1Updating Information for FreeBSD current users. 2 3This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>. 4See end of file for further details. For commonly done items, please see the 5COMMON ITEMS: section later in the file. These instructions assume that you 6basically know what you are doing. If not, then please consult the FreeBSD 7handbook: 8 9 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html 10 11Items affecting the ports and packages system can be found in 12/usr/ports/UPDATING. Please read that file before running portupgrade. 13 14NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping 15from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to 16the tip of head, and then rebuild without this option. The bootstrap process from 17older version of current across the gcc/clang cutover is a bit fragile. 18 19NOTE TO PEOPLE WHO THINK THAT FreeBSD 11.x IS SLOW: 20 FreeBSD 11.x has many debugging features turned on, in both the kernel 21 and userland. These features attempt to detect incorrect use of 22 system primitives, and encourage loud failure through extra sanity 23 checking and fail stop semantics. They also substantially impact 24 system performance. If you want to do performance measurement, 25 benchmarking, and optimization, you'll want to turn them off. This 26 includes various WITNESS- related kernel options, INVARIANTS, malloc 27 debugging flags in userland, and various verbose features in the 28 kernel. Many developers choose to disable these features on build 29 machines to maximize performance. (To completely disable malloc 30 debugging, define MALLOC_PRODUCTION in /etc/make.conf, or to merely 31 disable the most expensive debugging functionality run 32 "ln -s 'abort:false,junk:false' /etc/malloc.conf".) 33 3420150827: 35 The wireless drivers had undergone changes that remove the 'parent 36 interface' from the ifconfig -l output. The rc.d network scripts 37 used to check presence of a parent interface in the list, so old 38 scripts would fail to start wireless networking. Thus, etcupdate(3) 39 or mergemaster(8) run is required after kernel update, to update your 40 rc.d scripts in /etc. 41 4220150827: 43 pf no longer supports 'scrub fragment crop' or 'scrub fragment drop-ovl' 44 These configurations are now automatically interpreted as 45 'scrub fragment reassemble'. 46 4720150817: 48 Kernel-loadable modules for the random(4) device are back. To use 49 them, the kernel must have 50 51 device random 52 options RANDOM_LOADABLE 53 54 kldload(8) can then be used to load random_fortuna.ko 55 or random_yarrow.ko. Please note that due to the indirect 56 function calls that the loadable modules need to provide, 57 the build-in variants will be slightly more efficient. 58 59 The random(4) kernel option RANDOM_DUMMY has been retired due to 60 unpopularity. It was not all that useful anyway. 61 6220150813: 63 The WITHOUT_ELFTOOLCHAIN_TOOLS src.conf(5) knob has been retired. 64 Control over building the ELF Tool Chain tools is now provided by 65 the WITHOUT_TOOLCHAIN knob. 66 6720150810: 68 The polarity of Pulse Per Second (PPS) capture events with the 69 uart(4) driver has been corrected. Prior to this change the PPS 70 "assert" event corresponded to the trailing edge of a positive PPS 71 pulse and the "clear" event was the leading edge of the next pulse. 72 73 As the width of a PPS pulse in a typical GPS receiver is on the 74 order of 1 millisecond, most users will not notice any significant 75 difference with this change. 76 77 Anyone who has compensated for the historical polarity reversal by 78 configuring a negative offset equal to the pulse width will need to 79 remove that workaround. 80 8120150809: 82 The default group assigned to /dev/dri entries has been changed 83 from 'wheel' to 'video' with the id of '44'. If you want to have 84 access to the dri devices please add yourself to the video group 85 with: 86 87 # pw groupmod video -m $USER 88 8920150806: 90 The menu.rc and loader.rc files will now be replaced during 91 upgrades. Please migrate local changes to menu.rc.local and 92 loader.rc.local instead. 93 9420150805: 95 GNU Binutils versions of addr2line, c++filt, nm, readelf, size, 96 strings and strip have been removed. The src.conf(5) knob 97 WITHOUT_ELFTOOLCHAIN_TOOLS no longer provides the binutils tools. 98 9920150728: 100 As ZFS requires more kernel stack pages than is the default on some 101 architectures e.g. i386, it now warns if KSTACK_PAGES is less than 102 ZFS_MIN_KSTACK_PAGES (which is 4 at the time of writing). 103 104 Please consider using 'options KSTACK_PAGES=X' where X is greater 105 than or equal to ZFS_MIN_KSTACK_PAGES i.e. 4 in such configurations. 106 10720150706: 108 sendmail has been updated to 8.15.2. Starting with FreeBSD 11.0 109 and sendmail 8.15, sendmail uses uncompressed IPv6 addresses by 110 default, i.e., they will not contain "::". For example, instead 111 of ::1, it will be 0:0:0:0:0:0:0:1. This permits a zero subnet 112 to have a more specific match, such as different map entries for 113 IPv6:0:0 vs IPv6:0. This change requires that configuration 114 data (including maps, files, classes, custom ruleset, etc.) must 115 use the same format, so make certain such configuration data is 116 upgrading. As a very simple check search for patterns like 117 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. To return to the old 118 behavior, set the m4 option confUSE_COMPRESSED_IPV6_ADDRESSES or 119 the cf option UseCompressedIPv6Addresses. 120 12120150630: 122 The default kernel entropy-processing algorithm is now 123 Fortuna, replacing Yarrow. 124 125 Assuming you have 'device random' in your kernel config 126 file, the configurations allow a kernel option to override 127 this default. You may choose *ONE* of: 128 129 options RANDOM_YARROW # Legacy /dev/random algorithm. 130 options RANDOM_DUMMY # Blocking-only driver. 131 132 If you have neither, you get Fortuna. For most people, 133 read no further, Fortuna will give a /dev/random that works 134 like it always used to, and the difference will be irrelevant. 135 136 If you remove 'device random', you get *NO* kernel-processed 137 entopy at all. This may be acceptable to folks building 138 embedded systems, but has complications. Carry on reading, 139 and it is assumed you know what you need. 140 141 *PLEASE* read random(4) and random(9) if you are in the 142 habit of tweeking kernel configs, and/or if you are a member 143 of the embedded community, wanting specific and not-usual 144 behaviour from your security subsystems. 145 146 NOTE!! If you use RANDOM_DUMMY and/or have no 'device 147 random', you will NOT have a functioning /dev/random, and 148 many cryptographic features will not work, including SSH. 149 You may also find strange behaviour from the random(3) set 150 of library functions, in particular sranddev(3), srandomdev(3) 151 and arc4random(3). The reason for this is that the KERN_ARND 152 sysctl only returns entropy if it thinks it has some to 153 share, and with RANDOM_DUMMY or no 'device random' this 154 will never happen. 155 15620150623: 157 An additional fix for the issue described in the 20150614 sendmail 158 entry below has been been committed in revision 284717. 159 16020150616: 161 FreeBSD's old make (fmake) has been removed from the system. It is 162 available as the devel/fmake port or via pkg install fmake. 