
|
|
<li>Removed the <a href="https://man.openbsd.org/OpenBSD+5.1/raid.4">raid(4)</a>
|
|
RAIDframe driver and its corresponding
|
|
<a href="https://man.openbsd.org/OpenBSD+5.1/raidctl.8">raidctl(8)</a> utility.
|
|
RAIDframe has been superseded by <a href="https://man.openbsd.org/softraid.4">softraid(4)</a>.
|
|
<li>Added <a href="https://man.openbsd.org/posix_spawn.3">posix_spawn(3)</a>.
|
|
<li>Added <a href="https://man.openbsd.org/mbsnrtowcs.3">mbsnrtowcs(3)</a>
|
|
and <a href="https://man.openbsd.org/wcsnrtombs.3">wcsnrtombs(3)</a>.
|
|
<li>Added <a href="https://man.openbsd.org/getdelim.3">getdelim(3)</a>
|
|
and <a href="https://man.openbsd.org/getline.3">getline(3)</a>.
|
|
<li>More configuration variables for <a href="https://man.openbsd.org/sysconf.3">sysconf(3)</a> and
|
|
<a href="https://man.openbsd.org/pathconf.2">pathconf(2)</a>.
|
|
<li><a href="https://man.openbsd.org/dirfd.3">dirfd(3)</a>
|
|
is now a function instead of a macro.
|
|
<li><a href="https://man.openbsd.org/posix_memalign.3">posix_memalign(3)</a>
|
|
supports arbitrarily large alignments.
|
|
<li>Improved <a href="https://man.openbsd.org/realloc.3">realloc(3)</a> performance.
|
|
<li><a href="https://man.openbsd.org/ld.so.1">ld.so(1)</a>
|
|
recognizes the DF_1_NOOPEN flag and refuses to
|
|
<a href="https://man.openbsd.org/dlopen.3">dlopen(3)</a>
|
|
shared objects linked with "-z nodlopen".
|
|
<li>Improved compliance and/or cleanliness of header files, particularly
|
|
<dirent.h>, <time.h>, <sys/time.h>, <limits.h>,
|
|
<arpa/inet.h>, <netinet/in.h>, and <sys/param.h>.
|
|
<li>Improved kernel uvm memory allocator.
|
|
<li>Added support for using AMT to provide console-over-Ethernet (c.f. the
|
|
<a href="https://cvsweb.openbsd.org/ports/comms/amtterm/">amtterm</a> package).
|
|
<li>Improved support for amd64 systems with many memory extents.
|
|
<li><a href="https://man.openbsd.org/compat_linux.8">compat_linux(8)</a>
|
|
improvements: TLS-vs-clone and futex fixes, added support
|
|
for statfs64(), tgkill(), gettid(), SOCK_CLOEXEC, and SOCK_NONBLOCK.
|
|
<li><a href="https://man.openbsd.org/kdump.1">kdump(1)</a>
|
|
improvements, including the ability to show thread IDs and dumping of timespec, timeval, sigaction, rlimit, sigset, clockid, and fdset arguments and results.
|
|
<li>Various improvements in <a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a>:
|
|
reliability fixes, new MTA client, new scheduler and improved queue logic, simplified
|
|
<a href="https://man.openbsd.org/smtpd.conf.5">smtpd.conf(5)</a>
|
|
syntax, better RFC compliance and several cosmetic changes.
|
|
<li>The <a href="https://man.openbsd.org/mg.1">mg(1)</a>
|
|
emacs-like editor now supports cscope functionality.
|
|
Also, backup files can now be saved to a user's home directory in addition to the current working directory.
|
|
<li>Fixed operation of <a href="https://man.openbsd.org/kvm_getfiles.3">kvm_getfile2()</a> (and therefore <a href="https://man.openbsd.org/fstat.1">fstat(1)</a> and <a href="https://man.openbsd.org/pstat.8">pstat(8)</a>) on kernel crash dumps.
|
|
<li>Improved emacs-style key bindings and handling of large arrays in <a href="https://man.openbsd.org/ksh.1">ksh(1)</a>.
|
|
<li><a href="https://man.openbsd.org/halt.8">halt(8)</a> disables "suspend-on-lid-close" so that you don't accidentally suspend instead of shutting down.
