One-shot upgrade script

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

One-shot upgrade script

Christian Weisgerber
I don't remember if I ever posted it, but I've been using an "upgrade"
script to download bsd.rd, verify it, move it to /bsd, and reboot.
With florian@'s additions in -current, I have now extended the
script to download the sets and kick off an unattended upgrade.

In the best case, you simply run
# ./upgrade
and the machine will upgrade itself without any further intervention.

------------------------------------------------------------------------
#!/bin/sh -e

case $# in
0) installurl=$(sed 's/#.*//;/^$/d' /etc/installurl) 2>/dev/null ||
                installurl=https://ftp.openbsd.org/pub/OpenBSD
        ;;
1) installurl=$1
        ;;
*) echo "usage: ${0##*/} [server_URL]" >&2 ; exit 1 ;;
esac

arch=$(sysctl -n hw.machine)
urlbase=$installurl/snapshots/$arch

mkdir -p /home/upgrade
cd /home/upgrade
ftp "$urlbase/SHA256.sig"

version=$(sed -n 's/^SHA256 (base\([0-9]\{2,3\}\)\.tgz) .*/\1/p' SHA256.sig)
test -n "$version"
pubkey=/etc/signify/openbsd-$version-base.pub
signify -V -p "$pubkey" -x SHA256.sig -e -m /dev/null

sets=$(sed -e 's/^SHA256 (\(.*\)) .*/\1/' \
    -e "/^INSTALL.$arch\$/p;/^bsd/p;/$version\.tgz\$/p;d" SHA256.sig)
ftp $(for i in $sets; do echo "$urlbase/$i"; done)
signify -C -p "$pubkey" -x SHA256.sig $sets
cp bsd.rd /bsd.upgrade
reboot
------------------------------------------------------------------------

--
Christian "naddy" Weisgerber                          [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Remco
On 25-04-19 01:02, Christian Weisgerber wrote:

> I don't remember if I ever posted it, but I've been using an "upgrade"
> script to download bsd.rd, verify it, move it to /bsd, and reboot.
> With florian@'s additions in -current, I have now extended the
> script to download the sets and kick off an unattended upgrade.
>
> In the best case, you simply run
> # ./upgrade
> and the machine will upgrade itself without any further intervention.
>
> ------------------------------------------------------------------------
> #!/bin/sh -e
>
...
> cp bsd.rd /bsd.upgrade
...

I don't think this matches your description.

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Vijay Sankar
On 4/25/19 2:07 AM, Remco wrote:

> On 25-04-19 01:02, Christian Weisgerber wrote:
>> I don't remember if I ever posted it, but I've been using an "upgrade"
>> script to download bsd.rd, verify it, move it to /bsd, and reboot.
>> With florian@'s additions in -current, I have now extended the
>> script to download the sets and kick off an unattended upgrade.
>>
>> In the best case, you simply run
>> # ./upgrade
>> and the machine will upgrade itself without any further intervention.
>>
>> ------------------------------------------------------------------------
>> #!/bin/sh -e
>>
> ..
>> cp bsd.rd /bsd.upgrade
> ..
>
> I don't think this matches your description.
>
Tested it on a system running

OpenBSD 6.4 (GENERIC.MP) #9: Tue Mar 26 19:21:43 CET 2019

s2# sh ./upgrade.sh
Trying 151.101.186.217...
Requesting https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/SHA256.sig
100% |**************************************************| 2141       00:00
2141 bytes received in 0.01 seconds (199.89 KB/s)
Signature Verified
Trying 151.101.186.217...
Requesting https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/INSTALL.amd64
100% |**************************************************| 43409       00:00
43409 bytes received in 0.08 seconds (533.49 KB/s)
Trying 151.101.186.217...

If I do a boot /bsd.upgrade, the upgrade process completes without any
further user intervention. If I don't do anything, system boots back
into 6.4 #9.

On a -current system running

kern.version=OpenBSD 6.5-current (GENERIC.MP) #16: Sun Apr 21 19:25:15
MDT 2019
[hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP

the upgrade process continued without any user intervention for the
initial part. Unfortunately, I have one 4TB drive (sd0, disabled in BIOS
drive priorities) and four SSD drives on this system (sd1 to sd4) on
this test system and -current was on /dev/sd2. Even though the BIOS was
set to boot with sd2 first, /bsd.upgrade seems to boot /dev/sd1. Because
I am using this test system to test AD functionality with the new Samba,
I had to muck around with the different drives. So this failure was
probably due to some stupid thing I was doing with bios settings.

