Author Archives: Glen Barber

FreeBSD 10.2-RC1 Now Available

The first RC build of the 10.2-RELEASE cycle is now available.

Installation images are available for the amd64, i386, ia64, powerpc, powerpc64, and sparc64 architectures.

FreeBSD/arm SD card images are available for the BEAGLEBONE, CUBOX-HUMMINGBOARD, GUMSTIX, RPI-B, PANDABOARD, and WANDBOARD kernels.

FreeBSD 10.2-RC1 is also available on several third-party hosting providers.

See the PGP-signed announcement email for installation image checksums and more information.

FreeBSD 10.2-BETA2 Now Available

The second BETA build of the 10.2-RELEASE cycle is now available.

Installation images are available for the amd64, i386, ia64, powerpc, powerpc64, and sparc64 architectures.

FreeBSD/arm SD card images are available for the BEAGLEBONE, CUBOX-HUMMINGBOARD, GUMSTIX, RPI-B, PANDABOARD, and WANDBOARD kernels.

FreeBSD 10.2-BETA2 is also available on several third-party hosting providers.

See the PGP-signed announcement email for installation image checksums and more information.

FreeBSD 10.2-BETA1 Now Available

The first BETA build of the 10.2-RELEASE cycle is now available.

Installation images are available for the amd64, armv6, i386, ia64, powerpc, powerpc64, and sparc64 architectures.

Additionally, FreeBSD 10.2-BETA1 is available on several third-party hosting providers.

See the PGP-signed announcement email for installation image checksums and more information.

Another Data Center Site Visit – NYI

No Systems Administrators Were Harmed While Writing This Blog Entry

Mmm...  Freshly-unboxed servers.  There really is nothing better to wake up to in the morning.

Well, okay, coffee.  But new servers - definitely second.

In late April, the FreeBSD Foundation generously purchased more machines to keep the FreeBSD.org infrastructure operating smoothly.  While the new servers are not yet in production (a task the Cluster Administrators will undertake while at BSDCan in June), we have planned far in advance what we intend to do with the new hardware.

In mid-May, I spent several days at our East-Coast US colocation facility, racking, cabling, installing, and configuring the new servers.

As They Say in Real-Estate: Colocation, Colocation, Colocation

The new hardware is located at New York Internet in Bridgewater, New Jersey, who generously provides colocation services to the FreeBSD Project.  They have an amazing staff, and whether we are on-site or working with them through their ticket system, are always friendly, knowledgeable, and of course, helpful.

New Hardware Specs

In total, 14 new SuperMicro-based machines were purchased from iXsystems, for this site. They are all 1U servers, each with four 1TB drives, redundant power supplies, and gigabit ethernet.

Ten of the machines are single-socket Intel(R) Xeon(R) E3-1230 v3 CPUs, running at 3.30GHz (4-core with hyper-threading, providing 8 logical CPU threads), with 32 GB RAM.

Four of the machines are dual-socket Intel(R) Xeon(R) E5-2630 v3 CPUs, running at 2.40GHz (8-core with hyper-threading, providing 16 logical CPU threads per socket, 32 threads total), with 64 GB RAM.

For the Inner Geek in All of Us

No blog post about new hardware would be complete without pictures, right?

This is the front view of the ten single-socket machines:


And this is the back view of the same machines:


(Yes, I really do label each end of the network and serial console cables.)

Then, this is the front view of the four dual-socket machines (sorry for the blurry picture, though):


And the back view of the dual-socket machines:


Last but not Least...

On behalf of the FreeBSD Foundation and the FreeBSD Cluster Administration Team, I would like to thank New York Internet for generously providing the colocation space for our east-coast site, the NYI network operations team for all of their assistance during my visit, and especially all of the community investors that have generously donated to the FreeBSD Foundation.  All of your support is greatly appreciated.

Thank you for helping make FreeBSD better!

From the Trenches, Tips & Tricks Edition: Hacking "/ on ZFS" and GELI Encrypted Drives, the Old-School Way

Glen Barber is back to kick off our latest From The Trenches series: The Tips and Tricks Edition. 

All my personal machines run FreeBSD.

In fact, all my personal machines run FreeBSD-CURRENT. I do this primarily to keep track of changes that get committed to the head branch, so I can personally test changes (for the things I use, at least) before they get merged to the stable branches.

As one of the Release Engineers, I find it essential that, whenever possible, I find issues so they can be corrected before they are part of a release.

My primary work machine is a laptop, currently a Lenovo Thinkpad T540p. I picked this laptop, and all the other laptops before it, because it met my minimum requirements for a primary workstation: it is capable of supporting a large amount of RAM (16GB for my Thinkpad, 8GB for all previous laptops), an Intel Core i7 CPU, and I could replace the DVD drive with a second hard drive.

In addition to these hardware requirements, I also have a few personal requirements of any workstation - the drives must be encrypted, and the underlying filesystem must be ZFS.

For me, it is not so much about the data I have *on* the laptop that I need to protect, but the kinds of things within the FreeBSD Project I am permitted access. Without encrypted drives, a lost or stolen laptop would absolutely be my worst possible nightmare, because I only have my login passphrase protecting my data (GPG key, SSH keys, and so on).

Recent FreeBSD releases allow "/ on ZFS" installation with the option to enable GELI-based encryption. This predates my original installation, however, since each laptop I have purchased for the past several years used the hard drives from the previous laptop. According to zpool history, the installation was at least two and a half years ago, but I know it is much longer than that, because of zfs recv being one of the first things zpool history reports.

So, I needed to do things the old-fashioned way, and manually create the GELI-backed providers and perform the "/ on ZFS" installation myself.

While bsdinstall(8) may now cover the majority of use cases for such installations, there may be cases where someone specifically needs to do something a certain way that the installer does not provide.

Because I only had one hard drive in the system when the system was initially installed (a long time ago), I will only refer to one hard drive when describing the steps I used to perform the installation, for now.

I installed the system using the 9.0-RELEASE or 9.1-RELEASE memory stick installer (memstick.img), I cannot remember which, but that detail is not as important, since I did not use the installer anyway.

When I booted from the memory stick, the two drives recognized on the system were the internal hard drive, /dev/ada0, and the external USB flash drive for the installation, /dev/da0. The first menu screen has three options available: "Install", "Shell", "Live CD".

