Untitled

diff -ur etc47/etc/changelist etc48/etc/changelist
--- etc47/etc/changelist	Thu Mar 18 03:31:37 2010
+++ etc48/etc/changelist	Mon Aug 16 16:46:48 2010
@@ -1,4 +1,4 @@
-#	$OpenBSD: changelist,v 1.65 2010/02/22 15:20:22 claudio Exp $
+#	$OpenBSD: changelist,v 1.68 2010/06/29 17:17:53 nicm Exp $
 #
 # List of files which the security script backs up and checks
 # for modifications.
@@ -45,6 +45,7 @@
 /etc/hosts.equiv
 /etc/hosts.lpd
 /etc/ifstated.conf
++/etc/iked.conf
 /etc/inetd.conf
 +/etc/ipsec.conf
 +/etc/isakmpd/private/local.key
@@ -96,11 +97,11 @@
 /etc/passwd
 /etc/pf.conf
 /etc/pf.os
-/etc/phones
 /etc/portal.conf
 /etc/printcap
 /etc/profile
 /etc/protocols
++/etc/pwd.db
 /etc/rbootd.conf
 /etc/rc
 /etc/rc.conf
@@ -124,6 +125,7 @@
 /etc/slip.hosts
 /etc/slip.login
 /etc/snmpd.conf
++/etc/spwd.db
 /etc/ssh/ssh_config
 +/etc/ssh/ssh_host_dsa_key
 /etc/ssh/ssh_host_dsa_key.pub
diff -ur etc47/etc/daily etc48/etc/daily
--- etc47/etc/daily	Thu Mar 18 03:31:37 2010
+++ etc48/etc/daily	Mon Aug 16 16:46:48 2010
@@ -1,5 +1,5 @@
 #
-#	$OpenBSD: daily,v 1.66 2009/05/26 22:59:15 schwarze Exp $
+#	$OpenBSD: daily,v 1.67 2010/07/25 08:49:03 espie Exp $
 #	From: @(#)daily	8.2 (Berkeley) 1/25/94
 #
 # For local additions, create the file /etc/daily.local.
@@ -48,19 +48,23 @@
 if [ -d /tmp -a ! -L /tmp ]; then
 	cd /tmp && {
 	find -x . \
-	    \( -path './ssh-*' -o -path ./.X11-unix -o -path ./.ICE-unix \) \
+	    \( -path './ssh-*' -o -path ./.X11-unix -o -path ./.ICE-unix \
+	    	-o -path ./portslocks \) \
 	    -prune -o -type f -atime +3 -execdir rm -f -- {} \;
 	find -x . -type d -mtime +1 ! -path ./vi.recover ! -path ./.X11-unix \
-	    ! -path ./.ICE-unix ! -name . -execdir rmdir -- {} \; >/dev/null 2>&1; }
+	    ! -path ./.ICE-unix ! -path ./portslocks ! -name . \
+	    -execdir rmdir -- {} \; >/dev/null 2>&1; }
 fi

 if [ -d /var/tmp -a ! -L /var/tmp ]; then
 	cd /var/tmp && {
 	find -x . \
-	    \( -path './ssh-*' -o -path ./.X11-unix -o -path ./.ICE-unix \) \
+	    \( -path './ssh-*' -o -path ./.X11-unix -o -path ./.ICE-unix \
+	    	-o -path ./portslocks \) \
 	    -prune -o ! -type d -atime +7 -execdir rm -f -- {} \;
 	find -x . -type d -mtime +1 ! -path ./vi.recover ! -path ./.X11-unix \
-	    ! -path ./.ICE-unix ! -name . -execdir rmdir -- {} \; >/dev/null 2>&1; }
+	    ! -path ./.ICE-unix ! -path ./portslocks ! -name . \
+	    -execdir rmdir -- {} \; >/dev/null 2>&1; }
 fi

 # Additional junk directory cleanup would go like this:
diff -ur etc47/etc/disktab etc48/etc/disktab
--- etc47/etc/disktab	Thu Mar 18 03:31:37 2010
+++ etc48/etc/disktab	Mon Aug 16 16:46:49 2010
@@ -1,79 +1,5 @@
-#	$OpenBSD: disktab,v 1.19 2006/10/04 01:04:22 krw Exp $
+#	$OpenBSD: disktab,v 1.20 2010/07/02 20:33:54 tedu Exp $

