OpenBSD 4.3 发行版本

OpenBSD 4.3 发行版本:

将要发布于2008年5月1日
版权 1997-2008, Theo de Raadt.
ISBN 978-0-9784475-1-9
4.3 主题歌:“Home to Hypocrisy”

获得此版本的文件:

从我们的订购系统购买 CDROM。
从镜像站点的 FTP 页面中选择合适的镜像。
进入镜像站点的 pub/OpenBSD/4.3/ 目录。
简要阅读本文档的剩余部分。
阅读 4.3 勘误表获得问题列表和背景。
阅读 4.2 与 4.3 之间的详细修改记录。

说明: 所有相关的版权和荣誉声明在 src.tar.gz，sys.tar.gz 和 xenocara.tar.gz 文件中，或在通过 ports.tar.gz 下载的文件中。由于空间不足，用于构建 ports.tar.gz 文件中的程序包的发行文件并未包括在 CDROM 中。

新特性

以下是 OpenBSD 4.3 中新特性和新系统功能的部分列表。完整的列表位于 4.3 的修改记录中。

新增/扩展的构架平台:
- OpenBSD/sparc64
  支持 SMP。除了 Sun Enterprise 10000 之外，应该可以在所有受支持的 sparc64 平台运行 SMP 内核。
- OpenBSD/hppa
  现在已经支持 K-class 服务器，例如 K200 和 K410。
- OpenBSD/mvme88k
  在 MVME188 和 MVME188A 系统中支持 SMP。
  现在支持 88110 处理器，MVME197LE/SP/DP 主板。
- OpenBSD/sgi
  包含许多新驱动，然而内核需要一个重要的刊误修正。
更新了硬件支持, 包括:
- The bge(4) driver now supports BCM5906/BCM5906M 10/100 and BCM5755 10/100/Gigabit Ethernet devices.
- The cas(4) driver now supports Cassini+ 10/100/Gigabit Ethernet devices.
- The em(4) driver now supports ICH9 10/100 and 10/100/Gigabit Ethernet devices.
- The gem(4) driver now supports the onboard 1000base-SX interface on the Sun Fire V880 server.
- The ixgb(4) driver now supports the Sun 10Gb PCI-X Ethernet devices.
- The msk(4) driver now supports Yukon FE+ 10/100 and Yukon Supreme 10/100/Gigabit Ethernet devices.
- The nfe(4) driver now supports MCP73, MCP77 and MCP79 10/100/Gigabit Ethernet devices.
- The ral(4) driver now supports RT2800 based wireless network devices.
- The cmpci(4) driver now supports CMI8768 based audio adapters.
- The it(4) driver now supports ITE IT8705F/8712F/8716F/8718F/8726F and SiS SiS950 ICs. Watchdog timer functionality added.
- The mfi(4) driver now supports Dell CERC6/PERC6 and LSI SAS1078 RAID controllers.
- The viapm(4) driver now supports the VIA VT8237S south bridges SMBus controller.
- Support for hotplugging ExpressCard devices has been added.
- New amdpcib(4) driver for the AMD-8111 series LPC bridge and timecounter on amd64.
- New pctr(4) driver for the CPU performance counters on amd64.
- New bwi(4) driver for the Broadcom AirForce IEEE 802.11b/g wireless network device.
- New envy(4) driver for the VIA Envy24 audio device.
- New et(4) driver for the Agere/LSI ET1310 10/100/Gigabit Ethernet device.
- New etphy(4) driver for the Agere/LSI ET1011 TruePHY Gigabit Ethernet PHY.
- New amdpcib(4) driver for the AMD-8111 series LPC bridge and timecounter on i386.
- New glxpcib(4) driver for the AMD CS5536 PCI-ISA bridge with timecounter, watchdog timer, and GPIO on i386.
- New iwn(4) driver for the Intel Wireless WiFi Link 4965AGN IEEE 802.11a/b/g/Draft-N wireless network device.
- New msts(4) line discipline to interface the Meinberg Standard Time String devices to provide a timedelta sensor.
- New gbe(4) driver for the SGI Graphics Back End (GBE) Frame Buffer on sgi.
- New mkbc(4) driver for the Moosehead PS/2 Controller on sgi.
- New power(4) driver for the power button on sgi.
- New ecadc(4) driver for the Environmental Monitoring Subsystem temperature sensor on sparc64.
- New tda(4) driver for the fan controller on the Sun Blade 1000/2000, making these machines much less noisy.
- New spdmem(4) driver retrieves information about memory modules.
- New thmc(4) driver for the TI THMC50, Analog ADM1022/1028 temperature sensor.
- New uchcom(4) driver for the WinChipHead CH341/340 based USB serial adapter.
- New umbg(4) driver for the Meinberg Funkuhren USB5131 radio clock to provide a timedelta sensor.
- New upgt(4) driver for the Conexant/Intersil PrismGT SoftMAC USB IEEE 802.11b/g wireless network device.
- New wbng(4) driver for the Winbond W83793G temperature, voltage, and fan sensor.
- New wbsio(4) driver for the Winbond LPC Super I/O ICs.
- New adl(4) driver for the Andigilog aSC7621 temperature, voltage, and fan sensor.
- The siop(4) driver now supports the (non-PCI) NCR 53c720/770 in big-endian mode.
- New lmn(4) driver for the National Semiconductor LM93 sensor.
新工具:
- snmpd(8), implementing the Simple Network Management Protocol.
- The snmpctl(8) program controls the SNMP daemon.
- The pcidump(8) utility displays the device address, vendor, and product name of PCI devices.
