aboutsummaryrefslogtreecommitdiffstats
path: root/UPDATING
blob: 1ddfd49ba0c3b7f821253d06d38a33748c3fece3 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
Updating Information for FreeBSD 5.2.1 users

This file is maintained and copyrighted by M. Warner Losh
<imp@village.org>.  See end of file for further details.  For commonly
done items, please see the COMMON ITEMS: section later in the file.

This is for the 5.2 release branch.  FreeBSD 5.2.1 is part of the 5.2
release branch and has no branch of its own.  All entries since 5.0 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20050406:	p14	FreeBSD-SA-05:03.amd64
	Correctly initialize the I/O permission bitmap on amd64.

20041201:	p13	FreeBSD-SA-04:17.procfs
	Fix a tainted pointer dereference in procfs(5) and linprocfs(5)
	which could allow a local attacker to panic a system and/or read
	from kernel memory.

20041118:	p12	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

20041003:	p11	FreeBSD-SA-04:15.syscons
	Correct a kernel memory disclosure vulnerability in syscons(4).

20040919:	p10	FreeBSD-SA-04:14.cvs
	Correct several vulnerabilities in CVS (CAN-2004-0414,
	CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778).

20040630:	p9	FreeBSD-SA-04:13.linux
	Correct an input validation error in the linux binary
	compatibility code.

20040526:	p8	FreeBSD-SA-04:11.msync
	Fix a bug in msync(2) which could cause it to discard dirty
	pages.

	NOTE: In some cases involving NFS, the incorrect behaviour may
	actually be preferrable.  Setting the vm.old_msync sysctl
	variable to 1 will revert msync(2) to its old behaviour.

20040519:       p7	FreeBSD-SA-04:10.cvs
	Correct a heap overflow in cvs's pserver protocol parser.

20040505:	p6	FreeBSD-SA-04:08.heimdal
	Correctly validate the transited field in Kerberos tickets.

20040415:	p5	FreeBSD-SA-04:07.cvs
	Correct some path validation errors in CVS.

20040329:	p4	FreeBSD-SA-04:06.ipv6
	Correct an input validation error involving setsockopt and
	IPv6 sockets.

20040317:	p3	FreeBSD-SA-04:05.openssl
	Correct a denial-of-service vulnerability in OpenSSL.

20040316:	p2
	Improvement of FreeBSD-SA-04:04.tcp fix.

20040302:	p1	FreeBSD-SA-04:04.tcp
	Limit TCP segment reassembly queue size.

20040222:
	FreeBSD 5.2.1 RELEASE

20040210:
	Fixed bugs in vfs_mount(9) that could allow jailed processes
	to mount or unmount file systems outside of the jail and
	in some cases allow a normal user to unmount a file system
	when usermounts have been changed from enabled to disabled.

	Fix a panic in pseudofs(9).

20040205:	p2	FreeBSD-SA-04:02.shmat
	Correct a reference counting bug in shmat(2).

20040127:	p1	FreeBSD-SA-04:01.mksnap_ffs
	Fixed mksnap_ffs to preserve existing file system flags.

	NOTE WELL:
	Due to release engineering in progress, 5.2-RELEASE-p1 also
	includes numerous other critical bug fixes, most of which
	are not security related.

	- (i386) `cdboot' now works around a BIOS problem observed on
	  some systems when booting from USB CDROM drives.

	- (sparc64) The dc(4) driver now supports sparc64 Davicom
	  cards that store their MAC address in OpenFirmware.

	- Several bugs related to multicast and promiscuous mode
	  handling in the sk(4) driver have been fixed.

	- A bug in GEOM(4) that could result in I/O hangs in some
	  rare cases has been fixed.

	- A panic in the NFSv4 client has been fixed; this occurred
	  when attempting operations against an NFSv3/NFSv2-only
	  server.

	- A bugfix has been applied to NSS support, which fixes
	  problems when using third-party NSS modules (such as
	  `net/nss_ldap') and groups with large membership lists.

	- Security improvements from CVS 1.11.10 and 1.11.11 have
	  been backported.  Specifically, certain malformed module
	  requests are now rejected, and when using `cvs pserver'
	  mode, attempts to authenticate as `root' are rejected and
	  recorded via syslog(3).

	- The `PFIL_HOOKS' option is now enabled by default in the
	  GENERIC kernel.  The most notable effect of this change is
	  to make IPFilter work correctly when loaded as a kernel
	  module.

	- Some bugs in the IPsec implementation from the KAME Project
	  have been fixed.  These bugs were related to freeing memory
	  objects before all references to them were removed, and
	  could cause erratic behavior or kernel panics after flushing
	  the Security Policy Database (SPD).

	- A number of bugs in the ata(4) driver have been fixed.  Most
	  notably, master/slave device detection should work better,
	  and some problems with timeouts should be resolved.

	- (pc98) The partition type used for new partitions on the pc98
	  platform was corrected.

	- Allow devfs path rules to work on directories.

20031206:
	FreeBSD 5.2 branched

20031112:
	The statfs structure has been updated with 64-bit fields to
	allow accurate reporting of multi-terabyte filesystem
	sizes. You should build world, then build and boot the new kernel
	BEFORE doing a `installworld' as the new kernel will know about
	binaries using the old statfs structure, but an old kernel will
	not know about the new system calls that support the new statfs
	structure.
	Note that the backwards compatibility is only present when the
	kernel is configured with the COMPAT_FREEBSD4 option. Since
	even /bin/sh will not run with a new kernel without said option
	you're pretty much dead in the water without it. Make sure you
	have COMPAT_FREEBSD4!
	Running an old kernel after a `make world' will cause programs
	such as `df' that do a statfs system call to fail with a bad
	system call. Marco Wertejuk <wertejuk@mwcis.com> also reports
	that cfsd (ports/security/cfs) needs to be recompiled after
	these changes are installed.

	****************************DANGER*******************************

	DO NOT make installworld after the buildworld w/o building and
	installing a new kernel FIRST.  You will be unable to build a
	new kernel otherwise on a system with new binaries and an old
	kernel.

20031203:
	The ACPI module has been reactivated.  It is no longer required
	to compile ACPI support into kernels statically.

20031112:
	Some netgraph string length constants have been changed. This
	change requires the netgraph kernel modules and all netgraph
	userland components to be in sync. Especially users who require
	netgraph to boot need to make sure to have world and kernel in
	sync before rebooting.

20031111:
	Hyperthreading logical CPU's are no longer probed by default
	when using the MP Table.  If ACPI is being used, then logical
	CPUs will be probed if hyperthreading is enabled in the BIOS.
	If ACPI is not being used and hyperthreading is enabled in the
	BIOS, logical CPUs can be enabled by building a custom kernel
	with the option MPTABLE_FORCE_HTT enabled.
 
20031103:
	The i386 APIC_IO kernel option has been replaced by
	'device apic'.  The ACPI module has also been temporarily
	disabled, so ACPI must be statically compiled into your
	kernel using 'device acpi' if you wish to use the ACPI driver.

