<html><head></head><body dir="auto" style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="ApplePlainTextBody"><div class="ApplePlainTextBody">MidnightBSD 2.0<br><br>I’m happy to announce the availability of MidnightBSD 2.0 for amd64 and i386. This is a massive release focusing on base system improvements. <br><br>We’ve imported many features from FreeBSD 11.x as part of the release.<br><br>LLVM updated to 8.0.1<br>ELF ToolChain updated<br>OpenSSL updated<br>ZFS now supports parallel mounting<br>Kernel logs jail IDs when a process exits<br>Network firmware updates<br><br>Updated DRM code is now in mports for 2.0 and later. This allows us to update it outside of a release. <br>Upgrade Process<br><br>Due to the nature of the release, there are a few minor build issues when upgrading from MidnightBSD 1.2.x by source. Please follow this awkward procedure: <br><br>(you can also do this with svnlite using github)<br><br>Install git if you don’t have it already<br>mport install git<br><br>Fetch MidnightBSD from git via github.com/midnightbsd/src.git (assumes you don’t have /usr/src populated)<br><br>git clone https://github.com/MidnightBSD/src.git<br><br>Checkout the stable/2.0 branch<br>git checkout stable/2.0<br><br>Using your favorite editor (ee, vi, nano, gedit, … ) open the src/usr.bin/Makefile <br>Comment out with #<br>.if defined(LINKER_FEATURES) && ${LINKER_FEATURES:Mfilter}<br>SUBDIR= perl \<br> .WAIT<br>.endif<br><br>cd /usr/src; make clean buildworld buildkernel; <br>mergemaster -p <br>make installkernel<br>reboot<br>(if it works OK, login and go to /usr/src)<br>make installworld<br>mergemaster -iU<br>cd /usr/src/usr.bin/perl; make; make install; <br>Open src/usr.bin/Makefile again and uncomment the previous lines (in case you do a rebuild later)<br>Update installed mports/packages<br>cd /usr/src/; make check-old; then run make delete-old<br><br>When you are done, verify that perl is updated by running perl -v <br>You should have perl 5.32.0. If it says perl 5.28, be sure to upgrade perl! <br><br>Bug Fixes and new features<br>The default devd.conf(5) has been updated to prevent duplicated hostapd(8) and wpa_supplicant(8) startup via devd(8).<br><br>The cpuset(1), sockstat(1), ipfw(8), and ugidfw(8) utilities have been updated to support jail(8) names.<br><br>The newfs_msdos(8) utility has been updated to include a new flag, -T, which is used to specify the timestamp for build reproducibility.<br><br>The dd(1) utility has been updated to add a new statusoperand, progress, which reports the current status on a single line every second.<br><br>The last(1) utility has been updated to include libxo(3) support.<br><br>The lastlogin(8) utility has been updated to include libxo(3) support. <br><br>The traceroute(8) utility has been updated to include libcasper(3) support.<br><br>The trim(8) utility has been added, which deletes content for blocks on flash-based storage devices that use wear-leveling algorithms.<br><br>The newfs(8) and tunefs(8) utilities have been updated to allow underscores in label names.<br><br>The newfs(8) and tunefs(8) utilities have been updated to allow dashes in label names.<br><br>The fdisk(8) utility has been updated to support sectors larger than 2048 bytes.<br><br>The sh(1) utility has been updated to add the pipefail option which simplifies checking the exit status of all commands in a pipeline. <br><br>The spi(8) utility has been added, which is used to communicate with devices on an SPI bus through the userland.<br><br>An issue that could result in a system hang during ZFS vnode reclamation has been fixed.<br><br>The functionality provided by zfsloader has been added to loader(8). Once the system boot blocks have been updated, zfsloader is not needed.<br><br>The ipfw(8) firewall has been updated to include new rule options, record-state, set-limit, and defer-action.<br><br>Support for NAT64 CLAT has been added, as defined in RFC6877.<br><br>The ln(1) utility has been updated to correct the behavior of the -F flag by unlinking an existing directory before creating a symbolic link.<br><br>The crontab(1) utility has been updated to include a new flag, -f, which forces crontab(5) removal when -r is used non-interactively.<br><br>The newsyslog(8) utility has been updated to support RFC5424-compliant messages when rotating system logs.