- ldattach(8) is used to attach a line discipline to a serial line to allow for in-kernel processing of the received and/or sent data.
新功能:
- eeprom(8) is now able to display the OpenPROM device tree on systems that have it.
- Support for X11 on sgi has been added.
- The periodic security(8) reports now include package changes.
- The cmpci(4) driver now supports multichannel audio playback if the hardware supports it.
- The auvia(4) driver now supports multichannel audio playback if the hardware supports it.
- The auich(4) driver now supports recording from the microphone as well as full-duplex mode.
- The eso(4) driver now supports recording as well as full-duplex mode.
- The ffs layer is now 64-bit disk block address clean. This means that disks, partitions and filesystems larger than 2TB are now supported, with the exception of statfs(2) and quotas.
- DMA is now enabled for 1-sector devices such as flash drives, providing significant speed improvement.
- Sparc and Sparc64 disklabels now provide automatic recognition of ext2fs partitions.
- Filesystems on USB devices are automatically dismounted if the device is disconnected.
- The configuration of carp(4) load balancing has been vastly simplified.
- fstab(5) entries referring to non-existent mount points are now ignored, allowing subsequent entries to be processed.
- Additional configuration files can now be included in pf.conf(5).
- sppp(4) now has IPv6 support.
- ipsec.conf(5) now supports defining 192 and 256 bit keysizes for AES.
各种改进和代码清理:
- Improved support for an lkm(4) subsystem on amd64.
- ossaudio(3) received several bug fixes and enhancements including but not limited to improved recording and full-duplex support.
- audio(4) received several bug fixes and enhancements including but not limited to improved recording and full-duplex support.
- make(1) was heavily modified, mostly to improve support for parallel build. Parallel builds now run commands in the same way the sequential builds do, and the output from commands is more readable. A large part of the source tree, xenocara, and quite a few ports now build correctly with make -j.
- rcs tools improvements and bug fixes.
- RTM_VERSION was increased so that all routing messages could be modified to include additional fields for upcoming networking features.
- sendbug(1) has stricter comment parsing, to avoid mangling diffs.
- umass(4) devices no longer detect bogus LUNs.
- USB st(4) devices can now successfully disconnect.
- More deviant umass devices accommodated.
- svnd(4) devices now work on block devices.
- disklabel(8) is now aware of NTFS partitions.
- raidctl(8) now correctly handles trailing whitespace in configuration files.
- mt(1) no longer triggers panics when processing the 'rewoffl' command.
- raid(4) devices no longer hang when searching for components during boot.
- sd(4) devices no longer receive spurious SYNCHRONIZE CACHE commands that confuse some hardware.
- sd(4) no longer claim that SYNCHRONIZE CACHE commands are 16 bytes long when they are actually 10 bytes. Some devices took this too literally.
- dhcpd(8) now always issues packets equal or larger than the minimum IP MTU.
- The disklabel(8) -E mode does not allow manual editing of the 'c' partition, which is always set to cover the entire disk.
- The disklabel(8) -E mode does not allow changing the cpg value of a partition.
- The disklabel(8) -E mode command 'r' now displays the list of free chunks on the disk.
- The disklabel(8) -E mode no longer permits assigning arbitrary sizes to FS_BOOT and FS_UNUSED partitions.
- The bge(4) driver problems receiving jumbo frames have been resolved.
- Many dangerous unsigned comparisons with -1 when checking the results of read and write calls have been eliminated.
- The new M_ZERO flag for malloc(9) replaces many malloc+bzero/memset combinations, fixing a number of bugs in memory initialization and shrinking the kernel.
- dhcpd(8) now correctly constructs response packets that use the overflow buffers to store options.
- SCSI drivers are more reliable in MP machines due to better locking around command completion.
- TCP responses to highly fragmented packets are now constructed without risking corruption of kernel memory.
- Sockets now allow 4095 multicast group memberships.
