FreeBSD 10.1-RELEASE Release Notes
Abstract
The release notes for FreeBSD 10.1-RELEASE contain a summary of the changes made to the FreeBSD base system on the 10.1-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.
Table of Contents
Introduction
This document contains the release notes for FreeBSD 10.1-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.
This distribution of FreeBSD 10.1-RELEASE is a release distribution. It can be found at http://www.FreeBSD.org/releases/
or any of its mirrors. More information on obtaining this (or other) release distributions of FreeBSD can be found in the Obtaining FreeBSD' appendix to the FreeBSD Handbook.
All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with "late-breaking" information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 10.1-RELEASE can be found on the FreeBSD Web site.
What’s New
This section describes the most user-visible new or changed features in FreeBSD since 10.0-RELEASE.
Typical release note items document recent security advisories issued after 10.0-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.
Security Advisories
The following security advisories have been issued since FreeBSD 10.0-RELEASE:
Advisory | Date | Topic |
---|---|---|
19 November 2013 |
OpenSSH AES-GCM memory corruption vulnerability |
|
14 January 2014 |
bsnmpd remote denial of service vulnerability |
|
14 January 2014 |
ntpd distributed reflection Denial of Service vulnerability |
|
14 January 2014 |
OpenSSL multiple vulnerabilities |
|
14 January 2014 |
BIND remote denial of service vulnerability |
|
8 April 2014 |
Deadlock in the NFS server |
|
8 April 2014 |
OpenSSL multiple vulnerabilities |
|
30 April 2014 |
Fix devfs rules not applied by default for jails |
|
30 April 2014 |
Fix TCP reassembly vulnerability |
|
30 April 2014 |
Fix OpenSSL use-after-free vulnerability |
|
15 May 2014 |
Fix OpenSSL NULL pointer deference vulnerability |
|
3 June 2014 |
Fix sendmail improper close-on-exec flag handling |
|
3 June 2014 |
Fix incorrect error handling in PAM policy parser |
|
5 June 2014 |
Multiple vulnerabilities |
|
24 June 2014 |
NULL pointer dereference and out-of-bounds array access |
|
24 June 2014 |
Multiple vulnerabilities |
|
8 July 2014 |
Kernel memory disclosure in control messages and SCTP notifications |
|
9 September 2014 |
Multiple vulnerabilities |
|
16 September 2014 |
Denial of Service in TCP packet processing. |
|
21 October 2014 |
Remote buffer overflow vulnerability. |
|
21 October 2014 |
Remote denial of service vulnerability. |
|
21 October 2014 |
Memory leak in sandboxed namei lookup. |
|
21 October 2014 |
Multiple vulerabilities. |
|
04 November 2014 |
Kernel stack disclosure. |
|
04 November 2014 |
Remote code execution. |
Kernel Changes
A new sysctl(8), kern.panic_reboot_wait_time
, has been added, which allows controlling how long the system will wait after panic(9) before rebooting. (r260431)
The vt(4) driver has been merged from FreeBSD-CURRENT. To enable vt(4), enter set kern.vty=vt
at the loader(8) prompt during boot, or add kern.vty=vt
to loader.conf(5) and reboot the system. (r262861)
Support for ADT7460 and ADT7467 fan controllers found in newer PowerBooks™ and iBooks™ has been added to the iicbus(4) driver. (r263197)
A potential deadlock in the usb(4) stack triggered by detaching USB devices that create character devices has been fixed. (r263799)
Support for AMD® Family 16h sensor devices has been added to amdtemp(4). (r263869)
A kernel bug that inhibited proper functionality of the dev.cpu.0.freq
sysctl(8) on Intel® processors with Turbo Boost™ enabled has been fixed. (r266165)
The uart(4) driver has been updated to include support for the Intel® Lynx Point KT AMT serial port. (r266436)
The radeonkms(4)
driver has been updated to include 32-bit ioctl(2) support, allowing 32-bit applications to run on a 64-bit system. (r266594)
A bug that would prevent a jail(8) from setting the correct IPv4 source address with some operations that required security.jail.allow_raw_sockets
has been fixed. (r266718)
The hwpmc(4) driver has been updated to support core events from the Atom™ Silvermont architecture. (r266911)
The oce(4) driver has been updated with vendor-supplied fixes for big endian support, and 20GB/s and 25GB/s link speeds. (r268046)
The FreeBSD virtual memory subsystem has been updated to implement "fast path" for the page fault handler. (r270630)
The FreeBSD/powerpc64 default kernel configuration, GENERIC64
, has been updated to enable the vt(4) console driver for the Sony Playstation 3™ platform. (r271111)
The FreeBSD/powerpc ofwfb
driver, used to provide a graphics console when the vt(4) console driver is used, has been modified to work with the x11-drivers/xf86-video-scfb
port. (r271116) (Sponsored by The FreeBSD Foundation)
Note:
If using an ATI graphics card with the vt(4) driver, the x11-servers/xorg-server
package must be updated to version 1.12.4_8 or newer.
