Movatterモバイル変換

215 captures

24 Sep 2011 - 24 May 2025

Sep	OCT	Dec
	24
2017	2018	2019

success

fail

About this capture

COLLECTED BY

Organization:Alexa Crawls

Starting in 1996,Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to theWayback Machine after an embargo period.

Collection:Alexa Crawls

Starting in 1996,Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to theWayback Machine after an embargo period.

TIMESTAMPS

Released Nov 1, 2011
Copyright 1997-2011, Theo de Raadt.

5.0 Song:"What Me Worry?"

• See the information onThe FTP page for a list of mirror machines.
• Go to the directory on one of the mirror sites.
• Have a look atThe 5.0 Errata page for a list of bugs and workarounds.
• See adetailed log of changes between the 4.9 and 5.0 releases.

All applicable copyrights and credits are in the src.tar.gz,sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in thefiles fetched via ports.tar.gz.

This is a partial list of new features and systems included in OpenBSD 5.0.For a comprehensive list, see thechangelog leadingto 5.0.

• Improved hardware support, including:
  • MSI interrupts for many devices, on those architectures which can support them (amd64, i386, sparc64 only so far).
  • A newdma_alloc(9) API makes it easier for kernel code to allocate dma-safe memory. Many drivers (especially network drivers) and subsystems (in particular scsi and the buffer cache) were adapted to use this.
  • As a result, big-memory support has been enabled on all possible architectures.
  • The rather rarebce(4) driver now copies mbufs all the time, to cope with the hardware having a 1GB limit.
  • Addedhds(4), a driver for Hitachi Modular Storage SCSI devices.
  • Addedmyx(4), a driver for the Myricom Myri-10G 10GB Ethernet devices.
  • Addeddfs(4), a driver for Dynamic Frequency Switching on some macppc systems.
  • cardbus(4) andpcmcia(4) support on sgi.
  • Suspend/resume support on Loongson Yeelong laptops.

• Generic network stack improvements:
  • Added support for sending Wake on Lan packets usingarp(8).
  • Permit turning Wake on Lan support on/off usingifconfig(8).
  • Added Wake on Lan support toxl(4),re(4), andvr(4).
  • Allowftp-proxy(8) to proxy across rdomains.
  • The IPv4 stack will no longer accept ICMP redirects when acting as a router.
  • By default the IPv6 stack will not process ICMP6 redirects.rtsol(8) will turn it back if -F is used.
  • Reworked large parts of thedhclient(8) options processing for better interoperability.
  • Fixedcarp(4) to work in IPv6 only setups.
  • Make it possible tobind(2) to the local network broadcast address on datagram and raw sockets.
  • The default multicast reject route is now ignored if the UDP socket uses the IP_MULTICAST_IF socket option.
  • Makegre(4) work between systems in the same LAN.
  • Removed the link1 mode special addressing mode onlo(4).
  • Kernel randomization speed and quality improved substantially.

• Routing daemons and other userland network improvements:
  • bgpd(8) no longer bumps the rlimits: the rc.d framework respects login classes which is a much better solution.
  • Correctly set the network filtersets on reload inbgpd(8).
  • The routing socket is now sending RTM_DESYNC messages if the socketbuffer overflows.
  • Allowospfd(8) to send out LS updates and other messages larger than the MTU.
  • Fixed nexthop calculation inospfd(8) for directly connected P2P links.
  • First bits to support opaque LSA inospfd(8). Only basic redistribute logic and LSDB handling for now.
  • Creating new interfaces will no longer cause a fatal error inospf6d(8).
  • ospf6d(8) handles link-state changes better.
  • Better loopback handling inospf6d(8).
  • No longer install extra multicast routes inripd(8) andldpd(8).
  • Makekqueue(2) work withsosplice(9).
  • Enabledsosplice(9) inrelayd(8) for TCP.
  • Added support for divert-to which provides some benefits over rdr-to inrelayd(8).
  • Fixed trap sending insnmpd(8).
  • Makeping6(8) compare minimum amount of bytes between what was received and what was sent out.
  • Maketraceroute(8) with type-of-service setted (-t) display a message if the returned packet has a different tos type.
  • Added the socket splicing fields of struct socket to netstat -vP output.