20031031:
	The API and ABI of struct ifnet have been changed by removing
	the if_name and if_unit members and replacing them with
	if_xname, if_dname, and if_dunit.  All network drivers and most
	userland programs which include net/if_var.h must be updated
	and recompiled.  __FreeBSD_version has been bumped to 501113 to
	reflect this change.

20030928:
	Changes to the cdevsw default functions have been made to remove
	the need to specify nullopen() and nullclose() explicitly.
	__FreeBSD_version bumpted to 501110.

20030926:
	kiconv(3) has been added. mount_msdosfs(8), mount_ntfs(8) and
	mount_cd9660(8) need to be in sync with kernel.

20030925:
	Configuring a system to use IPFILTER now requires that PFIL_HOOKS
	also be explicitly configured.  Previously this dependency was
	magically handled through some cruft in net/pfil.h; but that has
	been removed.  Building a kernel with IPFILTER but not PFIL_HOOKS
	will fail with obtuse errors in ip_fil.c.

20030923:
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system 
	panic, by sending a flood of spoofed ARP requests. See
	FreeBSD-SA-03:14.arp.

20030915:
	A change to /etc/defaults/rc.conf now causes inetd to be started
	with `-C 60' if it is not overridden in /etc/rc.conf.  This
	causes inetd to stop accepting connections from an IP address
	that exceeds the rate of 60 connections per minute.

20030829:
	The following rc.d scripts have been removed and should be
	deleted from your installation: atm2.sh atm3.sh devdb
	localdaemons network1 network2 network3. Depending on when
	you last updated world and used mergemaster(8) you may or
	may not have problems during the rc boot sequence. The simplest
	solution is an 'rm -rf /etc/rc.d/*' and then 'mergemaster -i'.
	The atm2.sh atm3.sh and devdb scripts were removed some time
	ago, so depending on when you installed -CURRENT these scripts
	may or may not exist on your system.

20030824:
	ATAng has been committed. You need to build world as sys/ata.h 
	has changed, and userland atacontrol depends on it.
	If you use ATA SW raids you need "device ataraid" in your
	kernel config file, as it is no longer pulled in automatically.

20030819:
	The OFW_NEWPCI option has been turned on in the Sparc64 GENERIC kernel.
	Among other things, this changes the device enumeration to be
	closer to Solaris.  Be aware that, this can even cause the machine
	to not boot without manual intervention before the fstab is adjusted.

20030728:
	All current USB and Firewire quirks in da(4) have been deprecated
	and will be removed for 5.2.  If this causes failure for your
	umass(4) devices, enable "options DA_OLD_QUIRKS" in your kernel
	and send the output of "camcontrol inquiry da0" to scsi@freebsd.org
	so the quirk can be re-enabled.

20030722:
	FPU-less support has been removed from FreeBSD.  Chances are you won't
	notice.  386+387 support should still work after this change, but
	it is now a minimum requirement for the i386 port that you have real
	FPU hardware.

20030714:
	Some people are having problems with changes related to /rescue.
	If you are building -j N, you will need to define NO_RESCUE.  Others
	will need to define it if /rescue has issues with their environment.
	People should report those issues to current@.

20030711:
	gcc was upgraded to 3.3.  You are advised to not build -DNOCLEAN
	across this point.  Further, it might be a good idea to remove
	/usr/obj.

20030613: [retrospective]
	There was a small window in which sed(1) was broken.  If you
	happen to have sed(1) installed during that window, which is
	evidenced by an inability to build world with the failure
	given below, you need to manually build and install sed(1)
	(and only sed(1)) before doing anything else. This is a one-
	time snafu. Typical failure mode:

	In file included from /usr/src/contrib/binutils/bfd/targets.c:1092:
	targmatch.h:7:1: null character(s) ignored
	targmatch.h:12:1: null character(s) ignored
	targmatch.h:16:1: null character(s) ignored
		:

	The window of "sed(1)-uction" is from Wed Jun 4 15:31:55 2003 UTC
	to Thu Jun 5 12:10:19 2003 UTC (from rev 1.30 to rev 1.31 of
	usr.bin/sed/process.c).

20030610:
	Remove deprecated locale names and transition period code
	for them, finishing switching to the new scheme. Check your
	LANG environment variable.

20030609:
	CCD has been changed to be a fully GEOMified class.  Kernel
	and ccdconfig(8) needs to be in sync, this is particularly
	important to remember beforehand if your source tree is on
	a ccd device.  Consider making a copy of the old ccdconfig
	into /boot/kernel.good or wherever you keep your backup
	kernel.

20030505:
	Kerberos 5 (Heimdal) is now built by default. Setting
	MAKE_KERBEROS5 no longer has any effect. If you do NOT
	want the "base" Kerberos 5, you need to set NO_KERBEROS.

20030502:
	groff has been updated.  If you try to do a buildworld and
	get an infinite loop in troff, update to May 4th or newer.  If you
	have a newer kernel than userland, you may need to set the OSRELDATE
	to 500110 in your environment before starting a buildworld.

20030501:
	The old rc system has been removed.  Please report any problems
	to freebsd-rc@yahoogroups.com, and/or freebsd-current@freebsd.org.
	Your personal versions of these files will not be removed, so you can
	continue to use them. However, you should take great care when updating,
	especially when using mergemaster, since the compatibility code that
	utilizes these old scripts has also been removed.

20030423:
	A bug has been fixed in /dev/devctl which would cause devd
	to hang on boot, were it not for a workaround in devd.  The
	work around in devd will be removed around 20030507.  You
	have until then to upgrade your kernel before updating
	userland.  In general, you should have a userland and
	kernel that's in sync with each other.  However, given the
	effects of this bug (hang on boot when starting devd), some
	allowances are made.

20030329:
	Alphas with libc from between 20030312 and 20030329 exhibit
	floating point exceptions (FPEs), most notably in awk(1)
	while upgrading the system through a buildworld.

	So, to successfully upgrade your Alpha, you must either
	downgrade your libc.so to a pre-20030312 version, or update
	/usr/share/mk/bsd.cpu.mk to revision 1.26 which adds -mieee
	to CFLAGS, then forcibly rebuild and install libc:

	cd /usr/src/lib/libc && \
	    make cleandir && make obj && \
	    make -DNOMAN -DNOPROFILE all && \
	    make -DNOMAN -DNOPROFILE install

20030208:
	sendmail 8.12.7 has been imported.  It has one important
	change for IPv6 users.  The default submit.mc now uses
	'[127.0.0.1]' instead of 'localhost' meaning only IPv4 is
	used to connect to the MTA.  Users on IPv6-only machines
	will need to edit /etc/mail/submit.mc appropriately.

20030128:
	NODEVFS option has been removed and DEVFS thereby made standard.
	This makes all references to MAKEDEV obsolete, and they should
	be removed when convenient.

20030126:
	The name of the device for the ofw console has changed, sparc64 users
	must run mergemaster to update their installed /etc/ttys.

20030125:
	The scheduler framework has grown a second scheduler and consequently
	you must specify one and only one scheduler in your kernel config.
	The cvs config files have been updated to use the old scheduler
	which may be selected via 'options SCHED_4BSD'.  If you would like
	to try the new, much more experimental, scheduler please try
	'options SCHED_ULE' and contribute to the arch@ discussion.

