Copyright © 2010 The FreeBSD Documentation Project
$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/article.sgml,v
1.1068.2.34.2.8 2010/03/20 16:39:28 hrs Exp $
FreeBSD is a registered trademark of the FreeBSD Foundation.
IBM, AIX, EtherJet, Netfinity, OS/2, PowerPC, PS/2, S/390, and ThinkPad are trademarks of International Business Machines Corporation in the United States, other countries, or both.
IEEE, POSIX, and 802 are registered trademarks of Institute of Electrical and Electronics Engineers, Inc. in the United States.
Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
Sparc, Sparc64, SPARCEngine, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. Products bearing SPARC trademarks are based upon architecture developed by Sun Microsystems, Inc.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the “™” or the “®” symbol.
The release notes for FreeBSD 7.3-RELEASE contain a summary of the changes made to the FreeBSD base system on the 7.3-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.
This document contains the release notes for FreeBSD 7.3-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.
This distribution of FreeBSD 7.3-RELEASE is a release distribution. It can be found at ftp://ftp.FreeBSD.org/ or any of its mirrors. More information on obtaining this (or other) release distributions of FreeBSD can be found in the “Obtaining FreeBSD” appendix to the FreeBSD Handbook.
All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with “late-breaking” information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 7.3-RELEASE can be found on http://www.FreeBSD.org/releases/7.3R/errata.html.
This section describes the most user-visible new or changed features in FreeBSD since 7.2-RELEASE.
Typical release note items document recent security advisories issued after 7.2-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.
Problems described in the following security advisories have been fixed. For more information, consult the individual advisories available from http://security.FreeBSD.org/.
Advisory | Date | Topic |
---|---|---|
SA-09:09.pipe | 10 June 2009 |
Local information disclosure via direct pipe writes |
SA-09:10.ipv6 | 10 June 2009 |
Missing permission check on SIOCSIFINFO_IN6 ioctl |
SA-09:11.ntpd | 10 June 2009 |
ntpd stack-based buffer-overflow vulnerability |
SA-09:12.bind | 29 July 2009 |
BIND named(8) dynamic update message remote DoS |
SA-09:14.devfs | 2 Oct 2009 |
Devfs / VFS NULL pointer race condition |
SA-09:15.ssl | 3 Dec 2009 |
SSL protocol flaw |
SA-09:16.rtld | 3 Dec 2009 |
Improper environment sanitization in rtld(1) |
SA-09:17.freebsd-update | 3 Dec 2009 |
Inappropriate directory permissions in freebsd-update(8) |
SA-10:01.bind | 6 Jan 2010 |
BIND named(8) cache poisoning with DNSSEC validation |
SA-10:02.ntpd | 6 Jan 2010 |
ntpd mode 7 denial of service |
SA-10:03.zfs | 6 Jan 2010 |
ZFS ZIL playback with insecure permissions |
The closefrom(2) system call has been added. This closes any open file descriptors which are equal to or larger than the specified value. Note that this does not fail with any errors and this is not multi-thread safe.
The ddb(8) subcommands for geom(8) now supports pagination.
The
futimes(2),
lutimes(2), and
utimes(2) system
call now support a sysctl variable vfs.timestamp_precision
.
The
jail(8)
subsystem now supports security.jail.ip4_saddrsel
and security.jail.ip6_saddrsel
sysctl variables to control whether to
use source address selection or the primary jail address for unbound outgoing
connections. The default is that the source address selection is enabled. Also, the jail
parameter ip4.saddrsel
and ip6.saddrsel
are boolean option to enable the source address
selection for IPv4 and IPv6, respectively. If the boolean parameters ip4.nosaddrsel
and ip6.nosaddrsel
are
set, the child jails do not inherit the address selection options of the parent.
[amd64] The kmem_map
KVA space has been increased to
512GB.
The lindev(4) driver has been added. This is for Linux-specific pseudo devices and currently used only for /dev/full.
FreeBSD Linux emulation layer now supports SO_PEERCRED
socket option, MSG_CMSG_CLOEXEC
for recvmsg()
, and robust futex. The futex has been reimplemented by
using
sx(9) lock.
Initial support of
ktr(4) tracing
has also been added.
A lock handling error has been fixed in interaction between malloc(3) implementation and threading library. When a multi-threaded process calls the fork(2) system call in a thread and the malloc(3) function in another thread, it caused a deadlock in the child process.
PECOFF image activator support has been removed.
FreeBSD now supports POSIX semaphores (P1003_1B_SEMAPHORES
kernel option) by default.