163 16420150615: 165 The fix for the issue described in the 20150614 sendmail entry 166 below has been been committed in revision 284436. The work 167 around described in that entry is no longer needed unless the 168 default setting is overridden by a confDH_PARAMETERS configuration 169 setting of '5' or pointing to a 512 bit DH parameter file. 170 17120150614: 172 ALLOW_DEPRECATED_ATF_TOOLS/ATFFILE support has been removed from 173 atf.test.mk (included from bsd.test.mk). Please upgrade devel/atf 174 and devel/kyua to version 0.20+ and adjust any calling code to work 175 with Kyuafile and kyua. 176 17720150614: 178 The import of openssl to address the FreeBSD-SA-15:10.openssl 179 security advisory includes a change which rejects handshakes 180 with DH parameters below 768 bits. sendmail releases prior 181 to 8.15.2 (not yet released), defaulted to a 512 bit 182 DH parameter setting for client connections. To work around 183 this interoperability, sendmail can be configured to use a 184 2048 bit DH parameter by: 185 186 1. Edit /etc/mail/`hostname`.mc 187 2. If a setting for confDH_PARAMETERS does not exist or 188 exists and is set to a string beginning with '5', 189 replace it with '2'. 190 3. If a setting for confDH_PARAMETERS exists and is set to 191 a file path, create a new file with: 192 openssl dhparam -out /path/to/file 2048 193 4. Rebuild the .cf file: 194 cd /etc/mail/; make; make install 195 5. Restart sendmail: 196 cd /etc/mail/; make restart 197 198 A sendmail patch is coming, at which time this file will be 199 updated. 200 20120150604: 202 Generation of legacy formatted entries have been disabled by default 203 in pwd_mkdb(8), as all base system consumers of the legacy formatted 204 entries were converted to use the new format by default when the new, 205 machine independent format have been added and supported since FreeBSD 206 5.x. 207 208 Please see the pwd_mkdb(8) manual page for further details. 209 21020150525: 211 Clang and llvm have been upgraded to 3.6.1 release. Please see the 212 20141231 entry below for information about prerequisites and upgrading, 213 if you are not already using 3.5.0 or higher. 214 21520150521: 216 TI platform code switched to using vendor DTS files and this update 217 may break existing systems running on Beaglebone, Beaglebone Black, 218 and Pandaboard: 219 220 - dtb files should be regenerated/reinstalled. Filenames are the 221 same but content is different now 222 - GPIO addressing was changed, now each GPIO bank (32 pins per bank) 223 has its own /dev/gpiocX device, e.g. pin 121 on /dev/gpioc0 in old 224 addressing scheme is now pin 25 on /dev/gpioc3. 225 - Pandaboard: /etc/ttys should be updated, serial console device is 226 now /dev/ttyu2, not /dev/ttyu0 227 22820150501: 229 soelim(1) from gnu/usr.bin/groff has been replaced by usr.bin/soelim. 230 If you need the GNU extension from groff soelim(1), install groff 231 from package: pkg install groff, or via ports: textproc/groff. 232 23320150423: 234 chmod, chflags, chown and chgrp now affect symlinks in -R mode as 235 defined in symlink(7); previously symlinks were silently ignored. 236 23720150415: 238 The const qualifier has been removed from iconv(3) to comply with 239 POSIX. The ports tree is aware of this from r384038 onwards. 240 24120150416: 242 Libraries specified by LIBADD in Makefiles must have a corresponding 243 DPADD_<lib> variable to ensure correct dependencies. This is now 244 enforced in src.libnames.mk. 245 24620150324: 247 From legacy ata(4) driver was removed support for SATA controllers 248 supported by more functional drivers ahci(4), siis(4) and mvs(4). 249 Kernel modules ataahci and ataadaptec were removed completely, 250 replaced by ahci and mvs modules respectively. 251 25220150315: 253 Clang, llvm and lldb have been upgraded to 3.6.0 release. Please see 254 the 20141231 entry below for information about prerequisites and 255 upgrading, if you are not already using 3.5.0 or higher. 256 25720150307: 258 The 32-bit PowerPC kernel has been changed to a position-independent 259 executable. This can only be booted with a version of loader(8) 260 newer than January 31, 2015, so make sure to update both world and 261 kernel before rebooting. 262 26320150217: 264 If you are running a -CURRENT kernel since r273872 (Oct 30th, 2014), 265 but before r278950, the RNG was not seeded properly. Immediately 266 upgrade the kernel to r278950 or later and regenerate any keys (e.g. 267 ssh keys or openssl keys) that were generated w/ a kernel from that 268 range. This does not affect programs that directly used /dev/random 269 or /dev/urandom. All userland uses of arc4random(3) are affected. 270 27120150210: 272 The autofs(4) ABI was changed in order to restore binary compatibility 273 with 10.1-RELEASE. The automountd(8) daemon needs to be rebuilt to work 274 with the new kernel. 275 27620150131: 277 The powerpc64 kernel has been changed to a position-independent 278 executable. This can only be booted with a new version of loader(8), 279 so make sure to update both world and kernel before rebooting. 280 28120150118: 282 Clang and llvm have been upgraded to 3.5.1 release. This is a bugfix 283 only release, no new features have been added. Please see the 20141231 284 entry below for information about prerequisites and upgrading, if you 285 are not already using 3.5.0. 286 28720150107: 288 ELF tools addr2line, elfcopy (strip), nm, size, and strings are now 289 taken from the ELF Tool Chain project rather than GNU binutils. They 290 should be drop-in replacements, with the addition of arm64 support. 291 The WITHOUT_ELFTOOLCHAIN_TOOLS= knob may be used to obtain the 292 binutils tools, if necessary. See 20150805 for updated information. 293 29420150105: 295 The default Unbound configuration now enables remote control 296 using a local socket. Users who have already enabled the 297 local_unbound service should regenerate their configuration 298 by running "service local_unbound setup" as root. 299 30020150102: 301 The GNU texinfo and GNU info pages have been removed. 302 To be able to view GNU info pages please install texinfo from ports. 303 30420141231: 305 Clang, llvm and lldb have been upgraded to 3.5.0 release. 306 307 As of this release, a prerequisite for building clang, llvm and lldb is 308 a C++11 capable compiler and C++11 standard library. This means that to 309 be able to successfully build the cross-tools stage of buildworld, with 310 clang as the bootstrap compiler, your system compiler or cross compiler 311 should either be clang 3.3 or later, or gcc 4.8 or later, and your 312 system C++ library should be libc++, or libdstdc++ from gcc 4.8 or 313 later. 314 315 On any standard FreeBSD 10.x or 11.x installation, where clang and 316 libc++ are on by default (that is, on x86 or arm), this should work out 317 of the box. 318 319 On 9.x installations where clang is enabled by default, e.g. on x86 and 320 powerpc, libc++ will not be enabled by default, so libc++ should be 321 built (with clang) and installed first. If both clang and libc++ are 322 missing, build clang first, then use it to build libc++. 323 324 On 8.x and earlier installations, upgrade to 9.x first, and then follow 325 the instructions for 9.x above. 326 327 Sparc64 and mips users are unaffected, as they still use gcc 4.2.1 by 328 default, and do not build clang. 329 330 Many embedded systems are resource constrained, and will not be able to 331 build clang in a reasonable time, or in some cases at all. In those 332 cases, cross building bootable systems on amd64 is a workaround. 333 334 This new version of clang introduces a number of new warnings, of which 335 the following are most likely to appear: 336 337 -Wabsolute-value 338 339 This warns in two cases, for both C and C++: 340 * When the code is trying to take the absolute value of an unsigned 341 quantity, which is effectively a no-op, and almost never what was 342 intended. The code should be fixed, if at all possible. If you are 343 sure that the unsigned quantity can be safely cast to signed, without 344 loss of information or undefined behavior, you can add an explicit 345 cast, or disable the warning. 