ProHoster > Blog > internet nhau > FreeBSD 13.1 kuburitswa

FreeBSD 13.1 kuburitswa

Mushure megore rekusimudzira, FreeBSD 13.1 yakaburitswa. Mifananidzo yekuisa inowanikwa yeamd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64 uye riscv64 architectures. Pamusoro pezvo, magungano akagadzirirwa virtualization masisitimu (QCOW2, VHD, VMDK, mbishi) uye makore nharaunda Amazon EC2, Google Compute Injini uye Vagrant.

Mushanduro itsva:

  • Mutyairi weiwlwifi akakumbirwa Intel wireless makadhi ane rutsigiro rwemachipisi matsva uye 802.11ac standard. Mutyairi akavakirwa paLinux mutyairi uye kodhi kubva kune net80211 Linux subsystem, iyo inomhanya paFreeBSD uchishandisa linuxkpi layer.
  • Iyo ZFS faira system yekumisikidza yakagadziridzwa kusvika pakuburitswa kweOpenZFS 2.1 nerutsigiro rwe dRAID (Distributed Spare RAID) tekinoroji uye kwakakosha kuita optimizations.
  • Iyo nyowani rc script zfkeys yakawedzerwa, iyo iwe yaunogona kuronga otomatiki decryption yeyakavharidzirwa ZFS zvikamu padanho rekutanga.
  • Iyo network stack yachinja maitiro eIPv4 kero ine inoteedzera zero nhamba (xxx0), iyo inogona kushandiswa semugamuchiri uye isiri kutepfenyurwa nekusingaperi. Maitiro ekare anogona kudzoserwa uchishandisa sysctl net.inet.ip.broadcast_lowest.
  • Kune 64-bit zvivakwa, kuvaka iyo base system uchishandisa PIE (Position Yakazvimirira Inobuditswa) modhi inogoneswa nekusarudzika. Kudzima, iyo WITHOUT_PIE marongero anopihwa.
  • Yakawedzera kugona kufonera chroot nemaitiro asina rusaruro ine NO_NEW_PRIVS mureza set. Iyo modhi inogoneswa uchishandisa sysctl security.bsd.unprivileged_chroot. Iyo "-n" sarudzo yakawedzerwa kune chroot utility, iyo inoseta NO_NEW_PRIVS mureza weiyo maitiro usati waiparadzanisa.
  • Mamiriro ekugadzirisa otomatiki edisk partitions akawedzerwa kune bsdinstall installer, zvichikutendera kuti ubatanidze magwaro ekuparadzanisa anoshanda pasina kupindira kwemushandisi kune akasiyana dhisiki mazita. Iyo yakarongwa ficha inorerutsa kugadzirwa kweatomatiki kushanda yekuisa midhiya yemasisitimu uye chaiwo michina ine dhisiki dzakasiyana.
  • Yakavandudzwa bhutsu rutsigiro pane UEFI masisitimu. Iyo bootloader inogonesa kugadzirisa otomatiki kweiyo copy_staging parameter zvichienderana nekugona kweiyo yakatakura kernel.
  • Basa rakaitwa kuti rivandudze kushanda kwebhootloader, nvme, rtsold, kutanga pseudo-random nhamba jenareta uye timer calibration, izvo zvakaita kuti kuderedzwa kwebhoti nguva.
  • Yakawedzerwa rutsigiro rweNFS pamusoro peyakavanzika yekutaurirana chiteshi yakavakirwa paTLS 1.3. Kuitwa kutsva kunoshandisa kernel-yakapihwa TLS stack kugonesa hardware kukurumidza. Inovaka rpc.tlsclntd uye rpc.tlsservd maitiro ane NFS-pamusoro-TLS mutengi uye kushandisa server, inogoneswa nekusarudzika kune amd64 uye arm64 zvivakwa.
  • Kune NFSv4.1 uye 4.2, iyo nconnect gomo sarudzo yaitwa, iyo inosarudza nhamba yeTCP yekubatanidza yakagadzwa neserver. Kubatana kwekutanga kunoshandiswa kune madiki mameseji eRPC, uye mamwe ese anoshandiswa kuenzanisa traffic neiyo inofambiswa data.