20030115:
	A new version of the wi driver has been imported into the tree.
	One now must have device wlan in the config file for it to operate
	properly.

	In addition, there have been some changes to how wi devices are
	configured for point to point links to bring it more in line
	with the former way of doing things, as well as compatibility
	with NetBSD.

20021222:
 	For a period after the GCC 3.2.1 import (from 12/04 to 12/22), GCC
 	used an incompatible form of ABI for returning structures and unions
 	which FreeBSD's GCC maintainers were not aware of relative to previous
 	versions of FreeBSD.  We have gone back to the ABI for now, and any
 	code compiled which is required to interoperate with other code (not
 	built at the same time) returning structs or unions should be 
	rebuilt.

20021216:
	A name change in /etc/netconfig has been reverted to stay
	compatible with suns TIRPC and also with NetBSD. You need
	to run mergemaster after make world. A new libc does still work
	with an outdated /etc/netconfig for some time, but you'll get
	a warning. This warning will be removed in 20030301.

20021202:
	The recent binutils upgrade marks a kernel flag day on
	sparc64: modules built with the old binutils will not work
	with new kernels and vice versa. Mismatches will result in
	panics.  Make sure your kernel and modules are in sync.

20021029:
	The value of IPPROTO_DIVERT has changed.  Make sure to keep
	your kernel, netstat, natd and any third-party DIVERT
	consumers in sync.

20021024:
	Old, compatibility slices have been removed in GEOM kernels.
	This means that you will have to update your /etc/fstab to
	not use disk devices of the form /dev/ad0a.  Instead, you
	now must specify /dev/ad0s1a, or whatever slice your FreeBSD
	partition really is on.  The old device names have gone
	away, so if you use them anywhere else, you must also adjust
	those uses.  (This doesn't affect the disks formatted in
	the ``dangerously-dedicated'' mode.)

20021023:
	Alphas with kernels from between 20020830 and 20021023 and/or
	rtld (ld-elf.so.1) older than 20021023 may experience problems
	with groff while doing a buildworld (kernel: "out of memory",
	fixed in rev 1.129 of kern/imgact_elf.c; rtld: "too few PT_LOAD
	segments", fixed in rev 1.8 of libexec/rtld-elf/map_object.c).

	So, to successfully upgrade your Alpha, you must either
	upgrade your kernel and rtld first (which might be a bit
	tricky), or avoid running the bootstrapped groff during the
	"transitional" buildworld.  To avoid running groff during the
	transitional upgrade run make buildworld with -DNOMAN,
	-DNO_SHAREDOCS, and -DNO_LPR.

20020831:
	gcc has been upgraded to 3.2.  It is not all binary compatible
	with earlier versions of gcc for c++ programs.  All c++
	programs and libraries need to be recompiled.

	Also, if you encounter g++ issues, rm /usr/include/g++/* before
	doing an installworld to make sure that stale files are removed.

20020827:
	Our /etc/termcap now has all the entries from the XFree86 xterm
	almost unchanged. This means xterm now supports color by default.
	If you used TERM=xterm-color in the past you now should use
	TERM=xterm. (xterm-color will lead to benign warnings).

20020815:
	A "bug" in gcc(1) that was hiding warning in system headers was
	fixed.  It's probably time to add -DNO_WERROR to your make line
	again.

20020729:
	COPY is being deprecated.  The 20010530 change was reverted, as
	it causes far more pain than was expected, and to always compare
	before installing, please use INSTALL="install -C" again.  The
	-C option is now silently ignored when used with the -d option.

20020702:
	Problems with libc_r clients like KDE and GNOME have been resolved.
	There are still some minor problems with some signals but the 
	system is stable enough for general use again. SMP is less so than UP
	but each can successfully complete multiple buildworlds.
	Libkvm needs to be recompiled due to KSE.

20020701:
	Now would be a bad time to upgrade.  Something in or near the
	KSE commit totally broke programs using libc_r like KDE and
	GNOME.

20020511:
	The k5su utility installed as part of Kerberos 5 is no longer
	installed with the set-user-ID bit set by default.  Add
	ENABLE_SUID_K5SU=yes to /etc/make.conf to have it installed
	with the set-user-ID bit set.

20020510:
	Gcc 3.1 debugging format (cc -g) has changed from STABS to DWARF2.
	Unfortunately our native GDB (at version 4.18) does not understand
	the DWARF2 debugging format.  Thus you must use `gcc -gstabs+' to
	generated debugging information for our native GDB.

20020510:
	Due to the way CVS works, it may not properly update src/contrib/gcc
	to the 3.1 sources.  The easiest fix is to `rm -rf' src/contrib/gcc
	and then do a cvs update.

20020421:
	When exec'ing set[ug]id executables, the kernel now ensures that the
	stdio file descriptors (0..2) are open.  See FreeBSD-SA-02:23.stdio.

20020404:
	New sendmail startup scripts have been installed to make it
	easier to use alternative MTAs with FreeBSD.  Setting the rc.conf
	variable sendmail_enable to "NO" no longer prevents any sendmail
	daemons from starting.  Instead, either set sendmail_enable to
	"NONE" or change mta_start_script to a script for starting
	an alternative MTA.  Setting mta_start_script to "" will
	also prevent any MTA from being started at boot.

20020403:
	UCONSOLE is no longer a valid kernel option.

20020315:
	FreeBSD 5.0 DP-1 was basically branched today.

20020225:
	Warnings are now errors in the kernel.  Unless you are a developer,
	you should add -DNO_WERROR to your make line.

20020217:
	sendmail 8.12.2 has been imported.  The sendmail binary is no
	longer a set-user-ID root binary and the infrastructure to support
	command line mail submission has changed.  Be sure to run
	mergemaster (especially for updating /etc/rc, /etc/defaults/rc.conf,
	and /etc/mail) and read /etc/mail/README for more details.

	Due to the import of sendmail 8.12.2, a new user and group are
	required in order for sendmail to run as a set-group-ID
	binary.  A 'make installworld' will use the new user and group
	to set the owner and group of /var/spool/clientmqueue and will
	fail if the new user and group do not exist.  The 'smmsp' user
	and group must be merged from src/etc/group and
	src/etc/master.passwd before using 'make installworld'.
	'mergemaster -p' will do this.  You may need to install
	mergemaster before this will work if you are updating from a
	very old version of current.  The updating recipe has changed
	as of this date.

20020112:
	The preferred configuration method for PAM is now /etc/pam.d/
	rather than /etc/pam.conf.  If you have an unmodified
	pam.conf, just delete it after your next mergemaster run.  If
	you have local modifications, you can use
	/usr/src/etc/pam.d/convert.pl to incorporate them into your
	/etc/pam.d.