• pf(4) improvements:
  • Makepf(4) reassemble IPv6 fragments. In the forward case, pf refragments the packets with the same maximum size.
  • Allowpf(4) to filter on the rdomain a packet belongs to.
  • Makepf(4) allow userland proxies to establish cross rdomain proxy sessions.
  • Added IPv6 ACK prioritization inpf(4).
  • Change 'set skip on <...>' to work with interface groups.
  • pfsync(4) supports IPv6 as network protocol.
  • Switchedftp-proxy(8) over to divert-to instead of rdr-to.
  • tftp-proxy(8) uses 'divert-to' as well.

• SCSI improvements:
  • most SCSI hardware drivers now use the new iopools infrastructure.
  • scsi(4) devices are now all provided with a unique devid, which is displayed during the probe process.
  • ASC/ASCQ error codes and verbiage now in sync with http://www.t10.org/lists/asc-num.txt.
  • progress on iSCSI includes better login, better logout, preliminary FSM support iniscsid(8), and improved logging and debug information.
  • uk(4) can now safely and reliably detach an unknown SCSI device.
  • mpath(4) device and kernel support is improved.
  • vscsi(4) now ensures output always goes to the correct connection.
  • vscsi(4) connections can now be reset gracefully.
  • scsi(4) devices on fibre channel fabrics no longer inherit the adapter's address.

• Assorted improvements:
  • For additional security,security(8) was rewritten in Perl.
  • Mandoc 1.11.4: Now acceptseqn(7) input (no fancy formatting yet) and supports -Tutf8 output (but no utf8 input yet).
  • Removed a variety of OS-compat emulation code, leaving just the Linux support.
  • Small improvements to Linux compat (only available on i386).
  • Improved our ownpkg-config(1) implementation with extended comparison scheme and implementing various new options.
  • The math library, libm, was fully fleshed out to support all C99 required parts. Many bugs for various architectures were fixed along the way.
  • malloc(3) is a lot faster and has a few further security features (more randomization, as well as the 'S' flag to enable all paranoia checks).
  • 'make depend' is no longer neccessary in kernel compilation directories since the dependencies are calculated automatically.
  • Increased the default size of the buffer cache.
  • kqueue(2) now works on /dev/random and spliced sockets
  • On MBR-based disks, scan through up to 256 extended partition tables when looking for an OpenBSD partition table.
  • Added POSIX 2008fdopendir(3) andopenat(2) functions, as well as the O_CLOEXEC, O_DIRECTORY, and F_DUPFD_CLOEXEC flags.
  • Improved lint format string checks and added a few other checks.
  • kdump(1) now dumps stat and sockaddr structures, sysctl mib strings, and decodes syscall flags and operation bits.
  • Improved kernel pool debug checking.
  • Improved correctness of signals and various syscalls when rthreads are in use.
  • Kernelmalloc(9) space and stacks moved to non-dma memory.
  • Fixed some shutdown/reboot hangs on NFS clients.
  • UNIX-domain socket paths are now guaranteed to be NUL-terminated.
  • Added support for*wprintf(3),wcs{,n}casecmp(3), andwcsdup(3).
  • NULL is now a (void *).

• Install/Upgrade process changes:
  • Completed support for DUID disk installs, and enabled it fully.
  • Tried to makesysmerge(8) work in the installer, but ran into small problems and decided to disable it.
  • Install non-free firmwares from the internet upon first boot, based on a question in the installer.
  • svnd(4)-like behaviour became the default forvnd(4) devices. This is what is used to build the media.

• rc.d(8) framework improvements:
  • rc.d(8) is now also used for the base system daemons.
  • Backward compatible with the historic way of starting daemons.
  • Notify the user by appending (ok) or (failed) in interactive mode.
  • Better diagnostics with the introduction of RC_DEBUG.