I selected "Live CD", and logged in as root (no password is necessary for the "Live CD" functionality). The hard drive did not have an operating system. Because I purchased the hard drive, in addition to the laptop, with the intention of replacing the laptop's drive, I did not need to remove any partitions from an existing installation. If I did need to remove partitions, I would have done so with:
# gpart destroy -F ada0
Here is where some technical details become important:
  • While you can install "/ on ZFS" on a drive partitioned with MBR (Master Boot Record), using GPT is far easier. In fact, I have forgotten much about how MBR partitioning is actually done.
  • When doing full disk encryption, you must keep /boot contents separate, otherwise loader(8) and the kernel will not be available when the BIOS hands over control to the operating system. As such, /boot should be given its own partition on the disk left unencrypted, and the rest of the system on its own encrypted partition.
I created four partitions on the drive. The first partition is for the boot blocks (not to be confused with the /boot contents), the second partition is for /boot, the third is for the encrypted system, and the fourth is for swap.
# gpart create -s gpt ada0
# gpart add -t freebsd-boot -s 512k -i 1 -l gptboot ada0
# gpart add -t freebsd-zfs -s 10G -i 2 -l bootfs ada0
# gpart add -t freebsd-swap -s 10G -i 3 -l swapfs ada0
# gpart add -t freebsd-zfs -s 180G -i 4 -l rootfs ada0
I decided to put the swap partition between the /boot partition and the rest of the system, in case I needed to increase or decrease the size of the /boot partition, it would be far easier (and safer) to do.

Then, I loaded the necessary kernel modules for ZFS and GELI:
# kldload /boot/kernel/opensolaris.ko
# kldload /boot/kernel/zfs.ko
# kldload /boot/kernel/geom_eli.ko
Now that GELI functionality is available, I created the backend provider for the ZFS dataset:
# geli init -b -a HMAC/SHA256 -e AES-CBC -l 256 
-s 4096 /dev/ada0p4
Then I attached the GELI provider, and wrote data from /dev/randomto the new device /dev/ada0p4.eli:
# geli attach ada0p4
# dd if=/dev/random of=/dev/ada0p4.eli bs=4096

This took a while on the system this hard drive was originally installed, so I probably got coffee at this point. :-)

When the dd(1) command finished, I continued the installation.

I created temporary directories to use to import the pools after they were created:
# mkdir /tmp/zroot
# mkdir /tmp/zboot
Keep in mind, I am installing from a memory stick image, which by default, is read-only. The /tmp directory is writable, however, because it is a md(4)-backed memory disk filesystem.
# zpool create -O checksum=fletcher4 -O atime=off 
-m /tmp/zboot zboot /dev/ada0p2
# zpool create -O checksum=fletcher4 -O atime=off
-m /tmp/zroot zroot /dev/ada0p4.eli
Then I made a few ZFS datasets for various paths:
# for i in var var/log var/tmp var/db usr usr/home 
usr/compat usr/ports
usr/local tmp; do
zfs create zroot/${i}
done
I also made a separate ZFS dataset for the "bootfs" contents, and set the mountpoint to the /boot directory in the temporary working directory:
# zfs create zboot/boot
# zfs set mountpoint=/tmp/zroot/boot zboot/boot
On the memory stick installation media, the distribution sets are located in /usr/freebsd-dist. I extracted their contents into the newly-created filesystem:
# cd /tmp/zroot
# for i in base kernel lib32; do
tar -xf /usr/freebsd-dist/${i}.txz -C .
done
Then I wrote the bootcode to the first partition of the drive:
# gpart bootcode -b /tmp/zroot/boot/pmbr 
-p /tmp/zroot/boot/gptzfsboot -i 1 ada0
Because the "bootfs" (/boot) and "rootfs" (everything else) are both ZFS, I needed to use the gptzfsboot bootcode for the "freebsd-boot" partition.

Now the system is installed, but I needed to make a few modifications before I was ready to reboot. In particular, set a root password, edit /etc/fstab to enable swap, edit /etc/rc.conf to enable the zfs rc(8) startup script, and edit /boot/loader.conf to load the geom_eli.ko, opensolaris.ko, and zfs.ko kernel modules at boot.
# chroot /tmp/zroot
# passwd root
[enter password]
# echo '/dev/gpt/swapfs none swap sw 0 0'
>> /etc/fstab
# echo 'zfs_enable="YES"' >> /etc/rc.conf
# echo 'geom_eli_load="YES"' >> /boot/loader.conf
# echo 'zfs_load="YES"' >> /boot/loader.conf
# exit
Before rebooting, I needed to make a few adjustments to where /boot from the zboot/boot dataset would be mounted at boot.
# zfs umount zboot/boot
# zfs set mountpoint=/realboot zboot/boot
This now makes the /boot directory mount as /realboot, so I then needed to point /boot in the zroot dataset to the correct place. This was easily solved with a symbolic link:
# cd /tmp/zroot
# ln -s boot /realboot
Now when the system boots, the filesystem will look something like this:
/bin
/sbin
/boot -> /realboot
/realboot
[...]
Finally, I needed to unmount the zroot dataset, and fix its mountpoints. I only needed to change the zroot mountpoint itself, since all children datasets adjusted their paths automatically.
# zfs umount -a
# zfs set mountpoint=/ zroot
At this point, the installation was complete. I rebooted the laptop, entered the GELI passphrase for /dev/ada0p4.eli when prompted, and was greeted by the "login: " prompt we have all grown to love.

The FreeBSD Cluster: Infrastructural Enhancements at NYI


I spent several days on-site at our east-coast US colocation facility in July 2014 and again in November 2014 racking and installing servers that the FreeBSD Foundation purchased for the FreeBSD Project.

This hardware is essential for supporting the FreeBSD Project in a number of ways.  It provides services for public consumption (FTP mirrors, pkg(8) mirrors, etc.), as well as resources that can be used by FreeBSD developers for various tasks, such as building third-party software packages, release building, and miscellaneous (a.k.a, "testbed") development of services for general use.

More Horsepower to Serve and Support the FreeBSD Community

Since July, fourteen machines were purchased for the east-coast US site, generously hosted by New York Internet in Bridgewater, New Jersey.

The servers were purchased with the end-goal being a complete mirror of the primary site on the west-coast US.  The newly-added servers bring the machine count at NYI to sixty-eight total.