Several performance enchancements to the vt(4) driver have been merged from FreeBSD-CURRENT. (r271128) (Sponsored by The FreeBSD Foundation)
The default stack size (KSTACK_PAGES
) has been increased from 4
to 8
for the powerpc64 architecture. (r271153)
The FreeBSD/powerpc ATI driver has been updated to support enabling and disabling the Radeon 9700 backlight, found in the Apple® PowerBook™ G4. (r271205)
Hardware context support has been added to the drm/i915
driver, adding support for Mesa 9.2 and later. (r271816)
Virtualization support
Support for Microsoft® Hyper-V has been added to FreeBSD/i386 as loadable modules, however not available in the GENERIC
kernel configuration. (r259450)
Support for virtualized XSAVE
has been added to bhyve(4), allowing guest operating systems to use XSAVE
and XSAVE
-enabled features, such as AVX. (r267427)
A new driver, virtio_random(4), has been added, which allows FreeBSD virtual machines to harvest entropy from the hypervisor. (r268933)
A number of enhancements have been added, and several bug fixes, including:
-
Post-mortem debugging has been added when a guest virtual machine exits with an "EPT Misconfiguration" error.
-
The hypervisor virtio(4) API has been expanded from 32- to 64-bit.
-
Support for identifying capabilities of the virtual CPU has been added.
-
Support for emulating legacy x86 task switching has been added.
-
Support to list the VT-x features in base kernel dmesg(8) has been added.
-
Support for extended PCI configuration space has been added.
ARM support
The WANDBOARD
kernel configuration file has been added. (r259355)
Boot devices may now be specified by setting a u-boot environment variable. If a boot device is not specified, the probe mechanism will be used. To specify the boot device, set the loaderdev=device
u-boot environment variable. (r265067)
The nexus(4)
driver has been updated to include "Flattened Device Tree" support, replacing the fdtbus(4) driver in most cases. (r266000)
The gpioiic(4) and gpioled(4) have been merged from FreeBSD-CURRENT. (r266105)
Support for hardware floating point was added to the kernel, and enabled by default in the configuration files for all platforms that contain the required hardware.
C++ exception handling now works with GCC.
Support for SMP was added to the kernel, and enabled by default in the configuration files for all platforms that contain multi-core CPUs.
Support was added for:
-
CHROMEBOOK (Samsung Exynos 5250)
-
COLIBRI (Freescale Vybrid)
-
COSMIC (Freescale Vybrid)
-
IMX53-QSB (Freescale i.MX53)
-
QUARTZ (Freescale Vybrid)
-
RADXA (Rockchip rk30xx)
-
WANDBOARD (Freescale i.MX6)
An I2C driver was added for the RaspberryPi.
