About this Document............................................2 What is NetBSD?................................................2 Changes Between The NetBSD 6.1.3 and 6.1.4 Releases............2 Security Advisory Fixes.....................................2 Other Security Fixes........................................3 Miscellaneous...............................................3 The NetBSD Foundation..........................................3 Sources of NetBSD..............................................3 NetBSD 6.1.4 Release Contents..................................3 NetBSD/rs6000 subdirectory structure........................4 Binary distribution sets....................................5 NetBSD/rs6000 System Requirements and Supported Devices........6 Getting the NetBSD System on to Useful Media...................6 Preparing your System for NetBSD installation..................7 Installing the NetBSD System...................................7 Installing NetBSD by using a netboot setup..................7 Post installation steps.......................................10 Upgrading a previously-installed NetBSD System................12 Compatibility Issues With Previous NetBSD Releases............13 Issues affecting an upgrade from NetBSD 5.x releases.......13 Issues affecting an upgrade from NetBSD 4.x releases.......14 Using online NetBSD documentation.............................14 Administrivia.................................................15 Thanks go to..................................................15 We are........................................................16 Legal Mumbo-Jumbo.............................................22 The End.......................................................26
This document describes the installation procedure for
6.1.4 on the
It is available in four different formats titled
is one of
less(1)pager utility programs. This is the format in which the on-line man pages are generally presented.
You are reading the HTML version.
The NetBSD Operating System is a fully functional Open Source UNIX-like operating system derived from the University of California, Berkeley Networking Release 2 (Net/2), 4.4BSD-Lite, and 4.4BSD-Lite2 sources. NetBSD runs on 57 different system architectures (ports) across 15 distinct CPU families, and is being ported to more. The NetBSD 6.1.4 release contains complete binary releases for many different system architectures. (A few ports are not fully supported at this time and are thus not part of the binary distribution. Please see the NetBSD web site at http://www.NetBSD.org/ for information on them.)
NetBSD is a completely integrated system. In addition to its highly portable, high performance kernel, NetBSD features a complete set of user utilities, compilers for several languages, the X Window System, firewall software and numerous other tools, all accompanied by full source code.
NetBSD is a creation of the members of the Internet community. Without the unique cooperation and coordination the net makes possible, it's likely that NetBSD wouldn't exist.
NetBSD 6.1.4 is the fourth critical/security update of the NetBSD 6.1 release branch. It represents a selected subset of fixes deemed critical for security or stability reasons.
The complete list of changes can be found in the CHANGES-6.1.4: http://ftp.NetBSD.org/pub/NetBSD/NetBSD-6.1.4/CHANGES-6.1.4 file in the top level directory of the NetBSD 6.1.4 release tree. An abbreviated list is as follows:
Advisories prior to NetBSD-SA2014-003 do not affect NetBSD 6.1.4: http://www.NetBSD.org/support/security/patches-6.1.4.html.
Foundation is a tax exempt, not-for-profit 501(c)(3) corporation
that devotes itself to the traditional goals and Spirit of the
Project and owns the trademark of the word
It supports the design, development, and adoption of
More information on the
Foundation, its composition, aims, and work can be found at:
The root directory of the NetBSD 6.1.4 release is organized as follows:
In addition to the files and directories listed above, there is one directory per architecture, for each of the architectures for which NetBSD 6.1.4 has a binary distribution.
The source distribution sets can be found in subdirectories of the
subdirectory of the distribution tree.
They contain the complete sources to the system.
The source distribution sets are as follows:
All the above source sets are located in the
subdirectory of the distribution tree.
The source sets are distributed as compressed tar files.
Except for the
set, which is traditionally unpacked into
all sets may be unpacked into
with the command:
# cd / ; tar -zxpf set_name.tgz
In each of the source distribution set directories, there are files which contain the checksums of the files in the directory:
The SHA512 digest is safer, but MD5 checksums are provided so that a wider range of operating systems can check the integrity of the release files.
rs6000subdirectory of the distribution:
.../NetBSD-6.1.4/rs6000/. It contains the following files and directories:
.morefile contains underlined text using the
more(1)conventions for indicating italic and bold display.
rs6000/binary/setssubdirectory of the NetBSD 6.1.4 distribution tree, and are as follows:
/usr/include) and the various system libraries (except the shared libraries, which are included as part of the base set). This set also includes the manual pages for all of the utilities it contains, as well as the system call and library manual pages.