-# Disk geometry and partition layout tables.
-# Key:
-#	dt	controller type
-#	ty	type of disk (fixed, removable, simulated)
-#	d[0-4]	drive-type-dependent parameters
-#	ns	#sectors/track
-#	nt	#tracks/cylinder
-#	nc	#cylinders/disk
-#	sc	#sectors/cylinder, ns*nt default
-#	su	#sectors/unit, sc*nc default
-#	se	sector size, DEV_BSIZE default
-#	rm	rpm, 3600 default
-#	sf	supports bad144-style bad sector forwarding
-#	sk	sector skew per track, default 0
-#	cs	sector skew per cylinder, default 0
-#	hs	headswitch time, default 0
-#	ts	one-cylinder seek time, default 0
-#	il	sector interleave (n:1), 1 default
-#	bs	boot block size, default BBSIZE
-#	sb	superblock size, default SBSIZE
-#	o[a-p]	partition offsets in sectors
-#	p[a-p]	partition sizes in sectors
-#	b[a-p]	partition block sizes in bytes
-#	f[a-p]	partition fragment sizes in bytes
-#	t[a-p]	partition types (filesystem, swap, etc)
-#
-# All partition sizes reserve space for bad sector tables.
-# (5 cylinders needed for maintenance + replacement sectors)
-#
-
-qp120at|Quantum Peripherals 120MB IDE:\
-	:dt=ESDI:ty=winchester:se#512:nt#9:ns#32:nc#813: \
-	:pa#13824:oa#0:ta=4.2BSD:ba#4096:fa#512: \
-	:pb#13824:ob#13824:tb=swap: \
-	:pc#234144:oc#0: \
-	:ph#206496:oh#27648:th=4.2BSD:bh#4096:fh#512:
-
-pan60|Panasonic Laptop's 60MB IDE:\
-	:dt=ST506:ty=winchester:se#512:nt#13:ns#17:nc#565:\
-	:pa#13260:oa#0:ta=4.2BSD:ba#4096:fa#512:\
-	:pb#13260:ob#13260:tb=swap: \
-	:pc#124865:oc#0: \
-	:ph#97682:oh#26520:th=4.2BSD:bh#4096:fh#512:
-
-mk156|toshiba156|Toshiba MK156 156Mb:\
-	:dt=SCSI:ty=winchester:se#512:nt#10:ns#35:nc#825:\
-	:pa#15748:oa#0:ba#4096:fa#512:ta=4.2BSD:\
-	:pb#15748:ob#15748:tb=swap:\
-	:pc#288750:oc#0:\
-	:ph#257250:oh#31500:bh#4096:fh#512:th=4.2BSD:
-
-cp3100|Conner Peripherals 100MB IDE:\
-	:dt=ST506:ty=winchester:se#512:nt#8:ns#33:nc#766: \
-	:pa#12144:oa#0:ta=4.2BSD:ba#4096:fa#512: \
-	:pb#12144:ob#12144:tb=swap: \
-	:pc#202224:oc#0: \
-	:ph#177936:oh#24288:th=4.2BSD:bh#4096:fh#512:
-
-# a == root
-# b == swap
-# c == whole disk
-# e == /var
-# f == scratch
-# h == /usr
-
-cp3100new|Conner Peripherals 100MB IDE, with a different configuration:\
-	:dt=ST506:ty=winchester:se#512:nt#8:ns#33:nc#766: \
-	:pa#15840:oa#0:ta=4.2BSD:ba#4096:fa#512: \
-	:pb#24288:ob#15840:tb=swap: \
-	:pc#202224:oc#0: \
-	:pe#15840:oe#40128:te=4.2BSD:be#4096:fe#512: \
-	:pg#15840:og#55968:tg=4.2BSD:bg#4096:fg#512: \
-	:ph#130416:oh#71808:th=4.2BSD:bh#4096:fh#512:
-
 floppy288|3in|3.5in High Density Floppy, 2.88MB:\
 	:dt=floppy:ty=floppy:se#512:nt#2:rm#300:ns#36:nc#80:\
 	:pa#5760:oa#0:ba#4096:fa#512:ta=4.2BSD: \
@@ -91,39 +17,6 @@
 	:pa#2400:oa#0:ba#4096:fa#512:ta=4.2BSD: \
 	:pb#2400:ob#0:bb#4096:fb#512:\
 	:pc#2400:oc#0:bc#4096:fc#512:
-
-maxtor4380|Maxtor XT4380E ESDI :\
-	:dt=ESDI:ty=winchester:se#512:nt#15:ns#36:nc#1222: \
-	:pa#21600:oa#0:ta=4.2BSD:ba#4096:\
-	:pb#21600:ob#21600:tb=swap: \
-	:pc#659880:oc#0: \
-	:pe#216000:oe#53200:te=4.2BSD:be#4096:fe#512: \
-	:ph#398520:oh#269200:th=4.2BSD:bh#4096:fh#512:
-
-miniscribe9380|compaq38|Miniscribe 9380 ESDI :\
-	:ty=winchester:dt=ESDI:se#512:nt#15:ns#35:nc#1223:rm#3600: \
-	:pa#21000:oa#0:ba#8192:fa#1024:ta=4.2BSD: \
-	:pb#42000:ob#21000:tb=swap: \
-	:pc#642075:oc#0: \
-	:pe#21000:oe#63000:be#8192:fe#1024:te=4.2BSD: \
-	:ph#556500:oh#84000:bh#8192:fh#1024:th=4.2BSD:
-
-ida4|compaq88|Compaq IDA (4 drives) :\
-	:ty=winchester:dt=IDA:se#512:nt#16:ns#63:nc#1644:rm#3600:\
-	:pa#20160:oa#0:ba#8192:fa#1024:ta=4.2BSD: \
-	:pb#80640:ob#20160:tb=swap: \
-	:pc#1659168:oc#0: \
-	:pe#201600:oe#100800:be#8192:fe#1024:te=4.2BSD: \
-	:pf#20160:of#1310400:bf#8192:ff#1024:tf=4.2BSD: \
-	:ph#1008000:oh#302400:bh#8192:fh#1024:th=4.2BSD: \
-	:pg#302400:og#1330560:bg#4096:fg#512:tg=4.2BSD:
-
-fuji513|Fujitsu M22XXXX: \
-	:ty=winchester:dt=ESDI:se#512:nt#16:ns#63:nc#954:rm#3600:\
-	:pa#20160:oa#82656:ba#4096:fa#512:ta=4.2BSD: \
-	:pb#40320:ob#102816:tb=swap: \
-	:pc#961632:oc#0: \
-	:ph#656208:oh#143136:bh#4096:fh#512:th=4.2BSD:

 rdroot|ramdiskroot|RAM-disk root FS image:\
 	:ty=ramdisk:se#512:nt#2:ns#128:nc#16:\
diff -ur etc47/etc/ftpusers etc48/etc/ftpusers
--- etc47/etc/ftpusers	Thu Mar 18 03:31:37 2010
+++ etc48/etc/ftpusers	Mon Aug 16 16:46:48 2010
@@ -1,4 +1,4 @@
-#	$OpenBSD: ftpusers,v 1.40 2010/02/22 15:16:45 claudio Exp $
+#	$OpenBSD: ftpusers,v 1.43 2010/06/03 20:32:36 reyk Exp $
 #
 # list of users disallowed any ftp access.
 # read by ftpd(8).
@@ -50,3 +50,6 @@
 _rwalld
 _nsd
 _ldpd
+_sndio
+_ldapd
+_iked
diff -ur etc47/etc/group etc48/etc/group
--- etc47/etc/group	Thu Mar 18 03:31:37 2010
+++ etc48/etc/group	Mon Aug 16 16:46:48 2010
@@ -63,6 +63,9 @@
 _rwalld:*:96:
 _nsd:*:97:
 _ldpd:*:98:
+_sndio:*:99:
+_ldapd:*:100:
+_iked:*:101:
 dialer:*:117:
 nogroup:*:32766:
 nobody:*:32767:
Only in etc48/etc: iked
Only in etc48/etc: iked.conf
diff -ur etc47/etc/ksh.kshrc etc48/etc/ksh.kshrc
--- etc47/etc/ksh.kshrc	Thu Mar 18 03:31:37 2010
+++ etc48/etc/ksh.kshrc	Mon Aug 16 16:46:48 2010
@@ -1,5 +1,5 @@
 :
-#	$OpenBSD: ksh.kshrc,v 1.14 2009/08/07 09:05:24 martynas Exp $
+#	$OpenBSD: ksh.kshrc,v 1.15 2010/04/26 09:04:15 otto Exp $
 #
 # NAME:
 #	ksh.kshrc - global initialization for ksh
@@ -102,27 +102,39 @@
 		wcd () { \cd "$@" && eval stripe; }
 		wssh ()
 		{
+			local rc
 			"ssh" "$@"
+			rc=$?
 			eval istripe
 			eval stripe
+			return $rc
 		}
 		wtelnet ()
 		{
+			local rc
 			"telnet" "$@"
+			rc=$?
 			eval istripe
 			eval stripe
+			return $rc
 		}
 		wrlogin ()
 		{
+			local rc
 			"rlogin" "$@"
+			rc=$?
 			eval istripe
 			eval stripe
+			return $rc
 		}
 		wsu ()
 		{
+			local rc
 			"su" "$@"
+			rc=$?
 			eval istripe
 			eval stripe
+			return $rc
 		}
 		alias su=wsu
 		alias cd=wcd
Only in etc48/etc: ldap
Only in etc48/etc: ldapd.conf
diff -ur etc47/etc/ldpd.conf etc48/etc/ldpd.conf
--- etc47/etc/ldpd.conf	Thu Mar 18 03:31:38 2010
+++ etc48/etc/ldpd.conf	Mon Aug 16 16:46:51 2010
@@ -1,7 +1,7 @@
-#	$OpenBSD: ldpd.conf,v 1.1 2010/02/22 15:15:54 claudio Exp $
+#	$OpenBSD: ldpd.conf,v 1.3 2010/06/25 22:49:05 claudio Exp $