Reorganizing for Redundancy

Two of these servers are being used as firewalls, each equipped with four-port Intel(r) NICs.  Both firewalls have direct connections to the switches in all four cabinets at NYI, providing a redundant uplink to each of the four switches so we can reboot either firewall without losing connectivity

Restructuring for Additional Services

November's site visit had two primary goals: install and configure the recent shipment of machines, and reconfigure the network topology behind the firewalls.  Before many of the machines could be brought online, several changes needed to be made to the network.

Each FreeBSD.org site further separates services behind the firewalls using VLANs, limiting each set of services provided within each VLAN to its own network restrictions.  In order to properly allocate network space for the new machines, several of the VLANs at NYI needed to be redone.

The most publicly-disruptive part of this was reallocating the VLAN that contains the firewalls.  Thanks to Peter Wemm, there were no major service disruptions (aside from a planned simultaneous firewall reboot).

Although not all of these machines have been brought online yet, several of them have been allocated and assigned to the teams that will be using them.

Two machines have been allocated to the FreeBSD Release Engineering Team, one of which was used for the 10.1-RELEASE builds.  Four machines have been allocated to the FreeBSD Ports Management Team, which were brought online and handed over just this week.

FreeBSD, Powered by FreeBSD

If you are like me, words about new hardware do not do as much justice as seeing them.  Enjoy!


new servers - front view
new servers - rear view

FreeBSD 10.1-RELEASE Now Available

FreeBSD 10.1-RELEASE Announcement

The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 10.1-RELEASE. This is the second release of the stable/10 branch, which improves on the stability of FreeBSD 10.0-RELEASE and introduces some new features.

Some of the highlights:
  • The new console driver, vt(4), has been added.
  • Support for FreeBSD/i386 guests has been added to bhyve(4).
  • The bhyve(4) hypervisor now supports booting from a zfs(8) filesystem.
  • Support for SMP was added to the armv6 kernels and enabled by default in the configuration files for all platforms that contain multi-core CPUs.
  • Initial support for UEFI boot has been added for the FreeBSD/amd64 architecture.
  • Support has been added to cache geli(8) passphrases during system boot.
  • Support for the UDP-Lite protocol (RFC 3828) has been added to the IPv4 and IPv6 stacks.
  • The new filesystem automount facility, autofs(5), has been merged from FreeBSD-CURRENT.
  • The sshd(8) rc.d(8) startup script now generates ED25519 sshd(8) host keys if keys do not already exist when ssh_keygen_alg() is invoked.
  • OpenSSH has been updated to version 6.6p1.
  • The nc(1) utility has been updated to match the version in OpenBSD 5.5.
  • Sendmail has been updated to 8.14.9.
  • The unbound(8) caching resolver and ldns have been updated to version 1.4.22.
  • OpenPAM has been updated to Ourouparia (20140912).
  • OpenSSL has been updated to version 1.0.1j.
  • The pkg(8) package management utility has been updated to version 1.3.8.
For a complete list of new features and known problems, please see the online release notes and errata list, available at:
For more information about FreeBSD release engineering activities, please see:

 

Availability

FreeBSD 10.1-RELEASE is now available for the amd64, i386, ia64, powerpc, powerpc64, sparc64, and armv6 architectures.

FreeBSD 10.1-RELEASE can be installed from bootable ISO images or over the network. Some architectures also support installing from a USB memory stick. The required files can be downloaded via FTP as described in the section below. While some of the smaller FTP mirrors may not carry all architectures, they will all generally contain the more common ones such as amd64 and i386.

SHA256 and MD5 hashes for the release ISO and memory stick images are included in the PGP-signed version of this announcement, available at:
Additional UEFI-capable images are available for the amd64 (x86_64) architecture.

The purpose of the images provided as part of the release are as follows:
dvd1
This contains everything necessary to install the base FreeBSD operating system, the documentation, and a small set of pre-built packages aimed at getting a graphical workstation up and running. It also supports booting into a "livefs" based rescue mode. This should be all you need if you can burn and use DVD-sized media.
disc1
This contains the base FreeBSD operating system. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages.
bootonly
This supports booting a machine using the CDROM drive but does not contain the installation distribution sets for installing FreeBSD from the CD itself. You would need to perform a network based install (e.g., from an FTP server) after booting from the CD.
memstick
This can be written to an USB memory stick (flash drive) and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages.

As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work:

 # dd if=FreeBSD-10.1-RELEASE-amd64-memstick.img \
of=/dev/da0 bs=10240 conv=sync
Be careful to make sure you get the target (of=) correct.
mini-memstick
This can be written to an USB memory stick (flash drive) and used to boot a machine, but does not contain the installation distribution sets on the medium itself, similar to the bootonly image. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages.

As one example of how to use the mini-memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work:

 # dd if=FreeBSD-10.1-RELEASE-amd64-mini-memstick.img \
of=/dev/da0 bs=10240 conv=sync
Be careful to make sure you get the target (of=) correct.
FreeBSD 10.1-RELEASE can also be purchased on CD-ROM or DVD from several vendors. One of the vendors that will be offering FreeBSD 10.1-based products is:
Pre-installed virtual machine images are also available for the amd64 (x86_64) and i386 (x86_32) architectures in QCOW2, VHD, and VMDK disk image formats, as well as raw (unformatted) images.

 

 FTP

FreeBSD 10.1-RELEASE may be downloaded via ftp from the following site:
However before trying this site, please check your regional mirror(s) first by going to:
Any additional mirror sites will be labeled ftp2, ftp3 and so on.

More information about FreeBSD mirror sites can be found at:
FreeBSD 10.1-RELEASE virtual machine images may be downloaded via ftp from:
For instructions on installing FreeBSD or updating an existing machine to 10.1-RELEASE please see:

 

Support

FreeBSD 10.1-RELEASE will be supported until January 1, 2017. The End-of-Life dates can be found at:

 

Other Projects Based on FreeBSD

There are many "third party" Projects based on FreeBSD. The Projects range from re-packaging FreeBSD into a more "novice friendly" distribution to making FreeBSD available on Amazon's EC2 infrastructure. For more information about these Third Party Projects see:

 

Acknowledgments

Many companies donated equipment, network access, or man-hours to support the release engineering activities for FreeBSD 10.1 including The FreeBSD Foundation, Yahoo!, NetApp, Internet Systems Consortium, ByteMark Hosting, Sentex Communications, New York Internet, Juniper Networks, NLNet Labs, iXsystems, and Yandex.