Drivers have been added to support TI platforms, such as BEAGLEBONE and PANDABOARD:
-
PRUSS (Programmable Realtime Unit Subsystem)
-
MBOX (Mailbox hardware)
-
SDHCI (new faster driver for MMC/SD storage)
-
PPS (Pulse Per Second input on a GPIO/timer pin)
-
PWM (Pulse Width Modulation output)
-
ADC (Analog to Digital converter)
Boot Loader Changes
A kernel selection menu has been added to loader(8). If the "beastie menu" is enabled, the kernel to boot may be selected from the kernel selection menu. Additional kernels may be listed in loader.conf(5) as a comma- or space-separated list. By default, kernel
and kernel.old
are listed. (r262701)
The sys/boot/
sources have been rearranged, moving libstand(3) to a directory indicating the library is built as 32-bit. (r271130) (Sponsored by The FreeBSD Foundation)
The libstand(3) library has been updated to produce a 64-bit shared library for the FreeBSD/amd64 and FreeBSD/powerpc64 architectures. (r271135) (Sponsored by The FreeBSD Foundation)
Initial support for UEFI boot has been added. (r271135) (Sponsored by The FreeBSD Foundation)
Three new files are installed to /boot
, supporting UEFI boot: (r271136) (Sponsored by The FreeBSD Foundation)
-
boot1.efi
: The UEFI first stage bootstrap file. -
boot1.efifat
: A FAT filesystem image containing an EFI system partition. -
loader.efi
: The third stage bootstrap file.
Serial console and null console support has been added to the UEFI boot loader. (r271880)
Support has been added to cache geli(8) passphrases during system boot. When a system is configured with multiple GEOM_ELI
providers all using the same passphrase, the passphrase that is cached after the first entry is used for the subsequent GEOM_ELI
provider. If the passphrase in the cache is incorrect, then a prompt for the passphrase for the next provider is displayed. (r272006)
Hardware Support
Network Interface Support
Support for the axge(4) driver has been added. This driver supports the ASIX AX88178A and AX88179 USB ethernet adapters. The AX88178A supports USB 2.0, and the AX88179 supports USB 2.0 and 3.0. (r262137)
Note:
The FreeBSD guest operating system must have MSIX enabled as a prerequisite for multiple queues.
Transmission checksum offloading has been disabled for the RTL8168C and RTL8168CP chipsets in the re(4) driver for TCP and UDP frames. This is due to a report of UDP datagrams with IP options generating corrupt frames. (r266212)
Preliminary support has been added to the urtwn(4) driver for the Realtek RTL8188EUS and RTL8188ETV chipsets. (r266578)
The bundled cxgbe(4) firmware for T4 and T5 cards has been updated to version 1.11.27.0. (r267849) (Contributed / provided by Chelsio)
Old Name | New Name |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Be sure to update loader.conf(5) if using the old tunables before upgrading to FreeBSD 10.1-RELEASE.
The if_nf10bmac(4) driver has been merged from FreeBSD-CURRENT to support the NetFPGA-10G Embedded CPU Ethernet Core. (r270061)
The Intel® XL710 ethernet controller driver, ixlv(4)
, has been merged from FreeBSD-CURRENT. (r270631)
Network Protocols
Support for the UDP-Lite protocol (RFC 3828) has been added to the IPv4 and IPv6 stacks. (r265946)
A bug in sctp(4) that would allow two listening sockets bound to the same port has been fixed. (r267771)
Kernel RPC code, which is a base of NFS server took multiple optimizations, that significantly improved its performance and SMP scalability. (Sponsored by iXsystems)
The iSCSI initiator has been updated to support redirection handling when an iSCSI device is configured with multiple IP addresses across different network interfaces. Previously, clients connecting to such iSCSI devices could require additional client-side configuration. (r269065) (Sponsored by The FreeBSD Foundation)
A new sysctl(8), kern.iscsi.fail_on_disconnection
, has been added, which allows iSCSI clients to remove the attached disk device when the connection to the target is dropped, where previously I/O would stop until the connection is restored. (r265523) (Sponsored by The FreeBSD Foundation)
The iSCSI transmit code has been optimized to coalesce PDUs and avoid lock contention. (r265524) (Sponsored by The FreeBSD Foundation)
