OpenBSD Journal

OpenBSD 3.7 Released

Contributed by sean on from the twice a year regardless if you like it or not dept.

OpenBSD 3.7 has been released. Read the release announcement here and as always the release notes are full of useful information. If you haven't already done so you can order the discs here. With the hackathon starting soon every penny will count.

For those who just can't wait the mirrors should be populated by now.

(Comments are closed)

  1. By Anonymous Coward ( on

    and my cd's still havent arrived ;(

    1. By Matt ( on

      I was also worrying but mine came this morning, great timing ;-) I agree it would be nicer to get them before release date, but in the end you buy cd's to support the project. At least, I did. Congrats to the team, thanks for your hard work!

      1. By Anonymous Coward ( on

        I ordered mine the day pre-releases opened and got my cds nearly 3 weeks ago in TX. Too bad the kernel panics on my new 2u box :(

        1. By phessler ( on

          I don't know if you have or not, but please report the panic.

          1. By Anonymous Coward ( on

            I will just as soon as I find a null modem + serial cable. (Full time work and school has given me exactly enough time to install 3.7 and get ports and src off the cds)

      2. By Anonymous Coward ( on

        you're right, it is more for support. :) I was just going to wear wireframe tshirt for work friday, maybe next week though. :D

    2. By jkm ( on

      I got mine a couple of days ago together with the wireframe puffy T-shirt, great!! Go OpenBSD Wohoooo!

    3. By ViPER ( on

      I ordered mine a month ago +shirt, got it 2 weeks ago. (Holland)

    4. By Peter van Oord van der Vlies ( on

      I received my cd-set + shirt 2 weeks ago. Live in Holland

    5. By Anonymous Coward ( on

      still hasnt come yet ;_; am i punished because i live in .us ??

  2. By Jim ( on

    I don't want to run a non-generic kernel on production machines. I would be happy to see Adaptec share their RAID controller documentation and allow Theo to put support back in the kernel. Not to mention the bioctl utility.

    Then again, I just may have to start swapping them out for LSI controllers...

    1. By Anonymous Coward ( Jonas on

      Yeah, it sucks big-time! Adaptec sucks even worse!

      1. By Jim ( on

        Politely email them why you chose to purchase LSI instead...

    2. By halosfan ( on

      I'm also considering buying some LSI cards. Does bioctl work with them? ami(4) says "All RAID configuration is done through the controllers' BIOSes", which is somewhat vague. Does that refer to the LSI BIOS configuration utility that can be loaded before the operating system is loaded? Or does that refer to some sort of OS-level utility?

      Basically, what I am concerned about is this: what options are there for monitoring the hardware RAID on LSI cards while the OS is running?

      1. By Jim ( on

        If I understand correctly, you will be able to monitor the status of the array while the OS is running. You will also be able to do some managment of the array again while the OS is running. No more BS reboot with a Linux disk or boot floppy to rebuild an array. Or for that matter rebooting to get to the cards bios.

        I strongly recommend you go with LSI and not (Adaptec|3Ware).

    3. By ViPER ( on

      Please do note that the support of the "aac - Adaptec RAID driver" has been removed, not the I2O support. Which means you can still use the following Adaptec RAID cards with the generic kernel.

      Adaptec SCSI RAID (ASR-2100S, ASR-2110S, ASR-3200S, etc.)
      Adaptec ATA RAID (AAR-2400A)

      # dmesg | egrep -i 'raid|adaptec'
      iop0 at pci1 dev 2 function 1 "DPT SmartRAID (I2O)" rev 0x01: I2O adapter <ADAPTEC 3210S>
      ioprbs1 at iop0 tid 520: <ADAPTEC, RAID-1, 370F> direct access, fixed

      I might not be able to rebuild/configure the raid from OpenBSD, i do want to note that the Adaptec 3210S & the Compaq Smart Array 221 cards have been the only SCSI Raid controllers which haven't failed me once in the past 5 years on x86 OpenBSD/Linux servers. But this just my experience :)


    1. By Anonymous Coward ( on

      yup, happy birthday!

    2. By Jacob de Raadt, PE ( on

      Happy 37th birthday, my son.

    3. By batou ( on

      yes \o/ Happy Birthday and thanks for all !!!

    1. By SH ( on

      Up and running. But then I'm mostly running current, so this is my very small contribution, for what it's worth.

    2. By pdemb ( on

      How do I tell BitTorrent to not receive anything from servers located in the USA?

      1. By Chas ( on

    3. By Gary ( on

      BTW is there anything wrong with the file permission on the master FTP?
      For some odd reasons I just can't grab that i386 comp37.tgz.. ;-(

    4. By Anonymous Coward ( on

      Just downloaded i386 - that was fast. Anybody got a torrent for sparc64?