|
|
<li>Improvements to parallel <a href="https://man.openbsd.org/make.1">make(1)</a>: added the .CHEAP and .EXPENSIVE special targets and fixed glitches in already-rebuilt logic.
|
|
<li>The <a href="https://cvsweb.openbsd.org/ports/devel/libusb1/">libusb</a> package is able to access non-<a href="https://man.openbsd.org/ugen.4">ugen(4)</a> devices for some operations, allowing e.g. <a href="https://cvsweb.openbsd.org/ports/sysutils/ykpers/">programming YubiKeys</a> with a standard kernel.
|
|
<li>Various improvements in <a href="https://man.openbsd.org/tmux.1">tmux(1)</a>:
|
|
a new unified tree view to select sessions or windows,
|
|
new move-pane and renumber-windows commands,
|
|
a history of pane layouts,
|
|
simple output rate limiting, and
|
|
custom formats (-F) have been extended and are now accepted by more commands.
|
|
<li><a href="https://man.openbsd.org/fsck_msdos.8">fsck_msdos(8)</a> now works on devices with non-512 byte sectors.
|
|
<li><a href="https://man.openbsd.org/quotacheck.8">quotacheck(8)</a> now works with DUID based <a href="https://man.openbsd.org/fstab.5">fstab(5)</a> files.
|
|
<li>Numerous minor improvement to <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a>, including more sanity checking and better default partition sizing on large disks.
|
|
<li><a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a> now discards trailing NULs in option data, and in general parses option data with more paranoia.
|
|
<li>Various improvements to <a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a> startup and timeout handling.
|
|
<li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a> does a better job of calculating physical memory during partition auto-allocation of devices with non-512 byte sectors.
|
|
<li>SCSI errors are now correctly propagated to userland, e.g. <a href="https://man.openbsd.org/mount.2">mount(2)</a> now reports specific errors such as trying to mount RW filesystems from RO media.
|
|
<li>Improved FAT media handling: autorecognize such media even if the 0x55aa signature is missing and prevent the writing of an OpenBSD disklabel over the FAT data structures.
|
|
<li>The MS-DOS FAT filesystem implementation gained a significant write speedup for large files (up to twice as fast).
|
|
</ul>
|
|
<p>
|
|
|
|
<li>OpenSSH 6.1:
|
|
<ul>
|
|
<li>New features:
|
|
<ul>
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
|
|
This release turns on pre-auth sandboxing sshd by default for new installs,
|
|
by setting UsePrivilegeSeparation=sandbox in sshd_config.
|
|
<li><a href="https://man.openbsd.org/ssh-keygen.1">sshd-keygen(1)</a>:
|
|
Add options to specify starting line number and number of lines to process
|
|
when screening moduli candidates, allowing processing of different parts of
|
|
a candidate moduli file in parallel.
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
|
|
The Match directive now supports matching on the local (listen) address and
|
|
port upon which the incoming connection was received via LocalAddress and
|
|
LocalPort clauses.
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
|
|
Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups}.
|
|
<li>Add support for RFC6594 SSHFP DNS records for ECDSA key types. (bz#1978)
|
|
<li><a href="https://man.openbsd.org/ssh-keygen.1">sshd-keygen(1)</a>:
|
|
Allow conversion of RSA1 keys to public PEM and PKCS8.
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
|
|
Allow the sshd_config PermitOpen directive to accept "none" as an argument to
|
|
refuse all port-forwarding requests.
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
|
|
Support "none" as an argument for AuthorizedPrincipalsFile.
|
|
<li><a href="https://man.openbsd.org/ssh-keyscan.1">sshd-keyscan(1)</a>:
|
|
Look for ECDSA keys by default. (bz#1971)
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
|
|
Add "VersionAddendum" to sshd_config to allow server operators to append some
|
|
arbitrary text to the server SSH protocol banner.
|
|
</ul>
|
|
<li>The following significant bugs have been fixed in this release:
|
|
<ul>
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a> and
|
|
<a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
|
|
Don't spin in accept() in situations of file descriptor exhaustion. Instead
|
|
back off for a while.
