2019.10 Release notes

We are glad to announce that Hipster 2019.10 snapshot is available.

List of mirrors

Security

This release is signed and verifiable by GPG. The OpenIndiana Release Engineering key has key id 0x3a021afadbe31887.

The public key:

-----BEGIN PGP PUBLIC KEY BLOCK----- mQINBFkHrmsBEADCHjW1mu/SgnV0nshQO6Ma+mQ6NNumGN6NdCTaWyfvjLGde17o RBLLLVbt0+OpB3EW2Im+X6Zxnisq+V2LsFsamqGJXH84y0ubPxZH9y8O86CGBJPX USsG9rldpLkBAkHtxDrDAt4GyD5090Z9otH2RgBmjWTzEHqVBwrKEUUJkiWP0QUY 5kZ60suX3DtqdC3uCEg4NNTMCPLOY3WJr6X2eDJ6DjZYFZ+SmjCD9X5rCzLQqmvW bADO839815pUSZa+YJn6chgSGwqtWcg62al3EXB+TaqLyoiwO2Xw1qlWfUitMc6Q rTYD+K4gh/8Fiz7Mn7MUYzPUT+vHBGui2/MzQycXGRH3kK3j7/a/lsN2AmxYJWag wSMTDiOlm6f/eAk/E5mnquGzgSQkDcMAYijUDW98Zwy7y4zMLT2D2il6FalZkTYj 3ALdcewFSdZjsm7vJxG2uHRNh7vNcZyOZkYgvBoD4Ndb0vkj2LaO1lIUvTyVPeS4 sbyTUw38asw3jPU2A6hd9YMZypfd5YsiyQCDrWGuVCCl3lfb4dfCra+3wwyExDz0 3YGzfVvxSgSexljvQQQ/xbATbDstBYj+JD16fH6mEJg0cEzp84rlTIOXCpksluFL yJQ9xkHVmAUYQhBRHhRpm3H6B12hze/zp/RwIAIG53CSsbSY5c7hbJIMlwARAQAB tB9PcGVuSW5kaWFuYSBSZWxlYXNlIEVuZ2luZWVyaW5niQI9BBMBCgAnBQJZB65r AhsDBQkFo5qABQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEDoCGvrb4xiHfPkP /A9MlvGKkuinRv7O+R//CBKCFmW6MgHWdcvA4FEAkvlHCJ/vYeBahKd0LIog642t LmhLZ+wVUhsGZIq4ORRLCM4s/SLXohMuaWNdghGu1EhIYrTq8jhj2Ph1OChFXo9S RhXn4Pnd7CtyNypECw291tO8d70RcEGM4kWiZLQE755luU7TrXM2X7YEcUeakzvv mTbJ+SQhDpeAEIP4qtHru+EvwbHtyemdYKMBPHXE98ucrqfqCqFKDFdqxWpvbdUe TeSgme+PSz25V3DxDcuSqHp4+WM6vSfiZ5T6Tk2u40vyu9kWePTeYWoFMvzXlbjq mYwrIPmcQ6B1iifzOfI/cZHyFbcLxBLDf3uuQb7I8JNYkZB70IHHCTif1HIBKiUv g/zZQq+0q4IelbSEXq+COZ0uFCjhDpZaPJ1DXFHXOKD5BJeOct9LnuDAg4Usenq1 yBmFuWut0U/Z9NY7U3TES6ZaG25i9/QZa59qFY6YW5n9WiSiuCP2vYhi9p33iLEy uUHnmdk/XgRHA1if5tkRQqVsj5RkoDP5xAhADnJe2tW11cCZAe8yc0LA/VAiQLdA 9iz5NgNLgSDfDUAw0jGtH96xClGaMlv9ysnsnamH9SIkRs+HA4/eD4/kaQiXjKWc pcX95GCFCTHMYW4iVPV/m7gjx4IMGUdJZWVHSGMcTAk0uQINBFkHrmsBEADPJ23B EVN3kdM/zuvG8B41k9yk9MNQXLzI/FnTJ1hgTQH+HvRSix4bIsOo7U2t4+CB6wUy 5xRVcIO7DKdoHzMBqXfVFIkUti1k9CFZx37oLaYBsldE6rL7ZchQKileICYAWze3 bnTe/b6ZaWNVs1yMk79MJ/DF8z1RNeZsPFxBrXE5vh973+k0hkDZfi9bULdmQroL gniBS5aSc2pGdl3UNqSx+CcyS+/Jrn4LDnPHj3mx7WGlJLc/Lw0uYZxSZM3FAj7/ zrsLgnP4/xdcCMTcbVbC6L7VBSIE+hE6ppdrKwoLp7C2cyA14DnHM+heqx8Dqtf6 acIc8txyUB7zShGC5Fhp37YnhrHGnUrDxxYi99OfNChXAbwtR5z8Leicijplc/NF oibGSLLC8NvFkzuWIIuqZK8l2/UZmER7Nt7hhHszilsnAJenwvYCIVEqJsrdsTUf iiYm5AifwhU018Ia5As9kvBqymMy2bYSbZZVic+WXb6StWHugjKSFJmCo2h66QsI giHNJEvOxybANlSkxI6t38EipGvvW1dlROBuL/RZOQvSJL7SRlclOeQF4ZtPBMFy yI5p3DBZbIHChdaH5OE0U7zk+qt1hvO+HSh8Yc1OVBd6pziAay5L6S8jsBKDPjJr 7OTUuHJL00teBe3SORS8BACkg6+/6Yk9a3lSiQARAQABiQIlBBgBCgAPBQJZB65r AhsMBQkFo5qAAAoJEDoCGvrb4xiHUqcP/iOUf55a2rU5N/tlZsn2fd+O6U2V4Iym YYysJ5OZJj0baDmL+SSmNarem+ogRcpBmKX3LFNgGnEoRVaeILQApri5JelCSEhC Ex5Xwk1WOqXTRWV9flbVU/rTSiCNDUySaaJDCVOQ07TEQ/bDShkR0X+MyCzklgbZ rZnj+spaPeDnpIkfwfG2aKiJ0hq9KATBwdREcP9f/R7LaAdmcbr89Ya4iPEmaDYO gh/t83zH45XKiWxXwb9rn9U2szWLOfx8rMTTRhYWBPB+K7RX8mGoiphqtMOJYhNA N7AVm+9LRVxRcnmWyf1cQKF8FG1j9FBlaeNUAFefpvvcBffTFvPnpqOaSZm7nu6l NwWT2N0IHdr9daET0ewvL2poMkE9P3abPmEjQYFMobg3ZiPs7e5TeplvVFtC2y89 47Gow54KIVS2cbeSVCPlCj/B8GmEjkAsGmjDtGTk45LiJptv6h5lH95YGUafI97U xLSEJJ+mab1iSRqDCn8lVlfjvAp6Hv/DW9sr6lutQuzZjxhFi5rsly1C40rkOni/ pByJDW47+VERp2wxvJdVVUZEge53IHTgrruHs/tWUsJNEswkHQ7OsY5u7bEcPUlW Stua8WJo5U4cN0abgrRAXnXXBWi2bNbYe8xnH+OsOghb1gRg3N99G/TthoziPQ1I cuYxZQalebJS =fC+/ -----END PGP PUBLIC KEY BLOCK-----