  • Kune sevha yeNFS, sysctl vfs.nfsd.srvmaxio yakawedzerwa, iyo inokubvumira kuti uchinje hukuru hwekuvhara I / O (default 128Kb).
  • Yakavandudzwa Hardware rutsigiro. Tsigiro yeIntel I225 Ethernet controller yakawedzerwa kune igc mutyairi. Yakavandudzwa rutsigiro rweBig-endian masisitimu. Yakawedzera mgb mutyairi weMicrochip zvishandiso LAN7430 PCIe Gigabit Ethernet Ethernet controller
  • Mutyairi wechando anoshandiswa kuIntel E800 Ethernet controllers akagadziridzwa kuita vhezheni 1.34.2-k, iyo ikozvino inosanganisira tsigiro yekuratidzira zviitiko zvefirmware murogi yehurongwa uye kwekutanga kuisirwa kweDCB (Data centre bridging) maprotocol ekuwedzera akawedzerwa.
  • Amazon EC2 mifananidzo inogoneswa nekukasira kubhutsu uchishandisa UEFI pachinzvimbo cheBIOS.
  • Iyo bhyve hypervisor yakagadziridza zvikamu zvekutevedzera NVMe madhiraivha kutsigira iyo NVMe 1.4 yakatarwa. Yakagadziriswa nyaya neNVMe iovec panguva yakadzika I/O.
  • Raibhurari yeCAM yakashandurwa kuti ishandise realpath kufona kana uchigadzira mazita emudziyo, izvo zvinobvumira zvinongedzo zvinongedzo kumidziyo kuti ishandiswe mucamcontrol uye smartctl zvishandiso. camcontrol inogadzirisa matambudziko nekurodha firmware kumidziyo.
  • Iyo svnlite utility yamira kuvaka pane base system.
  • Yakawedzerwa Linux vhezheni dzezvishandiso zvekuverenga macheki (md5sum, sha1sum, nezvimwewo) izvo zvinoshandiswa nekudaidza zviripo BSD zvinoshandiswa (md5, sha1, nezvimwewo) ne "-r" sarudzo.
  • Tsigiro yeNCQ manejimendi yakawedzerwa kune mpsutil utility uye ruzivo nezve adapta yaratidzwa.
  • Mu /etc/defaults/rc.conf, by default, iyo "-i" sarudzo inogoneswa pakufonera rtsol uye rtsold maitiro, ayo ane basa rekutumira ICMPv6 RS (Router Solicitation) meseji. Iyi sarudzo inodzima kunonoka kusati kwatumira meseji.
  • Kune riscv64 uye riscv64sf zvivakwa, kuvaka kwemaraibhurari ane ASAN (kero sanitizer), UBSAN (Undefined Behavior Sanitizer), OpenMP uye OFED (Open Fabrics Enterprise Distribution) inogoneswa.
  • Matambudziko ekuona nzira dzehardware kukwidziridzwa kwecryptographic mashandiro anotsigirwa neARMv7 uye ARM64 processors akagadziriswa, izvo zvakawedzera kukurumidzira kushanda kweaes-256-gcm uye sha256 algorithms pane ARM masisitimu.
  • Kune iyo powerpc dhizaini, iyo huru package inosanganisira iyo LLDB debugger, yakagadziriswa neLLVM chirongwa.
  • Raibhurari yeOpenSSL yakagadziridzwa kuita vhezheni 1.1.1o uye yakawedzerwa nekugadzirisa magungano epowerpc, powerpc64 uye powerpc64le architecture.
  • Iyo SSH sevha uye mutengi akagadziridzwa kuOpenSSH 8.8p1 nerutsigiro rwersa-sha masiginecha edhijitari akaremara uye nerutsigiro rwezvinhu zviviri-zvechokwadi uchishandisa zvishandiso zvinoenderana neFIDO/U2F protocol. Kuti udyidzane neFIDO/U2F zvishandiso, mhando nyowani "ecdsa-sk" uye "ed25519-sk" dzakawedzerwa, dzinoshandisa ECDSA neEd25519 digital siginecha algorithms, yakasanganiswa neSHA-256 hash.
  • Yakagadziridzwa shanduro dzechitatu-bato zvikumbiro zvinosanganisirwa munheyo system: awk 20210215 (ine zvigamba zvinomisa kushandiswa kwenzvimbo dzemarenji uye kunatsiridza kuenderana ne gawk uye mawk), zlib 1.2.12, libarchive 3.6.0.

Source: opennet.ru

Voeg