A deadlock in the sched_ule(4) scheduler has been fixed. For more details, see EN-10:02.sched_ule.
The sglist(9) API to manage scatter/gather lists of physical addresses has been added.
FreeBSD ABI of some of the structures used by the System V IPC API has been changed
internally, and it now supports shared memory segments for System V IPC which is larger
than 2GB on 64-bit platforms. For new kernel modules, the kern_msgctl()
, kern_semctl()
, and
kern_shmctl()
functions will be transparently renamed to
the new kern_new_*()
functions by using ABI shims. The old
functions remain as the old names to provide backward compatibility for older kernel
modules.
A new sysctl variable security.bsd.map_at_zero
has been
added and set to 1 (allow) by default. This controls whether
FreeBSD allows to map an object at the address 0, which is part
of the user-controlled portion of the virtual address space. Disabling this has some
effect on preventing an attack which injects malicious code into that location and
triggers a NULL pointer dereference in the kernel.
A new boot loader gptzfsboot, which supports GPT and ZFS has been added.
The boot loader zfsboot now always uses 64-bit LBAs and supports more than seven drives in the ZFS pools.
A bug in zfsboot has been fixed. A /boot.config smaller than 512 bytes was ignored.
zfsloader, the final boot loader similar to loader(8) which supports ZFS has been added.
A bug in the boot loader has been fixed. It failed to recognize GPT correctly when the system supports both of MBR and GPT and they are synchronized with each other.
[pc98] The boot2 program has been reimplemented based on the latest version for i386.
The amdsbwd(4) driver for AMD SB600/SB7xx watchdog timer has been added.
The
cpuctl(4) driver
now supports atomically setting/clearing individual bits of a MSR register. Two new ioctl
calls CPUCTL_MSRSBIT
and CPUCTL_MSRCBIT
treat the data field of struct in the argument
passed as a mask and set/clear bits of the MSR register according to the mask value. The
cpucontrol(8)
utility also supports this feature. For more details, see Userland Changes section.
The cpufreq(4) driver now supports Phenom (Family 10h).
[amd64, i386] CPU cache flushing has been optimized when changing caching attributes
of pages by doing nothing for CPUs that support self-snooping and using CLFLUSH instead of a full cache invalidate when possible. FreeBSD
does not use CLFLUSH on Intel CPUs due to problems with flushing
the local APIC range by default. This can be controlled via the hw.clflush_disable
loader tunable. A setting of 1 disables the use of CLFLUSH. A setting of
0 allows CLFLUSH to be used for Intel
CPUs when CPUID_SS is not present. This fixes a kernel panic
occurred on Xen which disables self-snooping.
[sparc64] The epic(4) driver for the front panel LEDs in Sun Fire V215/V245 has been added.
[sparc64] The fire(4) driver for “Fire” JBus to PCIe bridges found in at least the Sun Fire V215/V245 and Sun Ultra 25/45 machines has been added.
[amd64, i386] The hwpmc(4) driver for Hardware Performance Monitoring Counter support has been added. This consists of the kernel driver, pmc(3) interface library, and userland utilities pmcannotate(8), pmccontrol(8), and pmcstat(8), and allows applications to use hardware performance counters to gather performance data about specific processes or for the system as a whole.
Several bugs in the ipmi(4) driver which prevents the watchdog timeout setting from working, have been fixed.
The k8temp(4) driver has been renamed with amdtemp(4). The new driver supports AMD K10 and K11 as well as K8.
A loader tunable hw.mca.enabled
has been added. This can
be used to enable/disable the machine check code. Disabled by default.
A sysctl variable hw.pagesizes
has been added. This
reports all of the supported page sizes on the system.
PCI Express memory-mapped configuration space access, ACPI MCFG table support, and BAR
(Base Address Register) handling in the
pci(4) subsystem
has been improved. This is disabled by default and can be enabled by setting a loader
tunable hw.pci.mcfg
to 1. This
value can be queried via a sysctl variable of the same name.
[amd64, i386] FreeBSD now supports VIA Nano processor family.
DRM now supports Radeon HD 4200 (RS880), 4770 (RV740), and R6/7xx 3D, and Intel G41 chips.
The vgapci(4) driver for PCI VGA display devices which can attach devices as the children now supports proxying of PCI MSI/MSI-X (Message Signaled Interrupt) requests and bus interrupt requests for the child devices. This allows child devices to use MSI/MSI-X interrupts.
The alc(4) driver for Atheros AR8131/AR8132 PCIe Ethernet controller has been added.