/etcand in several other places. This set must be installed if you are installing the system from scratch, but should not be used if you are upgrading.
/netbsd. You must install this distribution set.
groff(1), all related programs, and their manual pages.
NetBSD maintains its own set of sources for the X Window System in order to assure tight integration and compatibility. These sources are based on X.Org. Binary sets for the X Window System are distributed with NetBSD. The sets are:
The rs6000 binary distribution sets are distributed as gzipped tar files
named with the extension
The instructions given for extracting the source sets work equally
well for the binary sets, but it is worth noting that if you use that
method, the filenames stored in the sets are relative and therefore
the files are extracted
below the current directory.
Therefore, if you want to extract the binaries into your system, i.e.
replace the system binaries with them, you have to run the
command from the root directory (
) of your system.
Since NetBSD/rs6000 is an experimental port, the hardware support is in a constant state of flux. Check the port-prep@NetBSD.org mailing list and the NetBSD/rs6000 port homepage for an up-to-date list of known supported hardware. http://www.NetBSD.org/ports/rs6000/
6.1.4 works diskless via netboot.
Installation is supported from several media types, including:
The steps necessary to prepare the distribution sets for installation depend upon which installation medium you choose. The steps for the various media are outlined below.
Proceed to the instructions on installation.
Once you have this information, you can proceed to the next step in the installation or upgrade process. If you're installing NetBSD from scratch, go to the section on preparing your hard disk, below. If you're upgrading an existing installation, go directly to the section on upgrading.
/etc/exportsfile on the NFS server and resetting its mount daemon (mountd). (Both of these actions will probably require superuser privileges on the server.)
You need to know the numeric IP address of the NFS server, and, if you don't have DHCP available on your network and the server is not on a network directly connected to the machine on which you're installing or upgrading NetBSD, you need to know the numeric IP address of the router closest to the NetBSD machine. Finally, you need to know the numeric IP address of the NetBSD machine itself.
Once the NFS server is set up properly and you have the information mentioned above, you can proceed to the next step in the installation or upgrade process. If you're installing NetBSD from scratch, go to the section on preparing your hard disk, below. If you're upgrading an existing installation, go directly to the section on upgrading.
If you're making the tape on a UNIX-like system, the easiest way to do so is probably something like:
# tar -cf tape_device dist_directories
is the name of the tape device that
describes the tape drive you're using; possibly
or something similar, but it will vary from system to system.
(If you can't figure it out, ask your system administrator.)
In the above example,
distribution sets' directories, for the distribution sets you
wish to place on the tape.
For instance, to put the
kern-GENERIC, base, and etc
distributions on tape (in
order to do the absolute minimum installation to a new disk),
you would do the following:
# cd .../NetBSD-6.1.4
# cd rs6000/binary
# tar -cf tape_device kern-GENERIC base etc
Once you have the files on the tape, you can proceed to the next step in the installation or upgrade process. If you're installing NetBSD from scratch, go to the section on preparing your hard disk, below. If you're upgrading an existing installation, go directly to the section on upgrading.
To netboot a rs6000, you must configure one or more servers to provide
information and files to your rs6000 (the
If you are using
(any architecture) on your netboot server(s), the information
provided here should be sufficient to configure everything.
Additionally, you may wish to look at the
manual page and the manual pages for each daemon you'll be configuring.
If the server(s) are another operating system, you should consult the
NetBSD Diskless HOW-TO, which will walk you through the steps necessary to
configure the netboot services on a variety of platforms.
You may either netboot the installer so you can install onto a locally attached disk, or you may run your system entirely over the network.
Briefly, the netboot
process involves discovery, bootstrap, kernel and file system stages.
In the first stage, the client discovers information
about where to find the bootstrap program.