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a> and
|
|
<a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
|
|
Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from
|
|
the specification. (bz#2023)
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
|
|
Handle long comments in config files better. (bz#2025)
|
|
<li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
|
|
Delay setting tty_flag so RequestTTY options are correctly picked up. (bz#1995)
|
|
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
|
|
Fix handling of /etc/nologin incorrectly being applied to root on platforms
|
|
that use login_cap.
|
|
</ul>
|
|
</ul>
|
|
<p>
|
|
|
|
<li>Over 7600 ports, major performance and stability improvements in
|
|
the package build process:
|
|
<ul>
|
|
<li>dpb got simpler and faster. Handles distfiles, works without any
|
|
options.
|
|
<li>Simpler and less error-prone mechanisms for handling MD differences.
|
|
<li>dpb is now used for mirroring distfiles, to the great joy of
|
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/distfiles/">https://ftp.openbsd.org/pub/OpenBSD/distfiles/</a>
|
|
<li>full databases of all ports available as packages:
|
|
<ul>
|
|
<li>pkglocatedb - a <a href="https://man.openbsd.org/locate.1">locate(1)</a> database of all files in all packages
|
|
<li>sqlports - a <a href="https://man.openbsd.org/sqlite3.1">sqlite3(1)</a> database of all meta-info for all packages
|
|
<li>ports-readmes - a tree of html files for browsing thru available packages
|
|
</ul>
|
|
</ul>
|
|
<p>
|
|
<li>Many pre-built packages for each architecture:
|
|
<ul style="column-count: 4">
|
|
<li>i386: 7483
|
|
<li>sparc64: 6820
|
|
<li>alpha: 5993
|
|
<li>sh: 2412
|
|
<li>amd64: 7439
|
|
<li>powerpc: 7050
|
|
<li>sparc: 4466
|
|
<li>arm: 5802
|
|
<li>hppa: 6316
|
|
<li>vax: 2279
|
|
<li>mips64: 5845
|
|
<li>mips64el: 5908
|
|
</ul>
|
|
<p>
|
|
|
|
<li>Some highlights:
|
|
<ul>
|
|
<li>GNOME 3.4.2 <li>KDE 3.5.10
|
|
<li>Xfce 4.10 <li>MySQL 5.1.63
|
|
<li>PostgreSQL 9.1.4 <li>Postfix 2.9.3
|
|
<li>OpenLDAP 2.3.43 and 2.4.31 <li>Mozilla Firefox 3.5.19, 3.6.28 and 13.0.1
|
|
<li>Mozilla Thunderbird 13.0.1 <li>GHC 7.0.4
|
|
<li>LibreOffice 3.5.5.3 <li>Emacs 21.4, 22.3 and 23.4
|
|
<li>Vim 7.3.154 <li>PHP 5.2.17 and 5.3.14
|
|
<li>Python 2.5.4, 2.7.3 and 3.2.3 <li>Ruby 1.8.7.370 and 1.9.3.194
|
|
<li>Tcl/Tk 8.5.11 <li>Jdk 1.7
|
|
<li>Mono 2.10.9 <li>Chromium 20.0.1132.57
|
|
<li>Groff 1.21 <li>Go 1.0.2
|
|
<li>GCC 4.6.3 and 4.7.1 <li>LLVM/Clang 3.1
|
|
<li>Lua 5.1.5 and 5.2.1
|
|
</ul>
|
|
<p>
|
|
|
|
<li>As usual, steady improvements in manual pages and other documentation.
