FreeBSD 11.2-RELEASE Release Notes

The release notes for FreeBSD 11.2-RELEASE contain a summary of the changes made to the FreeBSD base system on the 11.2-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.

This document contains the release notes for FreeBSD 11.2-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.

This distribution of FreeBSD 11.2-RELEASE is a release distribution. It can be found at https://www.FreeBSD.org/releases/ or any of its mirrors. More information on obtaining this (or other) release distributions of FreeBSD can be found in the Obtaining FreeBSD' appendix to the FreeBSD Handbook.

All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with "late-breaking" information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 11.2-RELEASE can be found on the FreeBSD Web site.

This document describes the most user-visible new or changed features in FreeBSD since 11.1-RELEASE. In general, changes described here are unique to the 11.2-STABLE branch unless specifically marked as MERGED features.

Typical release note items document recent security advisories issued after 11.1-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.

[amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC kernels distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded have Internet connectivity.

Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING.

This section lists the various Security Advisories and Errata Notices since 11.1-RELEASE.

This section covers changes and additions to userland applications, contributed software, and system utilities.

The ln(1) utility has been updated to correct the behavior of the -F flag by unlinking an existing directory before creating a symbolic link. (r321092)

The crontab(1) utility has been updated to include a new flag, -f, which forces crontab(5) removal when -r is used non-interactively. (r321241)

The newsyslog(8) utility has been updated to support RFC5424-compliant messages when rotating system logs. (r321262)

The sesutil(8) utility has been updated to include libxo(3) support in output. (r321287) (Sponsored by Gandi.net)

The diskinfo(8) utility has been updated to include two new flags, -s which displays the disk identity (usually the serial number), and -p which displays the physical path to the disk in a storage controller. The -s and -p flags are mutually exclusive, and cannot be used with any other flags. (r321927)

The diskinfo(8) utility has also been updated to include device model when the -s flag is used. (r321929)

The top(1) utility has been updated to allow filtering on multiple user names when the -U flag is used. (r322509)

The bsdgrep(1) utility has been updated to include a rgrep hard link to grep(1), which when used is equivalent to grep -r. (r322525)

The bsdgrep(1) utility has been updated to address various issues with pattern matching behavior. (r322555)

The umount(8) utility has been updated to include a new flag, -N, which is used to forcefully unmount an NFS mounted filesystem. (r322910)

The pw(8) utility has been updated to properly handle empty secondary group lists as an argument to the -G flag when using the usermod subcommand. (r322919)

The getconf(1) utility has been updated to include a new flag, -a, which prints the name and value of all system or path configuration values to stdout(4) or optionally a file as an argument to -a. (r324124) (Sponsored by Chelsio Communications)

The ps(1) utility has been updated to reflect realtime and idle priorities in state flags. (r324270)

The ps(1) utility has been updated to display if a process is running with capsicum(4) capability mode, indicated by C. (r324271)

The cpucontrol(8) utility has been updated to include a new flag, -n, that disables the default microcode update search path when used. (r324380)

The fsck_ffs(8) utility has been updated to prevent a filesystem from being reported as modified when only the timestamp in the superblock is updated. (r324674)

The diskinfo(8) utility has been updated to display disk rotation rate and if TRIM/UNMAP is supported by the disk. (r325003) (Sponsored by Spectra Logic)

The rsh(1) utility has been updated to include a new flag, -N, which disables shutdown of a socket sending path when used. (r325473)

The pfctl(8) utility has been updated to allow route-to to properly handle network interfaces with multiple IP addresses. (r326413)

The camcontrol(8) utility has been updated to include ZAC (Zoned-device ATA command set) information when the identify subcommand is used. (r326778) (Sponsored by Spectra Logic)

The pw(8) utility has been updated to correct handling of account expiration periods. (r326848)

The mdmfs(8) utility has been updated to support tmpfs(5). (r327592)

The lint(1) utility is not longer built by default. The WITH_LINT src.conf(5) option has been added to enable building and installing the utility. (r327837)

The cpucontrol(8) utility has been updated to include a new flag, -e, which is used to re-evaluate reported CPU features after applying firmware updates. (r327871)

The indent(1) utility has been updated to respect the SIMPLE_BACKUP_SUFFIX environment variable if set. (r328138)

The du(1) utility has been updated to include the --si long option, which is used to display output in "human-readable" output in powers of 1000. (r328139)