Several performance optimizations have been made to the iSCSI subsystem, including deferring wakeup until enough data has been received to read or write a file, reducing CPU usage and throughput performance with large I/O workloads. (r265524) (Sponsored by iXsystems)
Support for hostname- and IP-based access restriction has been added to the iSCSI ctld(8) daemon. (r263720) (Sponsored by The FreeBSD Foundation)
Disks and Storage
The geom(4) subsystem has been updated to support I/O direct dispatch. When safety requirements are met, it enables avoiding passing I/O requests to GEOM g_up
/g_down
thread, executing them directly in the caller context, avoiding CPU bottlenecks in g_up
/g_down
threads, plus avoid several context switches per I/O. (r260385) (Sponsored by iXsystems)
The geom(4) RAID driver has been updated to support unmapped I/O. (r260385) (Sponsored by iXsystems)
The cam(4) subsystem has been updated to support finer-grained locking, direct dispatch and multi-queue, which combined with geom(4) direct dispatch, reduces lock congestion and improves SMP scalability of the SCSI/ATA stack. (r260387) (Sponsored by iXsystems)
The geom(8) GEOM_MULTIPATH
class has been updated to support automatic live partition resizing. (r260478)
The virtio_blk(4) driver has been updated to support unmapped I/O. (r260857)
The virtio_scsi(4) driver has been updated to support unmapped I/O. (r260858)
The mpr(4) device has been added, providing support for LSI Fusion-MPT 3 12Gb SCSI/SATA controllers. (r265388) (Sponsored by LSI)
A new zvol
property volmode
and sysctl(8) vfs.zfs.vol.mode
has been added to allow switching zvol
between three different ways of exposing it to a user: geom
, dev
and none
. (r265678)
The mrsas(4) driver has been added, providing support for LSI MegaRAID SAS controllers. The mfi(4) driver will attach to the controller, by default. To enable mrsas(4) add hw.mfi.mrsas_enable=1
to /boot/loader.conf
, which turns off mfi(4) device probing. (r265922) (Sponsored by LSI)
Note:
At this time, the mfiutil(8) utility and the FreeBSD version of MegaCLI and StorCli do not work with mrsas(4).
The gstat(8) utility now has an -o
option, to display "other" operations, such as BIO_FLUSH
. (r266610)
The hpt27xx(4) driver has been updated with various vendor-supplied bug fixes. (r267457)
Support for unmapped I/O has been added to the xen(4) blkfront
driver. (r270130) (Sponsored by Citrix Systems R&D)
The geom(8) label
class is now aware of resized partitions. This corrects an issue where geom resize
would resize the partition, but the label provider in /dev/gptid/
would not be resized. (r259328) (Sponsored by The FreeBSD Foundation)
The gmirror(8) utility now has a resize
command, making it easier to resize the size of a mirror when all of its components have been replaced. (r260502)
The aacraid(4) driver has been updated to version 3.2.5. (r263024)
The GEOM_VINUM
option is now able to be built both directly into the kernel or as a kldload(8) loadable module. (r265536)
The geom(8) GEOM_PART
class has been updated to support automatic partition resizing. Changes to the partition size are not saved to disk until gpart commit
is run, and prior to saving, can be reverted with gpart undo
. (r265912)
The geom_uncompress(4) module is built by default which, similar to geom_uzip(4), provides support for compressed, read-only disk images. (r266220)
A new sysctl(8) and loader(8) tunable, kern.geom.part.mbr.enforce_chs
has been added to the geom(8) MBR
partition class. When set to a non-zero value, GEOM_PART_MBR
will automatically recalculate the user-specified offset and size for alignment with the disk geometry. (r270552)
Many improvements to the CAM Target Layer (CTL): (Sponsored by iXsystems)
-
Support for
UNMAP
,WRITE SAME
,COMPARE AND WRITE
,XCOPY
and some other SCSI commands was added to support VMWare VAAI and Microsoft ODX storage acceleration. -
The
READ
/WRITE
size limitations were removed by supporting multiple data moves per command. (r265642) -
Finer-grained per-LUN locking and multiple worker threads for better SMP scapability. (r268556)
-
Memory consumption reduced by several times by disabling some never used functionality. (r269297)