A bug in the bce(4) driver has been fixed. When adding a bce(4) interface on the system as a lagg(4) member with the LACP aggregation protocol enabled network communication via the bce(4) interface stopped completely. Although the bce(4) interface worked if it was not a lagg(4) member, the incoming traffic statistics which can be found in netstat(1) output was incorrect because every packet was recognized as full-sized one.
Several bugs in the bge(4) driver have been fixed. It caused a panic when a lot of traffic is being handled on the interface while the system is shutting down, and had a DMA issue when buffer address crosses a multiple of the 4GB boundaries.
The bge(4) driver now supports TSO (TCP segmentation offloading) for BCM5755 or newer chips.
[sparc64] The cas(4) driver has been added to provide support for Sun Cassini/Cassini+ and National Semiconductor DP83065 Saturn Gigabit Ethernet devices.
The cxgb(4) driver has been upgraded to the latest version. The firmware version is 7.8.0.
The et(4) driver now supports IPv4/TCP/UDP Tx checksum offloading.
The fxp(4) driver has been improved. The multicast filter re-programming is now more robust. A bug which caused incorrect IP packet length in the header when TSO (TCP segmentation offloading) is enabled has been fixed. This fixes poor performance when TSO is enabled in the previous releases.
The msk(4) driver has been improved for robust operation. Also, it now supports Yukon FE+ A0 including 88E8040, 88E8040T, 88E8042, 88E8048, 88E8057, and 88E8070.
Several bugs in the mxge(4) driver have been fixed and the firmware version is now 1.4.48b. It could lose the promiscuous flag on resetting and cause a kernel panic on the hardware fault.
A bug in the nfe(4) driver has been fixed. It caused buffer allocation failure for jumbo frames.
The
nge(4) driver
has been improved and now works on all supported platforms. It now supports
altq(4),
hardware checksum offloading for
vlan(4) tagged
frames, WoL (Wake-on-Lan), jumbo frames, and PCI MWI (Memory Write and Invalidate)
commands. Hardware MAC statistics can be obtained via a new sysctl variable dev.nge.N.stats
. Another new
sysctl variable dev.nge.N.int_holdoff
has been added to control interrupt
moderation. The valid ranges are 1 (100us) to 255, and the actual delivery of interrupt would be delayed based on
this value. The default is 1. For more details, see
nge(4) manual
page.
The
ste(4) driver
has been improved and now works on all supported platforms. It now supports
suspend/resume and WoL (Wake-on-Lan). Hardware MAC statistics can be obtained via a new
sysctl variable dev.ste.N.stats
. Another new sysctl variables dev.ste.N.int_rx_mod
has been
added to control RX interrupt moderation time. The default value is 150 (150us). For more details, see
ste(4) manual
page.
The
vge(4) driver
has been improved. It now supports hardware checksum offloading for
vlan(4) tagged
frames and WoL (Wake-on-Lan). Hardware MAC statistics can be obtained via a new sysctl
variable dev.vge.N.stats
. Another new sysctl variables dev.nge.N.int_holdoff
, dev.nge.N.rx_coal_pkt
, and
dev.nge.N.tx_coal_pkt
has been added to control interrupt moderation. For more details, see
vge(4) manual
page.
A bug in the xl(4) driver which caused occasional watchdog timeouts has been fixed.
A bug in the gif(4) that EtherIP packets sent by combination of if_bridge(4) and gif(4) have a reversed version field has been fixed. If you need to communicate with older FreeBSD releases via EtherIP, use new flags accept_rev_ethip_ver and send_rev_ethip_ver to control handling the reversed version field. These can be set by ifconfig(8) utility to gif(4) interfaces. The EtherIP implementation found on FreeBSD 6.1, 6.2, 6.3, 7.0, 7.1, and 7.2 had an interoperability issue because it sent the incorrect EtherIP packets and discarded the correct ones. For more details, see gif(4) manual page.
IPcomp protocol is now enabled by default. This can be controlled by a sysctl variable
net.inet.ipcomp.ipcomp_enable
.
A bug in the ng_iface(4) driver has been fixed. An infinite loop happened when a packet passes out via two different netgraph(3) interfaces sequentially due to tunneling.
A kernel option IPFW_DEFAULT_TO_ACCEPT
has been replaced
with a new loader tunable net.inet.ip.fw.default_to_accept
.
The value can be queried via a sysctl variable of the same name.
