Nethence Documentation Lab Webmail Your IP BBDock  


Those documents are obsolete, please use the Nethence Documentation instead.

HomeUnixWindowsOracleObsoleteHardwareDIYMechanicsScriptsConfigsPrivate

Updating and upgrading NetBSD systems in production
 
http://pbraun.nethence.com/unix/sysutils_bsd/netbsd.html
http://pbraun.nethence.com/unix/sysutils_bsd/netbsd-amazon-ec2.html
http://pbraun.nethence.com/unix/sysutils_bsd/netbsd-pxe.html
http://pbraun.nethence.com/unix/sysutils_bsd/netbsd-update.html
 
Introduction
I prefer to merge /etc/ before the kernel reboot reboot to minimize downtime as it can take some time to review the changes. I know etcupdate should be applied AFTER the kernel and userland update, but it doesn't seem to have an impact, as the daemons and everything are running. The only issue I see is about the postinstall and MAKEDEV scripts which COULD be failing, but are not, so far so good.
 
Two options:
- single user mode kernel reboot to proceed with the userland update
- normal reboot with services disabled (minimal rc.conf in place)
cd /etc/
cp rc.conf rc.conf.prod
vi rc.conf
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
fi
rc_configured=YES
wscons=YES
ntpd=YES
sshd=YES
smartd=YES
 
Fetching the new release
Fetch the NetBSD sets from your prefered mirror to some directory. Remember that 'misc.tgz' and 'etc.tgz' are links to '../../../share' on the FTP repository. However, a simple mget now works and correctly fetches those,
mkdir -p /tftpboot/netbsd70x64/
ln -s netbsd70x64 /tftpboot/netbsd-latest
cd /tftpboot/netbsd70x64/
#ftp -a ftp.fr.netbsd.org 
ftp -a ftp.free.fr 
cd mirrors/ftp.netbsd.org/NetBSD-7.0/amd64/binary/sets/
prompt
mget *
Note. Change the ftp server address according to your country, use a local mirror.
 
Updating configurations files (/etc, /var/, /dev, ...)
Audit the changes of the etc set manually,
cd /tftpboot/
wget ftp://ftp.fr.netbsd.org/pub/NetBSD/NetBSD-`uname -r`/`uname -m`/binary/sets/etc.tgz
mkdir old/ new/
tar xzphfe etc.tgz -C old/
rm -f etc.tgz
tar xzphfe netbsd-latest/binary/sets/etc.tgz -C new/
diff -rq old/etc/ new/etc/
diff -rq old/etc/ new/etc/ | grep ^Only
==> install them
diff -rq old/etc/ new/etc/ | grep ^Files | awk '{print $2}'
==> check with currently used one on the system
vi etcupgrade.ksh
#!/bin/ksh
tmp=`diff -rq old/etc/ new/etc/ | grep ^Files | awk '{print $2}'`
for f in $tmp; do
diff -q /${f#old/} $f
done; unset f
chmod +x etcupgrade.ksh
./etcupgrade.ksh
 
if you need check how a particular file has evolved since last release,
diff -u old/etc/rc.conf new/etc/rc.conf
diff -u old/etc/inetd.conf new/etc/inetd.conf
diff -u old/etc/postfix/main.cf new/etc/postfix/main.cf | less
diff -u old/etc/postfix/master.cf new/etc/postfix/master.cf | less
 
note. particularly care about the the cron tabs and the MAKEDEV script which should be updated,
diff -u old/var/cron/tabs/root new/var/cron/tabs/root
diff -u old/dev/MAKEDEV new/dev/MAKEDEV
 
Check out the existing configuration files you absolutely don't want to get overwritten,
diff -rq /etc/ old/etc/ | grep -v 'Only in /etc/'
 
Then use the old etcupdate tool,
etcupdate -s new
note. wasn't it -b instead of -s to use a directory?
#etcupdate -s etc.tgz
ll /etc/login.conf.db
cap_mkdb /etc/login.conf
ll /etc/login.conf.db
sh /usr/sbin/postinstall -s 'new/' -d / fix ptyfsoldnodes
 
Now check the changes after update,
diff -rq /etc/ new/etc/ | grep -v 'Only in /etc/'
typical output,
Files /etc/group and new/etc/group differ
Files /etc/hosts and new/etc/hosts differ
Files /etc/inetd.conf and new/etc/inetd.conf differ
Files /etc/localtime and new/etc/localtime differ
Files /etc/mail/aliases and new/etc/mail/aliases differ
Files /etc/master.passwd and new/etc/master.passwd differ
Files /etc/ntp.conf and new/etc/ntp.conf differ
Files /etc/passwd and new/etc/passwd differ
Files /etc/postfix/main.cf and new/etc/postfix/main.cf differ
Files /etc/pwd.db and new/etc/pwd.db differ
Files /etc/rc.conf and new/etc/rc.conf differ
Files /etc/rc.local and new/etc/rc.local differ
Files /etc/shells and new/etc/shells differ
Only in new/etc/skel: .cshrc
Only in new/etc/skel: .login
Only in new/etc/skel: .logout
Only in new/etc/skel: .profile
Only in new/etc/skel: .shrc
Files /etc/spwd.db and new/etc/spwd.db differ
Files /etc/ssh/sshd_config and new/etc/ssh/sshd_config differ
Files /etc/syslog.conf and new/etc/syslog.conf differ
Files /etc/wscons.conf and new/etc/wscons.conf differ
 