对安装/升级过程的修改:
- All platforms now have serial console support when installing.
- Serial console speed is detected and appropriate /etc/ttys entries automatically created.
- OpenBSD/vax now also has both kinds of install ISO CD images.
- DNS server addresses are remembered if an install is restarted.
- OpenBSD/sgi can now be installed using the glass console.
OpenBGPD 4.3:
- Correctly handle prefixes which would cause a routing loop.
- bgpctl's detailed RIB output shows additional attributes like extended communities or the cluster id list.
OpenNTPD 4.3:
- Handle IP changes of clients more gracefully.
- Log peer and sensor status to syslog if the majority of either is bad, or if a SIGINFO signal is received.
- Allow offsetting of time sensors that have a systematic error.
OpenOSPFD 4.3:
- Equal cost multipath support -- don't forget to set the right sysctls.
- Parser and commandline options are now in sync with bgpd.
relayd 4.3:
- hoststated(8)/hoststatectl(8) were renamed to relayd(8)/relayctl(8).
- Improved configuration grammar for relayd.conf(5).
- Allow to send SNMP traps via snmpd(8) when host states change.
- Improved support for URL filtering and protocol actions.
- Added support for UDP-based DNS relaying with request ID randomisation.
- Various bug fixes, optimisations, and cleanups.
- Improved reload support.
OpenSSH 4.8:
- New features:
  - Added chroot(2) support for sshd(8), controlled by a new option "ChrootDirectory". Please refer to sshd_config(5) for details, and please use this feature carefully.
  - Linked sftp-server(8) into sshd(8). The internal sftp server is used when the command "internal-sftp" is specified in a Subsystem or ForceCommand declaration. When used with ChrootDirectory, the internal sftp server requires no special configuration of files inside the chroot environment. Please refer to sshd_config(5) for more information.
  - Added a protocol extension method "posix-rename@openssh.com" for sftp-server(8) to perform POSIX atomic rename() operations.
  - Removed the fixed limit of 100 file handles in sftp-server(8). The server will now dynamically allocate handles up to the number of available file descriptors.
  - ssh(1) will now skip generation of SSH protocol 1 ephemeral server keys when in inetd mode and protocol 2 connections are negotiated. This speeds up protocol 2 connections to inetd-mode servers that also allow Protocol 1.
  - Accept the PermitRootLogin directive in a sshd_config(5) Match block. Allows for, e.g. permitting root only from the local network.
  - Reworked sftp(1) argument splitting and escaping to be more internally consistent (i.e. between sftp commands) and more consistent with sh(1). Please note that this will change the interpretation of some quoted strings, especially those with embedded backslash escape sequences.
  - Support "Banner=none" in sshd_config(5) to disable sending of a pre-login banner (e.g. in a Match block).
  - ssh(1) ProxyCommands are now executed with $SHELL rather than /bin/sh.
  - ssh(1)'s ConnectTimeout option is now applied to both the TCP connection and the SSH banner exchange (previously it just covered the TCP connection). This allows callers of ssh(1) to better detect and deal with stuck servers that accept a TCP connection but don't progress the protocol, and also makes ConnectTimeout useful for connections via a ProxyCommand.
  - Many new regression tests, including interop tests against PuTTY's plink.
- The following significant bugs have been fixed in this release:
  - SSH2_MSG_UNIMPLEMENTED packets did not correctly reset the client keepalive logic, causing disconnections on servers that did not explicitly implement "keepalive@openssh.com".
  - ssh(1) used the obsolete SIG DNS RRtype for host keys in DNS, instead of the current standard RRSIG.
  - Correctly drain ACKs when a sftp(1) upload write fails midway, avoids a fatal() exit from what should be a recoverable condition.
  - Fixed packet size advertisements. Previously TCP and agent forwarding incorrectly advertised the channel window size as the packet size, causing fatal errors under some conditions.
  - Many more bugfixes. Please refer to the Release Notes.
超过 4,900 个 ports，package 工具的健壮性有所改进。

