Kjell Wooding
<kjell@openbsd.org>
Updated:
$OpenBSD: upgrade-old.html,v 1.13 2005/11/01 11:50:01 nick Exp $
This document contains upgrade minifaq entries for OpenBSD versions that are no longer actively supported. For information on the current version, see the Following -current page.
1.1: Where do I find information on more recent OpenBSD versions?
3.5.1: pty device minor numbers changed
3.5.2: New user and group _dhcp
3.5.3: New user and group _mopd
3.5.4: New user and group _tftpd
3.5.5: New user and group _rbootd
3.5.6: cksum moves to /bin
3.5.7: New user and group _afs
3.5.8: New user and group _ppp
3.5.9: New user and group _ntp
3.5.10: Library bump flag day
3.5.11: Changes in pf anchors
3.4.1: svnd device minor numbers changed
3.4.2: New user and group _pflogd
3.4.3: Interface cloning
3.4.4: New user and group _bgpd
3.4.5: New version of join(1)
3.4.6: sudo build change
3.4.7: New user and group _tcpdump
3.4.8: machdep.c change (i386)
3.4.9: Update bsd.own.mk
3.4.10: Switch to gcc3 (sparc64)
3.3.1: i386 W^X support
3.3.2: mquery syscall change
3.3.3: i386 flag day, exe addr/MAXDSIZ change
3.3.4: Removal of KerberosIV authentication
3.3.5: config change
3.3.6: Use __attribute__((bounded)) on certain
functions
3.3.7: New user and group _syslogd
3.3.8: New format attribute __kprintf__ in kernel
headers
3.2.1: New Perl
3.2.2: New groups _radius, _token and _shadow
3.2.3: Important compiler changes
3.2.4: New user and group _spamd
3.2.5: Alias for ipv6-icmp
3.2.6: New group _lkm
3.2.7: New libpthread
3.2.8: Linker changes for ELF architectures
3.2.9: Removal of /var/at and crontab changes
3.1.1: New users/groups
3.1.2: New group for crontab(1) and at(1)
3.1.3: New Binutils
3.1.4: New S/Key configuration
3.1.5: New permissions for lp*
3.1.6: atrun(8) no longer needed
3.1.7: nat.conf merged into pf.conf
3.1.8: New fbtab entry needed for xdm
3.1.9: Use __attribute__((sentinel)) on certain
functions
3.0.1: New keyword supported by mtree(8)
3.0.2: Removal of libdl on ELF platforms
3.0.3: New regression framework
3.0.4: ssh config files moved to /etc/ssh/
2.9.1: New users/groups - proxy,
smmsp and popa3d
2.9.2: New packet filter: pf
2.9.3: Changes to make
2.9.4: Build fails because of KerberosV
errors
2.9.5: New sendmail version
2.9.6: /etc/primes Moved
2.8.1: New auth group
2.8.2: New wscons console system
2.8.3: Kernel compile fails with undefined
symbols
2.7.1: What are the major problems upgrading from 2.7 to 2.8?
2.6.1: Termcap entries are too long.
2.6.2: My pn (or mx, al, ax)
device is no longer recognized by the kernel.
2.6.3: Upgrading gcc 2.95.1 to 2.95.2
2.6.4: Upgrading Kerberos.
2.6.5: Upgrading M4.
2.6.6: Upgrading Sendmail.
2.6.7: After upgrading, kernels that include
apm(8) support no longer boot.
2.6.8: Default group for daemon user changed.
2.5.1: What are the major problems upgrading from 2.5 to 2.6?
2.5.2: How do I upgrade gcc to egcs
2.5.2.1 - i386 and sparc are no longer #define'ed
2.5.2.2 - Build fails in xlint
2.5.2.3 - Core Dump on uthread_autoinit.c
2.5.2.4 - egcs seems much slower than gcc
2.5.2.5 - egcs generates larger code than gcc
2.5.2.6 - After installing egcs I have very little disk space left
2.5.2.7 - My build fails to build libcurses
2.5.2.8 - make obj fails
2.5.3: My make build dies with unimplemented syscall errors.
2.5.4: Link to the new 2.6 directory.
2.5.5: After an (U)pgrade, extraction of base26.tar.gz
fails with a message.
2.4.1: Man page changes
2.4.2: cap_mkdb syntax changed
2.4.3: Snake
2.3.1: New User: named
2.3.2: I tried the build, but it failed when trying to compile
ssleay.
2.3.3: I tried the build, but it failed when trying to make
something for the PowerPC.
See the Following -current page.
