OpenBSD Upgrade Guide: 4.6 to 4.7


[FAQ Index] | [4.5 -> 4.6] | [4.7 -> 4.8]

Note: Upgrades are only supported from one release to the release immediately following it. Do not skip releases.

It is highly recommended that you read through and fully understand this process before attempting it. If you are doing it on a critical or physically remote machine, it is recommended that you test this process on an identical, local system to verify its success before attempting on a critical or remote computer.

Upgrading is a convenient way to bring your OpenBSD system up to the most recent version. However, the results are not intended to precisely match the results of a wipe-and-reload installation. Old library files in particular are not removed in the upgrade process, as they may be required by older applications that may or may not be upgraded at this time. If you REALLY wish to get rid of all these old files, you are probably better off reinstalling from scratch.

Table of Contents:


Before upgrading: things to think about and be aware of

This is not a complete list of the changes that took place between 4.6 and 4.7, but rather some of the important things that will impact a large number of users in the upgrade process. For a more complete list of changes, see plus47.html and the CVS change logs.


The upgrade process

Upgrading by install kernel

If you have access to the system's console, the easiest and safest way to upgrade is to boot from install media or bsd.rd and follow the upgrade steps, which are very similar to the install process.

Afterwards, complete the upgrade by following the final steps as detailed below.

One easy way to boot from the install kernel is to place the 4.7 version of bsd.rd in the root of your boot drive, then instruct the boot loader to boot using this new bsd.rd file. On amd64 and i386, you do this by entering "boot bsd.rd" at the initial boot> prompt.

Upgrading without install kernel

This is NOT the recommended process. Use the install kernel method if at all possible!

Sometimes, one needs to do an upgrade of a machine when one can't easily use the normal upgrade process. The most common case is when the machine is in a remote location and you don't have easy access to the system console. One can usually do this by carefully following this process:


Final steps

Whether you upgrade by using an install kernel and doing a formal "upgrade" process, or do a "in-place" binary upgrade, there are certain manual steps that have to be performed.

1. New Users and Groups

The following users need to be created for 4.7:
useradd -u 97 -g =uid -c "NSD Daemon" -d /var/empty -s /sbin/nologin _nsd
useradd -u 98 -g =uid -c "LDP Daemon" -d /var/empty -s /sbin/nologin _ldpd

2. Upgrading /etc

You will want to extract the etc47.tgz files to a temporary location:

export RELEASEPATH=/usr/rel
tar -C /tmp -xzphf ${RELEASEPATH}/etc47.tgz
Files that can probably be copied from etc47.tgz "as is":
etc/ldpd.conf
etc/moduli
etc/netstart
etc/pf.os
etc/rc
etc/rc.conf
etc/mtree/4.4BSD.dist
etc/mtree/BSD.x11.dist
etc/mtree/special
Note that it IS possible to locally modify these files, if this has been done, do NOT copy over those files, and use the sysmerge(8) process instead. Here are copy/paste lines for copying these files, assuming you unpacked etc47.tgz in the above recommended place:
cd /tmp/etc 
cp ldpd.conf moduli netstart pf.os rc rc.conf /etc
cp mtree/4.4BSD.dist mtree/BSD.x11.dist mtree/special /etc/mtree

(YP servers only) yp Makefile upgrade: Manually merge the changes of /var/yp/Makefile.yp (installed as part of base47.tgz) into the Makefiles for any domains, /var/yp/*/Makefile. Practically speaking, this means copying /var/yp/Makefile.yp to each domain Makefile and re-applying domain options within that file.

3a. Merging locally changed files via a patch file

These files likely have local changes, but should be updated for 4.7. IF you have not altered these files, you can copy over the new version, otherwise the changes should be merged with your files:

etc/changelist
etc/ftpusers
etc/ksh.kshrc
etc/mail/aliases
etc/mail/smtpd.conf
etc/newsyslog.conf
etc/protocols
etc/services
etc/sudoers
etc/sysctl.conf
var/named/etc/named-dual.conf
var/named/etc/named-simple.conf
var/named/etc/named.conf
var/named/standard/loopback6.arpa
var/www/conf/mime.types
The changes to these files are in this patch file. You can attempt to use this by executing the following as root:
cd /
patch -C -p0 < upgrade47.patch
This will test the patch to see how well it will apply to YOUR system; to actually apply it, leave off the "-C" option. Note that it is likely that if you have customized files or not kept them closely updated, or are upgrading from a snapshot of 4.6, they may not accept the patch cleanly. In those cases, you will need to manually apply the changes. Please test this process before relying on it for a machine you can not easily get to.