|
|
<p>
|
|
|
|
<li>The system includes the following major components from outside suppliers:
|
|
<ul>
|
|
<li>Xenocara (based on X.Org 7.7 with xserver 1.12.2 + patches,
|
|
freetype 2.4.10, fontconfig 2.8.0, Mesa 7.10.3, xterm 279,
|
|
xkeyboard-config 2.6 and more)
|
|
<li>Gcc 4.2.1 (+ patches) and 2.95.3 (+ patches)
|
|
<li>Perl 5.12.2 (+ patches)
|
|
<li>Our improved and secured version of Apache 1.3, with
|
|
SSL/TLS and DSO support
|
|
<li>Nginx 1.2.2 (+ patches)
|
|
<li>OpenSSL 1.0.0f (+ patches)
|
|
<li>SQLite 3.7.13 (+ patches)
|
|
<li>Sendmail 8.14.5, with libmilter
|
|
<li>Bind 9.4.2-P2 (+ patches)
|
|
<li>NSD 3.2.11
|
|
<li>Lynx 2.8.7rel.2 with HTTPS and IPv6 support (+ patches)
|
|
<li>Sudo 1.7.2p8
|
|
<li>Ncurses 5.7
|
|
<li>Heimdal 0.7.2 (+ patches)
|
|
<li>Arla 0.35.7
|
|
<li>Binutils 2.15 (+ patches)
|
|
<li>Gdb 6.3 (+ patches)
|
|
<li>Less 444 (+ patches)
|
|
<li>Awk Aug 10, 2011 version
|
|
</ul>
|
|
</ul>
|
|
</section>
|
|
|
|
<hr>
|
|
|
|
<section id=install>
|
|
<h3>How to install</h3>
|
|
<p>
|
|
Following this are the instructions which you would have on a piece of
|
|
paper if you had purchased a CDROM set instead of doing an alternate
|
|
form of install. The instructions for doing an FTP (or other style
|
|
of) install are very similar; the CDROM instructions are left intact
|
|
so that you can see how much easier it would have been if you had
|
|
purchased a CDROM instead.
|
|
<p>
|
|
|
|
<hr>
|
|
Please refer to the following files on the three CDROMs or FTP mirror for
|
|
extensive details on how to install OpenBSD 5.2 on your machine:
|
|
<p>
|
|
<ul>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/i386/INSTALL.i386">
|
|
.../OpenBSD/5.2/i386/INSTALL.i386 (on CD1)</a>
|
|
<p>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/amd64/INSTALL.amd64">
|
|
.../OpenBSD/5.2/amd64/INSTALL.amd64 (on CD2)</a>
|
|
<p>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/sparc64/INSTALL.sparc64">
|
|
.../OpenBSD/5.2/sparc64/INSTALL.sparc64 (on CD3)</a>
|
|
<p>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/alpha/INSTALL.alpha">
|
|
.../OpenBSD/5.2/alpha/INSTALL.alpha</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/armish/INSTALL.armish">
|
|
.../OpenBSD/5.2/armish/INSTALL.armish</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/hp300/INSTALL.hp300">
|
|
.../OpenBSD/5.2/hp300/INSTALL.hp300</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/hppa/INSTALL.hppa">
|
|
.../OpenBSD/5.2/hppa/INSTALL.hppa</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/landisk/INSTALL.landisk">
|
|
.../OpenBSD/5.2/landisk/INSTALL.landisk</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/loongson/INSTALL.loongson">
|
|
.../OpenBSD/5.2/loongson/INSTALL.loongson</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/luna88k/INSTALL.luna88k">
|
|
.../OpenBSD/5.2/luna88k/INSTALL.luna88k</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/macppc/INSTALL.macppc">
|
|
.../OpenBSD/5.2/macppc/INSTALL.macppc</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/mvme68k/INSTALL.mvme68k">
|
|
.../OpenBSD/5.2/mvme68k/INSTALL.mvme68k</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/mvme88k/INSTALL.mvme88k">
|
|
.../OpenBSD/5.2/mvme88k/INSTALL.mvme88k</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/sgi/INSTALL.sgi">
|
|
.../OpenBSD/5.2/sgi/INSTALL.sgi</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/socppc/INSTALL.socppc">
|
|
.../OpenBSD/5.2/socppc/INSTALL.socppc</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/sparc/INSTALL.sparc">
|
|
.../OpenBSD/5.2/sparc/INSTALL.sparc</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/vax/INSTALL.vax">
|
|
.../OpenBSD/5.2/vax/INSTALL.vax</a>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/5.2/zaurus/INSTALL.zaurus">
|
|
.../OpenBSD/5.2/zaurus/INSTALL.zaurus</a>
|
|
</ul>
|
|
</section>
|
|
|
|
<hr>
|
|
|
|
<section id=quickinstall>
|
|
|
|
<p>
|
|
Quick installer information for people familiar with OpenBSD, and the
|
|
use of the "disklabel -E" command. If you are at all confused when
|
|
installing OpenBSD, read the relevant INSTALL.* file as listed above!
