(sys)Upgrade encrypted OpenBSD 6.5 to 6.6 on Vultr hosting

       226 words, 2 minutes

I run an OpenBSD instance with encrypted root on Vultr VPS since v6.2. It has never been reinstalled. I only used the OpenBSD native upgrade methods. Using 6.5, I used sysupgrade(8). And it went as smooth as expected.

I logged into the OpenBSD instance and commented all the (ports and smtpd) services in rc.conf.local(8). This way, I know I won’t get half running stuff on reboot ; especially that ypldap(8)/ypbind(8) linked with OpenLDAP.

Then I issued the magical command:

# sysupgrade

The new sets were downloaded and the system rebooted using /bsd.upgrade. Then the upgrade occurred. And the system rebooted using a brand new 6.6 install.

I’m not sure whether it was expected, but syspatch(8) only listed the available patches. Those were not applied automatically. I also have customized configuration files, like unbound.conf(5). So I had to run sysmerge(8). On reboot, I ran:

# sysmerge
# syspatch

Now was the time to upgrade the ports. I started with OpenLDAP as this is required to log in using directory users:

# pkg_add openldap-server
# rcctl -d restart slapd

Then I upgraded things that smtpd(8) will require ; like dovecot(1) and dependencies. I started those daemons and smtpd.

In the end, I upgraded the Wild Web and monitoring services.

All went smooth and all services were back and running in less than an hour. Great job OpenBSD folks!