	Please see the following url for more details:
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<xzp6667fyoa.fsf@flood.ping.uio.no>
20011229:
	If anyone here is already using the new rc.conf(5) variable
	networkfs_types, please note that it has changed
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<9744.1009655556@axl.seasidesoftware.co.za>

20011220:
	sys/i4b/driver/i4b_ispppsubr.c has been retired.  This file
	started out its life in the ISDN4BSD project as an offspring
	from sys/net/if_spppsubr.c, which eventually got a life of its
	own.  All the accumulated features and bugfixes of the i4b
	version have now been merged back into the base system's
	version now.  The only user-visible change resulting from this
	is that i4b's sppp(4) interfaces are to be managed with
	spppcontrol(8) again, since ispppcontrol(8) has been retired
	as well.  (There has never been rc file support for
	ispppcontrol in -current, but only in -stable.  That will be
	reverted by the time the changes are MFCed.)

20011215:
	The fdc(4) driver has been updated and now automatically
	recognizes media in `standard' formats (like 1440 KB and
	720 KB for a 3.5" high-density drive) when accessing the
	default device node (e. g. /dev/fd0).  The old variety of
	floppy device nodes /dev/fd*.* is no longer present by
	default, devices can be created (in DEVFS) on demand.  They
	will need to be customized then for `odd' densities using
	fdcontrol(8).

20011209:
	The bugs in procfs' debugging support code have been fixed,
	and truss(1) now works again.

20011207:
	Daily security checks have been split out to use the periodic(8)
	scripts.  Some change in configuration may be necessary.  Please
	see 
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<20011207155805.R8975@blossom.cjclark.org>
	for details.

20011204:
	sos added VCD/SVCD support to ata driver and that needs the
	kernel and burncd to be in sync.

20011203:
	The procfs pseudo-filesystem has now been converted to use the
	pseudofs framework.  If you have 'options PROCFS' in your
	kernel config, you'll need to add 'options PSEUDOFS' if it's
	not there already.

	This change temporarily breaks truss(1); use ktrace(1) instead
	until the issue has been resolved.

20011202:
	A security hole in OpenSSH involving `UseLogin yes' has been
	patched.

20011126:
	You need to remove /usr/obj/.../usr.bin/tip before rebuilding
	after this date.  You need to do this only once.

20011103:
	Most of the awk issues have been resolved.  Some rough
	edges may be left, but for the most part things should be
	back to "normal." For CURRENT's usual definition of "normal."

20011030:
	Awk has been upgraded to the one true awk from bell labs.  Expect
	choppy waves in the upgrade process.

20011030:
	The asr driver problem has been resolved.

20011027:
	Due to changes in other parts of the system, the asr driver
	now causes the system to panic on boot.  Do not use it pending
	correction.  Comment it out of any kernel config file that you
	try to use from this date forward.

20011025:
	When crossbuilding, use TARGET=xxx where you used to use
	MACHINE=xxx.  You don't need to set TARGET_ARCH and TARGET,
	unless you are changing both of them.  To cross build pc98 on
	an alpha, for example, you need to set TARGET=pc98 and
	TARGET_ARCH=i386.

20011001:
	The kernel interface that burncd depends on has changed.
	You must recompile both the kernel and userland applications
	at the same time.

20010929:
	When crossbuilding, please set TARGET_ARCH rather than
	MACHINE_ARCH to indicate the target.  In the future, one will
	set TARGET_MACHINE where you set MACHINE now.  At the moment,
	setting MACHINE alone for same MACHINE_ARCH machines works
	(eg, you can build pc98 on an i386 machine and vice versa).

20010927:
	Some weird problems result from using ACPI on some machines.
	To disable ACPI you can add
		hint.acpi.0.disabled="1"
	to /boot/loader.conf (or by putting set X=Y at the boot
	loader "ok" prompt).

	Alternatively, you can remove it from /boot/kernel/acpi.ko
	or use the MODULES_OVERRIDE function in your kernel config
	file and not list acpi in that list.

20010924:
	The buildworld has been fixed.  You may need to install
	the 4.x compatibility libraries for some old binaries
	to work.  Add COMPAT4X=true to your /etc/make.conf to
	get them installed on every installworld, or execute the
	following to get them installed only once:
		cd src/lib/compat/compat4x.<arch>
		make all install
	You will see ``__stdoutp undefined'' until you do this.

20010919:
	There's a bug in the world build process.  The cross-tools
	are build with the NEW headers, but the OLD libc.a.  This
	leads to all kinds of problems with the new libc.  A temporary
	workaround is to add
		CFLAGS="-O -pipe -D_OLD_STDIO"
	before building world when upgrading from 4.x to current.  This
	can be removed afterwards.

	A proper fix to the buildworld target is needed.

20010918:
	Peter has committed his new kthread nfs client/server code.
	NFS may be unstable after this date.

20010912:
	KSE has hit the tree.  Lots of things are now different in
	the kernel.  While a few problems were introduced in the
	initial commit, most of the major ones have been found and
	corrected.

20010901:
	In OLDCARD, CardBus bridges appear to be stable.  The work
	arounds described in the 20010604 entry are now no longer
	necessary and will be ignored.  Most insert/remove problems
	have been rectified around this date.

20010823:
 	named now runs as user bind and group bind rather than as 
 	root.  If named_enable is set to YES in /etc/rc.conf, ensure 
 	that user bind is available in /etc/passwd (using vipw(8)) 
 	and that group bind is available in /etc/group.  Also make 
 	sure that user or group bind has read (and not write) 
 	permission for your name server configuration and that it 
 	has read and write permission for your slave zone files and 
 	directory.
 
 	If you wish to continue to run named as root (a less secure 
 	alternative), add a line to /etc/rc.conf saying
 
 		named_flags=

20010709:
	The PAM libraries have had an API upgrade that is beyond
	the ability of the shared library major number to handle.
	It is manifested by PAM-using ports dumping core. The
	solution is to rebuild those ports.

20010628:
	The kernel compile module has moved from src/sys/compile/FOO
	to src/sys/${MACHINE}/compile/FOO.

20010625:
	The pccard modem issue from 20010613 has been corrected.
	OLDCARD support is still a little weak in -current.  slot 1 is
	known not to work on some TI based cardbus bridges.  Some
	cardbus bridges do not properly detect insert/removal events.
	IRQ configuration needs more safety belts.

20010617:
	Softupdates problems have been corrected.

20010614:
	Peter ripped out the linkerset support.  You must, as always,
	rerun config after you cvsup if you are using the traditional
	kernel building methods.

20010613:
	pccard modems may not work with current after 20010604 date.  Some
	do, others result in panics.  *MAKE*SURE* that you update your
	config and /etc/rc.conf ala the 20010604 entry, or you will have
	problems (this issue will be fixed, it just hasn't been yet).

20010613:
	SOFTUPDATES seem to be broken since the middle of May or so.  Do not
	use them in current.  You can disable softupdates on all mounted
	partitions, or remove SOFTUPDATES the kernel config file.

20010612:
	After Peter's commits to the hints code, people have been noticing
	that certain devices are attached (or try to) twice.  This is due
	to having both static hints as well as a /boot/device.hints.  To
	work around this issue, please use only one or the other mechanism
	until this bug is fixed.

	Please note that a feature of config is that if you have config
	file FOO and FOO.hints, it automatically adds FOO.hints to the
	hints.c file, whether you want it to or not.