How to verify:

Download <ISO>.sig file from mirror

file from mirror Run: gpg2 --verify <ISO>.sig <ISO> . You should see the following output:

gpg: Signature made November 5, 2019 at 05:40:09 PM UTC gpg: using RSA key F5E984E5ADD29578D45CC1FE3A021AFADBE31887 gpg: Good signature from "OpenIndiana Release Engineering" [ultimate]

Even if the output includes:

gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner.

The signature is still correct.

General system changes

During this development cycle we've worked on updating IPS, migrating remaining OpenIndiana-specific applications to Python 3, rewriting some DDU closed binary blobs.

Desktop software and libraries

VirtualBox was updated to 6.0.14

Xorg fonts, tools and libraries were updated.

FreeType was updated to 2.10.1

GTK 3 was updated to 3.24.12

LightDM was updated to 1.30

mpg123, x265, and mpack packages were added, x264 was updated

Powerline, the nice status line, was added and integrated with Bash, tmux, and Vim

Supplementary x11-init service was added to create necessary directories with root permissions prior to X11 applications startup

IPS was synced to the latest OmniOS CE version. Now it ships only Python 3.5 tools and libraries. to build oi-userland after removing Python 2 pkg module you need to update the userland build environment too; to build gfx-drm you need latest developer/build/onbld package ; to build illumos-gate you have to add export BUILDPY2TOOLS="#" to your illumos.sh.