|
|
|
|
<h3>OpenBSD/i386:</h3>
|
|
|
|
<p>
|
|
Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
|
|
release is on CD1. If your BIOS does not support booting from CD, you will need
|
|
to create a boot floppy to install from. To create a boot floppy write
|
|
<i>CD1:5.2/i386/floppy52.fs</i> to a floppy and boot via the floppy drive.
|
|
|
|
<p>
|
|
Use <i>CD1:5.2/i386/floppyB52.fs</i> instead for greater SCSI controller
|
|
support, or <i>CD1:5.2/i386/floppyC52.fs</i> for better laptop support.
|
|
|
|
<p>
|
|
If you can't boot from a CD or a floppy disk,
|
|
you can install across the network using PXE as described in
|
|
the included INSTALL.i386 document.
|
|
|
|
<p>
|
|
If you are planning on dual booting OpenBSD with another OS, you will need to
|
|
read INSTALL.i386.
|
|
|
|
<p>
|
|
To make a boot floppy under MS-DOS, use the "rawrite" utility located
|
|
at <i>CD1:5.2/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
|
|
use the
|
|
<a href="https://man.openbsd.org/dd.1">dd(1)</a>
|
|
utility. The following is an example usage of
|
|
<a href="https://man.openbsd.org/dd.1">dd(1)</a>,
|
|
where the device could be "floppy", "rfd0c", or
|
|
"rfd0a".
|
|
|
|
<blockquote><pre>
|
|
# <kbd>dd if=<file> of=/dev/<device> bs=32k</kbd>
|
|
</pre></blockquote>
|
|
|
|
<p>
|
|
Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
|
|
your install will most likely fail. For more information on creating a boot
|
|
floppy and installing OpenBSD/i386 please refer to
|
|
<a href="faq/faq4.html#MkFlop">this page</a>.
|
|
|
|
<h3>OpenBSD/amd64:</h3>
|
|
|
|
<p>
|
|
The 5.2 release of OpenBSD/amd64 is located on CD2.
|
|
Boot from the CD to begin the install - you may need to adjust
|
|
your BIOS options first.
|
|
If you can't boot from the CD, you can create a boot floppy to install from.
|
|
To do this, write <i>CD2:5.2/amd64/floppy52.fs</i> to a floppy, then
|
|
boot from the floppy drive.
|
|
|
|
<p>
|
|
If you can't boot from a CD or a floppy disk,
|
|
you can install across the network using PXE as described in the included
|
|
INSTALL.amd64 document.
|
|
|
|
<p>
|
|
If you are planning to dual boot OpenBSD with another OS, you will need to
|
|
read INSTALL.amd64.
|
|
|
|
<h3>OpenBSD/macppc:</h3>
|
|
|
|
<p>
|
|
Burn the image from the FTP site to a CDROM, and poweron your machine
|
|
while holding down the <i>C</i> key until the display turns on and
|
|
shows <i>OpenBSD/macppc boot</i>.
|
|
|
|
<p>
|
|
Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
|
|
/5.2/macppc/bsd.rd</i>
|
|
|
|
<h3>OpenBSD/sparc64:</h3>
|
|
|
|
<p>
|
|
Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
|
|
|
|
<p>
|
|
If this doesn't work, or if you don't have a CDROM drive, you can write
|
|
<i>CD3:5.2/sparc64/floppy52.fs</i> or <i>CD3:5.2/sparc64/floppyB52.fs</i>
|
|
(depending on your machine) to a floppy and boot it with <i>boot
|
|
floppy</i>. Refer to INSTALL.sparc64 for details.
|
|
|
|
<p>
|
|
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
|
|
will most likely fail.
|
|
|
|
<p>
|
|
You can also write <i>CD3:5.2/sparc64/miniroot52.fs</i> to the swap partition on
|
|
the disk and boot with <i>boot disk:b</i>.
|
|
|
|
<p>
|
|
If nothing works, you can boot over the network as described in INSTALL.sparc64.
|
|
|
|
<h3>OpenBSD/alpha:</h3>
|
|
|
|
<p>
|
|
Write <i>5.2/alpha/floppy52.fs</i> or
|
|
<i>5.2/alpha/floppyB52.fs</i> (depending on your machine) to a diskette and
|
|
enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
|
|
|
|
<p>
|
|
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
|
|
will most likely fail.