<br><br>The sesutil(8) utility has been updated to include libxo(3) support in output.<br><br>The diskinfo(8) utility has been updated to include two new flags, -s which displays the disk identity (usually the serial number), and -p which displays the physical path to the disk in a storage controller. The -s and -p flags are mutually exclusive, and cannot be used with any other flags.<br><br>The diskinfo(8) utility has also been updated to include the device model when the -s flag is used.<br><br>The top(1) utility has been updated to allow filtering on multiple user names when the -U flag is used.<br><br>The bsdgrep(1) utility has been updated to include a rgrep hard link to grep(1), which when used is equivalent to grep -r.<br><br>The bsdgrep(1) utility has been updated to address various issues with pattern matching behavior.<br><br>The umount(8) utility has been updated to include a new flag, -N, which is used to forcefully unmount an NFS mounted filesystem. <br><br>The pw(8) utility has been updated to properly handle empty secondary group lists as an argument to the -G flag when using the usermod subcommand.<br><br>The getconf(1) utility has been updated to include a new flag, -a, which prints the name and value of all system or path configuration values to stdout(4) or optionally a file as an argument to -a.<br><br>The ps(1) utility has been updated to reflect realtime and idle priorities in state flags. <br><br>The ps(1) utility has been updated to display if a process is running with capsicum(4) capability mode, indicated by C.<br><br>The cpucontrol(8) utility has been updated to include a new flag, -n, that disables the default microcode update search path when used.<br><br>The fsck_ffs(8) utility has been updated to prevent a filesystem from being reported as modified when only the timestamp in the superblock is updated.<br><br>The diskinfo(8) utility has been updated to display disk rotation rate and if TRIM/UNMAP is supported by the disk. <br><br>The rsh(1) utility has been updated to include a new flag, -N, which disables shutdown of a socket sending path when used.<br><br>The pfctl(8) utility has been updated to allow route-to to properly handle network interfaces with multiple IP addresses.<br><br>The camcontrol(8) utility has been updated to include ZAC (Zoned-device ATA command set) information when the identify subcommand is used.<br><br>The pw(8) utility has been updated to correct handling of account expiration periods.<br><br>The mdmfs(8) utility has been updated to support tmpfs(5).<br><br>The lint(1) utility is no longer built by default. The WITH_LINT src.conf(5) option has been added to enable building and installing the utility.<br><br>The cpucontrol(8) utility has been updated to include a new flag, -e, which is used to re-evaluate reported CPU features after applying firmware updates.<br><br>The indent(1) utility has been updated to respect the SIMPLE_BACKUP_SUFFIX environment variable if set. <br><br>The du(1) utility has been updated to include the --si long option, which is used to display output in "human-readable" output in powers of 1000. <br><br>The df(1) utility has been updated to include the --si long option, which is an alias to -H. <br><br>The service(8) utility has been updated to include a new flag, -j, which is used to interact with services running within a jail(8). The argument to -j can be either the name or numeric jail ID. <br><br>The fsck_ffs(8) utility has been updated to exit with a non-zero status when the filesystem is not repaired. <br><br>The nvmecontrol(8) utility has been updated to print the full 128 bit value for SMART data, instead of the hexadecimal value. <br><br>The nvmecontrol(8) utility has been updated to include control options for Western Digital® HGST drives. The new options are cap-diag, get-crash-dump, drive-log, purge, and purge-monitor. <br><br>The dhclient(8) utility has been updated to be more compliant with RFC2131 by setting the source address field in the IP header to 0 when sending a DHCPREQUEST message to attempt to obtain a previously-assigned IP address.<br><br>The pw(8) utility has been updated to allow the @ and ! characters in the GECOS field.