OpenBSD Upgrade Guide: 5.9 to 6.0

Upgrades are only supported from one release to the release immediately following it. Read through and understand this process before attempting it. For critical or physically remote machines, test it on an identical, local system first.

Boot from the install kernel, bsd.rd: use bootable install media, or place the 6.0 version of bsd.rd in the root of your filesystem and instruct the boot loader to boot this kernel. Once this kernel is booted, choose the (U)pgrade option and follow the prompts. Finish up by upgrading the packages: pkg_add -u.

Alternatively, you can use the manual upgrade process.

You may wish to check the errata page or upgrade to the stable branch to get any post-release fixes.

Before rebooting into the install kernel

clean out /usr/share/man. Formerly, hard links were used to provide the same man page under several different names. These hard links are no longer needed and may get in the way. Issue rm -rf /usr/share/man.
softraid(4) metadata version changed. The current softraid metadata version has been incremented as part of implementing support for sector sizes other than 512 bytes. Since on-disk metadata is automatically updated every time a softraid volume is mounted, once you mount a softraid volume on a new kernel (including bsd.rd) that volume will no longer be recognized by older kernels.
iwm(4) needs new firmware. The iwm(4) wifi driver needs firmware with a newer major version. If you plan to use that device to carry out an upgrade, run fw_update(1).

Configuration and syntax changes

The wxallowed mount option. W^X is now strictly enforced by default; a program can only violate it if it is located on a filesystem mounted with the wxallowed mount(8) option. This allows the base system to be more secure as long as /usr/local is a separate filesystem.
The base system has no W^X-violating programs, but the ports tree contains quite a few: chromium, mono, node, gnome, libreoffice, jdk, zeal, etc. If you want to run any of these ports on a regular basis, you need to add wxallowed to the mount options for /usr/local in fstab(5), e.g.:
```
  01020304050607.h /usr/local ffs rw,nodev,wxallowed 1 2
```
Small disks may not have a separate partition for /usr/local. In that case, add wxallowed to the smallest partition containing it: /usr or /.
Starting a W^X-violating program from a partition without the wxallowed mount option will produce a core dump and the dmesg(8) will contain an entry such as soffice.bin(15529): mprotect W^X violation. You can temporarily allow W^X-violating ports by issuing mount -uo wxallowed /usr/local.
doas.conf(5). The keepenv { [variable ...] } syntax will be deprecated in 6.1. Replace keepenv { [variable ...] } with setenv { [variable ...] } if doas prints the warning "keepenv with list is obsolete".
rcctl(8) syntax change. The keyword for listing enabled but stopped daemons with rcctl(8) has changed from faulty to failed.
lpd(8) default spool directory change. The lpd(8) top spool directory /var/spool/output is now only writable by root.
Point the sd path in printcap(5) to a subdirectory where the daemon group has write access. It defaults to /var/spool/output/lpd.

Special packages

PostgreSQL PostgreSQL had a major version update. Follow instructions in the pkg-readme to dump your database before upgrading to a newer OS version and restore it after the update.
OpenSMTPD-extras Most filters were removed from the OpenSMTPD-extras distribution, as they are not considered ready. People who started using filters like filter-dkim-signer already need to look for other alternatives in ports, e.g. mail/dkimproxy.
runit Upstream moved the default service directory to /service; to keep on using /var/service, make a symlink: ln -s /var/service /

Upgrade without the install kernel

This is NOT the recommended process. Use the install kernel method if at all possible!

Sometimes, you need to do an upgrade of a machine for which the normal upgrade process is not possible. The most common case is a machine in a remote location and there is no easy access to the system console.

Preparation

Place install files in a good location. Make sure you have sufficient space! Running out of space on a remote upgrade could be...unfortunate. Note that using softdeps can exaggerate the situation as deleted and overwritten files do not release their space immediately. Consider disabling the softdep mount option in /etc/fstab and rebooting before undertaking a manual upgrade. Having at least 200MB free on /usr would be recommended.
Becoming root. While using doas(1) before each command is generally a good practice, the command will likely be broken by the last steps, so you should become root before starting this process. It might be good to verify your access to root using a method other than doas at this point, i.e., direct login or using su(1).
Stop and/or disable any appropriate applications. During this process, all the userland applications will be replaced but may not be runnable, and strange things may happen as a result. You may also have issues with DNS resolution during the first reboot, so PF rules and NFS mounts dependent upon DNS may cause boot-up problems. There may be other applications which you wish to keep from running immediately after the upgrade, stop and disable them as well.
Install new boot blocks. This should actually be done at the end of any upgrade. If this has been neglected, then failure to do this now may break serial console or other things, depending on your platform. Use installboot(8), assuming sd0 is your boot disk:
```
    installboot sd0
```

Upgrading manually

Install new kernels. The extra steps for copying over the primary kernel are done to ensure that there is always a valid kernel on the disk.

If using the multiprocessor kernel:

    cd /usr/rel    # where you put the release files
    ln -f /bsd /obsd && cp bsd.mp /nbsd && mv /nbsd /bsd
    cp bsd.rd /
    cp bsd /bsd.sp

If using the single processor kernel:

    cd /usr/rel    # where you put the release files
    ln -f /bsd /obsd && cp bsd /nbsd && mv /nbsd /bsd
    cp bsd.rd bsd.mp /    # may give a harmless warning

Clean out /usr/share/man. Formerly, hard links were used to provide the same man page under several different names. These hard links are no longer needed and may get in the way. Issue
```
    rm -rf /usr/share/man
```

Install new userland. Save a copy of reboot(8), extract and install the release tarballs, reboot. Install base60.tgz last, because the new base system, in particular tar(1), gzip(1) and reboot(8), will not work with the old kernel. Either untar the needed filesets manually

    cp /sbin/reboot /sbin/oreboot
    tar -C / -xzphf xshare60.tgz
    tar -C / -xzphf xserv60.tgz
    tar -C / -xzphf xfont60.tgz
    tar -C / -xzphf xbase60.tgz
    tar -C / -xzphf man60.tgz
    tar -C / -xzphf game60.tgz
    tar -C / -xzphf comp60.tgz
    tar -C / -xzphf base60.tgz    # Install last!
    /sbin/oreboot

or, if you use ksh(1), you can do

    cp /sbin/reboot /sbin/oreboot
    for _f in [!b]*60.tgz base60.tgz; do tar -C / -xzphf "$_f" || break; done
    /sbin/oreboot

Note that tar(1) can expand only one archive per invocation, so a simple glob won't work.

After reboot, update /dev. Run MAKEDEV(8):
```
    cd /dev
    ./MAKEDEV all
```
Update boot loader. Still assuming sd0 is your boot disk:
```
    installboot sd0
```
Update system configuration files. Run sysmerge(8):
```
    sysmerge
```
Update firmware. There may be new firmware for your system. Update it with fw_update(1):
```
    fw_update
```
Finish up. Review the console output from boot (using dmesg -s) and correct any failures as necessary. Remove /sbin/oreboot and update packages: pkg_add -u.

[FAQ Index] | [5.8 -> 5.9] [6.0 -> 6.1]

$OpenBSD: upgrade60.html,v 1.22 2019/05/28 01:53:11 bentley Exp $