Contributed by tj on from the breathing-underwater dept.
We are pleased to announce the official release of OpenBSD 5.8. This is our 38th release on CD-ROM (and 39th via FTP/HTTP). We remain proud of OpenBSD's record of twenty years with only two remote holes in the default install. As in our previous releases, 5.8 provides significant improvements, including new features, in nearly all areas of the system:
The release page lists many of those improvements, and a more detailed changelog can be seen here. New hardware support has been added, security enhancements have been made, many base daemons have been updated and much more. Of particular interest is the replacement of some third party utilities with homegrown alternatives: sudo has been removed in favor of the much simpler doas(1), and file(1) has been completely rewritten with sandboxing and privilege separation. Looking forward, more network SMP groundwork is in place, and some initial pledge(2) support can be found as well. Expect big improvements in these two areas when 5.9 drops next May, with pledge calls throughout the userland likely being a big highlight.
To commemorate the anniversary, four songs accompany this release: 20 Years Ago Today, Fanza, So Much Better and A Year in the Life. The main artwork for 5.8 (also available as a poster) features the faces of many past and present OpenBSD developers, as well as others who have been involved with the project over the last two decades. The CD set includes a list of names to cross-reference with the image if you're curious as to who's who.
The full announcement text can be found here. Be sure to check the errata page and apply any post-release fixes that didn't make it in time for the builds. Happy upgrades!
(Comments are closed)
By Bill A (67.88.230.2) bill@blowfish-labs.com on
Comments
By Noryungi (noryungi) on
> will we still be using visudo to edit doas.conf, or will that change
> as well?
Well, from what I understand from doas.conf(5), there is no equivalent to the ''visudo'' command.
This being said, but I hope to be corrected if I am wrong, the syntax is so simple you can probably put this in /etc/doas.conf to emulate the behaviour of sudo:
permit keepenv nopass as root :wheel
This would allow users in group wheel to execute any command as root, without asking for a password, and conserving the root environment variables.
Another solution would be to enter this:
permit keepenv your_user_name_here as root
This would require your password, but allow you to execute any command as root, keeping the environment.
Again, this is just a cursory glance through the man pages, as I haven't had time to install 5.8 or upgrade existing machines to 5.8. Take everything shown above with a big rain of salt.
As someone who has been bitten in the _____ quite a few times trying to configure sudo, reading that short man page is a breath of fresh air.
By Anonymous Coward (70.70.146.217) on
I was able to reproduce my sudo config with a single line in /etc/doas.conf:
---
permit :wheel
---
By Anonymous Coward (23.91.115.123) on
I have been getting annoyed at the silly insults sudo gives whenever a password attempt is incorrect. It's funny the first few times it happens, but not anymore.
Comments
By rjc (rjc) on
You know these can be disabled, right? ;^)
By Miod Vallat (miod) on
>
> I have been getting annoyed at the silly insults sudo gives whenever a password attempt is incorrect. It's funny the first few times it happens, but not anymore.
But have you considered trying to match wits with a rutabaga?