346 347 * When the code is trying to take an absolute value, but the called 348 abs() variant is for the wrong type, which can lead to truncation. 349 If you want to disable the warning instead of fixing the code, please 350 make sure that truncation will not occur, or it might lead to unwanted 351 side-effects. 352 353 -Wtautological-undefined-compare and 354 -Wundefined-bool-conversion 355 356 These warn when C++ code is trying to compare 'this' against NULL, while 357 'this' should never be NULL in well-defined C++ code. However, there is 358 some legacy (pre C++11) code out there, which actively abuses this 359 feature, which was less strictly defined in previous C++ versions. 360 361 Squid and openjdk do this, for example. The warning can be turned off 362 for C++98 and earlier, but compiling the code in C++11 mode might result 363 in unexpected behavior; for example, the parts of the program that are 364 unreachable could be optimized away. 365 36620141222: 367 The old NFS client and server (kernel options NFSCLIENT, NFSSERVER) 368 kernel sources have been removed. The .h files remain, since some 369 utilities include them. This will need to be fixed later. 370 If "mount -t oldnfs ..." is attempted, it will fail. 371 If the "-o" option on mountd(8), nfsd(8) or nfsstat(1) is used, 372 the utilities will report errors. 373 37420141121: 375 The handling of LOCAL_LIB_DIRS has been altered to skip addition of 376 directories to top level SUBDIR variable when their parent 377 directory is included in LOCAL_DIRS. Users with build systems with 378 such hierarchies and without SUBDIR entries in the parent 379 directory Makefiles should add them or add the directories to 380 LOCAL_DIRS. 381 38220141109: 383 faith(4) and faithd(8) have been removed from the base system. Faith 384 has been obsolete for a very long time. 385 38620141104: 387 vt(4), the new console driver, is enabled by default. It brings 388 support for Unicode and double-width characters, as well as 389 support for UEFI and integration with the KMS kernel video 390 drivers. 391 392 You may need to update your console settings in /etc/rc.conf, 393 most probably the keymap. During boot, /etc/rc.d/syscons will 394 indicate what you need to do. 395 396 vt(4) still has issues and lacks some features compared to 397 syscons(4). See the wiki for up-to-date information: 398 https://wiki.freebsd.org/Newcons 399 400 If you want to keep using syscons(4), you can do so by adding 401 the following line to /boot/loader.conf: 402 kern.vty=sc 403 40420141102: 405 pjdfstest has been integrated into kyua as an opt-in test suite. 406 Please see share/doc/pjdfstest/README for more details on how to 407 execute it. 408 40920141009: 410 gperf has been removed from the base system for architectures 411 that use clang. Ports that require gperf will obtain it from the 412 devel/gperf port. 413 41420140923: 415 pjdfstest has been moved from tools/regression/pjdfstest to 416 contrib/pjdfstest . 417 41820140922: 419 At svn r271982, The default linux compat kernel ABI has been adjusted 420 to 2.6.18 in support of the linux-c6 compat ports infrastructure 421 update. If you wish to continue using the linux-f10 compat ports, 422 add compat.linux.osrelease=2.6.16 to your local sysctl.conf. Users are 423 encouraged to update their linux-compat packages to linux-c6 during 424 their next update cycle. 425 42620140729: 427 The ofwfb driver, used to provide a graphics console on PowerPC when 428 using vt(4), no longer allows mmap() of all physical memory. This 429 will prevent Xorg on PowerPC with some ATI graphics cards from 430 initializing properly unless x11-servers/xorg-server is updated to 431 1.12.4_8 or newer. 432 43320140723: 434 The xdev targets have been converted to using TARGET and 435 TARGET_ARCH instead of XDEV and XDEV_ARCH. 436 43720140719: 438 The default unbound configuration has been modified to address 439 issues with reverse lookups on networks that use private 440 address ranges. If you use the local_unbound service, run 441 "service local_unbound setup" as root to regenerate your 442 configuration, then "service local_unbound reload" to load the 443 new configuration. 444 44520140709: 446 The GNU texinfo and GNU info pages are not built and installed 447 anymore, WITH_INFO knob has been added to allow to built and install 448 them again. 449 UPDATE: see 20150102 entry on texinfo's removal 450 45120140708: 452 The GNU readline library is now an INTERNALLIB - that is, it is 453 statically linked into consumers (GDB and variants) in the base 454 system, and the shared library is no longer installed. The 455 devel/readline port is available for third party software that 456 requires readline. 457 45820140702: 459 The Itanium architecture (ia64) has been removed from the list of 460 known architectures. This is the first step in the removal of the 461 architecture. 462 46320140701: 464 Commit r268115 has added NFSv4.1 server support, merged from 465 projects/nfsv4.1-server. Since this includes changes to the 466 internal interfaces between the NFS related modules, a full 467 build of the kernel and modules will be necessary. 468 __FreeBSD_version has been bumped. 469 47020140629: 471 The WITHOUT_VT_SUPPORT kernel config knob has been renamed 472 WITHOUT_VT. (The other _SUPPORT knobs have a consistent meaning 473 which differs from the behaviour controlled by this knob.) 474 47520140619: 476 Maximal length of the serial number in CTL was increased from 16 to 477 64 chars, that breaks ABI. All CTL-related tools, such as ctladm 478 and ctld, need to be rebuilt to work with a new kernel. 479 48020140606: 481 The libatf-c and libatf-c++ major versions were downgraded to 0 and 482 1 respectively to match the upstream numbers. They were out of 483 sync because, when they were originally added to FreeBSD, the 484 upstream versions were not respected. These libraries are private 485 and not yet built by default, so renumbering them should be a 486 non-issue. However, unclean source trees will yield broken test 487 programs once the operator executes "make delete-old-libs" after a 488 "make installworld". 489 490 Additionally, the atf-sh binary was made private by moving it into 491 /usr/libexec/. Already-built shell test programs will keep the 492 path to the old binary so they will break after "make delete-old" 493 is run. 494 495 If you are using WITH_TESTS=yes (not the default), wipe the object 496 tree and rebuild from scratch to prevent spurious test failures. 497 This is only needed once: the misnumbered libraries and misplaced 498 binaries have been added to OptionalObsoleteFiles.inc so they will 499 be removed during a clean upgrade. 500 50120140512: 502 Clang and llvm have been upgraded to 3.4.1 release. 503 50420140508: 505 We bogusly installed src.opts.mk in /usr/share/mk. This file should 506 be removed to avoid issues in the future (and has been added to 507 ObsoleteFiles.inc). 508 50920140505: 510 /etc/src.conf now affects only builds of the FreeBSD src tree. In the 511 past, it affected all builds that used the bsd.*.mk files. The old 512 behavior was a bug, but people may have relied upon it. To get this 513 behavior back, you can .include /etc/src.conf from /etc/make.conf 514 (which is still global and isn't changed). This also changes the 515 behavior of incremental builds inside the tree of individual 516 directories. Set MAKESYSPATH to ".../share/mk" to do that. 517 Although this has survived make universe and some upgrade scenarios, 518 other upgrade scenarios may have broken. At least one form of 519 temporary breakage was fixed with MAKESYSPATH settings for buildworld 520 as well... In cases where MAKESYSPATH isn't working with this 521 setting, you'll need to set it to the full path to your tree. 522 523 One side effect of all this cleaning up is that bsd.compiler.mk 524 is no longer implicitly included by bsd.own.mk. If you wish to 525 use COMPILER_TYPE, you must now explicitly include bsd.compiler.mk 526 as well. 527 52820140430: 529 The lindev device has been removed since /dev/full has been made a 530 standard device. __FreeBSD_version has been bumped. 