Next, it downloads and executes the bootstrap program.
The bootstrap program goes through another discovery phase to determine
where the kernel is located.
The bootstrap program tries to mount the NFS share containing the kernel.
Once the kernel is loaded, it starts executing.
For RAM disk kernels, it mounts the RAM disk file system and begins
executing the installer from the RAM disk.
For normal (non-RAM disk) kernels, the
kernel tries to mount the NFS share that had the kernel and starts
the installation tools or
TFTP is used in the bootstrap phase to download
NFS is used in both the kernel and file system stages to download the
kernel, and to access files on the file server.
We will use
as the MAC address (ethernet hardware address) of your netboot client
You should have determined this address in an earlier stage.
In this example, we will use
as the IP address of your client and
as its name.
We will assume you're providing all of your netboot services
on one machine called
with the client's files exported from the directory
You should, of course, replace all of these with the names, addresses,
and paths appropriate to your environment.
You should set up each netboot stage in order (i.e., discovery, bootstrap, kernel, and then file system) so that you can test them as you proceed.
The default configuration of the TFTP server is to run in a
environment in the
Thus, the first order of business is to create this directory:
# mkdir -p /tftpboot
and uncomment the line with the TFTP daemon:
tftp dgram udp wait root /usr/libexec/tftpd tftpd -l -s /tftpboot
If the server is running
you can achieve this with:
# /etc/rc.d/inetd restart
Now, you need to copy the
for your rs6000 machine to
Just to be sure, let's make everything readable.
# chmod -R a+rX /tftpboot
table gets messed up, and the TFTP server can't communicate with the
In this case, it will write a log message (via
tftpd: write: Host is down'.
If this is the case, you may need to force the server to map your client's
ethernet address to its IP address:
# arp -s client CC:CC:CC:CC:CC:CC
Now your system should be able to load the bootstrap program and start looking for the kernel. Let's set up the NFS server. Create the directory you are exporting for the netboot client:
# mkdir -p /export/client/root
Put the following line in
to enable NFS sharing:
/export/client/root -maproot=root client.test.net
If your server is currently running an NFS server, you only need to
Otherwise, you need to start
If the server is running
you can achieve this with:
# /etc/rc.d/rpcbind start # /etc/rc.d/nfsd start # /etc/rc.d/mountd restart
Now, if you place a kernel named
your client should boot the kernel.
You can skip this step if you do not plan to run your client diskless after installation. Otherwise, you need to extract and set up the client's installation of NetBSD. The Diskless HOW-TO describes how to provide better security and save space on the NFS server over the procedure listed here. See http://www.NetBSD.org/docs/network/netboot/nfs.html for details.
# cd /export/client/root # tar -xpzf /path/to/files/base.tgz # tar -xpzf /path/to/files/etc.tgz
Continue with the other non-essential distribution sets if desired.
# mkdir /export/client/root/swap # dd if=/dev/zero of=/export/client/swap bs=4k count=4k # echo '/export/client/swap -maproot=root:wheel client.test.net' | cat >> /etc/exports # /etc/rc.d/mountd restart
# cd /export/client/root/dev # ./MAKEDEV all
This procedure only works on NetBSD hosts.
Create a file in
with the following lines:
server:/export/client/swap none swap sw,nfsmntpt=/swap server:/export/client/root / nfs rw 0 0
rc_configured=YES hostname="client" defaultroute="192.168.1.1" nfs_client=YES auto_ifconfig=NO net_interfaces=""
Make sure rc does not reconfigure the network device since it will lose its connection to the NFS server with your root file system.
::1 localhost 127.0.0.1 localhost 192.168.1.10 client.test.net client 192.168.1.5 server.test.net server
If you want
these services to start up every time you boot
your server, make sure the following lines are present in your
nfs_server=YES # enable server daemons mountd=YES rpcbind=YES rpcbind_flags="-l" # -l logs libwrap
Also, you'll need to make sure the
Once you've got the operating system running, there are a few things you need to do in order to bring the system into a properly configured state. The most important steps are described below.