I will work further and report back to the list and naddy@

Thanks again for the script,

Vijay

--
Vijay Sankar
ForeTell Technologies Limited
[hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Vijay Sankar

On 4/25/19 8:42 AM, Vijay Sankar wrote:

> On 4/25/19 2:07 AM, Remco wrote:
>> On 25-04-19 01:02, Christian Weisgerber wrote:
>>> I don't remember if I ever posted it, but I've been using an "upgrade"
>>> script to download bsd.rd, verify it, move it to /bsd, and reboot.
>>> With florian@'s additions in -current, I have now extended the
>>> script to download the sets and kick off an unattended upgrade.
>>>
>>> In the best case, you simply run
>>> # ./upgrade
>>> and the machine will upgrade itself without any further intervention.
>>>
>>> ------------------------------------------------------------------------
>>>
>>> #!/bin/sh -e
>>>
>> ..
>>> cp bsd.rd /bsd.upgrade
>> ..
>>
>> I don't think this matches your description.
>>
> Tested it on a system running
>
> OpenBSD 6.4 (GENERIC.MP) #9: Tue Mar 26 19:21:43 CET 2019
>
> s2# sh ./upgrade.sh
> Trying 151.101.186.217...
> Requesting https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/SHA256.sig
> 100% |**************************************************| 2141      
> 00:00
> 2141 bytes received in 0.01 seconds (199.89 KB/s)
> Signature Verified
> Trying 151.101.186.217...
> Requesting
> https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/INSTALL.amd64
> 100% |**************************************************| 43409      
> 00:00
> 43409 bytes received in 0.08 seconds (533.49 KB/s)
> Trying 151.101.186.217...
>
> If I do a boot /bsd.upgrade, the upgrade process completes without any
> further user intervention. If I don't do anything, system boots back
> into 6.4 #9.
>
> On a -current system running
>
> kern.version=OpenBSD 6.5-current (GENERIC.MP) #16: Sun Apr 21 19:25:15
> MDT 2019
> [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> the upgrade process continued without any user intervention for the
> initial part. Unfortunately, I have one 4TB drive (sd0, disabled in
> BIOS drive priorities) and four SSD drives on this system (sd1 to sd4)
> on this test system and -current was on /dev/sd2. Even though the BIOS
> was set to boot with sd2 first, /bsd.upgrade seems to boot /dev/sd1.
> Because I am using this test system to test AD functionality with the
> new Samba, I had to muck around with the different drives. So this
> failure was probably due to some stupid thing I was doing with bios
> settings.
>
> I will work further and report back to the list and naddy@
>
> Thanks again for the script,
>
> Vijay
>
Works perfectly on new snapshots, on normal systems. My failed tests
were all on various systems where I had built non-standard stuff to see
if I could extend functionality of different ports and packages beyond
normal usage. Sorry about the noise.

Here is a log of a successful upgrade from snapshot #3 to #25 using
naddy's script.

vijay.lab.foretell.ca# sysctl kern.version; sh ./upgrade.sh

kern.version=OpenBSD 6.5 (GENERIC.MP) #3: Sat Apr 13 14:48:43 MDT 2019
[hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP

Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/SHA256.sig
2141 bytes received in 0.00 seconds (9.92 MB/s)
Signature Verified
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/INSTALL.amd64
43409 bytes received in 0.07 seconds (598.89 KB/s)
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/base65.tgz
213977837 bytes received in 20.99 seconds (9.72 MB/s)
Trying 128.100.17.240...
Requesting https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/bsd
15959308 bytes received in 5.26 seconds (2.89 MB/s)
Trying 128.100.17.240...
Requesting https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/bsd.mp
16049826 bytes received in 5.12 seconds (2.99 MB/s)
Trying 128.100.17.240...
Requesting https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/bsd.rd
10224716 bytes received in 3.95 seconds (2.47 MB/s)
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/comp65.tgz
73651367 bytes received in 11.86 seconds (5.92 MB/s)
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/game65.tgz
2807176 bytes received in 1.77 seconds (1.51 MB/s)
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/man65.tgz
7567426 bytes received in 3.54 seconds (2.04 MB/s)
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/xbase65.tgz
20621824 bytes received in 6.11 seconds (3.22 MB/s)
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/xfont65.tgz
40286621 bytes received in 15.88 seconds (2.42 MB/s)
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/xserv65.tgz
16734155 bytes received in 5.23 seconds (3.05 MB/s)
Trying 128.100.17.240...
Requesting
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/xshare65.tgz
4554652 bytes received in 2.40 seconds (1.81 MB/s)
Signature Verified
INSTALL.amd64: OK
base65.tgz: OK
bsd: OK
bsd.mp: OK
bsd.rd: OK
comp65.tgz: OK
game65.tgz: OK
man65.tgz: OK
xbase65.tgz: OK
xfont65.tgz: OK
xserv65.tgz: OK
xshare65.tgz: OK

vijay.lab.foretell.ca# sysctl kern.version

kern.version=OpenBSD 6.5-current (GENERIC.MP) #25: Thu Apr 25 05:11:33
MDT 2019
[hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Christian Weisgerber
In reply to this post by Vijay Sankar
Vijay Sankar:

> Tested it on a system running

I'm not asking for tests.