The release engineering team for 10.1-RELEASE includes:

Glen Barber <[email protected]> Release Engineering Lead, 10.1-RELEASE Release Engineer
Konstantin Belousov <[email protected]> Release Engineering
Joel Dahl <[email protected]> Release Engineering
Baptiste Daroussin <[email protected]> Package Building
Bryan Drewery <[email protected]> Package Building
Marc Fonvieille <[email protected]> Release Engineering, Documentation
Steven Kreuzer <[email protected]> Release Engineering
Xin Li <[email protected]> Release Engineering, Security Officer
Josh Paetzel <[email protected]> Release Engineering
Colin Percival <[email protected]> Security Officer Emeritus
Craig Rodrigues <[email protected]> Release Engineering
Hiroki Sato <[email protected]> Release Engineering, Documentation
Gleb Smirnoff <[email protected]> Release Engineering
Ken Smith <[email protected]> Release Engineering
Dag-Erling Smørgrav <[email protected]> Security Officer
Marius Strobl <[email protected]> Release Engineering
Robert Watson <[email protected]> Release Engineering, Security

 

 Trademark

FreeBSD is a registered trademark of The FreeBSD Foundation.

Love FreeBSD? Support this and future releases with a donation to The FreeBSD Foundation!

FreeBSD 10.1-RC4 Now Available

The fourth RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

This is anticipated to be the final RC build of the 10.1-RELEASE cycle.

The image checksums follow are included in the original announcement email.

Installer images and memory stick images are available here.

If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.

If you would like to use SVN to do a source based update of an existing system, use the "releng/10.1" branch.

A list of changes since 10.0-RELEASE are available here.

Changes between 10.1-RC3 and 10.1-RC4 include:
  •  Fix ATA CF ERASE breakage for certain CF cards.
  •  Fix a race in pmap_emulate_accessed_dirty() that could trigger a EPT misconfiguration VM-exit.
Important note to ZFS users on the i386 architecture:  Using multi-disk ZFS configurations on i386 (mirror, raidz-1, raidz-2, etc.) may cause
a kernel panic on boot.

Adding 'options KSTACK_PAGES=4' to the kernel configuration is observed to resolve the problem.  Please *do* *not* upgrade your system with freebsd-update(8) if using a multi-disk ZFS setup, since this will override the kernel configuration with the GENERIC kernel.

This is also mentioned in the 10.1-RELEASE Errata Documentation.
    Pre-installed virtual machine images for 10.1-RC4 are also available for amd64 and i386 architectures.  The images are located here.

    The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats.  The image download size is approximately 135 MB, which decompress to a 20GB sparse image.

    The partition layout is:
    • 512k - freebsd-boot GPT partition type (bootfs GPT label)
    • 1GB  - freebsd-swap GPT partition type (swapfs GPT label)
    • ~17GB - freebsd-ufs GPT partition type (rootfs GPT label)
    To install packages from the dvd1.iso installer, create and mount the /dist directory:

    # mkdir -p /dist
    # mount -t cd9660 /dev/cd0 /dist

    Next, install pkg(8) from the DVD:
     

    # env REPOS_DIR=/dist/packages/repos pkg bootstrap

    At this point, pkg-add(8) can be used to install additional packages from the DVD.  Please note, the REPOS_DIR environment variable should be used each time using the DVD as the package repository, otherwise conflicts with packages from the upstream mirrors may occur when they are fetched.  For example, to install Gnome and Xorg, run:
     

    # env REPOS_DIR=/dist/packages/repos pkg install \
      xorg-server xorg gnome2 [...]

    The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier
    FreeBSD releases can upgrade as follows:

    # freebsd-update upgrade -r 10.1-RC4

    During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically
    performed merging was done correctly.

    # freebsd-update install

    The system must be rebooted with the newly installed kernel before continuing.


    # shutdown -r now

    After rebooting, freebsd-update needs to be run again to install the new userland components:


    # freebsd-update install
    It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example,
    FreeBSD 9.x.  Alternatively, the user can install misc/compat9x and other compatibility libraries, afterwards the system must be rebooted
    into the new userland:

    # shutdown -r now

    Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

    # freebsd-update install

    Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

    FreeBSD 10.1-RC3 Now Available

    The third RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

    The image checksums follow are included in the original announcement email.

    Installer images and memory stick images are available here.

    If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.

    If you would like to use SVN to do a source based update of an existing system, use the "releng/10.1" branch.

    A list of changes since 10.0-RELEASE are available here.

    Changes between 10.1-RC2 and 10.1-RC3 include:
    • Several fixes to the UDPLite protocol implementation.
    • The vt(4) driver has been updated to save and restore keyboard mode and LED states when switching windows.
    • Several fixes to the SCTP protocol implementation.
    • A potential race condition in obtaining a file pointer has been corrected.
    • Fix ZFS ZVOL deadlock and rename issues.
    • Restore libopie.so ABI compatibility with 10.0-RELEASE.
    • Removed the last vestige of MD5 password hashes.
    • Several rc(8) script updates and fixes.
    • bsdinstall(8) has been updated to allow selecting local_unbound in the default services to enable at first boot.
    • Prevent ZFS leaking pool free space.
    • Fix rtsold(8) remote buffer overflow vulnerability. [SA-14:20]
    • Fix routed(8) remote denial of service vulnerability. [SA-14:21]
    • Fix memory leak in sandboxed namei lookup. [SA-14:22]
    • OpenSSL has been updated to version 1.0.1j. [SA-14:23]
    • Fix an issue where a FreeBSD virtual machine provisioned in the Microsoft Azure service does not recognize the second attached disk on the system.
      Pre-installed virtual machine images for 10.1-RC3 are also available for amd64 and i386 architectures.  The images are located here.

      The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats.  The image download size is approximately 135 MB, which decompress to a 20GB sparse image.