If you or the installation software haven't done any configuration of
the system will drop you into single user mode on first reboot with the
and with the root file system
When the system asks you to choose a shell, simply press
to get to a
If you are asked for a terminal type, respond with
(or whatever is appropriate for your terminal type)
You may need to type one of the following commands to get your delete key
to work properly, depending on your keyboard:
# stty erase '^h'
# stty erase '^?'
At this point, you need to configure at least one file in the
You will need to mount your root file system read/write with:
# /sbin/mount -u -w /
Change to the
directory and take a look at the
Modify it to your tastes, making sure that you set
so that your changes will be enabled and a multi-user boot can
Default values for the various programs can be found in
where some in-line documentation may be found.
More complete documentation can be found in
When you have finished editing
at the prompt to
leave the single-user shell and continue with the multi-user boot.
Other values that may need to be set in
for a networked environment are
You may also need to add an
along the lines of
or, if you have
To enable proper hostname resolution, you will also want to add an
file or (if you are feeling a little more adventurous) run
for more information.
Instead of manually configuring network and naming service,
DHCP can be used by setting
Other files in
that may require modification or setting up include
After reboot, you can log in as
at the login prompt.
Unless you've set a password in
is no initial password.
You should create an account for yourself (see below) and protect it and the
account with good passwords.
By default, root login from the network is disabled (even via
One way to become root over the network is to log in as a different
user that belongs to group
to become root.
command to add accounts to your system.
if you want to edit the password database.
If you installed the X Window System, you may want to read the chapter about X in the NetBSD Guide: http://netbsd.org/docs/guide/en/chap-x.html
If you wish to install any of the software freely available for UNIX-like systems you are strongly advised to first check the NetBSD package system, pkgsrc. pkgsrc automatically handles any changes necessary to make the software run on NetBSD. This includes the retrieval and installation of any other packages on which the software may depend.
rs6000/6.1.4/Allsubdir. If you installed
pkgin(1)in the sysinst post-installation configuration menu, you can use it to automatically install binary packages over the network. Assuming that
/usr/pkg/etc/pkgin/repositories.confis correctly configured, you can install them with the following commands:
# pkgin install tcsh # pkgin install bash # pkgin install perl # pkgin install apache # pkgin install kde # pkgin install firefox ...
The above commands will install the Tenex-csh and Bourne Again shells, the Perl programming language, Apache web server, KDE desktop environment and the Firefox web browser as well as all the packages they depend on.
pkgsrc(7)framework for compiling packages can be obtained by retrieving the file ftp://ftp.NetBSD.org/pub/pkgsrc/pkgsrc.tar.gz. It is typically extracted into
/usr/pkgsrc(though other locations work fine) with the commands:
# cd /usr
# tar -zxpf pkgsrc.tar.gz
After extracting, see the
file in the extraction directory (e.g.,
for more information.
/etc/mail/aliasesto forward root mail to the right place. Don't forget to run
/etc/postfix/main.cffile will almost definitely need to be adjusted. If you prefer a different MTA, then install it using pkgsrc or by hand and adjust
/etc/rc.localto run any local daemons you use.
/etcfiles are documented in section 5 of the manual; so just invoking
# man 5 filename
is likely to give you more information on these files.
The easiest way to upgrade to NetBSD 6.1.4 is with binaries, and that is the method documented here.
To do the upgrade, you must have one form of boot media available.
You must also have at least the
binary distribution sets available.
Finally, you must have sufficient disk space available to install the
Since files already installed on the system are overwritten in place,
you only need additional free space for files which weren't previously
installed or to account for growth of the sets between releases.
If you have a few megabytes free on each of your root
partitions, you should have enough space.
Since upgrading involves replacing the kernel, boot blocks, and most of the system binaries, it has the potential to cause data loss. You are strongly advised to back up any important data on the NetBSD partition or on another operating system's partition on your disk before beginning the upgrade process.
The upgrade procedure
is similar to an installation, but without the hard disk partitioning.
will attempt to merge the settings stored in your
directory with the new version of
Also, file systems are checked before unpacking the sets.