The df(1) utility has been updated to include the --si long option, which is an alias to -H. (r328140)

The service(8) utility has been updated to include a new flag, -j, which is used to interact with services running within a jail(8). The argument to -j can be either the name or numeric jail ID. (r328599)

The fsck_ffs(8) utility has been updated to exit with a non-zero status when the filesystem is not repaired. (r328604) (Sponsored by Dell EMC)

The nvmecontrol(8) utility has been updated to print the full 128 bit value for SMART data, instead of the hexadecimal value. (r328668)

The nvmecontrol(8) utility has been updated to include control options for Western Digital HGST drives. The new options are cap-diag, get-crash-dump, drive-log, purge, and purge-monitor. (r328716)

The dhclient(8) utility has been updated to be more compliant with RFC2131 by setting the source address field in the IP header to 0 when sending a DHCPREQUEST message to attempt to obtain a previously-assigned IP address. (r330692) (Sponsored by Dell EMC)

The pw(8) utility has been updated to allow the @ and ! characters in the GECOS field. (r330694) (Sponsored by Dell EMC)

The zfsd(8) utility has been updated to work with any type of GEOM provider, including md(4), geli(8), glabel(8), and gstripe(8). (r330733) (Sponsored by Spectra Logic)

The ps(1) utility has been updated to include a jail keyword, which when used will list the name of a jail(8) instead of the numeric ID. (r331471)

The mlx5tool(8) utility has been added, which is used to manage Connect-X 4 and Connect-X 5 devices supported by mlx5io(4). (r331586) (Sponsored by Mellanox Technologies)

The sysctl(8) utility has been updated to support setting an array of values to nodes. Prior to this change, sysctl(8) could only set one value to a node that may return multiple values when queried. (r331603) (Sponsored by Chelsio Communications)

The ifconfig(8) utility has been updated to include a random option, which when used with the ether option, generates a random MAC address for an interface. (r331729)

The efibootmgr(8) utility has been added, which is used to manipulate the EFI boot manager. (r332126) (Sponsored by Netflix)

The etdump(1) utility has been added, which is used to view El Torito boot catalog information. (r332947)

The mount(8) utility has been updated to allow fallback to mount media read-only if an attempt to mount write-protected media read-write fails. This behavior is disabled by default, and can be requested with the new autoro option. (r322753)

The makefs(8) utility has been updated to default the block and fragment sizes to match that of newfs(8), 32K and 4K, respectively. (r332460) (Sponsored by The FreeBSD Foundation)

The pwd_mkdb(8) utility has been updated to emit a notice that legacy database support will be removed effective FreeBSD 12 when the -l flag is used. (r332929) (Sponsored by The FreeBSD Foundation)

The dhclient(8) utility has been updated to allow the interface-mtu option to be overridden with a supersede entry in dhclient.conf(5). (r334789)

The libarchive(3) library has been updated to version 3.3.2. (r321303)

Subversion has been updated to version 1.9.7. (r322442)

The dtc(1) utility has been updated to upstream commit 9ce35ff8. (r328495)

The file(1) utility has been updated to version 5.32. (r328874)

OpenSSH has been updated to version 7.5p1. (r323136)

The mandoc(1) utility has been updated to version 1.14.3. (r324581)

The tcpdump(1) utility has been updated to version 4.9.2. (r327234)

The NTP utilities have been updated to version 4.2.8p11. (r330106)

The less(1) utility has been updated to upstream version v530. (r330570)

The bmake utility has been updated to upstream version 20180222. (r331246)

The BSD-licensed diff(1) utility has been imported from OpenBSD, which is installed if WITHOUT_GNU_DIFF is set in src.conf(5), and otherwise not installed by default. (r331465)

OpenSSL has been updated to version 1.0.2o. (r331638)

The clang, llvm, lld, lldb, and compiler-rt utilities as well as libc++ have been updated to upstream version 6.0.0. (r331838)

Timezone data files have been updated to version 2018e. (r333312)

The libxo(3) library has been updated to version 0.9.0. (r334458)

[arm64] The bsdinstall(8) installer has been updated to default to UEFI-only boot. (r322254) (Sponsored by The FreeBSD Foundation)

This section covers changes to kernel configurations, system tuning, and system control parameters that are not otherwise categorized.

