(sys)Upgrade encrypted OpenBSD 6.5 to 6.6 on Vultr hosting
226 words, 2 minutes
I run an OpenBSD instance with encrypted root on Vultr VPS since v6.2. It has never been reinstalled. I only used the OpenBSD native upgrade methods. Using 6.5, I used sysupgrade(8). And it went as smooth as expected.
I logged into the OpenBSD instance and commented all the (ports and smtpd) services in rc.conf.local(8). This way, I know I won’t get half running stuff on reboot ; especially that ypldap(8)/ypbind(8) linked with OpenLDAP.
Then I issued the magical command:
# sysupgrade
The new sets were downloaded and the system rebooted using /bsd.upgrade. Then the upgrade occurred. And the system rebooted using a brand new 6.6 install.
I’m not sure whether it was expected, but syspatch(8) only listed the available patches. Those were not applied automatically. I also have customized configuration files, like unbound.conf(5). So I had to run sysmerge(8). On reboot, I ran:
# sysmerge
# syspatch
Now was the time to upgrade the ports. I started with OpenLDAP as this is required to log in using directory users:
# pkg_add openldap-server
# rcctl -d restart slapd
Then I upgraded things that smtpd(8) will require ; like dovecot(1) and dependencies. I started those daemons and smtpd.
In the end, I upgraded the Wild Web and monitoring services.
All went smooth and all services were back and running in less than an hour. Great job OpenBSD folks!