每种架构都有许多预先构建的包:

i386: 4782
sparc64: 4613
alpha: 4233
sh: 2046

amd64: 4708
powerpc: 4634
sparc: 3159
m68k: 830

arm: 2728
hppa: 3971
vax: 296
mips64: 1897

m88k: 27

一些精彩程序:

Gnome 2.20.3.
GNUstep 1.14.2.
KDE 3.5.8.
Mozilla Firefox 2.0.0.12.
Mozilla Thunderbird 2.0.0.12.
MySQL 5.0.51a.
OpenMotif 2.3.0.
OpenOffice.org 2.3.1.
PostgreSQL 8.2.6.
Xfce 4.4.2.

按照惯例，手册或其它文档也有相应补充和修改。
以下是系统包含的外部提供的重要程序:
- Xenocara (based on X.Org 7.3 + patches, freetype 2.3.5, fontconfig 2.4.2, Mesa 7.0.2, xterm 232 and more)
- Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
- Perl 5.8.8 (+ patches)
- Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
- OpenSSL 0.9.7j (+ patches)
- Groff 1.15
- Sendmail 8.14.1, with libmilter
- Bind 9.4.2 (+ patches)
- Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
- Sudo 1.6.9p12
- Ncurses 5.2
- Latest KAME IPv6
- Heimdal 0.7.2 (+ patches)
- Arla 0.35.7
- Binutils 2.15 (+ patches)
- Gdb 6.3 (+ patches)

如何安装

如果通过购买的 CD 安装，请按照下述指令操作。使用 FTP(或其它安装方式)安装与之类似；CDROM 中的安装是自治的，它会让你知道如果使用购买的 CD 安装是多么方便。

有关安装 OpenBSD 4.3 更详细的信息，请参阅在三张 CD 或相关 FTP 镜像站点中的以下文件:

CD1:4.3/i386/INSTALL.i386
CD2:4.3/amd64/INSTALL.amd64
CD2:4.3/macppc/INSTALL.macppc
CD3:4.3/sparc64/INSTALL.sparc64
FTP:.../OpenBSD/4.3/alpha/INSTALL.alpha
FTP:.../OpenBSD/4.3/armish/INSTALL.armish
FTP:.../OpenBSD/4.3/hp300/INSTALL.hp300
FTP:.../OpenBSD/4.3/hppa/INSTALL.hppa
FTP:.../OpenBSD/4.3/landisk/INSTALL.landisk
FTP:.../OpenBSD/4.3/mac68k/INSTALL.mac68k
FTP:.../OpenBSD/4.3/mvme68k/INSTALL.mvme68k
FTP:.../OpenBSD/4.3/mvme88k/INSTALL.mvme88k
FTP:.../OpenBSD/4.3/sgi/INSTALL.sgi
FTP:.../OpenBSD/4.3/sparc/INSTALL.sparc
FTP:.../OpenBSD/4.3/vax/INSTALL.vax
FTP:.../OpenBSD/4.3/zaurus/INSTALL.zaurus

快速安装仅适合熟悉 OpenBSD 和“disklabel -E”命令用法的人。如果你根本不懂安装 OpenBSD，请参阅上面罗列的相应 INSTALL.* 文件!