The following files have had changes which should be looked at, but it is unlikely they should be directly copied or merged (i.e., if you are using pf.conf, look at the suggested change of strategy, and decide if it is appropriate for your use).

etc/bgpd.conf
etc/ospf6d.conf
etc/pf.conf
etc/ssh/ssh_config
etc/ssh/sshd_config

Finally, use newaliases(8) to update the aliases database, mtree(8) create any new directories:

newaliases
mtree -qdef /etc/mtree/4.4BSD.dist -p / -u

3b. Merging locally changed files via sysmerge(8)

The sysmerge(8) utility will compare the files that are actually on your system with those that would be installed to a fresh install, and assist you in merging the changes into your system. Note that unlike the patch file, there are no assumptions made about what is actually on your system, so you can use sysmerge(8) to move between more arbitrary points in the development process, such as from an earlier -current to 4.7-release or from one -current to a later one. Sysmerge(8) compares the current files on your system with the files that would have been installed with a new install, and gives you the option of keeping the old file, installing the new file, or assisting you in the manual merging of the old and new files, using sdiff. You may opt to use sysmerge to make the changes, or you may wish to use the patch file first, and then follow up with a sysmerge session to clean up any loose ends.

Who should use sysmerge(8):
People running highly modified systems or systems that didn't start out at the previous release (for example, a snapshot partway between releases), who are upgrading to a snapshot or who have not carefully upgraded their system in the past will find sysmerge vastly superior to using the patches, as it works with what is actually on your system, instead of what we expected was on your system. It will also give you much greater control over your upgrade process, and will involve you in it more closely.

Who may wish to NOT use sysmerge(8):
People who have a lot of machines to upgrade that were kept fairly simple and at the previous release/stable point will probably find the old patch file system much faster.

Please read the sysmerge(8) manual page before using it on your system. You are also advised to read the diff(1), sdiff(1) and even review more(1) manual pages before continuing.

Assuming the etc47.tgz and xetc47.tgz files exists in your $RELEASEPATH, run it with:

sysmerge -s $RELEASEPATH/etc47.tgz -x $RELEASEPATH/xetc47.tgz
Sysmerge(8) will show you a unified diff(1), run through your favorite $PAGER (i.e., more(1)) and ask you, for most changed files, if you wish to:
  Use 'd' to delete the temporary ./var/www/htdocs/index.html
  Use 'i' to install the temporary ./var/www/htdocs/index.html
  Use 'm' to merge the temporary and installed versions
  Use 'v' to view the diff results again

  Default is to leave the temporary file to deal with by hand

If you wish to retain your existing file, delete the temporary file, if you wish to replace your existing file with the new version, install the temporary file. If you wish to merge the two together, choosing 'm' will put you into sdiff(1), where you can manually merge the file. The default is to come back and deal with the file later, manually.

While it can work, we do not recommend you use sysmerge to integrate new users into the system, but rather use the useradd(8) line above. We believe it is much less error prone. (hint: do not install the temporary master.passwd file over your existing one!).

Sysmerge(8) saves all your replaced files into a temporary directory, similar to /var/tmp/sysmerge.24959/backups, so if you accidentally clobber something that was probably not such a good idea, you have a chance to recover it. Note that daily(8) cleans old files from this directory.

4. Checking the kernel

Note: most people can skip this step!

If you followed the instructions for the upgrade process without install kernel, you have already completed this step. However, if you used the install kernel, and if you had a modified kernel in 4.6, it is likely you will need to modify the stock kernel of 4.7. This can be as simple as modifying a specific device using config(8), or it can involve a recompilation if the option you need is not included in the GENERIC kernel. Please consult FAQ 5 - Building the system from source before considering to recompile your kernel.

5. Upgrading packages

If you installed any packages on your system, you should upgrade them after completing the upgrade of the base system. Be aware, however, many packages will require further setup before and/or after upgrading the package. Check with the application's upgrade guide for details.

The following packages are known to have significant upgrade issues that will impact a large number of users. The fact that a package is not on this list doesn't mean it will have a trivial upgrade. You must do some homework on the applications YOU use.

The package tools support in-place updating using pkg_add -u. For instance, to update all your packages, make sure PKG_PATH is pointing to the 4.7 packages directory on your CD or nearest FTP mirror, and use something like

pkg_add -ui -D update -D updatedepends
where the -u indicates update mode, and -i specifies interactive mode, so pkg_add will prompt you for input when it encounters some ambiguity. Read the pkg_add(1) manual page and the package management chapter of the FAQ for more information.

Two packages now come with perl 5.10.1 in base. If you have installed these packages, delete them now:

pkg_delete p5-parent p5-Parse-CPAN-Meta

[FAQ Index] | [4.5 -> 4.6] | [4.7 -> 4.8]


$OpenBSD: upgrade47.html,v 1.31 2021/03/15 10:18:43 jsg Exp $