Table of Contents
This document is for people who wish to follow -current.
It contains information about changes from 5.7-release to -current,
and should NOT be used by anyone upgrading from 5.6 or earlier, or people
wishing to follow -stable.
If you wish to upgrade to 5.7-release or 5.7-stable from previous
versions, see the upgrade guide instead,
as what is here does not apply to 5.7.
Make sure you have read and understood
FAQ 5 - Building the System from Source
before using -current and the instructions below.
You should ALWAYS use a snapshot as the starting point for running
Upgrading by compiling your own source code is not supported.
Most of these changes will have to be performed as root.
2015/04/04 - [ports] rc script name changes
The rc scripts for some ports have changed their name to better match
the original upstream names and/or binary name:
Modify /etc/rc.conf.local accordingly:
- dbus_daemon → messagebus
- puppetmasterd → puppetmaster
- puppetd → puppet
perl -pi -e 's/dbus_daemon/messagebus/;' -e 's/puppetmasterd/puppetmaster/;' -e 's/puppetd/puppet/;' /etc/rc.conf.local
2015/04/24 - tip(1) removed
tip(1) has been removed in favour of cu(1):
rm /usr/bin/tip /usr/share/man/man1/tip.1
2015/04/27 - _file user added
A new _file user and group have been added to support privilege
separation in file(1). sysmerge(8) should be run to ensure it is added.
2015/04/28 - sshd default changed to PermitRootLogin no
sshd no longer allows root logins by default.
If you rely on this, you can reinstate it by adding "PermitRootLogin
without-password" or "PermitRootLogin yes" to /etc/ssh/sshd_config, and
reloading sshd configuration ("rcctl reload sshd").
Beware that root is a common target of password-guessing attacks,
so consider your options carefully before deviating from the default.
2015/05/02 - pf_rules and ipsec_rules removed from rc.conf(5)
The pf_rules and ipsec_rules variables have been removed from rc.conf(5): rc(8) will
now always use the default paths: /etc/pf.conf and /etc/ipsec.conf).
If you were relying on those to set a custom configuration path for
you must move your configuration to the standard path or create a default configuration
that will include your custom one.
echo 'include "/path/to/custom/pf.conf"' >/etc/pf.conf
2015/05/15 - [ports] www/apache-httpd updated to 2.4.12
Apache HTTPD is now at 2.4.12. When upgrading from 2.2.x releases manual
configuration changes may be required. See the Apache HTTPD 2.4 upgrade guide for details.
The ap2-mod_fastcgi and ap2-mod_fcgid ports have been superseded by
mod_proxy_fcgi which ships with Apache HTTPD 2.4 out of the box.
2015/05/17 - isatty(3) depends on new feature in fcntl(2)
An F_ISATTY feature was added to fcntl(2), and isatty(3) requires it.
Build a new kernel before updating libc.
2015/05/18 - spamd(8) PF rule change: rdr-to to divert-to
pf(4) rules for spamd(8) must be changed from rdr-to to divert-to rules; a
simple replacement should work. Additionally, spamd(8) now listens on 127.0.0.1
by default instead of 0.0.0.0.
2015/05/23 - ipsec.conf(5) default Diffie-Hellman group change
Automatic keying rules in ipsec.conf(5) now default to the modp3072
Diffie-Hellman group in both main mode and quick mode. isakmpd(8)
will fail to negotiate flows and security associations unless both
sides use the same cryptographic parameters. To make old
setups that still use the previous defaults communicate with the
new parameters, add "main group modp3072" and "quick group modp3072"
to the rules.
ike from 192.168.1.1 to 192.168.1.2 \
main group modp3072 quick group modp3072
2015/05/28 - CUPS GTK+2 plugin is now in a separate package
The plugin to allow printer selection from GTK+2 applications, previously in
the main GTK+2 package, has now been separated.
To be able to use CUPS printers from these applications (including GIMP,
Firefox, etc), install the gtk+2-cups package.
$OpenBSD: current.html,v 1.608 2015/05/28 00:38:05 sthen Exp $