OpenBSD/i386:

CD1:4.3/i386/floppy43.fs

使用 CD1:4.3/i386/floppyB43.fs 来制作引导软盘，可以获得更好的 SCSI 支持，或者使用 CD1:4.3/i386/floppyC43.fs 来制作引导软盘，获得更好的笔记本电脑支持。

如果你不能从 CD 或软盘启动的话，还可以用 PXE 通过网络安装，请参阅 INSTALL.i386 文件。

如果计划让 OpenBSD 与另一操作系统共存，双重启动，请参阅 INSTALL.i386 文件。

在 MS-DOS 环境制作启动软盘，请使用位于 CD1:4.3/tools/rawrite.exe 的"rawrite"工具。在 Unix OS 环境制作启动软盘，请使用 dd(1) 工具。下面是使用 dd(1) 的例子，"device"可以是"floppy"，"rfd0c"，或"rfd0a"。

# dd if=<file> of=/dev/<device> bs=32k

请确保你的软盘无坏道，已经正确格式化。否则很可能会安装失败。有关制作启动软盘和安装 OpenBSD/i386 的信息请参阅 FAQ 4.3.1。

OpenBSD/amd64:

CD2:4.3/amd64/floppy43.fs

如果不能从 CD 或软盘启动，可以用 PXE 通过网络来安装，有关信息请参阅 INSTALL.amd64 文件。

如果计划让 OpenBSD 与另一个操作系统共存，双重启动，请参阅 INSTALL.amd64。

OpenBSD/macppc:

OpenBSD/macppc boot

或者在出现 Open Firmware 提示时，输入 boot cd:,ofwboot /4.3/macppc/bsd.rd 。

OpenBSD/sparc64:

boot cdrom

如果这个没用，或没有光驱，你可以把 CD3:4.3/sparc64/floppy43.fs 或 CD3:4.3/sparc64/floppyB43.fs (依赖于你的机器)写入软盘，用它作为启动盘，输入 boot floppy 来启动。详细内容参阅 INSTALL.sparc64。

请确保你的软盘无坏道，已经正确格式化。否则很可能会安装失败。

你也可以将 CD3:4.3/sparc64/miniroot43.fs 写入磁盘中的 swap 分区，然后在启动时输入 boot disk:b 。

如果以上都不行，你可以按照 INSTALL.sparc64 中的描述通过网络来启动安装

OpenBSD/alpha:

将 FTP:4.3/alpha/floppy43.fs 或 FTP:4.3/alpha/floppyB43.fs (依赖于你的机器)写入软盘，用它作为启动盘，输入 boot dva0 来启动。详细内容参阅 INSTALL.alpha。

请确保你的软盘无坏道，已经正确格式化。否则很可能会安装失败。

OpenBSD/armish:

连接串口之后，Thecus 能直接通过网络用 tftp 或 http 启动。使用 fconfig 配置网络，重置之后，加载 bsd.rd，详细信息请参阅 INSTALL.armish 。 IOData HDL-G 只能从 EXT2 格式分区启动。进入 linux，复制"boot"和"bsd.rd"到第一个分区 wd0(hda1)，然后加载和运行 bsd.rd，保留 wd0i(hda1) 上的 EXT2 分区。请参阅 INSTALL.armish 以获得更多信息。

OpenBSD/hp300:

按照 INSTALL.hp300 的相关说明通过网络来启动安装。

OpenBSD/hppa:

按照 INSTALL.hppa 或 hppa 平台的相关说明通过网络来启动安装。

OpenBSD/landisk:

将 miniroot43.fs 写入 CF 卡或磁盘的开始，正常启动后安装。

OpenBSD/mac68k:

正常启动 MacOS，将 FTP:4.3/mac68k/utils 下的程序 “BSD/Mac68k Booter” 解压到硬盘。用 bsd.rd 内核文件的位置配置 “BSD/Mac68k Booter”，启动后进入安装程序。更多相关信息请参阅 INSTALL.mac68k 。

OpenBSD/mvme68k:

可以制作启动磁带或通过网络来安装。
网络启动需要支持 NIOT 和 NBO 调试命令的 MVME68K BUG 版本。更多相关信息请参阅 INSTALL.mvme68k 。

OpenBSD/mvme88k:

可以制作启动磁带或通过网络来安装。
网络启动需要支持 NIOT 和 NBO 调试命令的 MVME88K BUG 版本。更多相关信息请参阅 INSTALL.mvme88k。

OpenBSD/sparc:

ok boot cdrom 4.3/sparc/bsd.rd
或
> b sd(0,6,0)4.3/sparc/bsd.rd

如果你的 SPARC 系统没有 CD 驱动器，可以通过将 floppy43.fs 写入软盘，使用软盘来启动安装。更多的信息请参阅 FAQ 4.3.1。根据 ROM 版本的不同，从软盘启动安装需要下面两个命令中的一个。

ok boot floppy
或
> b fd()

请确保你的软盘无坏道，已经正确格式化。否则很可能会安装失败。

如果你的 SPARC 系统没有软驱和 CD，你可以制作可启动磁带，或者通过网络来安装。相关内容在 INSTALL.sparc 中。

OpenBSD/sgi:

将 cd43.iso 刻录到光盘，将其放入光驱中，从系统维护菜单中选择 Install System Software 进行安装。

如果没有光驱，可以通过 DHCP 或 tftp 连接到网络服务器的话，用 bootp()/bsd.rd 来引导启动安装。更多相关信息请参阅 INSTALL.sgi。

OpenBSD/vax:

用 mopbooting 通过网络启动来安装，相关信息请参阅 INSTALL.vax。

OpenBSD/zaurus:

用 Linux 内置的图形化安装程序 ipkg 来安装 openbsd43_arm.ipk 包。重启之后，即可运行。更多信息请参阅 INSTALL.zaurus。

关于源代码的说明:

# mkdir -p /usr/src
# cd /usr/src
# tar xvfz /tmp/src.tar.gz

sys.tar.gz 包含的源代码文件路径开始是 /usr/src/sys。该文件包括了重建内核需要的所有源代码。解压方法:

# mkdir -p /usr/src/sys
# cd /usr/src
# tar xvfz /tmp/sys.tar.gz

这些文件是 CVS 检出格式。可以使用匿名 CVS 服务器基于它们获得最新的版本。基于这些文件更新，比完全重新从 CVS 检出的速度要快得多。

如何升级

如果你已经安装了OpenBSD 4.2，不想重新安装，可以在升级指南中找到升级方法和忠告。

使用 ports 的方法

也提供了 ports 的档案文件。解压方法:

# cd /usr
# tar xvfz /tmp/ports.tar.gz
# cd ports

ports/ 子目录是 OpenBSD ports 版本库检出副本。假如你不了解 ports，请浏览 ports 页面。该文件并非是如何使用 ports 的手册，它只是 OpenBSD ports 系统用户的初级读本。

ports/ 目录是我们从 CVS(如果你不熟悉 CVS，请参阅手册 cvs(1)) 检出的 ports 副本。与我们的代码一样，ports 也可以通过匿名 CVS 服务器更新。因此，为了确保版本是最新的，必须使 ports/ 在可读写的介质中，更新的命令是:

# cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_4_3

[当然，在实际操作时需要将本地目录和服务器名称替换成你的 ports 所在位置和较近的匿名 CVS 服务器。]

注意大部分的 ports 可以通过 FTP 获得预先编译的二进制包。如果发现问题，会为 4.3 版本发布升级包。

如果你有兴趣观察 ports 的变动信息，或者帮助我们，或者只是想获得更多的信息，请加入邮件列表 ports@openbsd.org 。

www@openbsd.org
$OpenBSD: 43.html,v 1.2 2008/05/01 10:01:52 tobias Exp $