Fetching the binary
sets is done in the same manner as the installation procedure;
refer to the installation part of the document for help.
After a new kernel has been copied to your hard disk, your
machine is a complete
However, that doesn't mean that you're finished with the upgrade process.
You will probably want to update the set of device
nodes you have in
If you've changed the contents of
by hand, you will need to be careful about this, but if
not, you can just cd into
and run the command:
# sh MAKEDEV all
Finally, you will want to delete old binaries that were part
of the version of
that you upgraded from and have since been removed from the
Users upgrading from previous versions of NetBSD may wish to bear the following problems and compatibility issues in mind when upgrading to NetBSD 6.1.4.
Note that sysinst will automatically invoke
The pthread libraries from previous versions of
require that the
be set to
This affects the following environments:
The 5.0 kernel defaults to
which covers the first case.
However, please note that a full installation of 5.0
(either from scratch or through an upgrade)
to 1 during the boot process.
This means that for the last two cases, you will have to manually set
using either the
command or through
The implementation of SHA2-HMAC in KAME_IPSEC as used in NetBSD-5 and before did not comply to current standards. FAST_IPSEC does, with the result that old and new systems cannot communicate over IPSEC, if one of the affected authentication algorithms (hmac_sha256, hmac_sha384, hmac_sha512) is used.
The following issues can generally be resolved by running postinstall with the etc set:
postinstall -s /path/to/etc.tgz check postinstall -s /path/to/etc.tgz fix
Issues fixed by postinstall:
/etcneed upgrading. These include:
The following issues need to be resolved manually:
mount(8)command now requires the nosuid and nodev options to be explicitly specified. Previously, these options were automatically enforced even if they were not explicitly specified.
Documentation is available if you installed the manual
(documentation) are denoted by
Some examples of this are
The section numbers group the topics into several categories, but three are of primary interest: user commands are in section 1, file formats are in section 5, and administrative information is in section 8.
The man command is used to view the documentation on a topic, and is started by entering man [section] topic. The brackets  around the section should not be entered, but rather indicate that the section is optional. If you don't ask for a particular section, the topic with the lowest numbered section name will be displayed. For instance, after logging in, enter
# man passwd
to read the documentation for
To view the documentation for
# man 5 passwd
If you are unsure of what man page you are looking for, enter
# apropos subject-word
where subject-word is your topic of interest; a list of possibly related man pages will be displayed.
If you've got something to say, do so! We'd like your input. There are various mailing lists available via the mailing list server at majordomo@NetBSD.org. To get help on using the mailing list server, send mail to that address with an empty body, and it will reply with instructions. See http://www.NetBSD.org/mailinglists/ for a web interface.
There are various mailing lists set up to deal with comments and questions about this release. Please send comments to: netbsd-comments@NetBSD.org.
To report bugs, use the
command shipped with
and fill in as much information about the problem as you can.
Good bug reports include lots of details.
Bugs also can be submitted and queried with the web interface at http://www.NetBSD.org/support/send-pr.html
There are also port-specific mailing lists, to discuss aspects of each port of NetBSD. Use majordomo to find their addresses, or visit http://www.NetBSD.org/mailinglists/
If you're interested in doing a serious amount of work on a specific port, you probably should contact the `owner' of that port (listed below).
If you'd like to help with this effort, and have an idea as to how you could be useful, send us mail or subscribe to: netbsd-users@NetBSD.org.
As a favor, please avoid mailing huge documents or files to these mailing lists. Instead, put the material you would have sent up for FTP or WWW somewhere, then mail the appropriate list about it, or, if you'd rather not do that, mail the list saying you'll send the data to those who want it.
Keith Bostic Ralph Campbell Mike Karels Marshall Kirk McKusick
for their work on BSD systems, support, and encouragement.