      I'm a little sad because my upload is so lame. The frowny face is instilling guilt. I think it is because there are so many people uploading in the torrent that nobody needs my contribution.

      The packages are going slow, but I at least get a :-| rating for the upload.

    5. By Anonymous Coward ( on

      I just got the torrent for i386, and like the compulsive-paranoid I am, verified the md5 vs. the md5 file from the master ftp. The hashes in there check out on the files I downloaded, but they don't have hashes for the x*.tgz files.

      1. By ViPER ( on

        (My original OpenBSD v3.7 set, Disk 1)

        # cd /mnt/cdrom/3.7/i386
        # md5 *.tgz bsd*
        MD5 (base37.tgz) = 28c05ec5e134ef80b32e895b3f331995
        MD5 (comp37.tgz) = e2366cfd898565876dd6ea4d2beba3b6
        MD5 (etc37.tgz) = 00d71dbf4f3aa2c43ec5b657ce44d03e
        MD5 (game37.tgz) = 7a61f0565cc3a4a80bb31ad6f5854f14
        MD5 (man37.tgz) = 841dfdae5d2baf51c04edfdad3aeae05
        MD5 (misc37.tgz) = 66b5954bfbb2f0617b6642afa3512f93
        MD5 (xbase37.tgz) = 014c19ac6bd1486f69cfd30d1dee78cf
        MD5 (xetc37.tgz) = 319319497b28552dc2e21d68f05d6a73
        MD5 (xfont37.tgz) = d6657e6ac326ca0a9861b6e88041aabc
        MD5 (xserv37.tgz) = 1a0f0e39661b4c029ced7f97a7d3b22c
        MD5 (xshare37.tgz) = 79a6f4ca23b9499e1cc7fa442c43e186
        MD5 (bsd) = 6e848ac38ffc330308c21b632b1893fa
        MD5 ( = bbbb67b161f16b6e3c782af433ac65dd
        MD5 (bsd.rd) = 8d3c8bae0886f58f454e4270e49fdd67

  5. By Anonymous Coward ( on

    Is the new logo on the front page corrupt, looking like it didn't render properly or is it made like that?

      1. By thomasw.xhrl ( on

        displaying fine as well. this is an especially sweet release for those of us planning to obtain a zaurus:) thanks heaps to the dev squad and have a fun and productive time way up high in calgary.
        respectfully, thomasw.xhrl

    2. By Nick ( on

      I've got the same problem here. Looked at the image properties and source code and found the problem.

      height=210 width=599

      Should be height=192 width=599

      1. By Anonymous Coward ( on

        Crap I accidently modded you down instead of up... and now I can't undo... bah

  6. By dfoesch ( on

    Um... I know I sound like a total noob for asking this.

    But what is the best way to upgrade my existing OpenBSD 3.6?

    I think I remember there being an "upgrade" option during the install. But considering that I'm running OpenBSD on me and my roommates router to the internet, having it go down will have 3 very upset geeks bothering me to get it fixed.

    Should there be any sort of things I should be aware of before I do this upgrade?

    I'd really rather not reinstall everything, I've got quite a number of hand-crafted configuration files, that even if I back them up, I know I'll miss one or two.

    1. By Eric Ziegast ( on

      I found this in the FAQ section:

      BTW: Unless you need any of the new features, you could just leave your system 3.6 until there's a compelling reason to upgrade (or reinstall).

      1. By Paladdin ( on

        Sure. Keep in mind that, although supported -only from release to release- reinstalling from scratch is the preferred method to update your system.

        Ideally, you should have a test machine to install the new release from scratch and be able to merge your config files along with the new packages. Then test and, if everything works, duplicate the process on the production machine. So far, so good.

        It's irritating, -and I found it lame- to take a system down a whole day only because I'm lazy :) -And I have been before...-

    2. By Anonymous Coward ( on

      I understand your point!

      I just spent almost 3 hours (I know there should be a better way to handle this, but hey I am human) to upgrade OpenBSD 3.7.

      I do not have a CDROM on the laptop, so I did a remote installation.

      I used the instructions from

      So I did a pkg_info > packages_installed, and then I removed all packages. Oh I forgot that I had installed the jdk-1.4. Oh well, I will recompile and download all the sources again from Sun.

      Next, I installed the kernel and reboot as specified. So far so good.

      After rebooting the machine, I had extracted all the files according to the instructions. Good but I had to go the server because the PC card, which has my wireless card is not detected on my laptop. Well, there is no problem because I have done it in the past. Recompile a new kernel with the appropriate memory ranges for my laptop.