The
tap(4) software
network interface supports a new ioctl TAPGIFNAME
. This is
convenient shortcut ported from NetBSD to obtain network interface name using file
descriptor for character device.
The vlan(4) driver is now enabled in the GENERIC kernel.
The aac(4) driver has been synchronized with the latest official vendor driver.
The ahc(4) driver now supports Adaptec 39320LPE adapters.
ATA command timeout in the
ata(4) driver
has been increased. This value can be set by using a kernel option ATA_REQUEST_TIMEOUT
.
A bug in the ata(4) driver has been fixed. It could generate an I/O request larger than controller's maximum I/O size and caused a kernel panic.
An algorithm for load balancing mode in the gmirror(8) GEOM class has been changed and this mode is now set by default instead of split. The load mode uses averaged number of requests, running on each drive instead of measuring last request execution time for each drive and choosing one with smallest time.
A bug in the gpart(8) GEOM class has been fixed. It could not handle a GPT header whose size is greater than 92 bytes which is written by OpenSolaris.
The default stripe size of
gstripe(8) GEOM
class has been changed from 4KB to 64KB. This change will affect users preferring the create command over the label command,
which will now need to explicitly specify the old stripe size (-s
4096) in order to use their old
gstripe(8)
volumes.
The
hptrr(4) driver
now supports a new loader tunable hw.hptrr.attach_generic
to
prevent the driver from being attached to some Marvell chips which have no HPT RAID
BIOS.
The mfi(4) driver now supports LSI MegaRAID SAS 1078 and Dell PERC6.
The ext2fs(5) file system has been improved. A bug when the inode size is other than 128 has been fixed.
FreeBSD Network File System now supports caching of negative pathname lookup in the NFS client, and uses 3 seconds timeout (30 seconds in the prior releases) for caching attributes of a directory in the client.
The pseudofs(9) subsystem used in procfs(5) and linprocfs(5) are now MPSAFE.
UFS_DIRHASH (enabled by default) now supports removing the
cache data when the system memory is low (via vm_lowmem
event handler). A bug that the system caused a panic when decreasing a sysctl variable
vfs.ufs.dirhash_maxmem
below the current amount of memory
used by UFS_DIRHASH, has been fixed.
A new sysctl variable for the
VFS(9) subsystem
vfs.flushbufqtarget
has been added. This can fix issues in
bufdaemon, a kernel process responsible for flushing dirty
buffers, which can cause the process to deadlock in a certain workload. The value of the
variable determines the number of buffers will be flushed before allocating a new buffer.
The default value of the variable on 7.3-RELEASE is -1
(disabled). The FreeBSD 8.0-RELEASE uses 100 by default.
ZFS has been updated from version 6 to version 13. This update includes numerous new ZFS features, such as permitting non-root users to perform some administrative functions, supporting additional disks for caching or the ZFS Intent Log, and partial chflags(2) support. It also includes some FreeBSD-specific additions, such as booting from ZFS file systems, removal of ARC size limitations, ARC back pressure (which allows ZFS to work without tunables on amd64), and many bugfixes.
The acpidump(8) utility now supports parsing SRAT (System Resource Affinity Table used to describe affinity relationships between CPUs and memory.
The
apropos(1)
command no longer sets the necessary directories to PATH
variable. This means if the caller does not have /bin and /usr/bin in PATH
, then it does not
work.
The bluetooth(3) library now supports Bluetooth HCI API.
The
btpand(8) daemon
now supports Bluetooth device node names in a -d
option.
A bug in the
chflags(1) -h
option has been fixed. It used link target's flags as the
original one.
The
cp(1) command
now preserves file flags on symbolic links when options -Rp
are specified. It reported an error “function not implemented”.
The cpucontrol(8) command now allows user to perform atomic bitwise AND and OR operations on MSR registers. Two new operations (&= and |=) have been added. The first one applies bitwise AND operation between the current contents of the MSR register and the mask, and the second performs bitwise OR. The argument can be optionally prefixed with ~ inversion operator. The following is an example to clear the second bit of TSC MSR:
# cpucontrol -m 0x10&=~0x02
The
cpuset(1)
command now supports interrupt binding by a new option -x irq
.
The default
crontab(5) file
no longer define a variable HOME
.
The
df(1) command
now uses human-readable output for inode counts when an -H
or
-h
is specified.
A bug in the dhclient(8) utility when appending a NUL-terminated text provided by a DHCP server, has been fixed.