-
The maximum number of SCSI ports increased from 32 to 128. (r269298)
-
Improved
zvol
integration for better performance. (r269429)
File Systems
The vfs.zfs.zio.use_uma
sysctl(8) has been re-enabled. On multi-CPU machines with enough RAM, this can easily double zfs(8) performance or reduce CPU usage in half. It was originally disabled due to memory and KVA exhaustion problem reports, which should be resolved due to several changes in the VM subsystem. (r260338)
A new flag, -R
, has been added to the fsck_ffs(8) utility. When used, fsck_ffs(8) will restart itself when too many critical errors have been detected. (r260178) (Contributed / provided by Netflix)
The zfs(8) filesystem has been updated to implement "bookmarks". See zfs(8) for further details. (r263407)
The zfs(8) filesystem has been updated to allow tuning the minimum "ashift" value when creating new top-level virtual devices (vdevs). To set the minimum ashift value, for example when creating a zpool(8) on "Advanced Format" drives, set the vfs.zfs.min_auto_ashift
sysctl(8) accordingly. (r266122)
The libzfs
thread pool API has been imported from OpenSolaris, and adapted for FreeBSD. This change allows parallel disk scanning, which can reduce zpool(8) overall import time in some workloads. (r266612)
The restore(8) utility has been updated to prevent assertion failures when restoring a UFS filesystem dump to a ZFS filesystem by writing restored files in block sizes that are a multiple of 1024. (r269651)
-
vfs.zfs.mg_fragmentation_threshold
: The percentage of the metaslab group size that should be considered eligible for allocation, unless all metaslab groups within the metaslab class have also crossed this threshold. -
vfs.zfs.metaslab.fragmentation_threshold
: The maximum percentage of metaslab fragmentation level to keep their active state
The default zfs(8) ARC hash table size has been increased, and a new loader(8) tunable, vfs.zfs.arc_average_blocksize
, has been added. Previously, the hash table could be too small, which would lead to long hash chains and limit performance for cached reads. The vfs.zfs.arc_average_blocksize
tunable allows overriding the default block size. The previous default was 65536, and default of the new loader(8) tunable is 8192. (r269846)
The Fast File System (FFS) has been updated to support multi-threaded soft updates. Previously, soft updates were handled by a single thread, and as of this change, now have one thread per FFS mountpoint. (r270157)
The new filesystem automount facility, autofs(5), has been merged from FreeBSD-CURRENT. The new autofs(5) facility is similar to that found in other UNIX® -like operating systems, such as OS X™ and Solaris™. The autofs(5) facility uses a Sun™-compatible auto_master(5) configuration file, and is administered with the automount(8) userland utility, and the automountd(8) and autounmountd(8) daemons. (r270892) (Sponsored by The FreeBSD Foundation)
Userland Changes
A new flag is added to camcontrol(8), -b
, which outputs the existing buses and their parents. (r260177) (Sponsored by Netflix)
The newsyslog(8) utility has been updated to rotate files based on the actual file size instead of the blocks on disk. This matches the behavior documented in newsyslog.conf(5). (r262075)
The location of the rctl(8) configuration file can now be overridden in rc.conf(5). To use a non-default location, set rctl_rules
in rc.conf(5) to the location of the file. (r262384)
The ATF test suite has been updated to version 0.20. The test suite is disabled by default in FreeBSD 10.1, and can be enabled by adding WITH_TESTS=yes
to src.conf(5). (r262855)
The libucl
library (Unified Configuration Library) has been merged from FreeBSD-CURRENT. (r263019)
The zfs(8) userland utility has been updated to include aliases for snapshot
, which allows use of zfs list -t snap
and zfs snap
. (r263403)
The zfs(8) userland utility has been updated to include a new flag to zfs list
, -p
, which when specified, prints the output in a parsable format. (r263405)
The Blowfish password format implementation has been updated. Support for $2b$ has been added, allowing use of passwords greater than 256 characters long. (r263783)