 # macros
-#fast="2"
+fast="2"

 # global configuration
 # router-id 10.0.0.1
@@ -11,8 +11,8 @@
 retention liberal
 advertisement unsolicited

-interface bge0 {
-}
+interface bge0
+
 interface vlan5 {
 	hello-interval $fast
 }
diff -ur etc47/etc/mail/aliases etc48/etc/mail/aliases
--- etc47/etc/mail/aliases	Thu Mar 18 03:31:42 2010
+++ etc48/etc/mail/aliases	Mon Aug 16 16:46:57 2010
@@ -1,5 +1,5 @@
 #
-#	$OpenBSD: aliases,v 1.32 2010/02/22 15:16:45 claudio Exp $
+#	$OpenBSD: aliases,v 1.35 2010/06/03 20:32:36 reyk Exp $
 #
 #  Aliases in this file will NOT be expanded in the header from
 #  Mail, but WILL be visible over networks or from /usr/libexec/mail.local.
@@ -30,9 +30,11 @@
 _ftp: /dev/null
 _hostapd: /dev/null
 _identd: /dev/null
+_iked: /dev/null
 _isakmpd: /dev/null
 _kadmin: /dev/null
 _kdc: /dev/null
+_ldapd: /dev/null
 _ldpd: /dev/null
 _mopd: /dev/null
 _nsd: /dev/null
@@ -50,6 +52,7 @@
 _rusersd: /dev/null
 _rwalld: /dev/null
 _smtpd: /dev/null
+_sndio: /dev/null
 _snmpd: /dev/null
 _spamd: /dev/null
 _syslogd: /dev/null
Binary files etc47/etc/mail/aliases.db and etc48/etc/mail/aliases.db differ
diff -ur etc47/etc/mail/localhost.cf etc48/etc/mail/localhost.cf
--- etc47/etc/mail/localhost.cf	Thu Mar 18 03:31:39 2010
+++ etc48/etc/mail/localhost.cf	Mon Aug 16 16:46:53 2010
@@ -16,7 +16,7 @@
 #####
 #####		SENDMAIL CONFIGURATION FILE
 #####
-##### built by root@i386.openbsd.org on Wed Mar 17 20:26:02 MDT 2010
+##### built by root@i386.openbsd.org on Wed Aug 11 09:49:09 MDT 2010
 ##### in /usr/src/gnu/usr.sbin/sendmail/cf/cf
 ##### using /usr/src/gnu/usr.sbin/sendmail/cf/cf/../ as configuration include directory
 #####
diff -ur etc47/etc/mail/sendmail.cf etc48/etc/mail/sendmail.cf
--- etc47/etc/mail/sendmail.cf	Thu Mar 18 03:31:39 2010
+++ etc48/etc/mail/sendmail.cf	Mon Aug 16 16:46:53 2010
@@ -16,7 +16,7 @@
 #####
 #####		SENDMAIL CONFIGURATION FILE
 #####
-##### built by root@i386.openbsd.org on Wed Mar 17 20:26:02 MDT 2010
+##### built by root@i386.openbsd.org on Wed Aug 11 09:49:09 MDT 2010
 ##### in /usr/src/gnu/usr.sbin/sendmail/cf/cf
 ##### using /usr/src/gnu/usr.sbin/sendmail/cf/cf/../ as configuration include directory
 #####
diff -ur etc47/etc/mail/submit.cf etc48/etc/mail/submit.cf
--- etc47/etc/mail/submit.cf	Thu Mar 18 03:31:39 2010
+++ etc48/etc/mail/submit.cf	Mon Aug 16 16:46:53 2010
@@ -16,7 +16,7 @@
 #####
 #####		SENDMAIL CONFIGURATION FILE
 #####
-##### built by root@i386.openbsd.org on Wed Mar 17 20:26:01 MDT 2010
+##### built by root@i386.openbsd.org on Wed Aug 11 09:49:08 MDT 2010
 ##### in /usr/src/gnu/usr.sbin/sendmail/cf/cf
 ##### using /usr/src/gnu/usr.sbin/sendmail/cf/cf/../ as configuration include directory
 #####
diff -ur etc47/etc/man.conf etc48/etc/man.conf
--- etc47/etc/man.conf	Thu Mar 18 03:31:37 2010
+++ etc48/etc/man.conf	Mon Aug 16 16:46:48 2010
@@ -1,4 +1,4 @@
-#	$OpenBSD: man.conf,v 1.14 2008/04/27 15:10:58 deanna Exp $
+#	$OpenBSD: man.conf,v 1.15 2010/04/09 19:07:30 naddy Exp $

 # Sheer, raging paranoia...
 _version	BSD.2
@@ -16,17 +16,17 @@
 _suffix		.0
 _build		.0.Z		/usr/bin/zcat %s
 _build		.0.gz		/usr/bin/gzcat %s
-_build		.[1-9n]		/usr/bin/nroff -man %s
-_build		.[1-9n].Z	/usr/bin/zcat %s | /usr/bin/nroff -man
-_build		.[1-9n].gz	/usr/bin/gzcat %s | /usr/bin/nroff -man
-_build		.[1-9][a-z]	/usr/bin/nroff -man %s
-_build		.[1-9][a-z].Z	/usr/bin/zcat %s | /usr/bin/nroff -man
-_build		.[1-9][a-z].gz	/usr/bin/gzcat %s | /usr/bin/nroff -man
-_build		.tbl		/usr/bin/tbl %s | /usr/bin/nroff -man
-_build		.tbl.Z		/usr/bin/zcat %s | /usr/bin/tbl | /usr/bin/nroff -man
-_build		.tbl.gz		/usr/bin/gzcat %s | /usr/bin/tbl | /usr/bin/nroff -man
-_build		.me		/usr/bin/nroff -me %s 2>/dev/null | cat -s
-_build		.ms		/usr/bin/nroff -ms %s 2>/dev/null | cat -s
+_build		.[1-9n]		/usr/bin/nroff -Tascii -man %s
+_build		.[1-9n].Z	/usr/bin/zcat %s | /usr/bin/nroff -Tascii -man
+_build		.[1-9n].gz	/usr/bin/gzcat %s | /usr/bin/nroff -Tascii -man
+_build		.[1-9][a-z]	/usr/bin/nroff -Tascii -man %s
+_build		.[1-9][a-z].Z	/usr/bin/zcat %s | /usr/bin/nroff -Tascii -man
+_build		.[1-9][a-z].gz	/usr/bin/gzcat %s | /usr/bin/nroff -Tascii -man
+_build		.tbl		/usr/bin/tbl %s | /usr/bin/nroff -Tascii -man
+_build		.tbl.Z		/usr/bin/zcat %s | /usr/bin/tbl | /usr/bin/nroff -Tascii -man
+_build		.tbl.gz		/usr/bin/gzcat %s | /usr/bin/tbl | /usr/bin/nroff -Tascii -man
+_build		.me		/usr/bin/nroff -Tascii -me %s 2>/dev/null | cat -s
+_build		.ms		/usr/bin/nroff -Tascii -ms %s 2>/dev/null | cat -s