The dhclient(8) utility now uses 68 (bootpc) as the source port for unicast DHCPREQUEST packets instead of allowing the protocol stack to pick a random source port. This fixes the behavior where dhclient(8) would never transition from RENEWING to BOUND without going through REBINDING in some networks which has a tight policy on DHCP spoofing.
The fdisk(8) utility now supports size qualifiers (K, M, and G) and * for automatic calculation in the p command.
The fetch(1) command now supports HTTP digest authentication.
The
fetch(1) command
now supports NO_PROXY
and no_proxy
environment variables to disable use of HTTP proxy. For
more details, see
fetch(3) manual
page.
A bug in the
fetch(1) command
that FTP_TIMEOUT
and HTTP_TIMEOUT
environment variables were ignored, has been
fixed.
A bug in the fetch(1) command that default parameters such as connection timeout were not set for HTTPS protocol, has been fixed. It now uses the same parameters as HTTP.
A bug in the
find(1) command
has been fixed. It ignored an -L
option when -delete
is specified. The following command can be safely used to
remove broken links:
find -L . -type l -print0 | xargs rm -0
A bug in the find(1) and rm(1) command has been fixed. When a symbolic link has uchg or uappend flag, the commands attempted to clear the target file, not the symbolic link itself.
The gzip(1) command now supports uncompressing files compressed by pack(1), which is found in some commercial Unix systems.
The ktrace(1) utility now supports a new KTRACE record for sysctl(3) invocations.
FreeBSD libc library now includes fdopendir(3) function.
FreeBSD libc library now includes
feature_present(3) function which checks to see
if a named kernel feature is present by checking the kern.features
sysctl MIB.
FreeBSD libc library now includes getpagesize(3) function that returns either the number of page sizes supported by the system or a specified subset of the supported page sizes.
The libradius(3) now supports simple embedded RADIUS server.
The
lp(1) command
now supports -m
option to send an email after the files have
been printed, and -t title
option to write title on the banner page of the output. These are
required by POSIX standard.
The lpq(1) command now correctly translates remote host names which contain non-standard end-of-line characters.
The man(1) command now supports manual pages in UTF-8.
The
mergemaster(8)
utility now uses an -L
option when it invokes
mtree(8) command
to follow symbolic links.
The
mergemaster(8)
utility now supports DELETE_STALE_RC_FILES
variable in mergemaster.rc file to delete stale rc.d scripts automatically.
A userland utility mfiutil(8) for the mfi(4) devices has been added. This includes basic features to monitor controller, array, and drive status, change basic attributes, create/delete arrays and spares, and flush the controller firmware. Note that this is a small utility, not a replacement of MegaCLI in the Ports Collection which is supported officially and provides more functionality.
A userland utility mptutil(8) for the mpt(4) devices has been added. This includes basic features to monitor controller, array, and drive status, change basic attributes, and create/delete arrays and spares.
The newfs_msdos(8) command now supports media which have no CHS parameter.
The ntpd(8) daemon no longer tries to bind an IPv6 anycast address.
The
pkill(1) command
now ignores itself and the ancestors when finding processes. An -a
option has been added for backward compatible behavior.
A race condition in the ppp(8) daemon has been fixed.
The
ps(1) command
now supports a new flag -p
. This displays descendant info
with the output similar to Linux's -H
(or -f
).
The pwait(1) command, which waits for any process to terminate has been added.
The
pwd_mkdb(8) now
verifies login name length is shorter than MAXLOGNAME
when a
-C
option is specified. Note that entries with oversized
login names are still allowed in the passwd database, and getpwent*()
and getpwuid*()
functions return them correctly. The getpwnam*()
truncates
them to MAXLOGNAME
- 1 when reading the database. The
su(1) utility
fails for the long names.
The FreeBSD runtime linker, rtld(1) has been improved. The changes include:
The dynamic string token substitution in the rpath and soname has been implemented. This can be enabled by setting -z origin
option of
ld(1).
Currently, it recognizes $OSNAME
, $PLATFORM
, $OSREL
, and $ORIGIN
tokens. This translation is unconditionally disabled for
setuid/setgid processes.
PIE (Position Independent Executables) support has been improved. The runtime linker now calculates relocation base for the main object, and applies the relocation adjustment for all virtual addresses encoded into the ELF structures of it in order to make it possible to load PIE binaries at a non-zero base address.
The way the mapping of the ELF objects has been changed to make wiring of the address space possible. It now maps PROT_NONE anonymous memory over the whole range first, and then mapping the segments of the object over it. It allocates .bss by changing the protection of the range instead of remapping, and unnecessary clearing of the text segment when its end is not page-aligned has been eliminated.
