Recent Changes - Search:
Openbsd /

OpenBSD 7.4 Upgrade Guide

This is an upgrade guide for OpenBSD 7.4 using bsd.rd. It assumes you have OpenBSD 7.3 installed and working networking. It can also be used to repair OpenBSD 7.4.

This guide was written for upgrading openbsd 7.3 to 7.4, but the same idea can be used for upgrading the versions thereafter. Upgrades must be done one version at a time, so upgrading from 7.2 to 7.4 would require upgrading first to 7.3, then to 7.4.

NOTE: This guide is no substitute for reading the OpenBSD FAQ. In particular, you should read the 7.4 Upgrade Guide.

ALSO SEE: Sysupgrade is an easier, mostly unattended upgrade process.

Check to see if you need to upgrade your OS. To find out your operating system version, type: uname -a. If it says OpenBSD example.com 7.3 GENERIC#1336 amd64, you can upgrade to 7.4 using this guide. If it says OpenBSD example.com 7.4 GENERIC#1336 amd64, you can follow this guide to repair your OS.

  1. Make sure to back up any files. Use dump and restore.
  2. Make sure to notify all your users in advance that there will be downtime during the upgrade.
  3. You will need a way to view the serial console. If you are using VMM, you can view it using the serial console?. If you are using BuyVM, you should use VNC. Make sure to have the serial console open so you can interrupt the normal bootup process during the upgrade.
  4. First, download bsd.rd and the SHA256 signature file from an OpenBSD mirror.
  5. Verify the signature, replace /bsd.rd with the new bsd.rd, then reboot:
    $ ftp https://ftp.openbsd.org/pub/OpenBSD/7.4/amd64/bsd.rd
$ ftp https://ftp.openbsd.org/pub/OpenBSD/7.4/amd64/SHA256.sig
$ signify -C -p /etc/signify/openbsd-74-base.pub -x SHA256.sig bsd.rd
$ doas cp bsd.rd /bsd.rd
$ doas shutdown -r now
  6. You'll reboot: 
*** FINAL System shutdown message from jrmu@jrmu2.host.ircnow.org ***      
System going down IMMEDIATELY                                              
System shutdown time has arrived
  1. After the reboot, you must immediately boot from bsd.rd: 
Using drive 0, partition 3.
Loading......
probing: pc0 com0 mem[638K 2046M a20=on] 
disk: hd0+
>> OpenBSD/amd64 BOOT 3.55
\
com0: 115200 baud
switching console to com0
>> OpenBSD/amd64 BOOT 3.55
boot> boot /bsd.rd

NOTE: You must type something before the timeout (default 5 seconds, 30 seconds if you changed above) or else bootup will continue automatically. If bootup does happen automatically, login and reboot by typing doas shutdown -r now.

  1. At the serial console (either cu or VNC), before automatic bootup, type boot /bsd.rd.
    # If you did everything correctly, you should see OpenBSD 7.4 (RAMDISK_CD) in the boot screen. If you see OpenBSD 7.3, you did not follow the above steps correctly.
    booting hd0a:/bsd.rd: 3969732+1655808+3886664+0+708608 [109+444888+297417]=0xa76798
entry point at 0xffffffff81001000
Copyright (c) 1982, 1986, 1989, 1991, 1993
        The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2023 OpenBSD. All rights reserved.  https://www.OpenBSD.org

OpenBSD 7.4 (RAMDISK_CD) #1322: Tue Oct 10 09:07:38 MDT 2023
...
root on rd0a swap on rd0b dump on rd0b
WARNING: CHECK AND RESET THE DATE!
erase ^?, werase ^W, kill ^U, intr ^C, status ^T

Welcome to the OpenBSD/amd64 7.4 installation program.
(I)nstall, (U)pgrade, (A)utoinstall or (S)hell?
  2. Type u for (U)pgrade. Upgrading will allow you to install OpenBSD 7.4. You can use this to either upgrade from 7.3 or to repair an existing 7.4 system.
    At any prompt except password prompts you can escape to a shell by
typing '!'. Default answers are shown in []'s and are selected by
pressing RETURN.  You can exit this program at any time by pressing
Control-C, but this can leave your system in an inconsistent state.

Terminal type? [vt220]
  3. Press enter for vt220. 
Available disks are: sd0.
Which disk is the root disk? ('?' for details) [sd0]
  1. To check which root disk, press ? for details. NOTE: Be careful to install to the correct disk. 
Checking root filesystem (fsck -fp /dev/sd0a)... OK.
Mounting root filesystem (mount -o ro /dev/sd0a /mnt)... OK.
Force checking of clean non-root filesystems? [no]
  1. There is no probably need to force check clean non-root filesystems, so just press enter.
    Let's upgrade the sets!
Location of sets? (cd0 disk http nfs or 'done') [http]
  2. You can get the base sets from cd (ISO), disk (such as USB flash drive), or http. For this tutorial, we will use http. 
HTTP proxy URL? (e.g. 'http://proxy:8080', or 'none') [none]
HTTP Server? (hostname, list#, 'done' or '?') [cdn.openbsd.org] ftp.openbsd.org
Server directory? [pub/OpenBSD/7.4/amd64]