531 53220140424: 533 The knob WITHOUT_VI was added to the base system, which controls 534 building ex(1), vi(1), etc. Older releases of FreeBSD required ex(1) 535 in order to reorder files share/termcap and didn't build ex(1) as a 536 build tool, so building/installing with WITH_VI is highly advised for 537 build hosts for older releases. 538 539 This issue has been fixed in stable/9 and stable/10 in r277022 and 540 r276991, respectively. 541 54220140418: 543 The YES_HESIOD knob has been removed. It has been obsolete for 544 a decade. Please move to using WITH_HESIOD instead or your builds 545 will silently lack HESIOD. 546 54720140405: 548 The uart(4) driver has been changed with respect to its handling 549 of the low-level console. Previously the uart(4) driver prevented 550 any process from changing the baudrate or the CLOCAL and HUPCL 551 control flags. By removing the restrictions, operators can make 552 changes to the serial console port without having to reboot. 553 However, when getty(8) is started on the serial device that is 554 associated with the low-level console, a misconfigured terminal 555 line in /etc/ttys will now have a real impact. 556 Before upgrading the kernel, make sure that /etc/ttys has the 557 serial console device configured as 3wire without baudrate to 558 preserve the previous behaviour. E.g: 559 ttyu0 "/usr/libexec/getty 3wire" vt100 on secure 560 56120140306: 562 Support for libwrap (TCP wrappers) in rpcbind was disabled by default 563 to improve performance. To re-enable it, if needed, run rpcbind 564 with command line option -W. 565 56620140226: 567 Switched back to the GPL dtc compiler due to updates in the upstream 568 dts files not being supported by the BSDL dtc compiler. You will need 569 to rebuild your kernel toolchain to pick up the new compiler. Core dumps 570 may result while building dtb files during a kernel build if you fail 571 to do so. Set WITHOUT_GPL_DTC if you require the BSDL compiler. 572 57320140216: 574 Clang and llvm have been upgraded to 3.4 release. 575 57620140216: 577 The nve(4) driver has been removed. Please use the nfe(4) driver 578 for NVIDIA nForce MCP Ethernet adapters instead. 579 58020140212: 581 An ABI incompatibility crept into the libc++ 3.4 import in r261283. 582 This could cause certain C++ applications using shared libraries built 583 against the previous version of libc++ to crash. The incompatibility 584 has now been fixed, but any C++ applications or shared libraries built 585 between r261283 and r261801 should be recompiled. 586 58720140204: 588 OpenSSH will now ignore errors caused by kernel lacking of Capsicum 589 capability mode support. Please note that enabling the feature in 590 kernel is still highly recommended. 591 59220140131: 593 OpenSSH is now built with sandbox support, and will use sandbox as 594 the default privilege separation method. This requires Capsicum 595 capability mode support in kernel. 596 59720140128: 598 The libelf and libdwarf libraries have been updated to newer 599 versions from upstream. Shared library version numbers for 600 these two libraries were bumped. Any ports or binaries 601 requiring these two libraries should be recompiled. 602 __FreeBSD_version is bumped to 1100006. 603 60420140110: 605 If a Makefile in a tests/ directory was auto-generating a Kyuafile 606 instead of providing an explicit one, this would prevent such 607 Makefile from providing its own Kyuafile in the future during 608 NO_CLEAN builds. This has been fixed in the Makefiles but manual 609 intervention is needed to clean an objdir if you use NO_CLEAN: 610 # find /usr/obj -name Kyuafile | xargs rm -f 611 61220131213: 613 The behavior of gss_pseudo_random() for the krb5 mechanism 614 has changed, for applications requesting a longer random string 615 than produced by the underlying enctype's pseudo-random() function. 616 In particular, the random string produced from a session key of 617 enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will 618 be different at the 17th octet and later, after this change. 619 The counter used in the PRF+ construction is now encoded as a 620 big-endian integer in accordance with RFC 4402. 621 __FreeBSD_version is bumped to 1100004. 622 62320131108: 624 The WITHOUT_ATF build knob has been removed and its functionality 625 has been subsumed into the more generic WITHOUT_TESTS. If you were 626 using the former to disable the build of the ATF libraries, you 627 should change your settings to use the latter. 628 62920131025: 630 The default version of mtree is nmtree which is obtained from 631 NetBSD. The output is generally the same, but may vary 632 slightly. If you found you need identical output adding 633 "-F freebsd9" to the command line should do the trick. For the 634 time being, the old mtree is available as fmtree. 635 63620131014: 637 libbsdyml has been renamed to libyaml and moved to /usr/lib/private. 638 This will break ports-mgmt/pkg. Rebuild the port, or upgrade to pkg 639 1.1.4_8 and verify bsdyml not linked in, before running "make 640 delete-old-libs": 641 # make -C /usr/ports/ports-mgmt/pkg build deinstall install clean 642 or 643 # pkg install pkg; ldd /usr/local/sbin/pkg | grep bsdyml 644 64520131010: 646 The stable/10 branch has been created in subversion from head 647 revision r256279. 648 64920131010: 650 The rc.d/jail script has been updated to support jail(8) 651 configuration file. The "jail_<jname>_*" rc.conf(5) variables 652 for per-jail configuration are automatically converted to 653 /var/run/jail.<jname>.conf before the jail(8) utility is invoked. 654 This is transparently backward compatible. See below about some 655 incompatibilities and rc.conf(5) manual page for more details. 656 657 These variables are now deprecated in favor of jail(8) configuration 658 file. One can use "rc.d/jail config <jname>" command to generate 659 a jail(8) configuration file in /var/run/jail.<jname>.conf without 660 running the jail(8) utility. The default pathname of the 661 configuration file is /etc/jail.conf and can be specified by 662 using $jail_conf or $jail_<jname>_conf variables. 663 664 Please note that jail_devfs_ruleset accepts an integer at 665 this moment. Please consider to rewrite the ruleset name 666 with an integer. 667 66820130930: 669 BIND has been removed from the base system. If all you need 670 is a local resolver, simply enable and start the local_unbound 671 service instead. Otherwise, several versions of BIND are 672 available in the ports tree. The dns/bind99 port is one example. 673 674 With this change, nslookup(1) and dig(1) are no longer in the base 675 system. Users should instead use host(1) and drill(1) which are 676 in the base system. Alternatively, nslookup and dig can 677 be obtained by installing the dns/bind-tools port. 678 67920130916: 680 With the addition of unbound(8), a new unbound user is now 681 required during installworld. "mergemaster -p" can be used to 682 add the user prior to installworld, as documented in the handbook. 