<br><br>The zfsd(8) utility has been updated to work with any type of GEOM provider, including md(4), geli(8), glabel(8), and gstripe(8). <br><br>The ps(1) utility has been updated to include a jail keyword, which when used will list the name of a jail(8) instead of the numeric ID.<br><br>The mlx5tool(8) utility has been added, which is used to manage Connect-X 4 and Connect-X 5 devices supported by mlx5io(4). <br><br>The sysctl(8) utility has been updated to support setting an array of values to nodes. Prior to this change, sysctl(8) could only set one value to a node that may return multiple values when queried.<br><br>The ifconfig(8) utility has been updated to include a random option, which when used with the ether option, generates a random MAC address for an interface<br><br>The efibootmgr(8) utility has been added, which is used to manipulate the EFI boot manager.<br><br>The etdump(1) utility has been added, which is used to view El Torito boot catalog information.<br><br>The mount(8) utility has been updated to allow fallback to mount media read-only if an attempt to mount write-protected media read-write fails. This behavior is disabled by default, and can be requested with the new autoro option<br><br>The makefs(8) utility has been updated to default the block and fragment sizes to match that of newfs(8), 32K and 4K, respectively. <br><br>The pwd_mkdb(8) utility has been updated to emit a notice that legacy database support will be removed when the -l flag is used. <br><br>The dhclient(8) utility has been updated to allow the interface-mtu option to be overridden with a supersede entry in dhclient.conf(5)<br><br>The linux(4) ABI compatibility layer has been updated to include support for musl consumers.<br><br>The fdescfs(5) filesystem has been updated to support Linux®-specific fd(4) /dev/fd and /proc/self/fd behavior.<br>The ng_iface(4) driver has been updated to prevent a possible system crash.<br><br>The ipfw(4) packet filter has been updated to identify layer-2 and layer-3 packets, fixing dummynet(4) AQM packet marking.<br><br>An issue causing boot issues with Intel® Apollo Lake™ CPUs has been fixed.<br><br>The watchdog(4) facility has been updated to make SW_WATCHDOG dynamic, enabling the software watchdogd(8) option whenever a hardware watchdog is not present. <br><br>The p1003_1b.aio_listio_max sysctl(8) has been changed to a runtime-configurable tunable<br><br>The boot code and loader(8) have been updated to check for unsupported ZFS feature flags. If unsupported features are active, the pool is not considered as a bootable pool, and a diagnostic message is printed to the console<br><br>The loader(8) has been updated to improve quotation parsing, distinguishing between single- and double-quotes, and check for terminating quotes.<br><br>The length of GELI passphrases entered when booting a system with encrypted disks is now hidden by default. <br><br>The icmp6(4) protocol has been updated to fix ICMPv6 redirects.<br><br>The setproctitle_fast(3) function has been added, which is optimized for high-frequency process title updates.<br><br>The kqueue(2) system call has been updated to allow updating EVFILT_TIMER.<br><br>readelf(1) has been updated to report arm program and section header types.<br>strings(1) has been updated to fix the exit status when multiple files are provided as arguments, and an error is encountered before the last file.<br><br>The type max_align_t is now defined for C11 compliance.<br><br>The sem_clockwait_np() library function has been added, which allows the caller to specify the reference clock and choose between absolute and relative mode.<br><br>The clang nullability qualifiers have been added to the C library headers.<br><br>Uses of the GNU __nonnull__ attribute have been replaced with the more benign Clang nullability attributes.<br><br>ptrace(2) now supports events for vfork(2), permitting reliable debugging across vfork(2) invocations<br><br>Process core dumps now include the process ID (PID) and command line arguments.<br><br>The ipfw(4) packet filter has been updated to add support for named dynamic states.<br><br>The ipfw_nptv6 kernel module has been added, implementing Network Prefix Translation for IPv6 as defined in RFC 6296<br><br>The ipfw_nat64 kernel module has been added, implementing stateless and stateful NAT64.<br><br>The cfumass(4) device has been added, providing a storage frontend to USB OTG-capable hardware.