      The partition layout is:
      • 512k - freebsd-boot GPT partition type (bootfs GPT label)
      • 1GB  - freebsd-swap GPT partition type (swapfs GPT label)
      • ~17GB - freebsd-ufs GPT partition type (rootfs GPT label)
      To install packages from the dvd1.iso installer, create and mount the /dist directory:

      # mkdir -p /dist
      # mount -t cd9660 /dev/cd0 /dist

      Next, install pkg(8) from the DVD:
       

      # env REPOS_DIR=/dist/packages/repos pkg bootstrap

      At this point, pkg-add(8) can be used to install additional packages from the DVD.  Please note, the REPOS_DIR environment variable should be used each time using the DVD as the package repository, otherwise conflicts with packages from the upstream mirrors may occur when they are fetched.  For example, to install Gnome and Xorg, run:
       

      # env REPOS_DIR=/dist/packages/repos pkg install \
        xorg-server xorg gnome2 [...]

      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier
      FreeBSD releases can upgrade as follows:

      # freebsd-update upgrade -r 10.1-RC3

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically
      performed merging was done correctly.

      # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.


      # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:


      # freebsd-update install
      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example,
      FreeBSD 8.x.  Alternatively, the user can install misc/compat9x and other compatibility libraries, afterwards the system must be rebooted
      into the new userland:

      # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

      # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 10.1-RC2 Now Available

      The second RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums follow are included in the original announcement email.

      Installer images and memory stick images are available here.

      If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.

      If you would like to use SVN to do a source based update of an existing system, use the "releng/10.1" branch.

      A list of changes since 10.0-RELEASE are available here.

      Changes between 10.1-RC1 and 10.1-RC2 include:
      • Fix XHCI driver for devices which have more than 15 physical root HUB ports.
      • Fix old iSCSI initiator to work with new CAM locking.
      • Fix page length reported for Block Limits VPD page.
      • Add QCOW v1 & v2 support to mkimg(1).
      Pre-installed virtual machine images for 10.1-RC2 are also available for amd64 and i386 architectures.  The images are located here.

      The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats.  The image download size is approximately 135 MB, which decompress to a 20GB sparse image.

      The partition layout is:
      • 512k - freebsd-boot GPT partition type (bootfs GPT label)
      • 1GB  - freebsd-swap GPT partition type (swapfs GPT label)
      • ~17GB - freebsd-ufs GPT partition type (rootfs GPT label)
      To install packages from the dvd1.iso installer, create and mount the /dist directory:

      # mkdir -p /dist
      # mount -t cd9660 /dev/cd0 /dist

      Next, install pkg(8) from the DVD:
       

      # env REPOS_DIR=/dist/packages/repos pkg bootstrap

      At this point, pkg-add(8) can be used to install additional packages from the DVD.  Please note, the REPOS_DIR environment variable should be used each time using the DVD as the package repository, otherwise conflicts with packages from the upstream mirrors may occur when they are fetched.  For example, to install Gnome and Xorg, run:
       

      # env REPOS_DIR=/dist/packages/repos pkg install \
        xorg-server xorg gnome2 [...]

      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier
      FreeBSD releases can upgrade as follows:

      # freebsd-update upgrade -r 10.1-RC2

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically
      performed merging was done correctly.

      # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.


      # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:


      # freebsd-update install
      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example,
      FreeBSD 8.x.  Alternatively, the user can install misc/compat9x and other compatibility libraries, afterwards the system must be rebooted
      into the new userland:

      # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

      # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 10.1-RC1 Now Available

      The first RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums follow are included in the original announcement email.

      Installer images and memory stick images are available here.

      If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.

      If you would like to use SVN to do a source based update of an existing system, use the "releng/10.1" branch.

      A list of changes since 10.0-RELEASE are available here.

      Changes between 10.1-BETA3 and 10.1-RC1 include:
      • A bug that would cause all processes to appear to have the parent PID of '1' has been fixed.
      • Various updates to bsdinstall(8) and bsdconfig(8).
      • The Hyper-V KVP (key-value pair) driver has been added, and enabled by default on amd64 and i386 architectures.
      Pre-installed virtual machine images for 10.1-RC1 are also available for amd64 and i386 architectures.  The images are located here.

      The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats.  The image download size is approximately 135 MB, which decompress to a 20GB sparse image.

      The partition layout is:
      • 512k - freebsd-boot GPT partition type (bootfs GPT label)
      • 1GB  - freebsd-swap GPT partition type (swapfs GPT label)
      • ~17GB - freebsd-ufs GPT partition type (rootfs GPT label)
      To install packages from the dvd1.iso installer, create and mount the /dist directory:

      # mkdir -p /dist
      # mount -t cd9660 /dev/cd0 /dist

      Next, install pkg(8) from the DVD:
       

      # env REPOS_DIR=/dist/packages/repos pkg bootstrap

      At this point, pkg-add(8) can be used to install additional packages from the DVD.  Please note, the REPOS_DIR environment variable should be used each time using the DVD as the package repository, otherwise conflicts with packages from the upstream mirrors may occur when they are fetched.  For example, to install Gnome and Xorg, run:
       

      # env REPOS_DIR=/dist/packages/repos pkg install \
        xorg-server xorg gnome2 [...]

      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier
      FreeBSD releases can upgrade as follows:

      # freebsd-update upgrade -r 10.1-BETA3

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically
      performed merging was done correctly.

      # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.


      # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:


      # freebsd-update install
      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example,
      FreeBSD 8.x.  Alternatively, the user can install misc/compat9x and other compatibility libraries, afterwards the system must be rebooted
      into the new userland:

      # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

      # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 10.1-BETA3 Now Available

      The third BETA build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      This is expected to be the final BETA release of the 10.1-RELEASE cycle.

      The image checksums follow are included in the original announcement email.

      Installer images and memory stick images are available here.

      If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.

      If you would like to use SVN to do a source based update of an existing system, use the "stable/10" branch.

      A list of changes since 10.0-RELEASE are available on the stable/10 release notes page.

      Changes between 10.1-BETA2 and 10.1-BETA3 include:
      • Support for serial and null console has been added to the UEFI boot loader.
      • A potential panic triggered by referencing a device that has been renamed has been fixed in the cam(4) subsystem.
      • OpenPAM has been updated to the Ourouparia (20140912) release.
      • New sysctls have been added to vt(4) to enable or disable potentially dangerous key combinations (such as reboot, halt, and break to debugger).
      • The mkimg(1) utility has been updated to allow creating empty partition entries.
      • The GEOM_ELI class will now cache passphrases for disk decryption, which allows the system to boot after the first passphrase entry if the remaining disks on the system use the same passphrase.
      • Support for controlling mfi(4) controller properties has been added to mfiutil(8).
      • The /usr/lib32/compat shared library directory has been added to the default ld-elf32.so.1 path.
      • Use of "no" for a Norwegian keymap file is now permitted in rc.conf(5).
      • Several bug fixes to autofs(5) have been implemented.
      Pre-installed virtual machine images for 10.1-BETA3 are also available for amd64 and i386 architectures.  The images are located here.