 # Sections and their directories.
 # All paths ending in '/' are the equivalent of entries specifying that
diff -ur etc47/etc/master.passwd etc48/etc/master.passwd
--- etc47/etc/master.passwd	Thu Mar 18 03:31:37 2010
+++ etc48/etc/master.passwd	Mon Aug 16 16:46:49 2010
@@ -1,7 +1,7 @@
 root::0:0:daemon:0:0:Charlie &:/root:/bin/ksh
 daemon:*:1:1::0:0:The devil himself:/root:/sbin/nologin
 operator:*:2:5::0:0:System &:/operator:/sbin/nologin
-bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin
+bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin
 smmsp:*:25:25::0:0:Sendmail Message Submission Program:/nonexistent:/sbin/nologin
 popa3d:*:26:26::0:0:POP3 Server:/var/empty:/sbin/nologin
 sshd:*:27:27::0:0:sshd privsep:/var/empty:/sbin/nologin
@@ -45,4 +45,7 @@
 _rwalld:*:96:96::0:0:rpc.rwalld:/var/empty:/sbin/nologin
 _nsd:*:97:97::0:0:NSD Daemon:/var/empty:/sbin/nologin
 _ldpd:*:98:98::0:0:LDP Daemon:/var/empty:/sbin/nologin
+_sndio:*:99:99::0:0:sndio privsep:/var/empty:/sbin/nologin
+_ldapd:*:100:100::0:0:LDAP Daemon:/var/empty:/sbin/nologin
+_iked:*:101:101::0:0:IKEv2 Daemon:/var/empty:/sbin/nologin
 nobody:*:32767:32767::0:0:Unprivileged user for NFS:/nonexistent:/sbin/nologin
Only in etc47/etc: mtree
diff -ur etc47/etc/netstart etc48/etc/netstart
--- etc47/etc/netstart	Thu Mar 18 03:31:37 2010
+++ etc48/etc/netstart	Mon Aug 16 16:46:48 2010
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$OpenBSD: netstart,v 1.129 2010/01/12 07:43:41 henning Exp $
+#	$OpenBSD: netstart,v 1.130 2010/06/16 23:45:57 todd Exp $

 # Strip comments (and leading/trailing whitespace if IFS is set)
 # from a file and spew to stdout
@@ -111,7 +111,7 @@
 			dest)
 				cmd="$cmd $dtaddr"
 				;;
-			[a-z!]*)
+			*)
 				cmd2="$dt $dtaddr"
 				;;
 			esac
diff -ur etc47/etc/newsyslog.conf etc48/etc/newsyslog.conf
--- etc47/etc/newsyslog.conf	Thu Mar 18 03:31:37 2010
+++ etc48/etc/newsyslog.conf	Mon Aug 16 16:46:48 2010
@@ -1,4 +1,4 @@
-#	$OpenBSD: newsyslog.conf,v 1.27 2009/11/03 20:47:40 deraadt Exp $
+#	$OpenBSD: newsyslog.conf,v 1.28 2010/06/29 10:25:13 stephan Exp $
 #
 # configuration file for newsyslog
 #
@@ -15,4 +15,3 @@
 /var/log/xferlog			640  7     250  *     Z
 /var/log/ppp.log			640  7     250  *     Z
 /var/log/pflog				600  3     250  *     ZB "pkill -HUP -u root -U root -t - -x pflogd"
-
diff -ur etc47/etc/passwd etc48/etc/passwd
--- etc47/etc/passwd	Thu Mar 18 03:31:38 2010
+++ etc48/etc/passwd	Mon Aug 16 16:46:49 2010
@@ -1,7 +1,7 @@
 root:*:0:0:Charlie &:/root:/bin/ksh
 daemon:*:1:1:The devil himself:/root:/sbin/nologin
 operator:*:2:5:System &:/operator:/sbin/nologin
-bin:*:3:7:Binaries Commands and Source,,,:/:/sbin/nologin
+bin:*:3:7:Binaries Commands and Source:/:/sbin/nologin
 smmsp:*:25:25:Sendmail Message Submission Program:/nonexistent:/sbin/nologin
 popa3d:*:26:26:POP3 Server:/var/empty:/sbin/nologin
 sshd:*:27:27:sshd privsep:/var/empty:/sbin/nologin
@@ -45,4 +45,7 @@
 _rwalld:*:96:96:rpc.rwalld:/var/empty:/sbin/nologin
 _nsd:*:97:97:NSD Daemon:/var/empty:/sbin/nologin
 _ldpd:*:98:98:LDP Daemon:/var/empty:/sbin/nologin
+_sndio:*:99:99:sndio privsep:/var/empty:/sbin/nologin
+_ldapd:*:100:100:LDAP Daemon:/var/empty:/sbin/nologin
+_iked:*:101:101:IKEv2 Daemon:/var/empty:/sbin/nologin
 nobody:*:32767:32767:Unprivileged user for NFS:/nonexistent:/sbin/nologin
Only in etc47/etc: phones
Binary files etc47/etc/pwd.db and etc48/etc/pwd.db differ
diff -ur etc47/etc/rc etc48/etc/rc
--- etc47/etc/rc	Thu Mar 18 03:31:37 2010
+++ etc48/etc/rc	Mon Aug 16 16:46:48 2010
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc,v 1.335 2010/01/04 18:03:30 deraadt Exp $
+#	$OpenBSD: rc,v 1.340 2010/07/27 08:37:33 martinh Exp $

 # System startup script run by init on autoboot
 # or after single-user.
@@ -372,7 +372,7 @@
 fi

 if [ ! -f /etc/isakmpd/private/local.key ]; then
-	echo -n "openssl: generating new isakmpd RSA key... "
+	echo -n "openssl: generating new isakmpd/iked RSA key... "
 	if /usr/sbin/openssl genrsa -out /etc/isakmpd/private/local.key 2048 \
 	    > /dev/null 2>&1; then
 		chmod 600 /etc/isakmpd/private/local.key
@@ -384,6 +384,13 @@
 	fi
 fi

+if [ ! -f /etc/iked/private/local.key ]; then
+	# Just copy the generated isakmpd key
+	cp /etc/isakmpd/private/local.key /etc/iked/private/local.key
+	chmod 600 /etc/iked/private/local.key
+	cp /etc/isakmpd/local.pub /etc/iked/local.pub
+fi
+
 if [ X"${isakmpd_flags}" != X"NO" ]; then
 	if [ X"${sasyncd_flags}" != X"NO" ]; then
 		isakmpd_flags="-S ${isakmpd_flags}"
@@ -391,6 +398,13 @@
 	echo 'starting isakmpd';	isakmpd ${isakmpd_flags}
 fi