|
|
|
|
<h3>OpenBSD/armish:</h3>
|
|
|
|
<p>
|
|
After connecting a serial port, Thecus can boot directly from the network
|
|
either tftp or http. Configure the network using fconfig, reset,
|
|
then load bsd.rd, see INSTALL.armish for specific details.
|
|
IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
|
|
and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
|
|
then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
|
|
More details are available in INSTALL.armish.
|
|
|
|
<h3>OpenBSD/hp300:</h3>
|
|
|
|
<p>
|
|
Boot over the network by following the instructions in INSTALL.hp300.
|
|
|
|
<h3>OpenBSD/hppa:</h3>
|
|
|
|
<p>
|
|
Boot over the network by following the instructions in INSTALL.hppa or the
|
|
<a href="hppa.html#install">hppa platform page</a>.
|
|
|
|
<h3>OpenBSD/landisk:</h3>
|
|
|
|
<p>
|
|
Write <i>miniroot52.fs</i> to the start of the CF
|
|
or disk, and boot normally.
|
|
|
|
<h3>OpenBSD/loongson:</h3>
|
|
|
|
<p>
|
|
Write <i>miniroot52.fs</i> to a USB stick and boot bsd.rd from it
|
|
or boot bsd.rd via tftp.
|
|
Refer to the instructions in INSTALL.loongson for more details.
|
|
|
|
<h3>OpenBSD/luna88k:</h3>
|
|
|
|
<p>
|
|
Copy bsd.rd to a Mach or UniOS partition, and boot it from the PROM.
|
|
Alternatively, you can create a bootable tape and boot from it. Refer to
|
|
the instructions in INSTALL.luna88k for more details.
|
|
|
|
<h3>OpenBSD/mvme68k:</h3>
|
|
|
|
<p>
|
|
You can create a bootable installation tape or boot over the network.<br>
|
|
The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
|
|
and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
|
|
for more details.
|
|
|
|
<h3>OpenBSD/mvme88k:</h3>
|
|
|
|
<p>
|
|
You can create a bootable installation tape or boot over the network.<br>
|
|
The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
|
|
and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
|
|
for more details.
|
|
|
|
<h3>OpenBSD/sgi:</h3>
|
|
|
|
<p>
|
|
To install on an O2, burn cd52.iso on a CD-R, put it in the CD drive of your
|
|
machine and select <i>Install System Software</i> from the System Maintenance
|
|
menu.
|
|
|
|
<p>
|
|
On other systems, or if your machine doesn't have a CD drive, you can
|
|
setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using
|
|
the kernel matching your system type.
|
|
Refer to the instructions in INSTALL.sgi for more details.
|
|
|
|
<h3>OpenBSD/socppc:</h3>
|
|
|
|
<p>
|
|
After connecting a serial port, boot over the network via DHCP/tftp.
|
|
Refer to the instructions in INSTALL.socppc for more details.
|
|
|
|
<h3>OpenBSD/sparc:</h3>
|
|
|
|
<p>
|
|
Boot from one of the provided install ISO images, using one of the two
|
|
commands listed below, depending on the version of your ROM.
|
|
|
|
<blockquote><pre>
|
|
ok <kbd>boot cdrom 5.2/sparc/bsd.rd</kbd>
|
|
or
|
|
> <kbd>b sd(0,6,0)5.2/sparc/bsd.rd</kbd>
|
|
</pre></blockquote>
|
|
|
|
<p>
|
|
If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
|
|
To do so you need to write <i>floppy52.fs</i> to a floppy.
|
|
For more information see <a href="faq/faq4.html#MkFlop">this page</a>.
|
|
To boot from the floppy use one of the two commands listed below,
|
|
depending on the version of your ROM.
|
|
|
|
<blockquote><pre>
|
|
ok <kbd>boot floppy</kbd>
|
|
or
|
|
> <kbd>b fd()</kbd>
|
|
</pre></blockquote>
|
|
|
|
<p>
|
|
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
|
|
will most likely fail.
|
|
|
|
<p>
|
|
If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
|
|
setup a bootable tape, or install via network, as told in the
|
|
INSTALL.sparc file.