      The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats.  The image download size is approximately 135 MB, which decompress to a 20GB sparse image.

      The partition layout is:
      • 512k - freebsd-boot GPT partition type (bootfs GPT label)
      • 1GB  - freebsd-swap GPT partition type (swapfs GPT label)
      • ~17GB - freebsd-ufs GPT partition type (rootfs GPT label)
      To install packages from the dvd1.iso installer, create and mount the /dist directory:

      # mkdir -p /dist
      # mount -t cd9660 /dev/cd0 /dist

      Next, install pkg(8) from the DVD:
       

      # env REPOS_DIR=/dist/packages/repos pkg bootstrap

      At this point, pkg-add(8) can be used to install additional packages from the DVD.  Please note, the REPOS_DIR environment variable should be used each time using the DVD as the package repository, otherwise conflicts with packages from the upstream mirrors may occur when they are fetched.  For example, to install Gnome and Xorg, run:
       

      # env REPOS_DIR=/dist/packages/repos pkg install \
        xorg-server xorg gnome2 [...]

      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier
      FreeBSD releases can upgrade as follows:

      # freebsd-update upgrade -r 10.1-BETA3

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically
      performed merging was done correctly.

      # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.


      # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:


      # freebsd-update install
      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example,
      FreeBSD 8.x.  Alternatively, the user can install misc/compat9x and other compatibility libraries, afterwards the system must be rebooted
      into the new userland:

      # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

      # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 10.1-BETA2 Now Available

      The second BETA build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums follow are included in the original announcement email.

      Installer images and memory stick images are available here.

      If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.

      If you would like to use SVN to do a source based update of an existing system, use the "stable/10" branch.

      A list of changes since 10.0-RELEASE are available on the stable/10 release notes page.

      Changes between 10.1-BETA1 and 10.1-BETA2 include:
      • UEFI-capable memory stick images and CDROM/DVDROM images are now build by default for the 10.1-RELEASE cycle.
      • The gssapi_krb5 library is now included in the gssapi(3) build.
      • The default motd(5) text has been changed to clarify the included information and including references to additional resources.
      • A potential crash in ctld(8) has been fixed when a getaddrinfo(3) call fails.
      • Fix Denial of Service in TCP packet processing.  [SA-14:19.tcp]
      • Support for Promise TX8660 8-port 3Gbps HBA has been added.
      • A crash in clang(1) triggered by debuginfo has been fixed.
      • The kern.features sysctl(8) will now report if SCTP is available in the running kernel.
      • Parsing IPv6 nameserver lines in unbound(8) has been fixed.
      • A crash in pam(3) has been fixed if neither PAM_RHOST or PAM_TTY are set.
      • Several bug fixes and improvements to the vt(4) driver have been merged from FreeBSD-Current.
      • The bsdinstall(8) screen prompting if the user would like to use a chroot(8) shell within the newly-installed system for further configuration now defaults to 'No.'
      • Several optimizations to the math(3) library have been merged, including new implementations for C99 functions expl(), coshl(), sinhl(), tanhl(), erfl() and erfcl().
      Pre-installed virtual machine images for 10.1-BETA2 are also available for amd64 and i386 architectures.  The images are located here.

      The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats.  The image download size is approximately 135 MB, which decompress to a 20GB sparse image.

      The partition layout is:
      • 512k - freebsd-boot GPT partition type (bootfs GPT label)
      • 1GB  - freebsd-swap GPT partition type (swapfs GPT label)
      • ~17GB - freebsd-ufs GPT partition type (rootfs GPT label)
      To install packages from the dvd1.iso installer, create and mount the /dist directory:

      # mkdir -p /dist
      # mount -t cd9660 /dev/cd0 /dist

      Next, install pkg(8) from the DVD:
       

      # env REPOS_DIR=/dist/packages/repos pkg add \
        /dist/packages/freebsd:10:*:*/All/pkg-*.txz

      At this point, pkg-add(8) can be used to install additional packages from the DVD.  Please note, the REPOS_DIR environment variable should be used each time using the DVD as the package repository, otherwise conflicts with packages from the upstream mirrors may occur when they are fetched.  For example, to install the Subversion, Gnome, and Xorg, run:
       

      # env REPOS_DIR=/dist/packages/repos pkg install \
        xorg-server xorg gnome2 [...]

      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier
      FreeBSD releases can upgrade as follows:

      # freebsd-update upgrade -r 10.1-BETA2

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically
      performed merging was done correctly.

      # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.


      # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:


      # freebsd-update install
      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example,
      FreeBSD 8.x.  Alternatively, the user can install misc/compat9x and other compatibility libraries, afterwards the system must be rebooted
      into the new userland:

      # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

      # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 10.1-BETA1 Now Available

      The first BETA build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums follow are included in the original announcement email.

      Installer images and memory stick images are available here.

      If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.

      If you would like to use SVN to do a source based update of an existing system, use the "stable/10" branch.

      A list of changes since 10.0-RELEASE are available on the stable/10 release notes page.

      Pre-installed virtual machine images for 10.1-BETA1 are also available for amd64 and i386 architectures.  The images are located here.

      The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats.  The image download size is approximately 135 MB, which decompress to a 20GB sparse image.

      The partition layout is:
      • 512k - freebsd-boot GPT partition type (bootfs GPT label)
      • 1GB  - freebsd-swap GPT partition type (swapfs GPT label)
      • ~17GB - freebsd-ufs GPT partition type (rootfs GPT label)
      Note to consumers of the dvd1.iso image: The packages included on the dvd do not have a corresponding pkg(8) repository due to an incompatibility with pkg-1.2.x and pkg-1.3.x.  This will be fixed for BETA2.

      The packages will not be recognized by bsdconfig(8), however can be  installed manually.