Then a few files in particular,
diff -u /etc/ntp.conf new/etc/ntp.conf
 
And generate the possibly new device files,
cd /dev/
./MAKEDEV all
 
Run the new kernel
You need to boot with the new kernel before the userland update (otherwise "tar", "gunzip" and basic commands may segfault, also see hubertf's blog for a screenshot on more recent troubles related to that). Proceed with the kernel update and reboot,
cd /
mv -f netbsd netbsd.old
mv -f netbsd.xen netbsd.old.xen
cd /tftpboot/netbsd70x64/
tar xvzphfe kern-GENERIC.tgz -C /
tar xvzphfe modules.tgz -C /
cd /
vi boot.cfg
sync
shutdown -r now
reboot in single user mode if you got access to the console,
choose single user mode at boot menu (boot -s on older netbsd systems)
otherwise use the reduced ssh-only rc.conf (see above),
vi /etc/rc.conf
 
(optional) Get rid of X
tar tvzf xbase.tgz | grep -v ^tar | awk '{print $9}' | less
tar tvzf xcomp.tgz | grep -v ^tar | awk '{print $9}' | less
tar tvzf xetc.tgz | grep -v ^tar | awk '{print $9}' | less
tar tvzf xfont.tgz | grep -v ^tar | awk '{print $9}' | less
tar tvzf xserver.tgz | grep -v ^tar | awk '{print $9}' | less
cd /
rm -rf \
./etc/mtree/set.xbase \
./etc/mtree/set.xcomp \
./etc/mtree/set.xetc \
./etc/mtree/set.xfont \
./etc/mtree/set.xserver \
./etc/drirc \
./etc/X11/ \
./etc/fonts/ \
./etc/rc.d/fccache \
./etc/rc.d/xdm \
./etc/rc.d/xfs \
./usr/X11R7 \
./usr/libdata/debug/usr/X11R7 \
./var/db/obsolete/xbase \
./var/db/obsolete/xcomp \
./var/db/obsolete/xetc \
./var/db/obsolete/xfont \
./var/db/obsolete/xserver
 
Updating the userland
(optional) deal with the single user mode,
mount -o rw /
 
Proceed with the userland update (without X11),
cd /tftpboot/netbsd70x64/binary/sets/
ls -l etc.tgz
ls -l misc.tgz
wget http://pbraun.nethence.com/scripts/sysutils/netbsd/upgrade.ksh
chmod +x upgrade.ksh
./upgrade.ksh netbsd-latest/binary/sets/
note. remove 'grep -v /x' from the scripts if you are also installing X11.
typical output,
netbsd-latest/binary/sets//base.tgz... done
netbsd-latest/binary/sets//comp.tgz... done
netbsd-latest/binary/sets//games.tgz... done
netbsd-latest/binary/sets//man.tgz... done
netbsd-latest/binary/sets//misc.tgz... done
netbsd-latest/binary/sets//modules.tgz... done
netbsd-latest/binary/sets//tests.tgz... done
netbsd-latest/binary/sets//text.tgz... done
 
Also use postinstall script to ONLY remove old libs,
cd /tftpboot/
sh /usr/sbin/postinstall -s '/tftpboot/new/' -d / fix gid pwd_mkdb obsolete ptyfsoldnodes
 
(optional) continue the boot process by exiting the single user shell,
cd /
sync
exit
otherwise just reboot,
shutdown -r now
 
Upgrade the packages. Don't forget to update the PKG_PATH in your shell environment in case you are using package binaries.
 
Upgrading the packages (binaries only)
Upgrade individual packages (-uu for update and update depedencies),
pkg_add -uu \
lftp \
lynx \
mc \
pine \
pwgen \
screen \
vim \
wget
Ref. https://wiki.netbsd.org/pkgsrc/how_to_upgrade_packages/
 
Upgrade all packages at once,
Solution 1,
echo $PKG_PATH
pkg_add pkg_chk
pkg_chk -b -P $PKG_PATH -u -q
pkg_chk -b -P $PKG_PATH -u
note. pkg_chk works with pkgsrc by default, specifying -b.
check,
pkg_chk -b -P $PKG_PATH -u -q
Solution 2, pkg_rolling-replace see https://wiki.netbsd.org/pkgsrc/how_to_upgrade_packages/
 
Search for unneeded packages,
pkg_leaves
pkg_leaves -&
 

Last update: Jan 24, 2016