A new environment variable LD_ELF_HINTS_PATH
for
overriding the rtld hints file has been supported. This feature gives a convenient way of
using a custom set of shared library that is not located in the default location and
switch back. This environment variable is automatically unset if the process is tainted
with setuid/setgid.
The strptime(3) function now supports %z format specifier.
The
sysinstall(8)
utility now supports a comma-separated list of network interfaces in netDev
option in install.cfg.
[ia64] The sysinstall(8) utility now uses 400MB for the EFI partition instead of 100MB in the previous releases.
The
tail(1) -F
flag now persists in trying to open files rather than giving up
when it encounters an error. ENOENT errors are not reported.
This behavior is consistent with the GNU version.
The tftp(1) command now returns a correct exit status in the case of successful file transfer.
The traceroute(8) program now uses in-kernel source address selection even in a jail(8) environment.
The
traceroute(8)
and
traceroute6(8)
now support an -a
flag to display AS number corresponding to
the lookup IP address on each hop. It will query the number to WHOIS server specified in
-A
option. If no -A
is specified,
whois.radb.net will be used as the default value.
The
tzsetup(8)
command now supports an -s
option to skip the initial
question about adjusting the clock if not set to UTC.
The
whois(1) utility
has been updated. A -d
option has been removed because whois.nic.mil no longer exists, and it supports searching for IPv6
addresses just like it can do for IPv4 addresses without having to explicitly specify
that the ARIN server should be used to get the initial information.
The yp(8) utilities now support shadow.byname and shadow.byuid maps. These requires privileged port access.
The service(8) command as an easy interface for the rc.d scripts has been added.
The
rc.conf(5) file
now supports create_args_IF
for interfaces created via cloned_interfaces
The
rc.conf(5) file
now supports vlans_IF
for creating
vlan(4)
interfaces. If a vlan interface is a number, then that number is treated as the vlan tag
for the interface and the interface will be named “IF.N”.
Otherwise, the vlan tag must be provided via a vlan
parameter
in a create_args_IF
variable.
The rc.d/fsck script now supports options for fsck_y_enable
via fsck_y_flags
.
The rc.d/named script now supports zone file check by named-checkconf(8) before the startup and the following options:
named_wait
has the script loop until a specified hostname
in named_wait_host
(localhost by
default) can be successfully looked up. This is disabled by default.
named_auto_forward
creates a forwarder configuration file
based on the contents of /etc/resolv.conf. This allows you to
utilize a local resolver for better performance, less network traffic, custom zones, etc.
while still relying on the benefits of your local network resolver. This is disabled by
default.
The rc.d/savecore script now supports invoking
crashinfo(8)
automatically during boot. A new variable crashinfo_enable
has been added to enable it.
The rc.d/static_arp script has been added. This allows the administrator to statically bind MAC to IPv4 address at boot time. An example is as follows:
static_arp_pairs="gw" static_arp_gw="192.168.1.1 00:01:02:03:04:05"
ISC BIND has been updated to version 9.4-ESV.
sendmail has been updated from version 8.14.3 to version 8.14.4.
The timezone database has been updated to the tzdata2010b release.
The timezone libraries (stdtime part of libc) and related binaries ( zic(8) and zdump(8)) have been updated to the tzcode2009k release. Note that tzsetup(8) needs to be run after the installation.
unifdef has been updated to version 1.188.
A bug in the pkg_info(1) command which caused a segmentation fault when an invalid long option is specified, has been fixed.
FreeBSD release ISO images now have “FreeBSD-” at the beginning of the filenames.
The supported version of the GNOME desktop environment (x11/gnome2) has been updated to 2.28.2.
The supported version of the KDE desktop environment (x11/kde4) has been updated to 4.3.5.
[amd64, i386] Beginning with FreeBSD 6.2-RELEASE, binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC or SMP kernels distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded has Internet connectivity.
An older form of binary upgrade is supported through the Upgrade option from the main sysinstall(8) menu on CDROM distribution media. This type of binary upgrade may be useful on non-i386, non-amd64 machines or on systems with no Internet connectivity.
Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING.
Important: Upgrading FreeBSD should, of course, only be attempted after backing up all data and configuration files.
This file, and other release-related documents, can be downloaded from ftp://ftp.FreeBSD.org/.
For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
All users of FreeBSD 7.3-STABLE should subscribe to the <stable@FreeBSD.org> mailing list.
For questions about this documentation, e-mail <doc@FreeBSD.org>.