• OpenSSH 5.9:
  • New features:
    • Introduce sandboxing of the pre-auth privsep child using an optionalsshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform.
    • Add new SHA256-based HMAC transport integrity modes from https://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt These modes are hmac-sha2-256, hmac-sha2-256-96, hmac-sha2-512, and hmac-sha2-512-96, and are available by default inssh(1) andsshd(8).
    • The pre-authenticationsshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot.
    • ssh(1) now warns when a server refuses X11 forwarding.
    • sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by whitespace. The undocumented AuthorizedKeysFile2 option is deprecated (though the default for AuthorizedKeysFile includes .ssh/authorized_keys2).
    • sshd_config(5): similarly deprecate UserKnownHostsFile2 and GlobalKnownHostsFile2 by making UserKnownHostsFile and GlobalKnownHostsFile accept multiple options and default to include known_hosts2.
    • sshd_config(5)'s ControlPath option now expands %L to the host portion of the destination host name.
    • sshd_config(5) "Host" options now support negated Host matching.
    • sshd_config(5): a new RequestTTY option provides control over when a TTY is requested for a connection, similar to the existing -t/-tt/-Tssh(1) commandline options.
    • ssh-keygen(1): Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa) for which host keys do not exist, generate the host keys with the default key file path, an empty passphrase, default bits for the key type, and default comment. This is useful for system initialisation scripts.
    • ssh(1): Allow graceful shutdown of multiplexing: request that a mux server removes its listener socket and refuse future multiplexing requests but don't kill existing connections. This may be requested using "ssh -O stop ...".
    • ssh-add(1): now accepts keys piped from standard input.
  • The following significant bugs have been fixed in this release:
    • Retain key comments when loading v.2 keys. These will be visible in "ssh-add -l" and other places. (bz#439)
    • ssh(1) andsshd(8): set IPv6 traffic class from IPQoS (as well as IPv4 ToS/DSCP). (bz#1855)
    • sshd(8): allow GSSAPI authentication to detect when a server-side failure causes authentication failure and don't count such failures against MaxAuthTries. (bz#1244)
    • ssh-keysign(8): now signs hostbased authentication challenges correctly using ECDSA keys. (bz#1858)
    • sftp(1): document that sftp accepts square brackets to delimit addresses (useful for IPv6). (bz#1847a)
    • ssh(1): when using session multiplexing, the master process will change its process title to reflect the control path in use and when a ControlPersist-ed master is waiting to close. (bz#1883 and bz#1911)
    • Other minor bugs fixed: bz#1849, bz#1861, bz#1862, bz#1869, bz#1875, bz#1878, bz#1879, bz#1892, bz#1900, bz#1905, and bz#1913.

• Over 7,200 ports, major robustness and speed improvements in package tools.
• Many pre-built packages for each architecture:

  i386: 7008 sparc64: 6456 alpha: 6046

  sh: 3721 amd64: 6960 powerpc: 6691

  sparc: 3277 arm: 2963 hppa: 6125

  vax: 1409 mips64: 5689 mips64el: 5709

• Some highlights:
  • Gnome 2.32.2
  • KDE 3.5.10
  • Xfce 4.8.0
  • MySQL 5.1.54
  • PostgreSQL 9.0.5
  • Postfix 2.8.4
  • OpenLDAP 2.3.43 and 2.4.25
  • Mozilla Firefox 3.5.19, 3.6.18 and 5.0
  • Mozilla Thunderbird 5.0
  • GHC 7.0.4
  • LibreOffice 3.4.1.3
  • Emacs 21.4, 22.3 and 23.3
  • Vim 7.3.154
  • PHP 5.2.17 and 5.3.6
  • Python 2.4.6, 2.5.4 and 2.7.1
  • Ruby 1.8.7.352 and 1.9.2.200
  • Tcl 8.5.9
  • Jdk 1.7
  • Mono 2.10.2
  • Chromium 12.0.742.122
  • Groff 1.21

• As usual, steady improvements in manual pages and other documentation.
• Base system and Xenocara manuals are now installed as source code, makinggrep(1) more useful in /usr/share/man/ and /usr/X11R6/man/.
• If both formatted and source versions of manuals are installed,man(1) automatically displays the newer version of each page. - The system includes the following major components from outside suppliers:
• Xenocara (based on X.Org 7.6 with xserver 1.9 + patches, freetype 2.4.5, fontconfig 2.8.0, Mesa 7.8.2, xterm 270, xkeyboard-config 2.3 and more)
• Gcc 2.95.3 (+ patches), 3.3.5 (+ patches) and 4.2.1 (+patches)
• Perl 5.12.2 (+ patches)
• Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
• OpenSSL 1.0.0a (+ patches)
• Sendmail 8.14.5, with libmilter
• Bind 9.4.2-P2 (+ patches)
• Lynx 2.8.7rel.2 with HTTPS and IPv6 support (+ patches)
• Sudo 1.7.2p8
• Ncurses 5.7
• Heimdal 0.7.2 (+ patches)
• Arla 0.35.7
• Binutils 2.15 (+ patches)
• Gdb 6.3 (+ patches)

Following this are the instructions which you would have on a piece ofpaper if you had purchased a CDROM set instead of doing an alternateform of install. The instructions for doing an FTP (or other styleof) install are very similar; the CDROM instructions are left intactso that you can see how much easier it would have been if you hadpurchased a CDROM instead.