(in alphabetical order)
|The NetBSD core group:|
|The portmasters (and their ports):|
|Valeriy E. Ushakov||uwe||hpcsh|
|Valeriy E. Ushakov||uwe||landisk|
|The NetBSD 6.1.4 Release Engineering team:|
|Alistair G. Crooks||agc@NetBSD.org|
|Jeremy C. Reed||reed@NetBSD.org|
|Robert V. Baron||rvb@NetBSD.org|
|D'Arcy J.M. Cain||darcy@NetBSD.org|
|Taylor R. Campbell||riastradh@NetBSD.org|
|Chris G. Demetriou||cgd@NetBSD.org|
|Tracy Di Marco White||gendalia@NetBSD.org|
|Jaime A Fournier||ober@NetBSD.org|
|Michael van Elst||mlelstv@NetBSD.org|
|Jason R. Fink||jrf@NetBSD.org|
|Matt J. Fleming||mjf@NetBSD.org|
|Liam J. Foy||liamjfoy@NetBSD.org|
|Simon J. Gerraty||sjg@NetBSD.org|
|Oliver V. Gould||ver@NetBSD.org|
|Jun-ichiro itojun Hagino||itojun@NetBSD.org|
|Charles M. Hannum||mycroft@NetBSD.org|
|Michael L. Hitch||mhitch@NetBSD.org|
|David A. Holland||dholland@NetBSD.org|
|Christian E. Hopps||chopps@NetBSD.org|
|Love Hörnquist Åstrand||lha@NetBSD.org|
|Lonhyn T. Jasinskyj||lonhyn@NetBSD.org|
|Min Sik Kim||minskim@NetBSD.org|
|Jonathan A. Kollasch||jakllsch@NetBSD.org|
|Johnny C. Lam||jlam@NetBSD.org|
|Martin J. Laubach||mjl@NetBSD.org|
|Frank van der Linden||fvdl@NetBSD.org|
|Cherry G. Mathew||cherry@NetBSD.org|
|Jared D. McNeill||jmcneill@NetBSD.org|
|Neil J. McRae||neil@NetBSD.org|
|Julio M. Merino Vidal||jmmv@NetBSD.org|
|Constantine A. Murenin||cnst@NetBSD.org|
|Zoltán Arnold NAGY||zoltan@NetBSD.org|
|Jeremy C. Reed||reed@NetBSD.org|
|Tyler R. Retzlaff||rtr@NetBSD.org|
|Blair J. Sadewitz||bjs@NetBSD.org|
|Karl Schilke (rAT)||rat@NetBSD.org|
|Thor Lancelot Simon||tls@NetBSD.org|
|T K Spindler||dogcow@NetBSD.org|
|Valeriy E. Ushakov||uwe@NetBSD.org|
|Mike M. Volokhov||mishka@NetBSD.org|
All product names mentioned herein are trademarks or registered trademarks of their respective owners.
The following notices are required to satisfy the license terms of the software that we have mentioned in this document:
NetBSD is a registered trademark of The NetBSD Foundation, Inc.
In the following statement, the phrase ``this text'' refers to portions
of the system documentation.
Portions of this text are reprinted and reproduced in electronic form in
NetBSD, from IEEE Std 1003.1, 2004 Edition, Standard for
Information Technology -- Portable Operating System Interface (POSIX),
The Open Group Base Specifications Issue 6, Copyright (C) 2001-2004 by the
Institute of Electrical and Electronics Engineers, Inc and The Open Group.
In the event of any discrepancy between these versions and the original
IEEE and The Open Group Standard, the original IEEE and The Open Group
Standard is the referee document.
The original Standard can be obtained online at
This notice shall appear on any product containing this material
NetBSD is a registered trademark of The NetBSD Foundation, Inc.
In the following statement, the phrase ``this text'' refers to portions of the system documentation.
Portions of this text are reprinted and reproduced in electronic form in NetBSD, from IEEE Std 1003.1, 2004 Edition, Standard for Information Technology -- Portable Operating System Interface (POSIX), The Open Group Base Specifications Issue 6, Copyright (C) 2001-2004 by the Institute of Electrical and Electronics Engineers, Inc and The Open Group. In the event of any discrepancy between these versions and the original IEEE and The Open Group Standard, the original IEEE and The Open Group Standard is the referee document.
The original Standard can be obtained online at http://www.opengroup.org/unix/online.html.
This notice shall appear on any product containing this material