683 68420130911: 685 OpenSSH is now built with DNSSEC support, and will by default 686 silently trust signed SSHFP records. This can be controlled with 687 the VerifyHostKeyDNS client configuration setting. DNSSEC support 688 can be disabled entirely with the WITHOUT_LDNS option in src.conf. 689 69020130906: 691 The GNU Compiler Collection and C++ standard library (libstdc++) 692 are no longer built by default on platforms where clang is the system 693 compiler. You can enable them with the WITH_GCC and WITH_GNUCXX 694 options in src.conf. 695 69620130905: 697 The PROCDESC kernel option is now part of the GENERIC kernel 698 configuration and is required for the rwhod(8) to work. 699 If you are using custom kernel configuration, you should include 700 'options PROCDESC'. 701 70220130905: 703 The API and ABI related to the Capsicum framework was modified 704 in backward incompatible way. The userland libraries and programs 705 have to be recompiled to work with the new kernel. This includes the 706 following libraries and programs, but the whole buildworld is 707 advised: libc, libprocstat, dhclient, tcpdump, hastd, hastctl, 708 kdump, procstat, rwho, rwhod, uniq. 709 71020130903: 711 AES-NI intrinsic support has been added to gcc. The AES-NI module 712 has been updated to use this support. A new gcc is required to build 713 the aesni module on both i386 and amd64. 714 71520130821: 716 The PADLOCK_RNG and RDRAND_RNG kernel options are now devices. 717 Thus "device padlock_rng" and "device rdrand_rng" should be 718 used instead of "options PADLOCK_RNG" & "options RDRAND_RNG". 719 72020130813: 721 WITH_ICONV has been split into two feature sets. WITH_ICONV now 722 enables just the iconv* functionality and is now on by default. 723 WITH_LIBICONV_COMPAT enables the libiconv api and link time 724 compatability. Set WITHOUT_ICONV to build the old way. 725 If you have been using WITH_ICONV before, you will very likely 726 need to turn on WITH_LIBICONV_COMPAT. 727 72820130806: 729 INVARIANTS option now enables DEBUG for code with OpenSolaris and 730 Illumos origin, including ZFS. If you have INVARIANTS in your 731 kernel configuration, then there is no need to set DEBUG or ZFS_DEBUG 732 explicitly. 733 DEBUG used to enable witness(9) tracking of OpenSolaris (mostly ZFS) 734 locks if WITNESS option was set. Because that generated a lot of 735 witness(9) reports and all of them were believed to be false 736 positives, this is no longer done. New option OPENSOLARIS_WITNESS 737 can be used to achieve the previous behavior. 738 73920130806: 740 Timer values in IPv6 data structures now use time_uptime instead 741 of time_second. Although this is not a user-visible functional 742 change, userland utilities which directly use them---ndp(8), 743 rtadvd(8), and rtsold(8) in the base system---need to be updated 744 to r253970 or later. 745 74620130802: 747 find -delete can now delete the pathnames given as arguments, 748 instead of only files found below them or if the pathname did 749 not contain any slashes. Formerly, the following error message 750 would result: 751 752 find: -delete: <path>: relative path potentially not safe 753 754 Deleting the pathnames given as arguments can be prevented 755 without error messages using -mindepth 1 or by changing 756 directory and passing "." as argument to find. This works in the 757 old as well as the new version of find. 758 75920130726: 760 Behavior of devfs rules path matching has been changed. 761 Pattern is now always matched against fully qualified devfs 762 path and slash characters must be explicitly matched by 763 slashes in pattern (FNM_PATHNAME). Rulesets involving devfs 764 subdirectories must be reviewed. 765 76620130716: 767 The default ARM ABI has changed to the ARM EABI. The old ABI is 768 incompatible with the ARM EABI and all programs and modules will 769 need to be rebuilt to work with a new kernel. 770 771 To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set. 772 773 NOTE: Support for the old ABI will be removed in the future and 774 users are advised to upgrade. 775 77620130709: 777 pkg_install has been disconnected from the build if you really need it 778 you should add WITH_PKGTOOLS in your src.conf(5). 779 78020130709: 781 Most of network statistics structures were changed to be able 782 keep 64-bits counters. Thus all tools, that work with networking 783 statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.) 784 78520130629: 786 Fix targets that run multiple make's to use && rather than ; 787 so that subsequent steps depend on success of previous. 788 789 NOTE: if building 'universe' with -j* on stable/8 or stable/9 790 it would be better to start the build using bmake, to avoid 791 overloading the machine. 792 79320130618: 794 Fix a bug that allowed a tracing process (e.g. gdb) to write 795 to a memory-mapped file in the traced process's address space 796 even if neither the traced process nor the tracing process had 797 write access to that file. 798 79920130615: 800 CVS has been removed from the base system. An exact copy 801 of the code is available from the devel/cvs port. 802 80320130613: 804 Some people report the following error after the switch to bmake: 805 806 make: illegal option -- J 807 usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable] 808 ... 809 *** [buildworld] Error code 2 810 811 this likely due to an old instance of make in 812 ${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE}) 813 which src/Makefile will use that blindly, if it exists, so if 814 you see the above error: 815 816 rm -rf `make -V MAKEPATH` 817 818 should resolve it. 819 82020130516: 821 Use bmake by default. 822 Whereas before one could choose to build with bmake via 823 -DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old 824 make. The goal is to remove these knobs for 10-RELEASE. 825 826 It is worth noting that bmake (like gmake) treats the command 827 line as the unit of failure, rather than statements within the 828 command line. Thus '(cd some/where && dosomething)' is safer 829 than 'cd some/where; dosomething'. The '()' allows consistent 830 behavior in parallel build. 831 83220130429: 833 Fix a bug that allows NFS clients to issue READDIR on files. 834 83520130426: 836 The WITHOUT_IDEA option has been removed because 837 the IDEA patent expired. 838 83920130426: 840 The sysctl which controls TRIM support under ZFS has been renamed 841 from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been 842 enabled by default. 843 84420130425: 845 The mergemaster command now uses the default MAKEOBJDIRPREFIX 846 rather than creating it's own in the temporary directory in 847 order allow access to bootstrapped versions of tools such as 848 install and mtree. When upgrading from version of FreeBSD where 849 the install command does not support -l, you will need to 850 install a new mergemaster command if mergemaster -p is required. 851 This can be accomplished with the command (cd src/usr.sbin/mergemaster 852 && make install). 853 85420130404: 855 Legacy ATA stack, disabled and replaced by new CAM-based one since 856 FreeBSD 9.0, completely removed from the sources. Kernel modules 857 atadisk and atapi*, user-level tools atacontrol and burncd are 858 removed. Kernel option `options ATA_CAM` is now permanently enabled 859 and removed. 860 86120130319: 862 SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2) 863 and socketpair(2). Software, in particular Kerberos, may 864 automatically detect and use these during building. The resulting 865 binaries will not work on older kernels. 866 86720130308: 868 CTL_DISABLE has also been added to the sparc64 GENERIC (for further 869 information, see the respective 20130304 entry). 870 87120130304: 872 Recent commits to callout(9) changed the size of struct callout, 873 so the KBI is probably heavily disturbed. Also, some functions 874 in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced 875 by macros. Every kernel module using it won't load, so rebuild 876 is requested. 