      To install packages from the dvd1.iso installer, create and mount the /dist directory:

      # mkdir -p /dist
      # mount -t cd9660 /dev/cd0 /dist

      Next, install pkg(8) from the DVD:
       

      # env REPOS_DIR=/dist/packages/repos pkg add \
        /dist/packages/freebsd:10:*:*/All/pkg-*.txz

      At this point, pkg-add(8) can be used to install additional packages from the DVD.  Please note, the REPOS_DIR environment variable should be used each time using the DVD as the package repository, otherwise conflicts with packages from the upstream mirrors may occur when they are fetched.  For example, to install the Subversion, Gnome, and Xorg, run:
       

      # env REPOS_DIR=/dist/packages/repos pkg add \
        /dist/packages/freebsd:10:*:*/subversion [...]

      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier
      FreeBSD releases can upgrade as follows:

      # freebsd-update upgrade -r 10.1-BETA1

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically
      performed merging was done correctly.

      # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.


      # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:


      # freebsd-update install
      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example,
      FreeBSD 8.x.  Alternatively, the user can install misc/compat9x and other compatibility libraries, afterwards the system must be rebooted
      into the new userland:

      # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

      # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 9.3-RELEASE Now Available

      FreeBSD 9.3-RELEASE Announcement

      The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 9.3-RELEASE. This is the fourth release of the stable/9 branch, which improves on the stability of FreeBSD 9.2-RELEASE and introduces some new features.

      Some of the highlights:
      • The zfs(8) filesystem has been updated to support the bookmarks feature.
      • The uname(1) utility has been updated to include the -U and -K flags, which print the __FreeBSD_version for the running userland and kernel, respectively.
      • The fetch(3) library has been updated to support SNI (Server Name Identification), allowing to use virtual hosts on HTTPS.
      • Several updates to gcc(1) have been imported from Google.
      • The hastctl(8) utility has been updated to output the current queue sizes.
      • The protect(1) command has been added, which allows exempting processes from being killed when swap is exhausted.
      • The etcupdate(8) utility, a tool for managing updates to files in /etc, has been merged from head/.
      • A new shared library directory, /usr/lib/private, has been added for internal-use shared libraries.
      • OpenPAM has been updated to Nummularia (20130907).
      • A new flag, "onifconsole" has been added to /etc/ttys. This allows the system to provide a login prompt via serial console if the device is an active kernel console, otherwise it is equivalent to off.
      • Sendmail has been updated to version 8.14.9.
      • BIND has been updated to version 9.9.5.
      • The xz(1) utility has been updated to a post-5.0.5 snapshot.
      • OpenSSH has been updated to version 6.6p1.
      • OpenSSL has been updated to version 0.9.8za.
      For a complete list of new features and known problems, please see the online release notes and errata list, available at:
      For more information about FreeBSD release engineering activities, please see:

      Availability

      FreeBSD 9.3-RELEASE is now available for the amd64, i386, ia64, powerpc, powerpc64, and sparc64 architectures.

      FreeBSD 9.3-RELEASE can be installed from bootable ISO images or over the network. Some architectures also support installing from a USB memory stick. The required files can be downloaded via FTP as described in the section below. While some of the smaller FTP mirrors may not carry all architectures, they will all generally contain the more common ones such as amd64 and i386.

      SHA256 and MD5 hashes for the release ISO and memory stick images are included at the bottom of this message.  A PGP-signed version of this announcement is available at:
      Please refer to the official announcement email for the full details regarding FreeBSD 9.3-RELEASE.

      Acknowledgments

      Many companies donated equipment, network access, or man-hours to support the release engineering activities for FreeBSD 9.3 including The FreeBSD Foundation, Yahoo!, NetApp, Internet Systems Consortium, ByteMark Hosting, Sentex Communications, New York Internet, Juniper Networks, NLNet Labs, iXsystems, and Yandex.

      The release engineering team for 9.3-RELEASE includes:
      Glen Barber <[email protected]> Release Engineering Lead, 9.3-RELEASE Release Engineer
      Konstantin Belousov <[email protected]> Release Engineering
      Joel Dahl <[email protected]> Release Engineering
      Baptiste Daroussin <[email protected]> Package Building
      Bryan Drewery <[email protected]> Package Building
      Marc Fonvieille <[email protected]> Release Engineering, Documentation
      Steven Kreuzer <[email protected]> Release Engineering
      Xin Li <[email protected]> Release Engineering, Security Officer
      Josh Paetzel <[email protected]> Release Engineering
      Colin Percival <[email protected]> Security Officer Emeritus
      Craig Rodrigues <[email protected]> Release Engineering
      Hiroki Sato <[email protected]> Release Engineering, Documentation
      Gleb Smirnoff <[email protected]> Release Engineering
      Ken Smith <[email protected]> Release Engineering
      Dag-Erling Smøgrav <[email protected]> Security Officer
      Marius Strobl <[email protected]> Release Engineering
      Robert Watson <[email protected]> Release Engineering, Security

      Trademark

      FreeBSD is a registered trademark of The FreeBSD Foundation.

      Love FreeBSD? Support this and future releases with a donation to The FreeBSD Foundation!

      FreeBSD 9.3-RC3 Now Available

      FreeBSD 9.3-RC3 Now Available


      The third RC build of the 9.3-RELEASE release cycle is now available on the FTP servers for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums can be found in the PGP-signed announcement email.

      ISO images and, for architectures that support it, the memory stick images are available here:

          http://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.3/

      (or any of the FreeBSD mirror sites).

      If you notice problems you can report them through the normal Bugzilla PR system or on the -stable mailing list.

      If you would like to use SVN to do a source based update of an existing system, use the "releng/9.3" branch.

      A list of changes since 9.2-RELEASE are available on the 9.3-RELEASE release notes page here:


      Changes between 9.3-RC2 and 9.3-RC3 include:

      • Bug fix for axge(4) range checks and receive loop header parsing.
      • Bug fix to exclude loopback addresses rather than loopback interfaces has been fixed.
      • Bug fix in uhso(4) to prevent memory use after free() and mtx_destroy().
      • Bug fix in bsdinstall(8) where certain conditions could prevent directory creation before use.
      • Bug fix for DNS-based load balancing.
      • Vendor update to oce(4).

      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier FreeBSD releases can upgrade as follows:

          # freebsd-update upgrade -r 9.3-RC3

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly.

          # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.

          # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:

          # freebsd-update install

      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 8.x.  Alternatively, the misc/compat8x port can be installed to provide other compatibility libraries, afterwards the system must be rebooted into the new userland:

          # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

          # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 9.3-RC2 Now Available

      FreeBSD 9.3-RC2 Now Available


      The second RC build of the 9.3-RELEASE release cycle is now available on the FTP servers for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums can be found in the PGP-signed announcement email.