+if [ X"${iked_flags}" != X"NO" ]; then
+	if [ X"${sasyncd_flags}" != X"NO" ]; then
+		iked_flags="-S ${iked_flags}"
+	fi
+	echo 'starting iked';		iked ${iked_flags}
+fi
+
 if [ X"${sasyncd_flags}" != X"NO" ]; then
 	echo 'starting sasyncd';	sasyncd ${sasyncd_flags}
 fi
@@ -520,7 +534,8 @@

 # prune quickly with one rm, then use find to clean up /tmp/[lq]*
 # (not needed with mfs /tmp, but doesn't hurt there...)
-(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
+(cd /tmp && rm -rf [a-km-pr-zA-Z]*)
+(cd /tmp &&
     find . ! -name . ! -name lost+found ! -name quota.user \
 	! -name quota.group -execdir rm -rf -- {} \; -type d -prune)

@@ -619,6 +634,10 @@
 	echo -n ' snmpd';		/usr/sbin/snmpd $snmpd_flags
 fi

+if [ X"${ldpd_flags}" != X"NO" ]; then
+	echo -n ' ldpd';		/usr/sbin/ldpd $ldpd_flags
+fi
+
 if [ X"${ripd_flags}" != X"NO" ]; then
 	echo -n ' ripd';		/usr/sbin/ripd $ripd_flags
 fi
@@ -699,6 +718,10 @@
 	echo -n ' lpd';			lpd ${lpd_flags}
 fi

+if [ X"${ldapd_flags}" != X"NO" ]; then
+	echo -n ' ldapd';		/usr/sbin/ldapd ${ldapd_flags};
+fi
+
 # We call sendmail with a full path so that SIGHUP works.
 # Note that /usr/sbin/sendmail may actually call a
 # mailer other than sendmail, depending on /etc/mailer.conf.
@@ -763,6 +786,10 @@
 echo '.'

 mixerctl_conf
+
+if [ X"${aucat_flags}" != X"NO" ]; then
+	aucat -l ${aucat_flags}
+fi

 # KerberosV master KDC
 if [ X"${krb5_master_kdc}" = X"YES" ]; then
diff -ur etc47/etc/rc.conf etc48/etc/rc.conf
--- etc47/etc/rc.conf	Thu Mar 18 03:31:37 2010
+++ etc48/etc/rc.conf	Mon Aug 16 16:46:49 2010
@@ -1,8 +1,9 @@
 #!/bin/sh -
 #
-#	$OpenBSD: rc.conf,v 1.134 2009/10/17 20:40:17 nicm Exp $
+#	$OpenBSD: rc.conf,v 1.139 2010/07/29 13:55:48 jmc Exp $

 # set these to "NO" to turn them off.  otherwise, they're used as flags
+ldpd_flags=NO		# for normal use: ""
 ripd_flags=NO		# for normal use: ""
 mrouted_flags=NO	# for normal use: "", if activated
 			# be sure to enable multicast_router below.
@@ -20,6 +21,7 @@
 ldattach_flags=NO	# for normal use: "[options] linedisc cua-device"
 ntpd_flags=NO		# for normal use: ""
 isakmpd_flags=NO	# for normal use: ""
+iked_flags=NO		# for normal use: ""
 sasyncd_flags=NO	# for normal use: ""
 mopd_flags=NO		# for normal use: "-a"
 apmd_flags=NO		# for normal use: ""
@@ -42,6 +44,8 @@
 relayd_flags=NO		# for normal use: ""
 snmpd_flags=NO		# for normal use: ""
 smtpd_flags=NO		# for normal use: ""
+aucat_flags=NO		# for normal use: ""
+ldapd_flags=NO		# for normal use: ""

 # use -u to disable chroot, see httpd(8)
 httpd_flags=NO		# for normal use: "" (or "-DSSL" after reading ssl(8))
@@ -93,11 +97,11 @@
 yppasswdd_flags=NO		# "-d /etc/yp" if passwd files are in /etc/yp
 nfsd_flags="-tun 4"		# Crank the 4 for a busy NFS fileserver
 amd_master=/etc/amd/master	# AMD 'master' map
-syslogd_flags=			# add more flags, ie. "-u -a /chroot/dev/log"
+syslogd_flags=			# add more flags, e.g. "-u -a /chroot/dev/log"
 pf_rules=/etc/pf.conf		# Packet filter rules file
 ipsec_rules=/etc/ipsec.conf	# IPsec rules file
 bt_rules=/etc/bt.conf		# Bluetooth rules file
-pflogd_flags=			# add more flags, ie. "-s 256"
+pflogd_flags=			# add more flags, e.g. "-s 256"
 afsd_flags=			# Flags passed to afsd
 shlib_dirs=			# extra directories for ldconfig, separated
 				# by space
diff -ur etc47/etc/remote etc48/etc/remote
--- etc47/etc/remote	Thu Mar 18 03:31:37 2010
+++ etc48/etc/remote	Mon Aug 16 16:46:49 2010
@@ -1,21 +1,18 @@
-#	$OpenBSD: remote,v 1.11 2005/02/07 06:08:10 david Exp $
+#	$OpenBSD: remote,v 1.12 2010/06/29 17:17:53 nicm Exp $
 #	from: @(#)remote	8.1 (Berkeley) 6/10/93
 #
 # remote -- remote host description database
-# see tip(1), cgetcap(3), phones(5), remote(5)
+# see tip(1), cgetcap(3), remote(5)
 #
 # Capabilities used in examples:
 #
-#   at	ACU type
 #   br	baud rate (defaults to 300)
 #   dc	direct connect
-#   du	make a call flag (dial up)
 #   dv	device to use for the tty
 #   el	EOL marks (default is NULL)
 #   ie	input EOF marks (default is NULL)
 #   oe	output EOF string (default is NULL)
 #   pa	parity
-#   pn	phone #, '\@' means use the phones(5) file
 #   tc	include the named system description
 #
 # Most OpenBSD architectures use /dev/tty00, /dev/cua00, etc.
@@ -50,27 +47,14 @@
 direct:\
 	:dc:

-dialup:\
-	:du:at=hayes:pn=\@:
-
 doshost:\
 	:oe=^Z:tc=unixhost:

 unixhost:\
 	:pa=none:br#9600:el=^U^C^R^O^D^S^Q:ie=%$:oe=^D:

-# Sample directly connected lines. Directly connected lines are
-# most commonly used for serial consoles.
-#
 tty00|For hp300,i386,mac68k,macppc,mvmeppc,vax:\
 	:dv=/dev/tty00:tc=direct:tc=unixhost:

 ttya|For sparc,mvme68k:\
 	:dv=/dev/ttya:tc=direct:tc=unixhost:
-
-# Sample dial out lines.
-#
-cua00|For hp300,i386,mac68k,macppc,mvmeppc,vax:\
-	:dv=/dev/cua00:tc=dialup:tc=unixhost:
-cuaa|For sparc,mvme68k:\
-	:dv=/dev/cuaa:tc=dialup:tc=unixhost:
diff -ur etc47/etc/services etc48/etc/services
--- etc47/etc/services	Thu Mar 18 03:31:37 2010
+++ etc48/etc/services	Mon Aug 16 16:46:49 2010
@@ -1,4 +1,4 @@
-#	$OpenBSD: services,v 1.73 2010/01/17 05:50:06 dlg Exp $
+#	$OpenBSD: services,v 1.74 2010/05/25 13:00:00 claudio Exp $
 #
 # Network services, Internet style
 #
@@ -151,6 +151,8 @@
 ipp		631/udp				# Internet Printing Protocol
 ldaps		636/tcp				# LDAP over SSL
 ldaps		636/udp
+ldp		646/tcp
+ldp		646/udp
 rsync		873/tcp				# rsync server
 cddb		888/tcp		cddbp		# Audio CD Database
 imaps		993/tcp				# imap4 protocol over TLS/SSL
Binary files etc47/etc/spwd.db and etc48/etc/spwd.db differ
diff -ur etc47/etc/ssl/x509v3.cnf etc48/etc/ssl/x509v3.cnf
--- etc47/etc/ssl/x509v3.cnf	Thu Mar 18 03:31:42 2010
+++ etc48/etc/ssl/x509v3.cnf	Mon Aug 16 16:46:57 2010
@@ -1,6 +1,7 @@
 # default settings
 CERTPATHLEN		= 1
 CERTUSAGE		= digitalSignature,keyCertSign,cRLSign
+EXTCERTUSAGE		= serverAuth,clientAuth
 CERTIP			= 0.0.0.0
 CERTFQDN		= nohost.nodomain

@@ -18,9 +19,11 @@
 # The address must be provided in the CERTIP environment variable
 [x509v3_IPAddr]
 subjectAltName=IP:$ENV::CERTIP
+extendedKeyUsage=$ENV::EXTCERTUSAGE