<br><br>The ipfw_pmod kernel module has been added, designed for modifying packets of any protocol.<br><br>The vfs.root_mount_always_wait tunable has been added, which forces the kernel to wait for root mount holds even if the root device is already present.<br><br>When the system real time clock (RTC) is adjusted, such as by clock_settime(), sleeping threads are now awakened and absolute sleep times are reevaluated based on the new value of the RTC.<br><br>The network stack has been updated to include ip6_tryforward(), providing performance benefits as result of a reduced number of checks. <br><br>The network stack has been modified to fix incorrect or invalid IP addresses if multiple threads emit a UDP log_in_vain message concurrently.<br><br>The TCP stack has been changed to use the estimated RTT instead of timestamps for receive buffer auto resizing.<br><br><br>The default newsyslog.conf(5) now includes files in the /etc/newsyslog.conf.d/ and /usr/local/etc/newsyslog.conf.d/ directories for newsyslog(8)<br><br>The mailwrapper(8) utility has been updated to use mailer.conf(5) from the LOCALBASE environment variable, which defaults to /usr/local if unset<br><br>The pciconf(8) utility can now identify PCI devices that are attached to a driver to be identified by their device name instead of just the selector. Additionally, the -l flag now accepts an optional device argument to list details about a single device<br><br>A new flag, “onifconsole” has been added to /etc/ttys. This allows the system to provide a login prompt via serial console if the device is an active kernel console, otherwise it is equivalent to off.<br><br>Support for displaying VPD for PCI devices via pciconf(8) has been added.<br><br>The bsdconfig(8) utility has been updated to skip the initial tzsetup(8) UTC versus wall-clock time prompt when run in a virtual machine, determined when the kern.vm_guest sysctl(8) is set to 1.<br>Security Fixes<br>The jail(8) utility has been updated to include a new jail.conf(5) parameter, allow.read_msgbuf, which prevents jailed processes and users from accessing the dmesg(8) buffer. This parameter is set to false by default.<br><br>A new variable, init_exec, has been added to kenv(1), allowing init(8) to run an executable file after opening the console, replacing init(8) as PID 1<br><br>The jail(8) utility has been updated to add a new flag, -e, which takes a jail.conf(5) parameter as an argument and prints a list of non-wildcard jails with the specified parameter.<br><br>The ping(8) utility has been updated to use the Capsicum framework to drop privileges, protecting against malicious network packets.<br>3rd Party Software<br>Perl 5.32.0<br><br>LLVM 8.0.1<br><br>ELF Tool Chain r3614<br><br>libarchive 3.4.2<br>zlib/1.2.11<br>liblzma/5.2.4<br>bz2lib/1.0.8 <br><br>Lua loader from FreeBSD<br><br>OpenSSL 1.0.2u<br><br>Sqlite3 3.32.3 <br><br>OpenPAM updated<br><br>svn, version 1.13.0<br>file-5.37<br><br>The pcap(3) library has been updated to version 1.9.0 (pre-release). <br>Hardware<br>The number of MSI IRQs have been converted from a constant to a tunable. The default remains at 512, which can now be changed during boot with the machdep.num_msi_irqs<br><br>The ichwd(4) driver has been updated to include support for TCO watchdog timers in the Lewisburg PCH (C620) chipset.<br><br>The ae(4), bm(4), cs(4), de(4), dme(4), ed(4), ep(4), ex(4), fe(4), pcn(4), sf(4), sn(4), tl(4), tx(4), txp(4), vx(4), wb(4), and xe(4) drivers have been marked as deprecated.<br><br>The oce(4) driver has been updated to version 11.0.50.0.<br><br>The TP-Link® TL-WN321G™ network adapter now uses the run(4) driver instead of the rum(4) driver. <br><br>The mlx4en(4) and mlx5en(4) drivers have been updated to version 3.5.0.<br><br>The lagg(4) driver has been updated to allow changing the MTU without requiring destroying and recreating the interface.<br><br>The ccr(4) driver has been added, providing support for Chelsio® T6™ cryptography accelerators.<br><br>The cxgbe(4) driver has been updated to include support for hash filters, NAT offloading, and SMAC/DMAC swapping filters.<br><br>The cxgbe(4) T4, T5, and T6 firmware has been updated to version 1.23.0.0.<br><br>The ixl(4) driver has been updated to version 1.11.9.<br><br>The ixlv(4) driver has been updated to version 1.5.8.