20010610:
	Locale names have changed to match other systems better.

20010604:
	pccard support for pci cards has been committed.  You must change
	your /etc/pccard.conf irq lines.  It must match the irq used by
	pcic device.  Interrupt storms may result if you fail to do this.
	Interrupt storms look a lot like a hang.

	You must also install a new pccardd, otherwise you will get an
	interrupt storm at card reset time (just after it tells you what
	it is).

	pccardd_flags="-I" is necessary for the time being.  It tells pccardd
	not to ask the kernel if the interrupt is really free or not before
	using it.  You can either change the /etc/pccard.conf irq lines to
	match pcic, or add "-i X" to the pccardd_flags.

20010530:
	INSTALL=install -C is being deprecated.  If you want to do this,
	use COPY=-C instead.  The former method will be supported for only
	a limited time.  If you see

install: warning: the -d and -C options may not be specified together

	in your makeworld, then you need to migrate towards using
	COPY=-C.

20010525:
	It appears that vm is now stable enough to use again.  However,
	there may be other problems, so caution is still urged.  alpha
	definitely is in bad shape.

20010521:
	Minor repo damage has happened.  This may cause problems
	with cvsup of ports.  If you get errors, please see
	http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27495
	at the bottom for details on a workaround.  The error message
	is
Updater failed: Cannot delete "/usr/ports/www/jakarta-tomcat/files": Directory not empty

20010520:
	Vm and/or swapping are busted on -current.  Please be patient.

20010519:
	pccard has had much reorganizational work done to it over
	the past few days.  Everything should still work, but if
	not, please contact imp@freebsd.org.

20010517:
	ata ioctl changed.  Make sure to recompile both kernel and
	userland at the same time.

20010517:
	New ncurses imported.

20010512:
	DEVFS is now opt out, not opt in.  Barring major problems, this
	will be the only way to go starting July 1.

20010504:
	OpenSSH has been updated to 2.9.  Some defaults are different,
	including RhostsRSAAuthentication, which changes from yes to no.

20010502:
	Perl breakage in 20010501 was corrected at 14:18:33 PDT.

20010501:
	Building perl was broken at 02:25:25 PDT.

20010430:
	The bug in 20010429 was corrected at 07:35:37 PDT.  It is safe to
	go back in the water.

20010429:
	A bad bug was committed at 04:48:42 PDT.  Don't use kernels after
	this date, but before the correction date.

20010423:
	old fsck and new kernel interactions appear to have been fixed.

20010411:
	fsck and the kernel were changed to handle some optimizations
	to directory layout.  This breaks backward compatibility.
	Update only if you understand that you must not use the old
	fsck with the new kernel ever.

20010330:
	fsck has changed the meaning of the pass column in /etc/fstab.
	Please see the cvs commit to fsck.8 or the fsck.8 man page for
	details.  It is unclear if changes to /etc/fstab are necessary.

20010319:
	portmap had changed name to rpcbind for maximum POLA in your
	current world.  /etc/hosts.{allow,deny} needs changes.  nfs and
	other rpc based programs that rely on portmapper will not work
	without updates to /etc/hosts.{allow,deny} and /etc/netconfig.

20010315:
	ata subsystem changes.  ATA_ENABLE_ATAPI_DMA, ATA_ENABLE_WC
	and ATA_ENABLE_TAGS are no longer kernel options.  They have
	been replaced by tunables.  See ata.4 for details.

20010312:
	The fxp driver was converted to use miibus.  If you compile
	fxp into your kernel statically, you will need to add miibus.

20010312:
	The wi device now defaults to BSS (infrastructure) mode
	instead of ad-hoc.

20010310:
	/dev/urandom should be a symbolic link to /dev/random now.
	Users of current not using DEVFS need to run MAKEDEV std.
	ssh might not work if you don't.

20010303:
	The ed driver has been updated.  It now allows mii attachments,
	which means that you must include the miibus in your kernel if
	you use the ed driver.

20010220:
	The problems with libc have been corrected.  It is now mostly
	safe to go back into the water.

20010211:
	The size of FILE was changed.  This breaks upgrading.  If
	you must upgrade, be prepared for pain.  It also breaks almost
	all binaries that you've compiled on -current.  You are warned
	that before upgrading would be a good time to do a level 0
	dump of your system.  No, really, I mean it this time.

	To get to the new system, you'll need to use the following
	workaround.  Hopefully this can be sorted out so that we
	don't have to move this to the updating section.

	To get around the installworld problem, do:
		# cd /usr/src/usr.bin/sed
		# make install
		# cd /usr/src
		# make installworld
	If that doesn't work, then try:
		# make -k installworld
		# make installworld

20010207:
	DEVFS is now the default.  If you use vinum, make sure that you
	do not include devfs in your kernel as problems result.

20010205:
	FFS_ROOT and CD9660_ROOT have been removed or deprecated.
	Remove them from your config.

20010122:
	****************************** WARNING ******************************
			buildkernel has been changed slightly
	****************************** WARNING ******************************
	KERNCONF replaces the variable KERNEL for buildkernel.  You
	should update your scripts and make.conf accordingly.

20010119:
	config has changed to allow DEV_FOO as a replacement for NFOO.
	This requires a new config to build correctly.

20010116:
	The kernel option I386_CPU is now mutually exclusive with the
	other cpu types. If you have an i386 system, be sure that it
	only had this line.  Remove it for all other configurations.

20010110:
	Changes to the kernel require it and burncd be in sync.

20010102:
	Everyone who has hw.sndunit set to something in
	/etc/sysctl.conf, it is now hw.snd.unit.

20010101:
	ex and vi were broken by some changes to sys/queue.h.  If you
	have a bad vi, you will see make buildworld fail with a core
	dump while building termcap.  You can work around this problem
	by adding -k to your make buildworld.  This will cause the
	build to complete and install a new vi.  Once that's done, you
	can rebuild again without the -k to pick up anything that
	might have been ignored by the -k option.

	Others have suggested that you can just rebuild libc if your
	vi/ex is dynamically linked, but I've not received any reports
	of this working.

20001228:
	There have been some changes to libcrypt in -current.  The
	libscrypt/libdescrypt symlink silliness is gone and the installed
	libcrypt is fully functional.  Be aware of this.

20001218:
	Linksys Fast Ethernet PCCARD cards supported by the ed driver
	now require the addition of flag 0x80000 to their config line
	in pccard.conf(5).  This flag is not optional.  These Linksys
	cards will not be recognized without it.

20001205:
	Important new FreeBSD-version stuff: PAM support has been worked
	in, partially from the "Unix" OpenSSH version.  This requires
	adding the following in pam.conf:
  
	sshd    auth    sufficient      pam_skey.so
	sshd    auth    required        pam_unix.so         try_first_pass
	sshd    session required        pam_permit.so

20001031:
	cvs updated to 1.11.

20001020:
	The random device needs more entropy, so you need to make sure
	that you've run mergemaster to get a /etc/rc which will seed
	/dev/random.  If you don't and the system hangs after ldconfig,
	then banging on the keyboard randomly until it unhangs is one
	workaround.