• CD1:5.0/i386/INSTALL.i386

• CD2:5.0/amd64/INSTALL.amd64
• CD2:5.0/macppc/INSTALL.macppc

• CD3:5.0/sparc64/INSTALL.sparc64

• FTP:.../OpenBSD/5.0/alpha/INSTALL.alpha
• FTP:.../OpenBSD/5.0/armish/INSTALL.armish
• FTP:.../OpenBSD/5.0/hp300/INSTALL.hp300
• FTP:.../OpenBSD/5.0/hppa/INSTALL.hppa
• FTP:.../OpenBSD/5.0/landisk/INSTALL.landisk
• FTP:.../OpenBSD/5.0/loongson/INSTALL.loongson
• FTP:.../OpenBSD/5.0/mvme68k/INSTALL.mvme68k
• FTP:.../OpenBSD/5.0/mvme88k/INSTALL.mvme88k
• FTP:.../OpenBSD/5.0/sgi/INSTALL.sgi
• FTP:.../OpenBSD/5.0/socppc/INSTALL.socppc
• FTP:.../OpenBSD/5.0/sparc/INSTALL.sparc
• FTP:.../OpenBSD/5.0/vax/INSTALL.vax
• FTP:.../OpenBSD/5.0/zaurus/INSTALL.zaurus

Quick installer information for people familiar with OpenBSD, and theuse of the "disklabel -E" command. If you are at all confused wheninstalling OpenBSD, read the relevant INSTALL.* file as listed above!

Play with your BIOS options to enable booting from a CD. The OpenBSD/i386release is on CD1. If your BIOS does not support booting from CD, you will needto create a boot floppy to install from. To create a boot floppy writeCD1:5.0/i386/floppy50.fs to a floppy and boot via the floppy drive.

UseCD1:5.0/i386/floppyB50.fs instead for greater SCSI controllersupport, orCD1:5.0/i386/floppyC50.fs for better laptop support.

If you can't boot from a CD or a floppy disk,you can install across the network using PXE as described inthe included INSTALL.i386 document.

If you are planning on dual booting OpenBSD with another OS, you will need toread INSTALL.i386.

To make a boot floppy under MS-DOS, use the "rawrite" utility locatedatCD1:5.0/tools/rawrite.exe. To make the boot floppy under a Unix OS,use thedd(1)utility. The following is an example usage ofdd(1),where the device could be "floppy", "rfd0c", or"rfd0a".

#dd if=<file> of=/dev/<device> bs=32k

Make sure you use properly formatted perfect floppies with NO BAD BLOCKS oryour install will most likely fail. For more information on creating a bootfloppy and installing OpenBSD/i386 please refer tothis page.

The 5.0 release of OpenBSD/amd64 is located on CD2.Boot from the CD to begin the install - you may need to adjustyour BIOS options first.If you can't boot from the CD, you can create a boot floppy to install from.To do this, writeCD2:5.0/amd64/floppy50.fs to a floppy, thenboot from the floppy drive.

If you can't boot from a CD or a floppy disk,you can install across the network using PXE as described in the includedINSTALL.amd64 document.

If you are planning to dual boot OpenBSD with another OS, you will need toread INSTALL.amd64.

Put CD2 in your CDROM drive and poweron your machine while holding down theC key until the display turns on and showsOpenBSD/macppc boot.

Alternatively, at the Open Firmware prompt, enterboot cd:,ofwboot/5.0/macppc/bsd.rd

Put CD3 in your CDROM drive and typeboot cdrom.

If this doesn't work, or if you don't have a CDROM drive, you can writeCD3:5.0/sparc64/floppy50.fs orCD3:5.0/sparc64/floppyB50.fs(depending on your machine) to a floppy and boot it withbootfloppy. Refer to INSTALL.sparc64 for details.

Make sure you use a properly formatted floppy with NO BAD BLOCKS or your installwill most likely fail.

You can also writeCD3:5.0/sparc64/miniroot50.fs to the swap partition onthe disk and boot withboot disk:b.

If nothing works, you can boot over the network as described in INSTALL.sparc64.

WriteFTP:5.0/alpha/floppy50.fs orFTP:5.0/alpha/floppyB50.fs (depending on your machine) to a diskette andenterboot dva0. Refer to INSTALL.alpha for more details.

Make sure you use a properly formatted floppy with NO BAD BLOCKS or your installwill most likely fail.