<br><br>The vt(4) keyboard mapping has been updated to include uk.macbook.kbd support.<br><br>Support for PS/2 scan codes for NumLock, ScrollLock, and numerical keypad keys has been added to bhyve(8)<br><br>The ng_pppoe(4) driver has been updated to add support for user-supplied Host-Uniq tags.<br><br>The mlx5io(4) driver has been added, providing an interface to manage supported Connect-X 4 and Connect-X 5 network adapters<br><br>The cm(4) and fpa(4) drivers have been marked as deprecated<br><br>The ocs_fc(4) driver has been added, supporting Emulex 16/8G FC GEN 5 HBAs LPe15004 and LPe160XX, and Emulex 32/16G FC GEN 6 HBAs LPe3100X and LPe3200X.<br><br>The ixl(4) driver has been updated to version 1.9.9-k<br><br>The smartpqi(4) driver has been added, providing support for Microsemi® SCSI controllers.<br><br>Support for virtio_console(4) has been added to bhyve(4)<br><br>The jedec_ts(4) driver has been added, providing support for thermal sensors on memory modules. The driver currently supports chips that are fully compliant with the JEDEC JC 42.4 specification<br><br>The bytgpio(4) driver has been added, providing support for Intel® Bay Trail™ SoC GPIO controllers.<br><br>/dev/kmem no longer supports access via mmap(). Consumers wishing to use /dev/kmem must use read() and write().<br><br>devctl(8) now supports a "clear driver" command as a complement to "set driver"<br><br>The digi(4), ie(4), mcd(4), scd(4), si(4), spic(4), and wl(4) drivers have been marked as deprecated<br><br>The mpr(4) driver has been updated to support tri-mode (SAS/SATA/PCIe) Broadcom® storage adapters.<br><br>The cxgbe(4) driver now supports devices using T6-based adapters which support 10, 25, 40, and 100 Gbps<br><br>The bnxt(4) driver has been added, providing support for Broadcom® NetXtreme-C™ and NetXtreme-E™ devices<br><br>The cxgbev(4) driver has been added, providing support for Virtual Function devices (VFs) on Chelsio T4 and T5 adapters.<br><br>TCP connections using the TCP Offload Engine (TOE) on Chelsio T4+ adapters can now perform zero-copy sends via aio_write().<br><br>The cxgbe(4) driver has been updated to provide support for Virtual Function devices (VFs) on Chelsio T4 and T5 adapters<br><br>The miibus(4) driver has been updated to support Microchip/Micrel KSZ9031 Gigabit ethernet cards.<br><br>The alc(4) driver has been updated to provide support for Atheros® Killer E2400™ Gigabit ethernet cards.<br><br>The alc(4) driver has been updated to provide support for Atheros® Killer E2500™ Gigabit ethernet cards<br><br>The etherswitch(4) driver has been updated to support RTL8366RB and RTL8366SR cards<br><br>The if_ipsec(4) virtual tunneling interface has been added, implementing route-based VPNs protected with Encapsulating Security Payload (ESP).<br><br>The qlnxe(4) driver has been added, providing support for Cavium® Qlogic™ 45000 Series adapters.<br><br>The qlnxe(4) driver has been updated to support QLE41XXX hardware.<br><br>The atkbdc(4) driver has been updated to provide support for Elantech® trackpads. To enable hardware support, add hw.psm.elantech_support=1 to loader.conf(5)<br><br>PCI passthrough with bhyve(4) supports more dynamic configurations permitting devices to be marked for passthrough of host use at runtime. <br><br>PCI passthrough with bhyve(4) resets functions via FLR when a virtual machine is started and stopped.<br><br>The hv_netvsc(4) driver SR-IOV implementation has been updated to support Virtual Function (VF) devices, such as the Mellanox® Connect-X3™ network card.<br><br>Support for Microsoft® Hyper-V™ Generation 2 virtual machines has been added<br><br>Support for synthetic keyboards has been added for virtual machines running on Microsoft® Hyper-V™.<br><br>The ena(4) driver has been added, providing support for "next generation" Enhanced Networking on the Amazon® EC2™ platform<br><br>A kernel bug that inhibited proper functionality of the dev.cpu.0.freq sysctl(8) on Intel® processors with Turbo Boost ™ enabled has been fixed.<br><br>The cyapa(4) driver has been added, supporting the Cypress APA I2C trackpad.<br><br>The isl(4) driver has been added, supporting the Intersil I2C ISL29018 digital ambient light sensor.