The date(1) utility has been updated to include a new flag, -R
, which prints the date and time output as specified in RFC 2822. (r265265)
The pmcstat(8) utility has been updated to include a new flag, -a
, which when specified, produces a full stack track on the sampled points. (r265604) (Contributed / provided by Netflix)
The netstat(8) and route(8) utilities have been updated to include a shorthand equivalent to the -f inet
and -f inet6
address specifiers, -4
and -6
, respectively. (r265701)
The gvinum(8) utility has been updated to allow forceful configuration reset with the -f
flag. Additionally, a bug that would prevent -f
from properly creating a gvinum(8) configuration has been fixed. (r266014)
The login.conf(5) file now takes precedence over the shell-specific environment files. In particular, the PATH
, BLOCKSIZE
variables are commented from /usr/share/skel/dot.profile
, and the path
, BLOCKSIZE
, and umask
variables have been commented from /usr/share/skel/dot.cshrc
. (r266029)
The binmiscctl(8) userland utility and related image activator features have been merged from FreeBSD-CURRENT. (r266272)
The ps(1) utility has been updated to include the -J
flag, used to filter output by matching jail(8) IDs and names. Additionally, argument 0
can be used to -J
to only list processes running on the host system. (r266279)
The top(1) utility has been updated to filter by jail(8) ID or name, in followup to the ps(1) change in r265229
. (r266280)
The gstat(8) utility has been updated to include a new flag, -o
. When set, gstat(8) will display statistics for operations such as BIO_FLUSH
. (r266610)
The fetch(3) library has been updated to look for root SSL certificates in /usr/local/etc/ssl/
before /etc/ssl/
. (r266632)
The Blowfish password format has been changed to $2b$ by default. (r266816)
The amount of data collected for hwpmc(4) has been updated to work with modern processors and larger amounts of available memory. (r266888)
The pmcstat(8) utility has been updated to include a new flag, -l
, which ends event collection after the specified number of seconds. (r266890)
The mergemaster(8) utility has been updated to avoid printing "/var/tmp/temproot disappeared" if there is nothing to compare. (r266953)
The FreeBSD installer, bsdinstall(8), has been updated to include optional geli(8)-encrypted or gmirror(8)-mirrored swap devices when installing onto a full zfs(8) filesystem. Additionally, the parent zfs(8) dataset is now configured with lz4
compression enabled. (r267056)
The default newsyslog.conf(5) now includes files in the /etc/newsyslog.conf.d/
and /usr/local/etc/newsyslog.conf.d/
directories by default for newsyslog(8). (r267113)
The realpath(1) utility has been updated to return ENOTDIR
on paths components "." and ".." that are not directories, such as /dev/null/.
or /dev/null/..
. (r267161)
A new flag, "onifconsole" has been added to /etc/ttys
. This allows the system to provide a login prompt via serial console if the device is an active kernel console, otherwise it is equivalent to off
. (r267236)
The bhyve(8) userland utility has been updated to include SMBIOS support. A new flag has been added, -U
, which allows specifying the UUID of the guest in the System Information structure. (r267450)
The FreeBSD Project has migrated from the GNATS bug tracking system to Bugzilla. The send-pr(1) utility used for submitting problem reports has been replaced with a stub shell script that instructs to use the Bugzilla web interface. (r267734)
The patch(1) utility has been updated to include a --dry-run
flag, which is equivalent to --check
and -C
. (r267747)
A bug in bsdgrep(1) that would prevent patterns from being matched under certain conditions has been fixed. (r267878)
The procstat(1) utility has been updated to include two new flags, -r
and -H
. When -r
is specified, procstat(1) will print current resource usage about the process(es). When -H
is specified, procstat(1) will print information about threads rather than the process(es). (r267979)
Note:
The -H
flag is currently only used with -r
to display resource usage for individual threads, rather than the entire process.