877 878 The ctl device has been re-enabled in GENERIC for i386 and amd64, 879 but does not initialize by default (because of the new CTL_DISABLE 880 option) to save memory. To re-enable it, remove the CTL_DISABLE 881 option from the kernel config file or set kern.cam.ctl.disable=0 882 in /boot/loader.conf. 883 88420130301: 885 The ctl device has been disabled in GENERIC for i386 and amd64. 886 This was done due to the extra memory being allocated at system 887 initialisation time by the ctl driver which was only used if 888 a CAM target device was created. This makes a FreeBSD system 889 unusable on 128MB or less of RAM. 890 89120130208: 892 A new compression method (lz4) has been merged to -HEAD. Please 893 refer to zpool-features(7) for more information. 894 895 Please refer to the "ZFS notes" section of this file for information 896 on upgrading boot ZFS pools. 897 89820130129: 899 A BSD-licensed patch(1) variant has been added and is installed 900 as bsdpatch, being the GNU version the default patch. 901 To inverse the logic and use the BSD-licensed one as default, 902 while having the GNU version installed as gnupatch, rebuild 903 and install world with the WITH_BSD_PATCH knob set. 904 90520130121: 906 Due to the use of the new -l option to install(1) during build 907 and install, you must take care not to directly set the INSTALL 908 make variable in your /etc/make.conf, /etc/src.conf, or on the 909 command line. If you wish to use the -C flag for all installs 910 you may be able to add INSTALL+=-C to /etc/make.conf or 911 /etc/src.conf. 912 91320130118: 914 The install(1) option -M has changed meaning and now takes an 915 argument that is a file or path to append logs to. In the 916 unlikely event that -M was the last option on the command line 917 and the command line contained at least two files and a target 918 directory the first file will have logs appended to it. The -M 919 option served little practical purpose in the last decade so its 920 use is expected to be extremely rare. 921 92220121223: 923 After switching to Clang as the default compiler some users of ZFS 924 on i386 systems started to experience stack overflow kernel panics. 925 Please consider using 'options KSTACK_PAGES=4' in such configurations. 926 92720121222: 928 GEOM_LABEL now mangles label names read from file system metadata. 929 Mangling affect labels containing spaces, non-printable characters, 930 '%' or '"'. Device names in /etc/fstab and other places may need to 931 be updated. 932 93320121217: 934 By default, only the 10 most recent kernel dumps will be saved. To 935 restore the previous behaviour (no limit on the number of kernel dumps 936 stored in the dump directory) add the following line to /etc/rc.conf: 937 938 savecore_flags="" 939 94020121201: 941 With the addition of auditdistd(8), a new auditdistd user is now 942 required during installworld. "mergemaster -p" can be used to 943 add the user prior to installworld, as documented in the handbook. 944 94520121117: 946 The sin6_scope_id member variable in struct sockaddr_in6 is now 947 filled by the kernel before passing the structure to the userland via 948 sysctl or routing socket. This means the KAME-specific embedded scope 949 id in sin6_addr.s6_addr[2] is always cleared in userland application. 950 This behavior can be controlled by net.inet6.ip6.deembed_scopeid. 951 __FreeBSD_version is bumped to 1000025. 952 95320121105: 954 On i386 and amd64 systems WITH_CLANG_IS_CC is now the default. 955 This means that the world and kernel will be compiled with clang 956 and that clang will be installed as /usr/bin/cc, /usr/bin/c++, 957 and /usr/bin/cpp. To disable this behavior and revert to building 958 with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions 959 of current may need to bootstrap WITHOUT_CLANG first if the clang 960 build fails (its compatibility window doesn't extend to the 9 stable 961 branch point). 962 96320121102: 964 The IPFIREWALL_FORWARD kernel option has been removed. Its 965 functionality now turned on by default. 966 96720121023: 968 The ZERO_COPY_SOCKET kernel option has been removed and 969 split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP. 970 NB: SOCKET_SEND_COW uses the VM page based copy-on-write 971 mechanism which is not safe and may result in kernel crashes. 972 NB: The SOCKET_RECV_PFLIP mechanism is useless as no current 973 driver supports disposeable external page sized mbuf storage. 974 Proper replacements for both zero-copy mechanisms are under 975 consideration and will eventually lead to complete removal 976 of the two kernel options. 977 97820121023: 979 The IPv4 network stack has been converted to network byte 980 order. The following modules need to be recompiled together 981 with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4), 982 pf(4), ipfw(4), ng_ipfw(4), stf(4). 983 98420121022: 985 Support for non-MPSAFE filesystems was removed from VFS. The 986 VFS_VERSION was bumped, all filesystem modules shall be 987 recompiled. 988 98920121018: 990 All the non-MPSAFE filesystems have been disconnected from 991 the build. The full list includes: codafs, hpfs, ntfs, nwfs, 992 portalfs, smbfs, xfs. 993 99420121016: 995 The interface cloning API and ABI has changed. The following 996 modules need to be recompiled together with kernel: 997 ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4), 998 vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4), 999 faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4). 1000 100120121015: 1002 The sdhci driver was split in two parts: sdhci (generic SD Host 1003 Controller logic) and sdhci_pci (actual hardware driver). 1004 No kernel config modifications are required, but if you 1005 load sdhc as a module you must switch to sdhci_pci instead. 1006 100720121014: 1008 Import the FUSE kernel and userland support into base system. 1009 101020121013: 1011 The GNU sort(1) program has been removed since the BSD-licensed 1012 sort(1) has been the default for quite some time and no serious 1013 problems have been reported. The corresponding WITH_GNU_SORT 1014 knob has also gone. 1015 101620121006: 1017 The pfil(9) API/ABI for AF_INET family has been changed. Packet 1018 filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled 1019 with new kernel. 1020 102120121001: 1022 The net80211(4) ABI has been changed to allow for improved driver 1023 PS-POLL and power-save support. All wireless drivers need to be 1024 recompiled to work with the new kernel. 1025 102620120913: 1027 The random(4) support for the VIA hardware random number 1028 generator (`PADLOCK') is no longer enabled unconditionally. 1029 Add the padlock_rng device in the custom kernel config if 1030 needed. The GENERIC kernels on i386 and amd64 do include the 1031 device, so the change only affects the custom kernel 1032 configurations. 1033 103420120908: 1035 The pf(4) packet filter ABI has been changed. pfctl(8) and 1036 snmp_pf module need to be recompiled to work with new kernel. 1037 103820120828: 1039 A new ZFS feature flag "com.delphix:empty_bpobj" has been merged 1040 to -HEAD. Pools that have empty_bpobj in active state can not be 1041 imported read-write with ZFS implementations that do not support 1042 this feature. For more information read the zpool-features(5) 1043 manual page. 1044 104520120727: 1046 The sparc64 ZFS loader has been changed to no longer try to auto- 1047 detect ZFS providers based on diskN aliases but now requires these 1048 to be explicitly listed in the OFW boot-device environment variable. 