OS Upgrades can be Annoying
How many times have you wanted to upgrade the OS but found that it's not going to be as simple as you wanted or thought? This is especially true when you are going to a major version upgrade, but sometimes can even impact you on minor version upgrades.
If you haven't seen this occur, take a look at trying to upgrade a CentOS or RHEL6 system to version 7.X. You will very quickly see something relating to "recommended upgrade procedure is to reinstall from scratch". There is very little that I find more annoying than that. Why can't an OS simply upgrade, when it doesn't require a change if file system or similar? Also, on most systems, once you do upgrade the is a lot of dust left laying around that is no longer used by the system. My only response to this stuff is that the developers are too lazy to come up with a system that actually handles this for you. If you are someone who like me is frustrated at this, take a look at OpenBSD.
Sysupgrade makes it Simple
Below is an upgrade of one of my OpenBSD systems that I copied the process right from the terminal to show how simple it can be when the developers care about making it simpler. OpenBSD has always been pretty simple, in the past a version upgrade was performed using a boot USB stick, but now its even simpler.
Log into the system as root, and execute "sysupgrade -r"
milliways$ doas sysupgrade -r
SHA256.sig 100% |*****************| 2141 00:00
Signature Verified
INSTALL.amd64 100% |************************| 43550 00:00
base66.tgz 100% |*************************| 236 MB 00:22
bsd 100% |*************************| 18250 KB 00:05
bsd.mp 100% |*************************| 18336 KB 00:05
bsd.rd 100% |*************************| 10058 KB 00:04
comp66.tgz 100% |*************************| 72109 KB 00:11
game66.tgz 100% |*************************| 2745 KB 00:02
man66.tgz 100% |*************************| 7418 KB 00:03
xbase66.tgz 100% |*************************| 22092 KB 00:06
xfont66.tgz 100% |*************************| 39342 KB 00:08
xserv66.tgz 100% |*************************| 15757 KB 00:05
xshare66.tgz 100% |*************************| 4482 KB 00:02
Verifying sets.
Fetching updated firmware.
Upgrading.
Connection to milliways.wilcis.com closed.The system reboots automatically, and then it installs any firmware upgrades necessary. Once it comes back up, simply run the syspatch command which will apply any security or enhancement changes to the new version
Log into the system and run syspatch:
milliways$ doas syspatch
doas (roger@milliways.wilcis.com) password:
Get/Verify syspatch66-001_bpf.tgz 100% |****| 102 KB 00:00
Installing patch 001_bpf
Get/Verify syspatch66-002_ber.tgz 100% |****| 660 KB 00:00
Installing patch 002_ber
Get/Verify syspatch66-003_bgpd.tgz 100% |***| 181 KB 00:00
Installing patch 003_bgpd
Get/Verify syspatch66-004_net8021... 100% |*| 64839 00:00
Installing patch 004_net80211
Get/Verify syspatch66-005_sysupgr... 100% |*| 3023 00:00
Installing patch 005_sysupgrade
Get/Verify syspatch66-006_ifioctl... 100% |*| 381 KB 00:00
Installing patch 006_ifioctl
Get/Verify syspatch66-007_inteldr... 100% |*| 21468 KB 00:06
Installing patch 007_inteldrm
Get/Verify syspatch66-008_mesa.tgz 100% |***| 5598 KB 00:04
Installing patch 008_mesa
Relinking to create unique kernel... done;
reboot to load the new kernel
Errata can be reviewed under /var/syspatchWhat about Dust?
Dust is always a problem in every OS I've seen. Dust being old files that are no longer used by the OS post upgrade, but are not removed as part of the upgrade. Most OS's don't even mention it, because.. well space is cheap apparently. They could be an attack vector though if someone had access to a box. OpenBSD also handles this by listing all of the old files that can be manually removed. Every release comes with a page of upgrading instructions that include a section called "Files to Remove". Simply go there, copy the sections and paste them into a terminal... done.
Normally after removing the cruft, I upgrade the installed packages using
$ doas pkg_add -uivBoom Done ....
Reboot and you now have an upgraded system to the latest version... to coin Staples.... That was easy!
Until the next blog, don't talk about it...