      After installing the new kernel and rebooting, I am about to install the new packages, which I did manually since I could not find any instructions on how to do it automatically, which by the way I have 107 packages. Yes, I know there are bunch considered dependencies.

      After installing all packages, which is somewhat painful due to the manual and network bandwith requirements, I reboot to check that everything starts fine. I know that I could start the processes manually, but I wanted to check if they started automatically.

      Oops, there are some errors, openldap changes (attribute errors due to version changes from 2.1 to 2.2)and missing modules for apache.

      The bottomline:
      3 hours downtime for email, pf not working while I was recompiling because it did not start since it did not detect wi0 (+1 hour without a firewall). I have to troubleshot multiple services as opposed to an incremental upgrade of the services, which it is supposed to make sense (ala portupgrade?). I think there should be a better way to do upgrades on OpenBSD. I understand that CD sales are part of the revenues for the OpenBSD project, but that does not should stop them to ease the upgrade process.

      Well, I have to reinstall jdk-1.4 to make the servies that run on Java available again. Thank god this is for home only! I may be fired if I did this at work ;)

  7. By Carlos ( on

    maybe i would sound like .. who cares? but..

    i dont like the main image at it looks like a nonprofessional site, or if i'm with a client and i'm showing to him the advantages of openbsd, and if he looks openbsd site, probably would to make fun of ..

    i have been suported openbsd since 2.7, and i have all openbsd original cd's and this is the first time that i dont like the main image of openbsd site .. even it looks like a gay site with those background colors (nothing personal for gays users, i respect them as users and human beings)

    just is my simple point of view, and sorry for my bad english but is not my native languaje as you can see

    1. By clem ( on

      >even it looks like a gay site with those background colors (nothing personal for gays users, i respect them as users and human beings

      Sometimes there is a pot of gold at the end of the rainbow. Nothing gay about that....

      1. By Wim ( on

        Sometimes there is pot at the end of the rainbow, but only in the Netherlands.

        Shameless plug:

    2. By Anonymous Coward ( on

      Look at it this way. In 6 Months it will be gone. Nothing in OpenBSD stays the same, thats why its so awesome. Change is good. Embrace.

      I think I took it to far with the last comment :)

    3. By polarapfel ( on


      I have to agree. The image really should be exchanged against something else. I was expecting something related to the Wizard of Oz theme and not that weird "rainbow" header.

      On the other hand: It's not the banner I'll install! ;-)

      The best themes were the Robin Hood theme and my all time favourite, the James Bond theme. The Bond stickers are still on the case of my tower :-)

      kind regards to all OpenBSD developers and user,

      1. By sthen ( on

        Uh, rainbows are relevant to the theme...

        1. By polarapfel ( on

          Might be, but still it looks shitty. I was more like thinking about the darker green theme with the characters in front of it and the letters OZ.

    4. By Blueyz ( on

      I find the Image on the front page perfectly fine. It is neutral, non hot button issue oriented, etc. I mean, look at the logos out in the market place: the Michelin puffy man, Mr. Clean for a cleaner. It doesn't have to look corporate. If a client looks at the site, and had a clue, they would be much more impressed with the contents of the FAQ. That is professional.

      1. By Anonymous Coward ( on

        yes, not everyone has a clue you moron, but they still have money. scuse the language :)

    5. By Anonymous Bastard ( on

      I agree, the new banner isn't very 'professional'...then again, the OpenBSD project that we all love so much is not a corporate entity. Not to sound like a broken record, but i'm going to anyway, all of Obsd is developed by AND FOR the developers. they are just kind enough to share it w/ the rest of us. this includes the logo. if you dont like it, dont look at it.

      1. By Anonymous Coward ( on

        the graphics have always been so good i try not to look at them after a large meal for fear of vomiting all over the raised floor. the graphics have always rocked, and apparently they always will.

    6. By m0rf ( on

      what I prefer about the last 3 (the last 2 especially) is that puffy is basically unmodified unlike the ones before that.

      Do you think a red guy with horns and a pitchfork is better? how about a corpulent penguin?

  8. By Anthony ( on

    Those torrents that got posted to misc@ worked out great. I still got the MD5 file from an official site, but that's like 1 kb.

    Now all we need is a netinst disk that supports bittorrent. :)

    /just kidding
    //please don't hurt me :)

    1. By m0rf ( on

      pity the license changed from a MIT/X style license to this.

  9. By Anonymous Coward ( on

    In order to get my fonts looking decent, I had to fetch the latest freetype code and replace my libraries. Anyone else have a problem?