Select sets by entering a set name, a file name pattern or 'all'. De-select
sets by prepending a '-', e.g.: '-game*'. Selected sets are labelled '[X]'.
    [X] bsd           [X] comp74.tgz    [X] xbase74.tgz   [X] xserv74.tgz
    [X] bsd.rd        [X] man74.tgz     [X] xshare74.tgz
    [X] base74.tgz    [X] game74.tgz    [X] xfont74.tgz
Set name(s)? (or 'abort' or 'done') [done]
  1. For this tutorial, we will not use a proxy. Press enter for none.
  2. For the HTTP server, press ? to show a list of servers. Choose the one closest to your location.
  3. Leave the server directory as pub/OpenBSD/7.4/amd64 and press enter.
  4. It's recommended you install all the sets. It is not possible to install missing sets using pkg_add?; you will be required to re-run the installer. So, we don't recommend skipping any sets. Missing sets may cause issues later.
  5. In the OpenBSD FAQ:
    New users are recommended to install all of them.
    Some libraries from xbase74.tgz, like freetype or fontconfig, can be used outside of X by programs that manipulate text or graphics. Such programs will usually need fonts, either from xfont74.tgz or font packages. For the sake of simplicity, the developers decided against maintaining a minimal xbase74.tgz set that would allow most non-X ports to run.
  6. The X sets are often needed even if you don't run X. If you skip it now, you may later need to reboot the server and run bsd.rd to upgrade the installation. This would require downtime. The X packages are only a few hundred megabytes and present minimal security risk so long as X is disabled.
  7. If downloading sets over http, make sure that the SHA256.sig file is verified.
    Get/Verify SHA256.sig     0% |                          |     0       --:--
Get/Verify SHA256.sig   100% |**************************|  2144       00:00
Signature Verified
...
Installing xserv74.tgz    0% |                          |     0       --:--
Installing xserv74.tgz   73% |******************        | 11008 KB    00:00
Installing xserv74.tgz  100% |**************************| 14951 KB    00:01

Location of sets? (cd0 disk http nfs or 'done') [done]
  8. Press enter for done. 
CONGRATULATIONS! Your OpenBSD upgrade has been successfully completed!

Exit to (S)hell, (H)alt or (R)eboot? [reboot]
  1. Press enter to reboot.
  2. NOTE: If you booted from ISO, flash drive, or some other external install media, you will need to make sure that the bootloader boots from the proper hard disk. If you're using BuyVM, see the BuyVM User Guide for how to switch the default boot order.
  3. The system will automatically boot OpenBSD 7.4.
    >> OpenBSD/amd64 BOOT 3.65
boot>
booting hd0a:/bsd: 17159500+4137992+360384+0+1236992 [1337557+128+1317840+1011174]=0x1956710
entry point at 0xffffffff81001000
[ using 3667728 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
        The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2023 OpenBSD. All rights reserved.  https://www.OpenBSD.org

OpenBSD 7.4 (GENERIC) #1336: Tue Oct 10 08:52:22 MDT 2023
  4. You will see a list of patches that need to be installed and conf files that need to be updated.
    ...
running rc.sysmerge
===> Adding the _shutdown group
===> Updating /etc/changelist
===> Updating /etc/ssh/ssh_config
===> Updating /etc/ssl/cert.pem
starting network daemons: sshd smtpd sndiod.
running rc.firsttime
fw_update: add none; update none; keep intel
Checking for available binary patches...
Run syspatch(8) to install:
001_xserver     002_msplit
starting local daemons: cron.
Sat Nov 18 00:18:16 CST 2023

OpenBSD/amd64 (example.com) (tty00)

login:
  5. At this point, you can now use ssh to log in.
  6. Make sure to read and fix any error messages that you may see.
  7. To check if installation succeeded:
    $ uname -a
OpenBSD example.com 7.4 GENERIC#1336 amd64
  8. If you see 7.3, installation did not succeed.
  9. To check if you have the proper amount of RAM and number of cores, run top?.
    load averages:  0.28,  0.18,  0.11                     example.com 01:29:21
95 processes: 94 idle, 1 on processor                   up 0 days 00:12:10
CPU0:  3.3% user,  0.0% nice,  1.5% sys,  0.1% spin,  0.4% intr, 94.7% idle
CPU1:  2.8% user,  0.0% nice,  1.5% sys,  0.1% spin,  0.0% intr, 95.6% idle
Memory: Real: 666M/1204M act/tot Free: 756M Cache: 387M Swap: 0K/2288M
  10. If you do not see the correct number of cores, make sure to reinstall all the base sets by following this upgrade guide from the beginning.
  11. You will want to patch the system:
    $ doas syspatch
  12. Then, you'll want to run sysmerge to merge any configuration files:
    $ doas sysmerge
  13. Then, make sure to upgrade your packages:
    $ doas pkg_add -u
  14. You may optionally install any firmware by running fw_update?:
    $ doas fw_update -a
  15. This is not advised, however, because some of the firmware may be proprietary.
  16. You may want to reboot after installing patches:
    $ doas shutdown -r now