20001010:
	****************************** WARNING ******************************
				Sendmail has been updated.
	****************************** WARNING ******************************
	o mail.local(8) is no longer installed as a set-user-id binary.
	o sendmail(8) is now built with STARTTLS support unless NO_OPENSSL
	  is set.
	o The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY
	  commands.
	o Now using sendmail's version of vacation(1).
	o The sendmail cf building tools (contrib/sendmail/cf) are installed
	  in /usr/share/sendmail/cf.
	o sendmail.cw changed to local-host-names

	More details can be found at
		http://people.freebsd.org/~imp/UPDATING/sendmail-20001010

20001009:
	The ports tree's new layout is in place.  Be sure to update
	your entire ports tree, or you will have problems.

20001006:
	The perl build procedure no longer installs miniperl, nor uses
	the installed miniperl.  It is recommended that you delete
	/usr/bin/miniperl.

20001005:
	This weekend the ports tree will be updated to a new layout.
	It will be in an inconsistent state until noted in the UPDATING
	file, or with asami-san's message to the relevant mailing
	lists.  With this new layout, you'll need to update the whole
	tree for anything to work.

20000928:
	There was a change in the passwd format.  Need more information.

20000916:
	/boot/kernel/kernel.ko -> /boot/kernel/kernel change has taken
	place.  Please update boot loader (not the boot blocks) at the
	same time as your kernel.

20000914:
	The new pmtimer device is necessary for laptops.  Failure to
	include the device will cause suspended laptops losing time
	when they resume.  Include
		device		pmtimer
	in your config file and
		hint.pmtimer.0.at="isa"
	to your /boot/device.hints file.

20000911:
	The random device has been turned into a (pseudo-)device,
	rather than an option. The supplied kernel config files have
	been updated. You will need to do something similar in your
	own kernel config file.
	Remove:
		options		RANDOMDEV
	Add:
		device		random
	If you prefer to load the loadable module, you need to do
	nothing.

20000909:
	The random device module has been renamed from randomdev.ko to
	random.ko. You will need to edit your /boot/loader.conf to
	reflect this if you load this module at boot time.
	The line should read:
		random_load="YES"

20000907:
	The SMPNG commit has happened.  It should work, but if it
	doesn't, fallback to the PRE_SMPNG CVS tag.  There are likely
	to be a variety of minor issues.  Please see 20000905 to make
	sure you don't have model loading problems which might at
	first blush appear related to SMP.

20000906:
	nsswitch has been imported from NetBSD.  Among other things,
	this means that /etc/host.conf is no longer used.  See
	nsswitch.conf(5) instead.  Note that at boot time rc.network
	will attempt to produce a new nsswitch.conf file for you if you
	don't have one, and you have host.conf.

20000905:
	The ucred structure changed size.  This breaks the interface
	that mountd uses.  Trying to use an older mountd with a newer
	kernel guarantees a panic.  This means that you need to use
	kernels newer than today only with matching mountd, but you
	needed to do that anyway with the boot loader changes.

20000905:
	The boot loader has been updated.  The new default kernel is
	now /boot/kernel/kernel.ko.  The new default module location
	is /boot/kernel.

	You *MUST* upgrade your boot loader and kernel at the same time.
	The easiest way to do this is to do the buildworld/buildkernel/
	installkernel/installworld dance.

	Furthermore, you are urged to delete your old /modules directory
	before booting the new kernel, since kldload will find stale
	modules in that directory instead of finding them in the correct
	path, /boot/kernel.  The most common complaint that this cures
	is that the linux module crashes your machine after the update.

	if [ ! -d /boot/kernel.old ]; then
		mv /modules.old /boot/kernel.old
		chflags noschg /kernel.old
		mv /kernel.old /boot/kernel.old/kernel.ko
		chflags schg /boot/kernel.old/kernel.ko
	fi

20000904:
	A new issue with the sendmail upgrade has come to light.
	/etc/aliases has moved to /etc/mail/aliases.  Mergemaster will 
	incorrectly install the default aliases in /etc/mail rather than
	move the old one from /etc.  So you'll need to manually move the
	file, create a symbolic link, remove the old /etc/aliases.db and
	run newaliases.  For safety sake, you should stop sendmail
	while doing this and run the upgrade when locally sourced email
	is not likely to be generated.

20000825:
	/boot/device.hints is now required for installkernel to
	succeed.  You should copy GENERIC.hints for your architecture
	into /boot/device.hints.  If and only if you compile hints
	into your kernel, then this file may be empty.  Please note,
	if you have an empty or missing /boot/device.hints file and
	you neglected to compile hints into your kernel, no boot
	messages will appear after the boot loader tries to start the
	kernel.

20000821:
	If you do NOT have ``options RANDOMDEV'' in your kernel and
	you DO want the random device then add randomdev_load="YES" to
	/boot/loader.conf.

20000812:
	suidperl is now always built and installed on the system, but
	with permissions of 511.  If you have applications that use
	this program, you are now required to add ENABLE_SUIDPERL=true
	to /etc/make.conf.  If you forget to do this,
		chmod 4511 /usr/bin/suidperl
	will fix this until the next build.

20000812:
	sendmail has been updated from 8.9.3 to 8.11.0.  Some of the more
	visible changes that may immediately affect your configuration
	include:
	- New default file locations from src/contrib/sendmail/cf/README
	- newaliases limited to root and trusted users
	- MSA port (587) turned on by default
	- New queue file naming system so can't go from 8.11 -> 8.9
	- FEATURE(`rbl') renamed to FEATURE(`dnsbl')
	- FEATURE(`nullclient') is more full featured
	- FEATURE(`nouucp') requires an argument: `reject' or `nospecial'
	- mail.local FreeBSD-only -b option changed to -B
	- See src/contrib/sendmail/RELEASE_NOTES for more info

20000810:
	suidperl (aka sperl) is no longer build by default.  You must
	specifically define BUILD_SUIDPERL to "true" for it to be build.
	Furthermore, we recommend that you remove /usr/bin/sperl* and
	/usr/bin/suidperl files from your system unless you have a
	specific use for it.

20000729:
	Networking defaults have been tightened.  Anybody upgrading
	/etc/defaults/rc.conf needs to add the following lines to
	/etc/rc.conf if they want to have the same setup
	afterwards (unless the variables already are set, of course):
		# Enable network daemons for user convenience.
		inetd_enable="YES"
		portmap_enable="YES"
		sendmail_enable="YES"

20000728:
	If you have null_load="YES" in your /boot/loader.conf, you
	will need to change that to nullfs_load="YES".

20000728:
	The "installkernel" target has changed slightly. Now even if
	you override KERNEL e.g. 'make installkernel KERNEL=MYKERNEL'
	it will install the MYKERNEL file (built with the buildkernel
	target) as /kernel rather than /MYKERNEL. Those who have
	updated their /boot/loader.conf files to point to /MYKERNEL
	should remove that entry or perform manual rename of /kernel
	to /MYKERNEL.