1049 105020120712: 1051 The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring 1052 libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are 1053 configuration changes. Make sure to merge /etc/ssl/openssl.cnf. 1054 105520120712: 1056 The following sysctls and tunables have been renamed for consistency 1057 with other variables: 1058 kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered 1059 kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered 1060 106120120628: 1062 The sort utility has been replaced with BSD sort. For now, GNU sort 1063 is also available as "gnusort" or the default can be set back to 1064 GNU sort by setting WITH_GNU_SORT. In this case, BSD sort will be 1065 installed as "bsdsort". 1066 106720120611: 1068 A new version of ZFS (pool version 5000) has been merged to -HEAD. 1069 Starting with this version the old system of ZFS pool versioning 1070 is superseded by "feature flags". This concept enables forward 1071 compatibility against certain future changes in functionality of ZFS 1072 pools. The first read-only compatible "feature flag" for ZFS pools 1073 is named "com.delphix:async_destroy". For more information 1074 read the new zpool-features(5) manual page. 1075 Please refer to the "ZFS notes" section of this file for information 1076 on upgrading boot ZFS pools. 1077 107820120417: 1079 The malloc(3) implementation embedded in libc now uses sources imported 1080 as contrib/jemalloc. The most disruptive API change is to 1081 /etc/malloc.conf. If your system has an old-style /etc/malloc.conf, 1082 delete it prior to installworld, and optionally re-create it using the 1083 new format after rebooting. See malloc.conf(5) for details 1084 (specifically the TUNING section and the "opt.*" entries in the MALLCTL 1085 NAMESPACE section). 1086 108720120328: 1088 Big-endian MIPS TARGET_ARCH values no longer end in "eb". mips64eb 1089 is now spelled mips64. mipsn32eb is now spelled mipsn32. mipseb is 1090 now spelled mips. This is to aid compatibility with third-party 1091 software that expects this naming scheme in uname(3). Little-endian 1092 settings are unchanged. If you are updating a big-endian mips64 machine 1093 from before this change, you may need to set MACHINE_ARCH=mips64 in 1094 your environment before the new build system will recognize your machine. 1095 109620120306: 1097 Disable by default the option VFS_ALLOW_NONMPSAFE for all supported 1098 platforms. 1099 110020120229: 1101 Now unix domain sockets behave "as expected" on nullfs(5). Previously 1102 nullfs(5) did not pass through all behaviours to the underlying layer, 1103 as a result if we bound to a socket on the lower layer we could connect 1104 only to the lower path; if we bound to the upper layer we could connect 1105 only to the upper path. The new behavior is one can connect to both the 1106 lower and the upper paths regardless what layer path one binds to. 1107 110820120211: 1109 The getifaddrs upgrade path broken with 20111215 has been restored. 1110 If you have upgraded in between 20111215 and 20120209 you need to 1111 recompile libc again with your kernel. You still need to recompile 1112 world to be able to configure CARP but this restriction already 1113 comes from 20111215. 1114 111520120114: 1116 The set_rcvar() function has been removed from /etc/rc.subr. All 1117 base and ports rc.d scripts have been updated, so if you have a 1118 port installed with a script in /usr/local/etc/rc.d you can either 1119 hand-edit the rcvar= line, or reinstall the port. 1120 1121 An easy way to handle the mass-update of /etc/rc.d: 1122 rm /etc/rc.d/* && mergemaster -i 1123 112420120109: 1125 panic(9) now stops other CPUs in the SMP systems, disables interrupts 1126 on the current CPU and prevents other threads from running. 1127 This behavior can be reverted using the kern.stop_scheduler_on_panic 1128 tunable/sysctl. 1129 The new behavior can be incompatible with kern.sync_on_panic. 1130 113120111215: 1132 The carp(4) facility has been changed significantly. Configuration 1133 of the CARP protocol via ifconfig(8) has changed, as well as format 1134 of CARP events submitted to devd(8) has changed. See manual pages 1135 for more information. The arpbalance feature of carp(4) is currently 1136 not supported anymore. 1137 1138 Size of struct in_aliasreq, struct in6_aliasreq has changed. User 1139 utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8), 1140 need to be recompiled. 1141 114220111122: 1143 The acpi_wmi(4) status device /dev/wmistat has been renamed to 1144 /dev/wmistat0. 1145 114620111108: 1147 The option VFS_ALLOW_NONMPSAFE option has been added in order to 1148 explicitely support non-MPSAFE filesystems. 1149 It is on by default for all supported platform at this present 1150 time. 1151 115220111101: 1153 The broken amd(4) driver has been replaced with esp(4) in the amd64, 1154 i386 and pc98 GENERIC kernel configuration files. 1155 115620110930: 1157 sysinstall has been removed 1158 115920110923: 1160 The stable/9 branch created in subversion. This corresponds to the 1161 RELENG_9 branch in CVS. 1162 1163COMMON ITEMS: 1164 1165 General Notes 1166 ------------- 1167 Avoid using make -j when upgrading. While generally safe, there are 1168 sometimes problems using -j to upgrade. If your upgrade fails with 1169 -j, please try again without -j. From time to time in the past there 1170 have been problems using -j with buildworld and/or installworld. This 1171 is especially true when upgrading between "distant" versions (eg one 1172 that cross a major release boundary or several minor releases, or when 1173 several months have passed on the -current branch). 1174 1175 Sometimes, obscure build problems are the result of environment 1176 poisoning. This can happen because the make utility reads its 1177 environment when searching for values for global variables. To run 1178 your build attempts in an "environmental clean room", prefix all make 1179 commands with 'env -i '. See the env(1) manual page for more details. 1180 1181 When upgrading from one major version to another it is generally best 1182 to upgrade to the latest code in the currently installed branch first, 1183 then do an upgrade to the new branch. This is the best-tested upgrade 1184 path, and has the highest probability of being successful. Please try 1185 this approach before reporting problems with a major version upgrade. 1186 1187 When upgrading a live system, having a root shell around before 1188 installing anything can help undo problems. Not having a root shell 1189 around can lead to problems if pam has changed too much from your 1190 starting point to allow continued authentication after the upgrade. 1191 1192 This file should be read as a log of events. When a later event changes 1193 information of a prior event, the prior event should not be deleted. 1194 Instead, a pointer to the entry with the new information should be 1195 placed in the old entry. Readers of this file should also sanity check 1196 older entries before relying on them blindly. Authors of new entries 1197 should write them with this in mind. 1198 1199 ZFS notes 1200 --------- 1201 When upgrading the boot ZFS pool to a new version, always follow 1202 these two steps: 1203 1204 1.) recompile and reinstall the ZFS boot loader and boot block 1205 (this is part of "make buildworld" and "make installworld") 1206 1207 2.) update the ZFS boot block on your boot drive 1208 1209 The following example updates the ZFS boot block on the first 1210 partition (freebsd-boot) of a GPT partitioned drive ada0: 1211 "gpart bootcode -p /boot/gptzfsboot -i 1 ada0" 1212 1213 Non-boot pools do not need these updates. 