DDU binaries, for which we missed sources, were rewritten, DDU was converted to Python 3.5

Bash was updated

top and htop now both report ARC and compressed ARC statistics

Vim was updated to 8.1.1721, Nano was updated to 4.5

Sudo was updated to 1.8.29

GCC compilers were updated to 7.4.0, 8.3.0, GCC 9.2 was added (note, GCC 6.5 is still the default oi-userland compiler)

Clang 8.0 was added. Clang 4.0 was removed.

Git was updated to 2.23.0.

CMake was updated to 3.15.1.

Rust was updated to 1.32.0.

Python modules were updated.

Golang 1.13 was added

Server software

MongoDB 4.0 was updated.

Nginx was updated to 1.16.1.

Samba was updated to 4.11.

Node.js was updated to 12.13.0, 10.17.0, and 8.16.2

BIND was updated to 9.14

OpenLDAP was updated to 2.4.48

tor was updated to 0.4.1.6

A lot of other bug fixes and minor software updates are included.

illumos

As always, we are proud to ship the latest illumos-gate bits (87d7b64).

Some of the more interesting changes include:

illumos is now build with GCC 7 by default. GCC 4.4 is kept as a shadow compiler and for SPARC (not delivered by the OpenIndiana project)

PAGER variable is no longer being set. It used to be set to /usr/bin/less -ins , which caused problems for some users. man(1) still does paging via /usr/bin/less -ins when PAGER is not set.

variable is no longer being set. It used to be set to , which caused problems for some users. still does paging via when is not set. cxgbe firmware and Intel microcode were updated

firmware and Intel microcode were updated Various improvements and fixes were ported from the ZFS on Linux project: native data and metadata encryption sorted scans zpool ashift property is now tunable support UNMAP/TRIM for SSD (disabled by default) Log Spacemap

Old DRM and AGP code was removed, the GFX DRM gate is the sole source of DRM code.

Security: The L1TF mitigation (CVE-2018-3646) was integrated. Multi-architectural data sampling mitigations (various CVEs) were implemented. Hyper-threading can be disabled. Kernel is built with retpolines.

A lot of SMB 3 features were merged: continuously available shares, persistent handles signing, encryption ACLs named pipes extended attributes file level locking

A lot of old SPARC code (deprecated platforms and device drivers) was removed.

zoneadm list 's -n option lists non-global zones only.

's option lists non-global zones only. netstat got the -u option to list PIDs associated with sockets

got the option to list PIDs associated with sockets NVMe improvements (e.g. drive firmware updates).

mandoc was updated to 1.14.5.

Code of Conduct was adopted.

Rust got MDB symbol demangling support.

XHCI polled mode is supported for USB keyboards.

nawk was updated to NAWK upstream circa 2018 code.

was updated to NAWK upstream circa 2018 code. The NULL macro is casted to type void * (a requirement POSIX.1-2008).

macro is casted to type (a requirement POSIX.1-2008). The C.UTF-8 locale is provided.

Added reallocf(3C) function.

function. FreeBSD's pluggable congestion control framework was ported, enabling CUBIC and NewReno algorithms, which have higher performance than "sunreno" in some circumstances.

The default algorithm for new passwords is SHA512

crontab(1) now supports "/step", e.g.: */2 * * * * echo "run every two minutes"

UEFI boot improvements: bootadm install-bootloader (or installboot if run directly) now populates/maintains the ESP.

(or if run directly) now populates/maintains the ESP. Bug in our keyboard driver, which prevented SPICE display mechanism of the Linux KVM to work properly, was fixed.

Other activities

A lot of work was done to update documentation from outdated wiki and move it to new docs site and oi-userland docs.

Contributors

Following developers contributed to the 2019.10 snapshot with more than 600 commits. We very much appreciate their contributions: Adam Števko, Alexander Pyhalov, Andreas Grueninger, Andreas Wacknitz, Aurélien Larcher, Gary Mills, Henry Liebel, Jim Klimov, Michal Nowak, Nona Hansel, Rich Lowe, Rouven Weiler, Spencer Berger, Sven Schmeling, Till Wegmüller, Tim Mooney, and Toomas Soome.