The sed(1) utility has been updated to include a new flag, -u
, which enables unbuffered output when specified. (r268019)
The camcontrol(8) has been updated to include a new persist
command, which allows issuing SCSI PERSISTENT RESERVE IN
and SCSI PERSISTENT RESERVE OUT
. (r268700) (Sponsored by Spectra Logic)
The gstat(8) utility has been updated to include a new flag, -p
, which displays only physical providers when specified. (r268791)
The kldstat(8) utility has been updated to allow -q
to be specified when also specifying -n module.ko
. (r268903)
The mkimg(1) utility has been updated to include support for both fixed- and dynamically-allocated images for the VHD and VMDK formats. (r269177)
The random(4) entropy collection script, /usr/libexec/save-entropy
, no longer runs within jail(8) environments. (r269220)
The bhyve(8) wrapper script, /usr/share/examples/bhyve/vmrun.sh
, has been synced with FreeBSD-CURRENT. (r269397)
This update includes:
-
A new flag,
-e
, has been added, which is used to set loader(8) environment variables. -
A new flag,
-C
, has been added, which is used to specify the guest console device. -
A new flag,
-H
, has been added, which is used to pass the host path to bhyveload(8). -
Support for multiple disk and tap(4) devices has been added.
-
The
-I
flag has been removed.
The nfsd(8) server update to 4.1, adding support for RFC5661, has merged from FreeBSD-CURRENT. (r269398)
The ping6(8) utility has been updated to reset itimer
when the maximum number of packets to send have been reached. This prevents ping6(8) from exiting when the interval in set to a small value and a low number of packets to send has been specified. (r269800)
The jail(8) utility has been updated to support extra ifconfig(8) arguments for the ip4.addr
and ip6.addr
parameters. This change allows carp(4) interfaces to be used within the jail(8). (r269805)
Support for generating and compiling USDT DTrace probes has been improved. DTrace USDT files are now handled similar to lex(1) and yacc(1) files, meaning support for handling D files as part of the build process is built into the SRCS
make(1) environment variable. (r269946)
The iscsictl(8) utility has been updated to include a new flag, -M
, which allows modifying the iSCSI session parameters without requiring the session to be removed and added back. (r269968)
The mount_nfs(8) utility has been updated to support specifying the NFS version as a key=value
pair argument to the -o
flag. For example, to specify NFS version 4, the syntax to use is -o vers=4
. (r270043)
The devd(8) client socket type has been changed to SOCK_SEQPACKET
, providing sequential packet support. (r270242) (Sponsored by Spectra Logic)
Support for the "account" facility has been added to the pam_group(8) module. (r270401)
The pathchk(1) utility has been updated to ensure bytes greater than or equal to 128 are considered non-portable. (r270890)
The zdb(8) utility is now included in the set of applications installed in the /rescue
environment, making it possible to examine zfs(8) filesystems when /usr
is unavailable. (r270997) (Contributed / provided by FreeNAS)
Several libc
improvements have been merged from illumos™ and Apple®, providing better internationalization support and POSIX® compliance.