It's just a little script I find helpful to make use of the unattended
upgrade functionality that was added to -current.  I posted the
script because somebody else might find it useful, too.  Or use it
as a starting point or an inspiration for something that better
fits their needs.

--
Christian "naddy" Weisgerber                          [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Christian Weisgerber
In reply to this post by Christian Weisgerber
On 2019-04-24, Christian Weisgerber <[hidden email]> wrote:

> With florian@'s additions in -current, I have now extended the
> script to download the sets and kick off an unattended upgrade.

... and this has now been supplanted by /usr/sbin/sysupgrade.

--
Christian "naddy" Weisgerber                          [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

jungle Boogie
In reply to this post by Christian Weisgerber
On Thu 25 Apr 2019  1:02 AM, Christian Weisgerber wrote:
>I don't remember if I ever posted it, but I've been using an "upgrade"
>script to download bsd.rd, verify it, move it to /bsd, and reboot.
>With florian@'s additions in -current, I have now extended the
>script to download the sets and kick off an unattended upgrade.
>
>In the best case, you simply run
># ./upgrade
>and the machine will upgrade itself without any further intervention.
>

Thanks for posting.

Am I reading this right - all sets would be downloaded? That would be fine on
amd64 if you want X, but extra downloaded files/space for arm64.

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Theo de Raadt-2
Jungle Boogie <[hidden email]> wrote:

> On Thu 25 Apr 2019  1:02 AM, Christian Weisgerber wrote:
> >I don't remember if I ever posted it, but I've been using an "upgrade"
> >script to download bsd.rd, verify it, move it to /bsd, and reboot.
> >With florian@'s additions in -current, I have now extended the
> >script to download the sets and kick off an unattended upgrade.
> >
> >In the best case, you simply run
> ># ./upgrade
> >and the machine will upgrade itself without any further intervention.
> >
>
> Thanks for posting.
>
> Am I reading this right - all sets would be downloaded? That would be fine on
> amd64 if you want X, but extra downloaded files/space for arm64.

This special casing has got to stop.

Not all tools are for everyone.

If that's what is blocking you, perhaps you should do it the old way.


Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Kevin Chadwick-4
In reply to this post by Christian Weisgerber
On 4/25/19 9:27 PM, Christian Weisgerber wrote:
> ... and this has now been supplanted by /usr/sbin/sysupgrade.

How difficult would it be to have a sysupgrade flag to make the upgrade newfs
/usr, to save having to rm the files shown in upgrade.html. (I guess it should
work for all users with sane partition setups, but is quite a dangerous/severe
action?)

Just wondering if it is easy or problematic to accomplish.

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Otto Moerbeek
On Sat, Apr 27, 2019 at 01:48:38PM +0100, Kevin Chadwick wrote:

> On 4/25/19 9:27 PM, Christian Weisgerber wrote:
> > ... and this has now been supplanted by /usr/sbin/sysupgrade.
>
> How difficult would it be to have a sysupgrade flag to make the upgrade newfs
> /usr, to save having to rm the files shown in upgrade.html. (I guess it should
> work for all users with sane partition setups, but is quite a dangerous/severe
> action?)
>
> Just wondering if it is easy or problematic to accomplish.
>

Way too dangerous. If a file really needs to go, the upgrade script
will take care. But only for files that would cause harm.

        -Otto

Reply | Threaded
Open this post in threaded view
|

Re: One-shot upgrade script

Christian Weisgerber
In reply to this post by Kevin Chadwick-4
On 2019-04-27, Kevin Chadwick <[hidden email]> wrote:

> How difficult would it be to have a sysupgrade flag to

What sysupgrade and the unattended upgrade do is they automate an
upgrade with ALL DEFAULT settings.  Like only pressing enter in the
installer's (U)pgrade mode.

If you want non-defaults, then you need to run a manual upgrade.

--
Christian "naddy" Weisgerber                          [hidden email]