Skip to main content

Upgrading OpenBSD

Upgrading OpenBSD

Things to bear in mind before proceeding with the steps in this article:

  1.  Before any upgrade definitely make sure you have a recent OS backup to restore to if things go south.
  2. This does not cover upgrading between major versions, as sysupgrade only upgrades to the next release.

When upgrading OpenBSD between versions, e.g. 7.1 to 7.2 there are three things I do:

  1.  OS upgrade
  2. Upgrading 3rd party packages
  3. OS cleanup

OS Upgrade

This part is very easy, if you are using Full Disk Encryption (FDE) it is better to do this on
a console (e.g. not over SSH) so you can enter the FDE password directly. OpenBSD is the easiest system to upgrade I have ever come across, absoluely brilliant.

sysupgrade

This will take a few minutes as it will download the install sets and then it will reboot. Normally the whole process takes about 5-10 minutes on a decent connection.

Upgrading 3rd party packages

We now have an up-to-date OS, but it is always worth upgrading the packages regularly as something may break otherwise. I always update the packages straight after
the OS upgrade.

pkg_add -u

Of course make sure the system is still functional after this.

OS cleanup

After the OS upgrade, we always have files remaining that have been removed between versions, nobody likes bloat so it is good to regularly view these files.
There is a great program called sysclean available to help with this. If not installed it can be installed like this:

pkg_add sysclean

Of course sysclean does not know about the files we have added since after installation, so we can provide it an /etc/sysclean.ignore file, here is one of mine:

/lost+found
/opt
/data
/etc/*.local
/upgrade.site
/etc/pf
/usr/swap0
/var/unbound/db
/etc/openvpn

To see what files are in the system that are not required you simply run:

sysclean

This is a list of files to go over and remove, of course may need to add extra files to /etc/sysclean.ignore that you need to keep. But after going through the process
of removing the unnecessary files we keep maintain good hygene of our OpenBSD server.

Back to top