The mkimg(1) utility has been updated to include three options used to print information about mkimg(1) itself: (r273098)
Option | Output |
---|---|
|
The current version of the mkimg(1) utility |
|
The disk image file formats supported by mkimg(1) |
|
The partition schemes supported by mkimg(1) |
[(rc-scripts]]
== /etc/rc.d
Scripts
The network.subr
rc(8) script has been updated to loosen the requirement of listing network aliases in numeric order. Previously, a network alias of _alias2
would not be created if _alias1
was not defined. (r264438)
The service(8) utility has been updated to check that the rc.d(8) directory exists before traversing the directory. (r268098)
A regression introduced in FreeBSD 10.0-RELEASE that would prevent proper IPv6 allocation via the jail(8) rc(8) startup script has been fixed. (r259141)
The rc(8) restriction requiring mdconfig(8) devices defined in rc.conf(5) to be listed sequentially has been removed. (r264438)
The sshd(8) rc.d(8) startup script now generates ED25519
sshd(8) host keys if keys do not already exist when ssh_keygen_alg()
is invoked. (r262566)
Support for subdirectories within /etc/rc.conf.d/service
/ has been added the rc.d(8). This allows creating separate configuration files for services such as netif
, for example, where each network interface can have a separate configuration file. (r271260)
The default rc.conf(5), /etc/defaults/rc.conf
, has been updated to include /usr/lib32/compat
in the default ld-elf32.so.1
search path. (r272078)
/etc/periodic
Scripts
The daily periodic(8) script 110.clean-tmps
has been updated to avoid crossing filesystem mount boundaries when cleaning files in /tmp
. (r272430)
Contributed Software
OpenSSH has been updated to version 6.6p1. (r264377)
Sendmail has been updated to 8.14.9. (r266692)
The file(1) utility and libmagic(3) library have been updated to 5.19. (r268515)
The lldb(1) debugging library has been updated to the r202189 snapshot. (r269024) (Sponsored by DARPA, AFRL)
The unbound(8) caching resolver and ldns
have been updated to version 1.4.22. (r269257)
The "lite" version of Subversion included in the FreeBSD base system and its dependencies have been updated: (r269847)
-
apr has been updated to version 1.5.1.
-
apr-util has been updated to version 1.5.3.
-
serf has been updated to version 1.3.7.
-
svnlite has been updated to version 1.8.10.
The fparseln(3) library has been updated to version 1.7. (r270031)
The lukemftpd FTP server has been removed from the FreeBSD base system. (r270415)
The timezone database has been updated to version tzdata2014f. (r270817)
OpenPAM has been updated to Ourouparia (20140912). (r271947)
OpenSSL has been updated to version 1.0.1j. (r273399)
Ports/Packages Collection Infrastructure
The pkg(8) package management utility has been updated to version 1.3.8.
Release Engineering and Integration
The services.mkdb(8) utility has been updated to include endianness awareness, allowing the services.db
database to be created as part of the release build, regardless of native- or cross-built releases. (r263028)
The release/
scripts have been updated to produce UEFI-capable and BIOS-capable CD-ROM ISOs as well as memory stick images for the FreeBSD/amd64 architecture. (r271470) (Sponsored by The FreeBSD Foundation)
The release/scripts/pkg-stage.sh
script has been updated to include a symlink to the on-disc version of pkg(8) in the packages/
structure on the DVD installer. This allows the pkg(7) bootstrap utility to properly locate the Latest/pkg.txz
package on the DVD when REPOS_DIR
is set to /dist/packages/repos
, eliminating the need for a network connection or explicitly providing the path to the version included on the DVD installation medium. (r271943) (Sponsored by The FreeBSD Foundation)
The FreeBSD Release Engineering build tools have been updated to provide support for building virtual machine disk images as part of the release build process using mkimg(1). The disk image formats currently supported include QCOW2, VHD, VMDK, and raw formats. See release(7) for additional information. (r273101) (Sponsored by The FreeBSD Foundation)
The FreeBSD Release Engineering build tools have been updated to provide support for building FreeBSD virtual machine disk images for the Microsoft® Azure cloud hosting platform. This functionality is not connected directly to the default release
make(1) target, however can be invoked by specifying the vm-azure
target directly. (r273199) #(Sponsored by The FreeBSD Foundation)
Upgrading from previous releases of FreeBSD
[amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC
kernel distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded have Internet connectivity.
Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING
.
Important:
Upgrading FreeBSD should only be attempted after backing up all data and configuration files.
Last modified on: June 19, 2021 by Danilo G. Baio