      ISO images and, for architectures that support it, the memory stick images are available here:

          http://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.3/

      (or any of the FreeBSD mirror sites).

      If you notice problems you can report them through the normal Bugzilla PR system or on the -stable mailing list.

      If you would like to use SVN to do a source based update of an existing system, use the "releng/9.3" branch.

      A list of changes since 9.2-RELEASE are available on the 9.3-RELEASE release notes page here:


      Changes between 9.3-RC1 and 9.3-RC2 include:
      • A bug in the fast rx buffer recycle path has been fixed in the cxgbe(4) driver.
      • A bug that would incorrectly allow two listening SCTP sockets on the same port bound to the wildcard address has been fixed.
      • Multiple vulnerabilities have been fixed in file(1) and libmagic(3).  [FreeBSD-SA-14:16.file]
      • A workaround has been implemented to fix serial ports on certain motherboards, in particular the Intel D2500CCE board.
      • A bug in bsdgrep(1) that would prevent certain pattern matching has been fixed.
      • The bsdconfig(8) utility has been updated to support pkg(8)-format packages.
      • Firmware for the cxgbe(4) Chelsio T4 and T5 cards has been updated to version 1.11.27.0.
      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier FreeBSD releases can upgrade as follows:

          # freebsd-update upgrade -r 9.3-RC2

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly.

          # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.

          # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:

          # freebsd-update install

      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 8.x.  Alternatively, the misc/compat8x port can be installed to provide other compatibility libraries, afterwards the system must be rebooted into the new userland:

          # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

          # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 9.3-RC1 Now Available

      FreeBSD 9.3-RC1 Now Available

      The first RC build of the 9.3-RELEASE release cycle is now available on the FTP servers for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums can be found in the PGP-signed announcement email.

      ISO images and, for architectures that support it, the memory stick images are available here:

          http://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.3/

      (or any of the FreeBSD mirror sites).

      If you notice problems you can report them through the normal Bugzilla PR system or on the -stable mailing list.

      If you would like to use SVN to do a source based update of an existing system, use the "releng/9.3" branch.

      A list of changes since 9.2-RELEASE are available on the stable/9 release notes page here:


      Changes between 9.3-BETA3 and 9.3-RC1 include:
      • Various bug fixes in the hptrr(4) driver.
      • Time zone data has been updated to tzdata2014e.
      • Handling of the '-P' flag without '-p' or '-r' has been fixed in the daemon(8) utility.
      • A bug in the nvme(4) controller initialization path has been fixed.
      • A bug in the fast receive buffer recycle path has been fixed in the cxgbe(4) driver.
      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier FreeBSD releases can upgrade as follows:

          # freebsd-update upgrade -r 9.3-RC1

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly.

          # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.

          # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:

          # freebsd-update install

      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 8.x.  Alternatively, the misc/compat8x port can be installed to provide other compatibility libraries, afterwards the system must be rebooted into the new userland:

          # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

          # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 9.3-BETA3 Now Available

      FreeBSD 9.3-BETA3 Now Available


      The third BETA build of the 9.3-RELEASE release cycle is now available on the FTP servers for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums can be found in the PGP-signed announcement email.

      ISO images and, for architectures that support it, the memory stick images are available here:

          http://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.3/

      (or any of the FreeBSD mirror sites).

      If you notice problems you can report them through the normal GNATS PR system or on the -stable mailing list.

      Please note, as the FreeBSD bug tracking system is undergoing maintenance, the PR system may be unavailable.  Problem reports submitted this maintenance period are being queued for later processing.

      If you would like to use SVN to do a source based update of an existing system, use the "stable/9" branch.

      A list of changes since 9.2-RELEASE are available on the stable/9 release notes page here:


      Changes between 9.3-BETA2 and 9.3-BETA3 include:
      • A new ttys(5) flag, onifconsole, has been added, which activates ttyu0 if the device is an active kernel console.
      • The NFSv4 server now allows creating a hard link to a symbolic link, as was allowed in NFSv3.
      • OpenSSL has been updated to 0.9.8za.
      • A deadlock caused by incorrect reference counts has been fixed in the usb(4) driver.
      • The arc4random(3) library has been updated to match that in FreeBSD-CURRENT.
      • The amount of data collected by hwpmc(4) has been increased to work with modern processors and available RAM.
      • A new pmcstat(8) flag, '-l', has been added, which ends event collection after the specified number of seconds.
      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier FreeBSD releases can upgrade as follows:

          # freebsd-update upgrade -r 9.3-BETA3

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly.

          # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.

          # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:

          # freebsd-update install

      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 8.x.  Alternatively, the misc/compat8x port can be installed to provide other compatibility libraries, afterwards the system must be rebooted into the new userland:

          # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

          # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

      FreeBSD 9.3-BETA1 Now Available

      FreeBSD 9.3-BETA1 Now Available

      The first BETA build of the 9.3-RELEASE release cycle is now available on the FTP servers for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

      The image checksums can be found in the PGP-signed announcement email.

      ISO images and, for architectures that support it, the memory stick images are available here:

          http://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.3/

      (or any of the FreeBSD mirror sites).

      If you notice problems you can report them through the normal GNATS PR system or on the -stable mailing list.

      Please note, as the FreeBSD bug tracking system is undergoing maintenance, the PR system may be unavailable.  Problem reports submitted this maintenance period are being queued for later processing.

      If you would like to use SVN to do a source based update of an existing system, use the "stable/9" branch.

      A list of changes since 9.2-RELEASE are available on the stable/9 release notes page here:


      The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier FreeBSD releases can upgrade as follows:

          # freebsd-update upgrade -r 9.3-BETA1

      During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly.

          # freebsd-update install

      The system must be rebooted with the newly installed kernel before continuing.

          # shutdown -r now

      After rebooting, freebsd-update needs to be run again to install the new userland components:

          # freebsd-update install

      It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 8.x.  Alternatively, the misc/compat8x port can be installed to
      provide other compatibility libraries, afterwards the system must be rebooted into the new userland:

          # shutdown -r now

      Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

          # freebsd-update install

      Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!  https://www.freebsdfoundation.org/donate/