 # This section should be referenced to add a FQDN hostname
 # as an alternate subject name, needed by isakmpd
 # The address must be provided in the CERTFQDN environment variable
 [x509v3_FQDN]
 subjectAltName=DNS:$ENV::CERTFQDN
+extendedKeyUsage=$ENV::EXTCERTUSAGE
diff -ur etc47/etc/sysctl.conf etc48/etc/sysctl.conf
--- etc47/etc/sysctl.conf	Thu Mar 18 03:31:37 2010
+++ etc48/etc/sysctl.conf	Mon Aug 16 16:46:49 2010
@@ -37,11 +37,10 @@
 #machdep.allowaperture=2	# See xf86(4)
 #machdep.apmhalt=1		# 1=powerdown hack, try if halt -p doesn't work
 #machdep.kbdreset=1		# permit console CTRL-ALT-DEL to do a nice halt
+#machdep.lidsuspend=1		# laptop lid closes cause a suspend
 #machdep.userldt=1		# allow userland programs to play with ldt,
 				# required by some ports
 #kern.emul.aout=1		# enable running dynamic OpenBSD a.out bins
-#kern.emul.bsdos=1		# enable running BSD/OS binaries
 #kern.emul.freebsd=1		# enable running FreeBSD binaries
-#kern.emul.ibcs2=1		# enable running iBCS2 binaries
 #kern.emul.linux=1		# enable running Linux binaries
 #kern.emul.svr4=1		# enable running SVR4 binaries
diff -ur etc47/etc/systrace/usr_sbin_named etc48/etc/systrace/usr_sbin_named
--- etc47/etc/systrace/usr_sbin_named	Thu Mar 18 03:31:38 2010
+++ etc48/etc/systrace/usr_sbin_named	Mon Aug 16 16:46:51 2010
@@ -1,4 +1,4 @@
-# $OpenBSD: usr_sbin_named,v 1.5 2004/05/13 04:50:04 sturm Exp $
+# $OpenBSD: usr_sbin_named,v 1.6 2010/07/23 03:13:51 ray Exp $
 #
 # Policy for named that uses named user and chroots to /var/named
 # This policy works for the default configuration of named.
@@ -28,6 +28,7 @@
 	native-fsread: filename eq "/etc/named.keys" then permit
 	native-fsread: filename eq "/etc/pwd.db" then permit
 	native-fsread: filename eq "/etc/rndc.key" then permit
+	native-fsread: filename eq "/etc/root.hint" then permit
 	native-fsread: filename eq "/etc/spwd.db" then deny[eperm]
 	native-fsread: filename match "/master" then permit
 	native-fsread: filename match "/slave" then permit
@@ -63,6 +64,7 @@
 	native-mquery: permit
 	native-munmap: permit
 	native-nanosleep: permit
+	native-pipe: permit
 	native-pread: permit
 	native-read: permit
 	native-recvmsg: permit
@@ -74,6 +76,8 @@
 	native-seteuid: uid eq "70" and uname eq "named" then permit
 	native-setgid: gid eq "70" then permit
 	native-setgroups: permit
+	native-setresgid: permit
+	native-setresuid: permit
 	native-setrlimit: permit
 	native-setsid: permit
 	native-setsockopt: permit
diff -ur etc47/var/db/sysmerge/etcsum etc48/var/db/sysmerge/etcsum
--- etc47/var/db/sysmerge/etcsum	Thu Mar 18 03:37:34 2010
+++ etc48/var/db/sysmerge/etcsum	Mon Aug 16 16:55:30 2010
@@ -8,33 +8,42 @@
 4294967295 0 ./etc/authpf
 2217676753 1955 ./etc/bgpd.conf
 3876916992 185 ./etc/ccd.conf
-722243072 3099 ./etc/changelist
+793243876 3127 ./etc/changelist
 252594545 410 ./etc/chio.conf
 1472356903 102 ./etc/csh.cshrc
 2703696912 102 ./etc/csh.login
 3431436583 104 ./etc/csh.logout
-1553404009 5219 ./etc/daily
+3370947786 5332 ./etc/daily
 2378293123 591 ./etc/dhclient.conf
 4136716515 733 ./etc/dhcpd.conf
-3211624926 4376 ./etc/disktab
+4153755677 787 ./etc/disktab
 4294967295 0 ./etc/dumpdates
 3022890455 215 ./etc/dvmrpd.conf
 2099336431 235 ./etc/exports
 145091714 371 ./etc/fbtab
 1547079671 151 ./etc/ftpchroot
-4156436819 453 ./etc/ftpusers
+2760177956 470 ./etc/ftpusers
 1239607785 3177 ./etc/gettytab
-720510183 895 ./etc/group
+2621652739 935 ./etc/group
 3332781422 2320 ./etc/hostapd.conf
 3453560924 267 ./etc/hosts
 2823201104 75 ./etc/hosts.equiv
 2631094474 178 ./etc/hosts.lpd
 4294967295 0 ./etc/hotplug
 2974218072 1913 ./etc/ifstated.conf
+347500611 805 ./etc/iked.conf
+4294967295 0 ./etc/iked/pubkeys/fqdn
+4294967295 0 ./etc/iked/pubkeys/ipv4
+4294967295 0 ./etc/iked/pubkeys/ipv6
+4294967295 0 ./etc/iked/pubkeys/ufqdn
 1419656858 2381 ./etc/inetd.conf
 4243353537 1122 ./etc/ipsec.conf
-3129846223 3869 ./etc/ksh.kshrc
-878306044 305 ./etc/ldpd.conf
+1378435518 4005 ./etc/ksh.kshrc
+3481018561 19682 ./etc/ldap/core.schema
+4128381391 2737 ./etc/ldap/inetorgperson.schema
+2139975806 7443 ./etc/ldap/nis.schema
+1003664992 360 ./etc/ldapd.conf
+1669450874 301 ./etc/ldpd.conf
 1315038147 874 ./etc/localtime
 1272061458 555 ./etc/locate.rc
 118646532 2245 ./etc/login.conf
@@ -44,45 +53,40 @@
 2236616533 3388 ./etc/mail/README
 761663012 275 ./etc/mail/access
 2937419450 65536 ./etc/mail/access.db
-335771194 1779 ./etc/mail/aliases
-694528397 65536 ./etc/mail/aliases.db
+2239958834 1829 ./etc/mail/aliases
+2308671928 65536 ./etc/mail/aliases.db
 2079996431 982 ./etc/mail/genericstable
 2937419450 65536 ./etc/mail/genericstable.db
 2054762348 5663 ./etc/mail/helpfile
 987201812 466 ./etc/mail/local-host-names
-3841834506 40743 ./etc/mail/localhost.cf
+1768776918 40743 ./etc/mail/localhost.cf
 3116949394 562 ./etc/mail/mailertable
 2937419450 65536 ./etc/mail/mailertable.db
 1149556019 490 ./etc/mail/relay-domains
-4164053631 64506 ./etc/mail/sendmail.cf
+2132050429 64506 ./etc/mail/sendmail.cf
 667510436 300 ./etc/mail/smtpd.conf
 3479831541 1876 ./etc/mail/spamd.conf
-1813081356 41795 ./etc/mail/submit.cf
+1289056739 41795 ./etc/mail/submit.cf
 942407207 561 ./etc/mail/trusted-users
 780872591 621 ./etc/mail/virtusertable
 2937419450 65536 ./etc/mail/virtusertable.db
 233395827 424 ./etc/mailer.conf
-3915481 2201 ./etc/man.conf
-4061065668 2856 ./etc/master.passwd
+2074991023 2288 ./etc/man.conf
+3970800728 3030 ./etc/master.passwd
 3948491597 159160 ./etc/moduli
 686634897 938 ./etc/monthly
 1116441835 406 ./etc/motd
 3992554006 1531 ./etc/mrouted.conf
-1733797779 28817 ./etc/mtree/4.4BSD.dist
-1338026445 3111 ./etc/mtree/BSD.local.dist
-1400764987 9787 ./etc/mtree/BSD.x11.dist
-1004957892 9306 ./etc/mtree/special
 1841534430 17 ./etc/myname
-1531665828 9797 ./etc/netstart
+1550044728 9788 ./etc/netstart
 2935274938 203 ./etc/networks
-1847076434 755 ./etc/newsyslog.conf
+968301387 754 ./etc/newsyslog.conf
 3066868024 493 ./etc/ntpd.conf
 2444571113 467 ./etc/ospf6d.conf
 4056398302 590 ./etc/ospfd.conf
-1908169058 2611 ./etc/passwd
+1160083724 2770 ./etc/passwd
 1588100705 1004 ./etc/pf.conf
 2300413469 28312 ./etc/pf.os
-1879995149 188 ./etc/phones
 1486162102 322 ./etc/portal.conf
 2639296339 141 ./etc/ppp/chap-secrets
 2633022360 22 ./etc/ppp/options
@@ -90,22 +94,22 @@
 3620712914 139 ./etc/ppp/pap-secrets
 2848487335 236 ./etc/printcap
 1129771337 5680 ./etc/protocols
-1239842684 40960 ./etc/pwd.db
+3597021780 40960 ./etc/pwd.db
 1686087193 344 ./etc/rbootd.conf
-2680774216 19725 ./etc/rc
-2958411488 4288 ./etc/rc.conf
+3936635197 20397 ./etc/rc
+56307155 4435 ./etc/rc.conf
 1402807809 380 ./etc/rc.local
 639998969 635 ./etc/rc.securelevel
 3684809617 335 ./etc/rc.shutdown
 3253051455 2530 ./etc/relayd.conf
-2670951584 2317 ./etc/remote
+75412510 1887 ./etc/remote
 3052949533 272 ./etc/ripd.conf
-2206954044 10004 ./etc/rmt
+3131719434 10132 ./etc/rmt
 1935202087 852 ./etc/rpc
 4271262874 403 ./etc/sasyncd.conf
 2272953289 18717 ./etc/security
 1223872336 1136 ./etc/sensorsd.conf
-2820777051 9943 ./etc/services
+2849697141 9973 ./etc/services
 4011733011 258 ./etc/shells
 3838912274 22 ./etc/skel/.Xdefaults
 1301968229 773 ./etc/skel/.cshrc
@@ -117,17 +121,17 @@
 1777800463 349 ./etc/sliphome/slip.hosts
 2924136859 500 ./etc/sliphome/slip.login
 3515895754 608 ./etc/snmpd.conf
-390898665 40960 ./etc/spwd.db
+3850897738 40960 ./etc/spwd.db
 4294967295 0 ./etc/ssh
 2120219775 1555 ./etc/ssh/ssh_config
 231289807 2524 ./etc/ssh/sshd_config
 471002687 1598 ./etc/ssl/openssl.cnf
-1208605894 895 ./etc/ssl/x509v3.cnf
+993424129 1005 ./etc/ssl/x509v3.cnf
 2341528463 1354 ./etc/sudoers
-3811567190 2767 ./etc/sysctl.conf
+3071348488 2721 ./etc/sysctl.conf
 1055529673 1530 ./etc/syslog.conf
 1892516430 3246 ./etc/systrace/usr_sbin_lpd
-1518529974 3403 ./etc/systrace/usr_sbin_named
+1470207625 3531 ./etc/systrace/usr_sbin_named
 2328247655 22998 ./etc/ttys
 2776652567 1680 ./etc/weekly
 4174102115 474 ./etc/wsconsctl.conf
@@ -156,12 +160,12 @@
 4294967295 0 ./var/log/sendmail.st
 4294967295 0 ./var/log/wtmp
 4294967295 0 ./var/log/xferlog
-2838438414 4546 ./var/mail/root
+2532119393 4546 ./var/mail/root
 4294967295 0 ./var/msgs/bounds
 2245793152 1563 ./var/named/etc/named-dual.conf
 1504362979 1351 ./var/named/etc/named-simple.conf
 1504362979 1351 ./var/named/etc/named.conf
-4097226550 3002 ./var/named/etc/root.hint
+1453147431 3056 ./var/named/etc/root.hint
 4294967295 0 ./var/named/master
 4294967295 0 ./var/named/slave
 4294967295 0 ./var/named/standard
diff -ur etc47/var/mail/root etc48/var/mail/root
--- etc47/var/mail/root	Thu Mar 18 03:31:43 2010
+++ etc48/var/mail/root	Mon Aug 16 16:46:57 2010
@@ -1,9 +1,9 @@
-From deraadt@do-not-reply.openbsd.org Wed Mar  1 07:47:47 MDT 2010
+From deraadt@do-not-reply.openbsd.org Wed Sep  1 07:47:47 MDT 2010
 Return-Path: root
-Date: Mar 1 07:47:47 MDT 2010
+Date: Sep 1 07:47:47 MDT 2010
 From: deraadt@do-not-reply.openbsd.org (Theo de Raadt)
 To: root
-Subject: Welcome to OpenBSD 4.7!
+Subject: Welcome to OpenBSD 4.8!