20000711:
	If you use CVSUP or CTM to get CVS trees, AND you used to get 
	the old crypto files from internat.freebsd.org AND you check
	out files from the CVS tree with the cvs command, please read
		http://people.freebsd.org/~imp/internat.txt
	for details on potential problems that you might have and how
	to get around them.

	If you are merely a mirror, or don't answer yes to each of the
	clauses above, you needn't worry.

20000711:
	/etc/security has been updated to print the inode number of
	setuid programs that have changed.  You will see a large spike
	in the number of changed programs the first time when you run
	mergemaster to get a new /etc/security.

20000710:
	/dev/random now has good entropy collection (from the keyboard
	and sysmouse drivers). Please ensure that either `options
	RANDOMDEV' is present in your kernel config file or that
	`randomdev_load="YES"' is in your /boot/loader.conf. If you do
	not have the /dev/random driver, OpenSSL (and consequently
	lots of crypto tools (like SSH)) will fail with strange
	errors. (see below, 20000624).

	FreeBSD-current is safe again to run Crypto.

20000709:
	phk made the malloc default options AJ.  This may slow things
	down and uncover other latent bugs in the code.  If you need to
	run at full speed, you can disable this by doing the following:
		ln -s aj /etc/malloc.conf

20000706:
	libftpio's version was accidentally bumped a few days ago.  This
	has been corrected.  You may need to remove /usr/lib/libftpio.so.6
	before doing your next buildworld/installworld pair.  It certainly
	won't hurt to remove it before the update procedure.  It will
	break fetch until a new one is built, but ftp can be used in the
	interim if needed.

20000705:
	The crypto packages have changed for the cvsup.  This has been done
	in a backward compatible way, but the old packages will go away at
	some point in the future.  Look at /usr/share/examples/cvsup for
	details.

20000704:
	With the new sys/modules/sound/drivers/*, you will need to
	set SYSDIR until you do an installworld after July 7th.

20000704:
	rc.shutdown and rc will now call the rc.d scripts with start
	or stop.  This may cause some harmless warnings from older
	rc.d scripts that haven't been updated.

20000630:
	The libfetch based version of fetch has gone into the tree.
	Minor problems may result on some of the less popular sites,
	which should be reported to des@freebsd.org.

20000625:
	From approximately this date forward, one must have the crypto
	system installed in order to build the system and kernel.
	While not technically strictly true, one should treat it as
	required and grab the crypto bits.  If you are grabbing CVS
	trees, src-all and cvs-crypto should be treated as if they
	were required.  You should check with the latest collections
	to make sure that these haven't changed.

20000624:
	Mark Murray just committed the first parts of a cleanup of
	/dev/zero, et al.  This is also cleaning up /dev/random.
	The entropy is disconnected, so DO NOT USE VERSIONS OF FREEBSD
	-CURRENT FROM THIS POINT to 2000710 for cryptographic services
	until Mark can merge in the fixes to this work in progress.
	openssh and openssl should not be used to generate keys from this
	date to the completion of the work.

	If you must operate at this reduced level of security, add '
	options RANDOMDEV' to your kernel or modload the randomdev
	module.  You may also need to copy a new MAKEDEV to /dev and
	recreate the random and urandom devices.

20000622:
	The license on the softupdates is now a standard 2 clause
	BSD license.  You may need to remove your symbolic links
	that used to be required when updating.

20000621:
	Scott Flatman <sf@aracnet.com> sent in a decent write-up on
	the config file update procedure.
		http://people.freebsd.org/~imp/config-upd.html
	NOTE: LINT is gone.  It has been replaced with NOTES.  NOTES
	isn't buildable.  However, you can generate a LINT file:
		cd /sys/<ARCH>/conf && make LINT

20000620:
	Binutils 2.10 have hit the tree, or will shortly.  As soon
	as they do, the problem noted in 20000522 will be resolved and
	that workaround will no longer be required.

20000615:
	phk removed the compatibility creation of wd devices in the
	ad driver.  If you haven't done so already, you must update
	your fstab, etc to use the ad devices instead of the wd
	devices.

	In addition, you'll need to update your boot blocks to a
	more modern version, if you haven't already done so.  Modern
	here means 4.0 release or newer (although older releases
	may work).

20000612:
	Peter took an axe to config(8).  Be sure that you read his mail
	on the topic before even thinking about updating.  You will
	need to create a /boot/device.hints or add a hints directive
	to your config file to compile them in statically.  The format
	of the config file has changed as well.  Please see GENERIC or
	NEWCARD for examples of the new format.

	Indirectly, this also breaks USERCONFIG.  Unless a newer entry
	says that it has been fixed, assume that must use the hints mechanism
	in the loader if you need to use a machine with very old ISA cards
	in it.

20000522:
	A new set of binutils went into the tree today.  Anybody
	building a kernel after this point is advised that they need
	to rebuild their binutils (or better yet do a
	buildworld/installworld) before building a new kernel.

	Due to bugs in binutils, using malloc options (eg /etc/malloc.conf
	or MALLOC_OPTIONS env var) J will cause ld to dump core.  It
	is recommended that you don't set this option until the problem
	is resolved.

20000513:
	The ethernet drivers were all updated to clean up the BPF handling.

20000510:
	The problems with boot blocks on the alphas have been corrected.
	This will require some care in updating alphas.  A new libstand
	is requires for the boot blocks to build properly.

20000503:
	Recompile all kld modules.  Proper version dependency info
	is now available.

20000502:
	Modules have been disconnected from the buildworld tree and 
	connected to the kernel building instead.

20000427:
	You may need to build gperf
		cd /usr/src/gnu/usr.bin/gperf && make depend all install
	when upgrading from 4.0 -> current.  The build system now uses
	an option only in -current.

20000417:
	The method that we brand ELF binaries has changed to be more
	acceptable to the binutils maintainers.  You will need to
	rebrand your ELF binaries that aren't native.  One problem
	binary is the Linux ldconfig.  After your make world, but
	before you reboot, you'll need to issue:
		brandelf -t Linux /compat/linux/sbin/ldconfig
	if you have Linux compatibility enabled on your machine.

20000320:
	If you have really bad/marginal IDE drives, you may find they
	don't work well.  Use pio mode instead.  The easiest way to
	cope if you have a problem combination is to add:
		/sbin/sysctl hw.ata.ata_dma=0
	to the start of /etc/rc.conf.

20000319:
	The ISA and PCI compatibility shims have been connected to the
	options COMPAT_OLDISA and COMPAT_OLDPCI.  If you are using old
	style PCI or ISA drivers (i.e. tx, voxware, etc.) you must
	include the appropriate option in your kernel config.  Drivers
	using the shims should be updated or they won't ship with
	5.0-RELEASE, targeted for 2001.

20000318:
	We've entered the traditional post release dumping party.
	Large kernel changes are being committed and are in the
	works.  It is important to keep the systems' klds and kernel
	in sync as kernel interfaces and structures are changing.
	Before reporting kernel panics, make sure that all modules
	that you are loading are up to date.

20000315:
	If you are upgrading from an older version of FreeBSD, you
	need to update your boot blocks as well.  'disklabel -B ad0'
	will do the trick.  This isn't critical until you remove your
	wd device entries in /dev, at which point your system will not
	boot.