|
|
|
|
<h3>OpenBSD/vax:</h3>
|
|
|
|
<p>
|
|
Boot over the network via mopbooting as described in INSTALL.vax.
|
|
|
|
<h3>OpenBSD/zaurus:</h3>
|
|
|
|
<p>
|
|
Using the Linux built-in graphical ipkg installer, install the
|
|
openbsd52_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
|
|
for a few important details.
|
|
</section>
|
|
|
|
<hr>
|
|
|
|
<section id=sourcecode>
|
|
<h3>Notes about the source code</h3>
|
|
<p>
|
|
<code>src.tar.gz</code> contains a source archive starting at <code>/usr/src</code>.
|
|
This file contains everything you need except for the kernel sources, which are
|
|
in a separate archive. To extract:
|
|
<blockquote><pre>
|
|
# <kbd>mkdir -p /usr/src</kbd>
|
|
# <kbd>cd /usr/src</kbd>
|
|
# <kbd>tar xvfz /tmp/src.tar.gz</kbd>
|
|
</pre></blockquote>
|
|
<p>
|
|
<code>sys.tar.gz</code> contains a source archive starting at <code>/usr/src/sys</code>.
|
|
This file contains all the kernel sources you need to rebuild kernels.
|
|
To extract:
|
|
<blockquote><pre>
|
|
# <kbd>mkdir -p /usr/src/sys</kbd>
|
|
# <kbd>cd /usr/src</kbd>
|
|
# <kbd>tar xvfz /tmp/sys.tar.gz</kbd>
|
|
</pre></blockquote>
|
|
<p>
|
|
Both of these trees are a regular CVS checkout. Using these trees it
|
|
is possible to get a head-start on using the anoncvs servers as
|
|
described <a href="anoncvs.html">here</a>.
|
|
Using these files
|
|
results in a much faster initial CVS update than you could expect from
|
|
a fresh checkout of the full OpenBSD source tree.
|
|
</section>
|
|
|
|
<hr>
|
|
|
|
<section id=upgrade>
|
|
<h3>How to upgrade</h3>
|
|
<p>
|
|
If you already have an OpenBSD 5.1 system, and do not want to reinstall,
|
|
upgrade instructions and advice can be found in the
|
|
<a href="faq/upgrade52.html">Upgrade Guide</a>.
|
|
</section>
|
|
|
|
<hr>
|
|
|
|
<section id=ports>
|
|
<h3>Ports Tree</h3>
|
|
<p>
|
|
A ports tree archive is also provided. To extract:
|
|
<blockquote><pre>
|
|
# <kbd>cd /usr</kbd>
|
|
# <kbd>tar xvfz /tmp/ports.tar.gz</kbd>
|
|
</pre></blockquote>
|
|
<p>
|
|
The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
|
|
read the <a href="faq/ports/index.html">ports</a> page
|
|
if you know nothing about ports
|
|
at this point. This text is not a manual of how to use ports.
|
|
Rather, it is a set of notes meant to kickstart the user on the
|
|
OpenBSD ports system.
|
|
<p>
|
|
The <i>ports/</i> directory represents a CVS (see the manpage for
|
|
<a href="https://man.openbsd.org/cvs.1">cvs(1)</a> if
|
|
you aren't familiar with CVS) checkout of our ports. As with our complete
|
|
source tree, our ports tree is available via anoncvs. So, in
|
|
order to keep current with it, you must make the <i>ports/</i> tree
|
|
available on a read-write medium and update the tree with a command
|
|
like:
|
|
<blockquote><pre>
|
|
# <kbd>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_2</kbd>
|
|
</pre></blockquote>
|
|
<p>
|
|
[Of course, you must replace the local directory and server name here
|
|
with the location of your ports collection and a nearby anoncvs
|
|
server.]
|
|
<p>
|
|
Note that most ports are available as packages on our mirrors. Updated
|
|
packages for the 5.2 release will be made available if problems arise.
|
|
<p>
|
|
If you're interested in seeing a port added, would like to help out, or just
|
|
would like to know more, the mailing list
|
|
<a href="mail.html">ports@openbsd.org</a> is a good place to know.
|
|
</section>
|