    1. By C-Keen ( on

      Running 3.7/powerpc here. The fonts are just fine. X with antialiased fonts works as good as ever.

      What architecture are you using?



      1. By Anonymous Coward ( on

        Its a IBM T42 Thinkpad (Pentium M processor) which has an ATI Radeon Mobility M10 NP 64Mb Video card with a 1400x1050 resolution (very nice machine -- support under OBSD is almost perfect!). Ironically, OBSD 3.6 did not have any issues with the font display. In fact, after I upgraded, the 3.6 apps still display perfectly. Only the 3.7 apps linked against have problems. Replacing that lib with the lastest libfreetype solved the problem (but it is odd that worked perfectly in 3.6). -

    2. By Marc Espie ( on

      That's an issue with the hinting engine being covered by a patent, and thus disabled by default. Depends a lot what fonts you use, on what kind of display...

  10. By Anonymous Coward ( on

  11. By Anonymous Coward ( on

    I can't help but think of Gay Pride when I see the new banner for this release of OpenBSD. If those were the intentions requested by the core group of OpenBSD, so be it, but it is one decision I don't think is representative of OpenBSD and its community.

    1. By Anonymous Coward ( on

      My first impression of the new image was...laughter. Now I have nothing against gay people or rainbows..I think the image just looks odd, and did not expect a rainbow :) It's not all that bad though. I am just glad that openbsd doesn't do with their logo what netbsd did with thiers. Even though netbsd didnt change its mascot..just the logo (which seems blah btw)..I much prefer to keep the mascot in the logo. May Puffy live forever! Definitly my favorite mascot of all.

    2. By Lars Hansson ( on

      It's a rainbow, it doesnt automatically equal "Gay". If this offends you in some way because you associate it with "gay" it's your problem and not OpenBSD's. Stop reading all this dumbass crap into an image.

      1. By Craig ( on

        I think you may have missed the point. The gay community, in the US at least, has adopted the rainbow as a symbol. You see it on stickers, bumper stickers and even as flags. They have done a good job of promoting it as such -- just look at the reactions you see here. That's not to say it doesn't have other meanings, but it is definitely a prominent one.

        1. By Lars Hansson ( on

          Aint that a bitch. OpenBSD is not a U.S-based project and I doubt anyone outside the U.S really gives a fsck about the rainbow. I also doubt Theo will change the artwork just because some morons are offended by it's "gayness".

          1. By Craig ( on

            I don't think it should change either. I just thought I might enlighten you as to where the comments are coming from, that's all.

  12. By WaitingForCrypto ( on

    I've been using our favorite OS for years, and waiting for one thing: stable, production-ready encrypted file storage. No, the encrypted VND thing does not count; it is a hack and I would not rely on it for critical information.

    This question always comes up: "Why does anyone need encrypted storage?" There is a simple answer, which goes back to the first principle of encryption and security: All security relies on economics. In other words, you can define how secure a system is by figuring out how many dollars it would take to break the security. Let's say I send a PGP encrypted email (or SSL secured HTTP interaction or ipsec or whatever), which is secured by 256 bit crypto. For the sake of argument, I'll say it would take 10^12 years for a computer (at a cost of 10^15 dollars) to crack this message by brute force. The information within the PGP (or SSL, etc) message could be said to be "secure against an attack of up to 10^15 dollars". However, if the same information in the message is stored on a computer in plaintext form somewhere, then suddenly the economics changes a lot. How much does it cost a thief (criminal) or a government agent to break into an office or a house and steal/confiscate a computer? 10^3 dollars? 10^4 or maybe 10^5 dollars at most? I'll just say a break-in or legal confiscation to a reasonably secure office costs 10^5, which is probably on the high side. A 10^15 dollar attack is a physical impossibility. A 10^5 dollar or less attack is EASY and well within the resources of any organized criminals or government. So, due to lack of secure file storage, we have taken an attack from "physically impossible" (10^15 dollars) to "easy" (10^5 dollars or less). All the work and hand-wringing and endless debates over AES vs. 3DES that went into PGP (and all of our other encrypted protocols) is for naught if it's so easy to break by going around it.

    So, any word on when/if we're ever going to get stable, production-ready disk crypto on OpenBSD? It looks like FreeBSD already has GBDE which seems like a good way to do it. Linux will eventually get Reiser4, which will allow plug-in modules, which will presumably include some good crypto modules. Am I stuck with FreeBSD at this point?


    1. By tedu ( on

      wait your turn, wait your turn...

      1. By Anonymous Coward ( on

        Guess what you're not getting this Christmas!


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]