The linux(4) ABI compaibility layer has been updated to include support for musl consumers. (r321007)

The fdescfs(5) filesystem has been updated to support Linux -specific fd(4) /dev/fd and /proc/self/fd behavior. (r322340)

Support for multiple realtime clocks has been added. (r323447)

The ng_iface(4) driver has been updated to prevent a possible system crash. (r324175)

The ipfw(4) packet filter has been updated to identify layer-2 and layer-3 packets, fixing dummynet(4) AQM packet marking. (r325730)

An issue causing boot issues with Intel® Apollo Lake™ CPUs has been fixed. (r333166)

The watchdog(4) facility has been updated to make SW_WATCHDOG dynamic, enabling the software watchdogd(8) option whenever a hardware watchdog is not present. (r327920)

The p1003_1b.aio_listio_max sysctl(8) has been changed to a runtime-configurable tunable. (r326322) (Sponsored by Spectra Logic)

This section covers changes and additions to devices and device drivers since 11.1-RELEASE.

The cxgbe(4) driver has been updated to firmware version 1.16.63.0 for T4, T5, and T6 network adapters. (r330307) (Sponsored by Chelsio Communications)

The ng_pppoe(4) driver has been updated to add support for user-supplied Host-Uniq tags. (r331058)

Support for the TAIO USB multi-protocol adapter (TUMPA) has been added. (r331500)

The mlx5io(4) driver has been added, providing an interface to manage supported Connect-X 4 and Connect-X 5 network adapters. (r331586) (Sponsored by Mellanox Technologies)

The cm(4) and fpa(4) drivers have been marked as deprecated, and will be removed in FreeBSD 12. (r331882) (Sponsored by DARPA, AFRL)

The ocs_fc(4) driver has been added, supporting Emulex 16/8G FC GEN 5 HBAs LPe15004 and LPe160XX, and Emulex 32/16G FC GEN 6 HBAs LPe3100X and LPe3200X. (r332040) (Sponsored by Broadcom Limited)

The ixgb(4) driver has been marked as deprecated, and will be removed in FreeBSD 12. (r333171)

The ixl(4) driver has been updated to version 1.9.9-k. (r333343) (Sponsored by Intel Corporation)

The nxge(4) driver has been marked as deprecated, and will be removed in FreeBSD 12. (r333367)

The lmc(4) driver has been marked as deprecated, and will be removed in FreeBSD 12. (r333412) (Sponsored by The FreeBSD Foundation)

The smartpqi(4) driver has been added, providing support for Microsemi SCSI controllers. (r333417)

The vxge(4) driver has been marked as deprecated, and will be removed in FreeBSD 12. (r333738)

This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document.

Support for virtio_console(4) has been added to bhyve(4). (r321413)

This section covers changes and additions to file systems and other storage subsystems, both local and networked.

The geom_aes, geom_bsd, geom_mbr, geom_sunlabel geom(4) classes have been marked as deprecated. They have been replaced by the geom_part class in FreeBSD 7, and removed from the GENERIC kernel configurations in FreeBSD 8, and will be removed in FreeBSD 12. (r332519)

This section covers the boot loader, boot menu, and other boot-related changes.

The boot code and loader(8) have been updated to check for unsupported ZFS feature flags. If unsupported features are active, the pool is not considered as a bootable pool, and a diagnostic message is printed to the console. (r321519)

The loader(8) has been updated to improve quotation parsing, distinguishing between single- and double-quotes, and check for terminating quotes. (r329010)

The length of GELI passphrases entered when booting a system with encrypted disks is now hidden by default. See the configuration options in geli(8) to restore the previous behavior. (r329114)

This section describes changes that affect networking in FreeBSD.

The icmp6(4) protocol has been updated to fix ICMPv6 redirects. (r329581) (Sponsored by Dell EMC)

This section covers changes to the FreeBSD Ports Collection, package infrastructure, and package maintenance and installation tools.

The pkg(8) utility has been updated to version 1.10.5.

This section convers changes that are specific to the FreeBSD Release Engineering processes.

Amazon EC2™ instances now keep their clocks synchronized using the Amazon Time Sync Service, the NTP service internal to the EC2™ infrastructure. (r326892)

The i386 memory stick image installers have been changed to use the MBR partitioning scheme, which addresses a boot issue from a GPT partition scheme in non-UEFI mode. (r333410) (Sponsored by The FreeBSD Foundation)

The amd64 memory stick image installers have been changed to use the MBR partitioning scheme, which addresses a boot issue from a GPT partition scheme in non-UEFI mode. (r334444) (Sponsored by The FreeBSD Foundation)