 This message attempts to describe the most basic initial questions that a
 system administrator of an OpenBSD box might have.  You are urged to save
@@ -27,13 +27,13 @@

 Several popular binary packages (pre-compiled applications) are available
 for most architectures.  If you installed from a CD-ROM the packages
-are on the same CD-ROM you installed from in the directory 4.7/packages.
+are on the same CD-ROM you installed from in the directory 4.8/packages.

 CD-ROM space permitted us to include a subset of the full FTP packages
 for the most common architectures.  Please see the FTP sites to see a
 full list of packages for each architecture:

-	ftp://ftp.openbsd.org/pub/OpenBSD/4.7/packages/
+	ftp://ftp.openbsd.org/pub/OpenBSD/4.8/packages/

 If you do not find a package you want on the CD, please go look at your
 nearest FTP mirror site.
@@ -41,9 +41,9 @@
 Select your architecture and download the tarballs of your choice.  For example
 to install the emacs package for i386, execute:
  # mount /dev/cd0a /cdrom
- # pkg_add -v /cdrom/4.7/packages/i386/emacs-22.3p2.tgz
+ # pkg_add -v /cdrom/4.8/packages/i386/emacs-22.3p6.tgz
 or alternatively install them via FTP this way:
- # pkg_add -v ftp://ftp.openbsd.org/pub/OpenBSD/4.7/packages/i386/emacs-22.3p2.tgz
+ # pkg_add -v ftp://ftp.openbsd.org/pub/OpenBSD/4.8/packages/i386/emacs-22.3p6.tgz

 Significant efforts were made to centralize all system configuration in the
 /etc directory.  You should be able to find each of the configuration files
diff -ur etc47/var/named/etc/root.hint etc48/var/named/etc/root.hint
--- etc47/var/named/etc/root.hint	Thu Mar 18 03:31:38 2010
+++ etc48/var/named/etc/root.hint	Mon Aug 16 16:46:52 2010
@@ -1,4 +1,4 @@
-; $OpenBSD: root.hint,v 1.7 2008/12/29 08:14:00 jakob Exp $
+;	$OpenBSD: root.hint,v 1.8 2010/06/27 22:04:33 jakob Exp $
 ;
 ;       This file holds the information on root name servers needed to
 ;       initialize cache of Internet domain name servers
@@ -7,12 +7,12 @@
 ;
 ;       This file is made available by InterNIC
 ;       under anonymous FTP as
-;           file                /domain/named.root
+;           file                /domain/named.cache
 ;           on server           FTP.INTERNIC.NET
 ;       -OR-                    RS.INTERNIC.NET
 ;
-;       last update:    Dec 12, 2008
-;       related version of root zone:   2008121200
+;       last update:    Jun 17, 2010
+;       related version of root zone:   2010061700
 ;
 ; formerly NS.INTERNIC.NET
 ;
@@ -20,69 +20,70 @@
 A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
 A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:BA3E::2:30
 ;
-; formerly NS1.ISI.EDU
+; FORMERLY NS1.ISI.EDU
 ;
 .                        3600000      NS    B.ROOT-SERVERS.NET.
 B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
 ;
-; formerly C.PSI.NET
+; FORMERLY C.PSI.NET
 ;
 .                        3600000      NS    C.ROOT-SERVERS.NET.
 C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
 ;
-; formerly TERP.UMD.EDU
+; FORMERLY TERP.UMD.EDU
 ;
 .                        3600000      NS    D.ROOT-SERVERS.NET.
 D.ROOT-SERVERS.NET.      3600000      A     128.8.10.90
 ;
-; formerly NS.NASA.GOV
+; FORMERLY NS.NASA.GOV
 ;
 .                        3600000      NS    E.ROOT-SERVERS.NET.
 E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
 ;
-; formerly NS.ISC.ORG
+; FORMERLY NS.ISC.ORG
 ;
 .                        3600000      NS    F.ROOT-SERVERS.NET.
 F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
-F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2f::f
+F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2F::F
 ;
-; formerly NS.NIC.DDN.MIL
+; FORMERLY NS.NIC.DDN.MIL
 ;
 .                        3600000      NS    G.ROOT-SERVERS.NET.
 G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
 ;
-; formerly AOS.ARL.ARMY.MIL
+; FORMERLY AOS.ARL.ARMY.MIL
 ;
 .                        3600000      NS    H.ROOT-SERVERS.NET.
 H.ROOT-SERVERS.NET.      3600000      A     128.63.2.53
-H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::803f:235
+H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::803F:235
 ;
-; formerly NIC.NORDU.NET
+; FORMERLY NIC.NORDU.NET
 ;
 .                        3600000      NS    I.ROOT-SERVERS.NET.
 I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
+I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7FE::53
 ;
-; operated by VeriSign, Inc.
+; OPERATED BY VERISIGN, INC.
 ;
 .                        3600000      NS    J.ROOT-SERVERS.NET.
 J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
 J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:C27::2:30
 ;
-; operated by RIPE NCC
+; OPERATED BY RIPE NCC
 ;
 .                        3600000      NS    K.ROOT-SERVERS.NET.
-K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
-K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fd::1
+K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
+K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7FD::1
 ;
-; operated by ICANN
+; OPERATED BY ICANN
 ;
 .                        3600000      NS    L.ROOT-SERVERS.NET.
 L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42
-L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:3::42
+L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:3::42
 ;
-; operated by WIDE
+; OPERATED BY WIDE
 ;
 .                        3600000      NS    M.ROOT-SERVERS.NET.
 M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
-M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35
+M.ROOT-SERVERS.NET.      3600000      AAAA  2001:DC3::35
 ; End of File