1214 1215 To build a kernel 1216 ----------------- 1217 If you are updating from a prior version of FreeBSD (even one just 1218 a few days old), you should follow this procedure. It is the most 1219 failsafe as it uses a /usr/obj tree with a fresh mini-buildworld, 1220 1221 make kernel-toolchain 1222 make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE 1223 make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE 1224 1225 To test a kernel once 1226 --------------------- 1227 If you just want to boot a kernel once (because you are not sure 1228 if it works, or if you want to boot a known bad kernel to provide 1229 debugging information) run 1230 make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel 1231 nextboot -k testkernel 1232 1233 To just build a kernel when you know that it won't mess you up 1234 -------------------------------------------------------------- 1235 This assumes you are already running a CURRENT system. Replace 1236 ${arch} with the architecture of your machine (e.g. "i386", 1237 "arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc). 1238 1239 cd src/sys/${arch}/conf 1240 config KERNEL_NAME_HERE 1241 cd ../compile/KERNEL_NAME_HERE 1242 make depend 1243 make 1244 make install 1245 1246 If this fails, go to the "To build a kernel" section. 1247 1248 To rebuild everything and install it on the current system. 1249 ----------------------------------------------------------- 1250 # Note: sometimes if you are running current you gotta do more than 1251 # is listed here if you are upgrading from a really old current. 1252 1253 <make sure you have good level 0 dumps> 1254 make buildworld 1255 make kernel KERNCONF=YOUR_KERNEL_HERE 1256 [1] 1257 <reboot in single user> [3] 1258 mergemaster -Fp [5] 1259 make installworld 1260 mergemaster -Fi [4] 1261 make delete-old [6] 1262 <reboot> 1263 1264 To cross-install current onto a separate partition 1265 -------------------------------------------------- 1266 # In this approach we use a separate partition to hold 1267 # current's root, 'usr', and 'var' directories. A partition 1268 # holding "/", "/usr" and "/var" should be about 2GB in 1269 # size. 1270 1271 <make sure you have good level 0 dumps> 1272 <boot into -stable> 1273 make buildworld 1274 make buildkernel KERNCONF=YOUR_KERNEL_HERE 1275 <maybe newfs current's root partition> 1276 <mount current's root partition on directory ${CURRENT_ROOT}> 1277 make installworld DESTDIR=${CURRENT_ROOT} -DDB_FROM_SRC 1278 make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd 1279 make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT} 1280 cp /etc/fstab ${CURRENT_ROOT}/etc/fstab # if newfs'd 1281 <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition> 1282 <reboot into current> 1283 <do a "native" rebuild/install as described in the previous section> 1284 <maybe install compatibility libraries from ports/misc/compat*> 1285 <reboot> 1286 1287 1288 To upgrade in-place from stable to current 1289 ---------------------------------------------- 1290 <make sure you have good level 0 dumps> 1291 make buildworld [9] 1292 make kernel KERNCONF=YOUR_KERNEL_HERE [8] 1293 [1] 1294 <reboot in single user> [3] 1295 mergemaster -Fp [5] 1296 make installworld 1297 mergemaster -Fi [4] 1298 make delete-old [6] 1299 <reboot> 1300 1301 Make sure that you've read the UPDATING file to understand the 1302 tweaks to various things you need. At this point in the life 1303 cycle of current, things change often and you are on your own 1304 to cope. The defaults can also change, so please read ALL of 1305 the UPDATING entries. 1306 1307 Also, if you are tracking -current, you must be subscribed to 1308 freebsd-current@freebsd.org. Make sure that before you update 1309 your sources that you have read and understood all the recent 1310 messages there. If in doubt, please track -stable which has 1311 much fewer pitfalls. 1312 1313 [1] If you have third party modules, such as vmware, you 1314 should disable them at this point so they don't crash your 1315 system on reboot. 1316 1317 [3] From the bootblocks, boot -s, and then do 1318 fsck -p 1319 mount -u / 1320 mount -a 1321 cd src 1322 adjkerntz -i # if CMOS is wall time 1323 Also, when doing a major release upgrade, it is required that 1324 you boot into single user mode to do the installworld. 1325 1326 [4] Note: This step is non-optional. Failure to do this step 1327 can result in a significant reduction in the functionality of the 1328 system. Attempting to do it by hand is not recommended and those 1329 that pursue this avenue should read this file carefully, as well 1330 as the archives of freebsd-current and freebsd-hackers mailing lists 1331 for potential gotchas. The -U option is also useful to consider. 1332 See mergemaster(8) for more information. 1333 1334 [5] Usually this step is a noop. However, from time to time 1335 you may need to do this if you get unknown user in the following 1336 step. It never hurts to do it all the time. You may need to 1337 install a new mergemaster (cd src/usr.sbin/mergemaster && make 1338 install) after the buildworld before this step if you last updated 1339 from current before 20130425 or from -stable before 20130430. 1340 1341 [6] This only deletes old files and directories. Old libraries 1342 can be deleted by "make delete-old-libs", but you have to make 1343 sure that no program is using those libraries anymore. 1344 1345 [8] In order to have a kernel that can run the 4.x binaries needed to 1346 do an installworld, you must include the COMPAT_FREEBSD4 option in 1347 your kernel. Failure to do so may leave you with a system that is 1348 hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is 1349 required to run the 5.x binaries on more recent kernels. And so on 1350 for COMPAT_FREEBSD6 and COMPAT_FREEBSD7. 1351 1352 Make sure that you merge any new devices from GENERIC since the 1353 last time you updated your kernel config file. 1354 1355 [9] When checking out sources, you must include the -P flag to have 1356 cvs prune empty directories. 1357 1358 If CPUTYPE is defined in your /etc/make.conf, make sure to use the 1359 "?=" instead of the "=" assignment operator, so that buildworld can 1360 override the CPUTYPE if it needs to. 1361 1362 MAKEOBJDIRPREFIX must be defined in an environment variable, and 1363 not on the command line, or in /etc/make.conf. buildworld will 1364 warn if it is improperly defined. 1365FORMAT: 1366 1367This file contains a list, in reverse chronological order, of major 1368breakages in tracking -current. It is not guaranteed to be a complete 1369list of such breakages, and only contains entries since September 23, 2011. 1370If you need to see UPDATING entries from before that date, you will need 1371to fetch an UPDATING file from an older FreeBSD release. 1372 1373Copyright information: 1374 1375Copyright 1998-2009 M. Warner Losh. All Rights Reserved. 1376 1377Redistribution, publication, translation and use, with or without 1378modification, in full or in part, in any form or format of this 1379document are permitted without further permission from the author. 1380 1381THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR 1382IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 1383WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 1384DISCLAIMED. IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT, 1385INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 1386(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 1387SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 1388HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 1389STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 1390IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 1391POSSIBILITY OF SUCH DAMAGE. 1392 1393Contact Warner Losh if you have any questions about your use of 1394this document. 1395 1396$FreeBSD$ 1397