20000315:
	4.0 RELEASE shipped.  Please see the 4.0 UPDATING file for how
	to upgrade to 4.0 from 3.x.

COMMON ITEMS:

	General Notes
	-------------
	Avoid using make -j when upgrading.  From time to time in the
	past there have been problems using -j with buildworld and/or
	installworld.  This is especially true when upgrading between
	"distant" versions (eg one that cross a major release boundary
	or several minor releases, or when several months have passed
	on the -current branch).

	Sometimes, obscure build problems are the result of environment
	poisoning.  This can happen because the make utility reads its
	environment when searching for values for global variables.
	To run your build attempts in an "environmental clean room",
	prefix all make commands with 'env -i '.  See the env(1) manual
	page for more details.

	To build a kernel
	-----------------
	If you are updating from a prior version of FreeBSD (even one just
	a few days old), you should follow this procedure. With a
	/usr/obj tree with a fresh buildworld,
	make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
	make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE

	To just build a kernel when you know that it won't mess you up
	--------------------------------------------------------------
	cd src/sys/{i386,alpha}/conf
	config KERNEL_NAME_HERE
	cd ../../compile/KERNEL_NAME_HERE
	make depend
	make
	make install	

	If this fails, go to the "To build a kernel" section.

	To rebuild everything and install it on the current system.
	-----------------------------------------------------------
	# Note: sometimes if you are running current you gotta do more than
	# is listed here if you are upgrading from a really old current.

	<make sure you have good level 0 dumps>
	<maybe fix /etc/fstab>				[7]
	make buildworld
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
	make installkernel KERNCONF=YOUR_KERNEL_HERE
							[1]
	<reboot in single user>				[3]
	mergemaster -p					[5]
	make installworld
	mergemaster					[4]
	<reboot>


	To cross-install current onto a separate partition
	--------------------------------------------------
	# In this approach we use a separate partition to hold
	# current's root, 'usr', and 'var' directories.   A partition
	# holding "/", "/usr" and "/var" should be about 2GB in
	# size.

	<make sure you have good level 0 dumps>
	<boot into -stable>
	make buildworld
	<maybe newfs current's root partition>
	<mount current's root partition on directory ${CURRENT_ROOT}>
	make installworld DESTDIR=${CURRENT_ROOT}
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
	cp /usr/src/sys/${ARCH}/conf/GENERIC.hints \
		${CURRENT_ROOT}/boot/device.hints	# as needed
	make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
	cd /usr/src/etc; make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
	cp /etc/fstab ${CURRENT_ROOT}/etc/fstab 		   # if newfs'd
	<edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
	<reboot into current>
	<do a "native" rebuild/install as described in the previous section>
	<maybe install compatibility libraries from /usr/src/lib/compat>
 	<reboot>	


	To upgrade in-place from 4.x-stable to current 
	----------------------------------------------
	# 5.x uses more space than 4.x.  Also, the location of kernel
	# modules has changed.  If you are installing 5.0 onto a 4.x
	# system, you'll need about 30MB of free disk space on your /
	# partition.  If you have less than this, you may encounter difficult
	# to back out of problems with this procedure.  If /tmp is on
	# the / partition, you may want to completely remove all its content
	# before upgrading, as this can be a common source of shortage of
	# space on /.
	
	<make sure you have good level 0 dumps>
	<maybe fix /etc/fstab>				[7]
	make buildworld					[9]
	make buildkernel KERNCONF=YOUR_KERNEL_HERE	[8]
	cp src/sys/${MACHINE}/conf/GENERIC.hints /boot/device.hints [2]
	make installkernel KERNCONF=YOUR_KERNEL_HERE
	cd src/sys/boot ; make install			[6]
							[1]
	<reboot in single user>				[3]
	mergemaster -p					[5]
	rm -rf /usr/include/g++
	make installworld
	mergemaster					[4]
	<reboot>

	Make sure that you've read the UPDATING file to understand the
	tweaks to various things you need.  At this point in the life
	cycle of current, things change often and you are on your own
	to cope.  The defaults can also change, so please read ALL of
	the UPDATING entries.

	Also, if you are tracking -current, you must be subscribed to
	freebsd-current@freebsd.org.  Make sure that before you update
	your sources that you have read and understood all the recent
	messages there.  If in doubt, please track -stable which has
	much fewer pitfalls.

	[1] If you have third party modules, such as vmware, you
	should disable them at this point so they don't crash your
	system on reboot.

	[2] If you have legacy ISA devices, you may need to create
	your own device.hints to reflect your unique hardware
	configuration.

	[3] From the bootblocks, boot -s, and then do
		fsck -p
		mount -u /
		mount -a
		cd /usr/src
		adjkerntz -i		# if CMOS is wall time
	Also, when doing a major release upgrade, it is required that
	you boot into single user mode to do the installworld.
	For the 4.x -> 5.0 upgrade, you will also see many messages about
	needing to recompile your userland.  These are harmless and can
	be ignored while you proceed to the next step.

	[4] Note: This step is non-optional.  Failure to do this step
	can result in a significant reduction in the functionality of the
	system.  Attempting to do it by hand is not recommended and those
	that pursue this avenue should read this file carefully, as well
	as the archives of freebsd-current and freebsd-hackers mailing lists
	for potential gotchas.

	[5] Usually this step is a noop.  However, from time to time
	you may need to do this if you get unknown user in the following
	step.  It never hurts to do it all the time.  You may need to
	install a new mergemaster (cd src/usr.sbin/mergemaster && make
	install) after the buildworld before this step if you last updated
	from current before 20020224 or from -stable before 20020408.

	[6] 4.x boot loader can be used to boot a 5.x system, however
	it is difficult to do that at best.  If you wish to try, then
	you should interrupt the boot and at the ok prompt type:
		ok unload
		ok boot /boot/kernel/kernel
	If this fails to work, you must install a new boot loader as
	described here.

	[7] Before you upgrade, please make sure that you are not using
	compatibility slices.  These are device names of the form, on i386
	and other architectures that use MBR slicing, /dev/ad0a without the
	actual slice name.  Chances are excellent that these will break.
	You generally must update these entries to use the post FreeBSD
	2.x form of /dev/ad0s1a.

	[8] In order to have a kernel that can run the 4.x binaries
	needed to do an installworld, you must include the COMPAT_FREEBSD4
	option in your kernel.  Failure to do so may leave you with a system
	that is hard to boot to recover.

	[9] When checking out sources, you must include the -P flag to have
	cvs prune empty directories.
FORMAT:

This file contains a list, in reverse chronological order, of major
breakages in tracking -current.  Not all things will be listed here,
and it only starts on March 15, 2000.  Updating files can found in
previous releases if your system is older than this.

Copyright information:

Copyright 1998, 2002 M. Warner Losh.  All Rights Reserved.

Redistribution, publication, translation and use, with or without
modification, in full or in part, in any form or format of this
document are permitted without further permission from the author.

THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED.  IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

If you find this document useful, and you want to, you may buy the
author a beer.

Contact Warner Losh if you have any questions about your use of
this document.

$FreeBSD$