<br><br>Support for Broadcom chipsets BCM57764, BCM57767, BCM57782, BCM57786 and BCM57787 has been added to bge(4)<br><br>The if_nf10bmac(4) device has been added, providing support for NetFPGA-10G Embedded CPU Ethernet Core<br><br>The ath_hal(4) driver has been updated to support the Atheros AR1111 chipset.<br><br>The iwn(4) driver was added, providing support for the Intel® Centrino™ Wireless-N 105 and 135 chipsets.<br><br>Support for the cxgbe(4) Terminator 5 (T5) 10G/40G cards has been added to netmap(4)<br><br>The alc(4) driver has been updated to support AR816x and AR817x ethernet controllers<br><br>The pf(4) packet filter default hash has been changed from Jenkins to Murmur3, providing a 3-percent performance increase in packets-per-second.<br><br>The vxlan(4) driver has been added, which creates a virtual Layer 2 (Ethernet) network overlaid in a Layer 3 (IP/UDP) network. The vxlan(4) driver is analogous to vlan(4), but is designed to be better suited for large, multiple-tenant data center environments.<br><br>The gre(4) driver has been significantly overhauled, and has been split into two separate modules, gre(4) and me(4).<br><br>The ral(4) driver has been updated to support the RT5390 and RT5392 chipsets.<br><br>The sfxge(4) driver has been updated to support Solarflare Flareon Ultra 7000-series chipsets.<br><br>The em(4) driver has been updated with improved transmission queue hang detection<br><br>The cdce(4) driver has been updated to include support for the RTL8153 chipset.<br><br>The iwm(4) driver has been imported from OpenBSD, providing support for Intel® 3160/7260/7265 wireless chipsets.<br><br>The em(4) driver has been updated to allow disabling CRC stripping<br><br>The lagg(4) driver has been updated to remove support for the fec protocol<br><br>The dummynet(4) driver has been updated to include support for AQM (Active Queue Management), adding support for PIE (Proportional Integral controller Enhanced) and FQ-PIE (Fair Queueing Proportional Integral controller Enhanced).<br><br>Support for the “Virtual Interrupt Delivery” feature of Intel® VT-x is enabled if supported by the CPU. This feature can be disabled by running sysctl hw.vmm.vmx.use_apic_vid=0. Additionally, to persist this setting across reboots, add hw.vmm.vmx.use_apic_vid=0 to /etc/sysctl.conf.<br><br>Support for “Posted Interrupt Processing” is enabled if supported by the CPU. This feature can be disabled by running sysctl hw.vmm.vmx.use_apic_pir=0. Additionally, to persist this setting across reboots, add hw.vmm.vmx.use_apic_pir=0 to /etc/sysctl.conf.<br><br>The bhyve(8) hypervisor has been updated to support AMD® processors with SVM and AMD-V hardware extensions.<br><br>Support for PCI Single Root I/O Virtualization (SR-IOV) has been introduced, allowing the creation of PCI Virtual Functions (VFs) for device drivers that support SR-IOV. See iovctl(8) for details on creating and configuring VFs.<br>Known Issues<br><br>UEFI issues with the amd64 ISO. We’re going to address these in the 2.0.1 release. <br><br>Upgrading perl from 1.2 is not working with buildworld. <br><br>Sometimes you’ll get an error with mandoc, just try reinstalling src/usr.bin/man if this is crashing. (rare build issue)<br><br>Mport package manager has 3 known issues: <br><span class="Apple-tab-span" style="white-space:pre"> </span>• Some PLIST files are causing issues with @() syntax in setting permissions when partially defined. A fix is coming in a later update for this. <br><span class="Apple-tab-span" style="white-space:pre"> </span>• mport deleteall is not catching all packages on the first pass. You may need to run it a few times. <br><span class="Apple-tab-span" style="white-space:pre"> </span>• mport upgrade or update paths are not always finding new dependencies. Work is underway on this as well. <br><br>In some cases, you may get an error about updating /etc/nsswitch.conf at startup. This is an issue with the mdns related features. Either disable mDNSresponder or modify the hosts like to be<br>Hosts: files mdns dns<br><br>There are two mports that are broken which are causing issues and will be the highest priority after the release: <br>Mono (amd64 and i386)<br>tex-formats (i386 only)<br><br><br><br><br>Lucas Holt<br>Luke@FoolishGames.com<br>________________________________________________________<br>MidnightBSD.org (Free OS)<br>JustJournal.com (Free blogging)<br><br><br><br><br></div></body></html>