After connecting a serial port, Thecus can boot directly from the networkeither tftp or http. Configure the network using fconfig, reset,then load bsd.rd, see INSTALL.armish for specific details.IOData HDL-G can only boot from an EXT-2 partition. Boot into linuxand copy 'boot' and bsd.rd into the first partition on wd0 (hda1)then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.More details are available in INSTALL.armish.

Boot over the network by following the instructions in INSTALL.hp300.

Boot over the network by following the instructions in INSTALL.hppa or thehppa platform page.

Writeminiroot50.fs to the start of the CFor disk, and boot normally.

Writeminiroot50.fs to a USB stick and boot bsd.rd from itor boot bsd.rd via tftp.Refer to the instructions in INSTALL.loongson for more details.

You can create a bootable installation tape or boot over the network.
The network boot requires a MVME68K BUG version that supports theNIOTandNBO debugger commands. Follow the instructions in INSTALL.mvme68kfor more details.

You can create a bootable installation tape or boot over the network.
The network boot requires a MVME88K BUG version that supports theNIOTandNBO debugger commands. Follow the instructions in INSTALL.mvme88kfor more details.

To install on an O2, burn cd50.iso on a CD-R, put it in the CD drive of yourmachine and selectInstall System Software from the System Maintenancemenu.

On other systems, or if your machine doesn't have a CD drive, you cansetup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" usingthe kernel matching your system type.Refer to the instructions in INSTALL.sgi for more details.

After connecting a serial port, boot over the network via DHCP/tftp.Refer to the instructions in INSTALL.socppc for more details.

Boot from one of the provided install ISO images, using one of the twocommands listed below, depending on the version of your ROM.

okboot cdrom 5.0/sparc/bsd.rdor>b sd(0,6,0)5.0/sparc/bsd.rd

If your SPARC system does not have a CD drive, you can alternatively boot from floppy.To do so you need to writefloppy50.fs to a floppy.For more information seethis page.To boot from the floppy use one of the two commands listed below,depending on the version of your ROM.

okboot floppyor>b fd()

Make sure you use a properly formatted floppy with NO BAD BLOCKS or your installwill most likely fail.

If your SPARC system doesn't have a floppy drive nor a CD drive, you can eithersetup a bootable tape, or install via network, as told in theINSTALL.sparc file.

Boot over the network via mopbooting as described in INSTALL.vax.

Using the Linux built-in graphical ipkg installer, install theopenbsd50_arm.ipk package. Reboot, then run it. Read INSTALL.zaurusfor a few important details.

src.tar.gz contains a source archive starting at /usr/src. This filecontains everything you need except for the kernel sources, which arein a separate archive. To extract:

#mkdir -p /usr/src#cd /usr/src#tar xvfz /tmp/src.tar.gz

sys.tar.gz contains a source archive starting at /usr/src/sys.This file contains all the kernel sources you need to rebuild kernels.To extract:

#mkdir -p /usr/src/sys#cd /usr/src#tar xvfz /tmp/sys.tar.gz

Both of these trees are a regular CVS checkout. Using these trees itis possible to get a head-start on using the anoncvs servers asdescribedhere.Using these filesresults in a much faster initial CVS update than you could expect froma fresh checkout of the full OpenBSD source tree.

If you already have an OpenBSD 4.9 system, and do not want to reinstall,upgrade instructions and advice can be found in theUpgrade Guide.

A ports tree archive is also provided. To extract:

#cd /usr#tar xvfz /tmp/ports.tar.gz#cd ports

Theports/ subdirectory is a checkout of the OpenBSD ports tree. Goread theports pageif you know nothing about portsat this point. This text is not a manual of how to use ports.Rather, it is a set of notes meant to kickstart the user on theOpenBSD ports system.

Theports/ directory represents a CVS (see the manpage forcvs(1) ifyou aren't familiar with CVS) checkout of our ports. As with our completesource tree, our ports tree is available via anoncvs. So, inorder to keep current with it, you must make theports/ treeavailable on a read-write medium and update the tree with a commandlike:

#cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_0

[Of course, you must replace the local directory and server name herewith the location of your ports collection and a nearby anoncvsserver.]

Note that most ports are available as packages through FTP. Updatedpackages for the 5.0 release will be made available if problems arise.

If you're interested in seeing a port added, would like to help out, or justwould like to know more, the mailing list ports@openbsd.org is a goodplace to know.