# cd /usr/src/gnu/lib/libstdc++
# make -f Makefile.bsd-wrapper cleandir
# make -f Makefile.bsd-wrapper obj
# make -f Makefile.bsd-wrapper
# make -f Makefile.bsd-wrapper install
# cd /usr/src/lib/libc && make depend && make && env NOMAN=1 make install
# cd /usr/src/usr.bin/make && make depend && make && make install
# cd /usr/src/gnu/usr.bin/binutils
# make -f Makefile.bsd-wrapper depend
# make -f Makefile.bsd-wrapper
# make -f Makefile.bsd-wrapper install
# cd /usr/src && make build
useradd -u86 -g=uid -c"HostAP Daemon" -d/var/empty -s/sbin/nologin _hostapd
as root.
# cd /usr/src/etc
# cp login.conf /etc
then log out and log back in again.
# cd /usr/src/usr.bin/mklocale && make obj && make depend && make && make install
Then run make build.
# rm -rf /usr/include/g++
Now, build gcc3, (using the gcc3
directory) then build the kernel and system as
usual.
useradd -u84 -g=uid -c"FTP Daemon" -d/var/empty -s/sbin/nologin _ftp
as root.
# rm -rf /usr/include/g++
Now, build gcc3, (using the gcc3
directory) then build the kernel and system as
usual.
useradd -u85 -g=uid -c"OSPF Daemon" -d/var/empty -s/sbin/nologin _ospfd
as root.
# cp /usr/src/etc/etc.`machine`/MAKEDEV /dev
The device minor numbers of pty devices have changed to increase the maximum number of pseudo-terminals from 256 to 992, so you will need to run the updated /dev/MAKEDEV before booting the new kernel:
# cp /usr/src/etc/etc.`machine`/MAKEDEV /dev
# cd /dev && ./MAKEDEV pty0
# cd /dev && rm -f [pt]ty[rq]*
# cd /dev && rm -f [pt]tyr*
The various dhcp related daemons are being reworked to drop privileges or to use privilege separation. Thus a new user and group _dhcp are required. Add the group by running
# groupadd -g 77 _dhcpas root, and add the user entry using vipw(8):
_dhcp:*:77:77::0:0:DHCP programs:/var/empty:/sbin/nologin
The mopd(8) daemon now drops privileges after initialization, and requires a new user and group _mopd. Add the group by running
# groupadd -g 78 _mopdas root, and add the user entry using vipw(8):
_mopd:*:78:78::0:0:MOP Daemon:/var/empty:/sbin/nologin
The tftpd(8) daemon now drops privileges after initialization to a new user and group _tftpd instead of nobody. Add the group by running
# groupadd -g 79 _tftpdas root, and add the user entry using vipw(8):
_tftpd:*:79:79::0:0:TFTP Daemon:/var/empty:/sbin/nologin
The rbootd(8) daemon now drops privileges after initialization to a new user and group _rbootd. Add the group by running
# groupadd -g 80 _rbootdas root, and add the user entry using vipw(8):
_rbootd:*:80:80::0:0:rbootd Daemon:/var/empty:/sbin/nologin
The cksum(1) utility has moved from /usr/bin to /bin. After you have completed a make build, run the following as root:
# rm -f /usr/bin/cksum /usr/bin/sum
The afsd(8) daemon is about to be privilege separated. A new user and group _afs are required for this. Add the group by running
# groupadd -g 81 _afsas root, and add the user entry using vipw(8):
_afs:*:81:81::0:0:afs Daemon:/var/empty:/sbin/nologin
You need to change owner of the cache by running
# chown -R _afs:_afs /var/spool/afs
The pppoe(8) program now drops privileges to a new user and group _ppp. Add the group by running
# groupadd -g 82 _pppas root, and add the user entry using vipw(8):
_ppp:*:82:82::0:0:PPP utilities:/var/empty:/sbin/nologin
The upcoming ntpd(8) program needs a new user and group _ntp. Add the group by running
# groupadd -g 83 _ntpas root, and add the user entry using vipw(8):
_ntp:*:83:83::0:0:NTP Daemon:/var/empty:/sbin/nologin
Library and system interface changes have been made that require a bump of the major version number of every library. The following steps must be followed to build a usable system.
# cd /usr/src && make obj && make cleandir && make includes
# cd /usr/src/lib/libc && make depend && make && env NOMAN=1 make install
# cd /usr/src && make build
Users of authpf should change their anchor rule in the main ruleset from
anchor authpf
to
anchor "authpf/*"
The device minor numbers of svnd devices have changed, so you will need to run the updated /dev/MAKEDEV after installing the new kernel:
# cp /usr/src/etc/etc.`machine`/MAKEDEV /dev
# cd /dev
# rm svnd* rsvnd*
# ./MAKEDEV vnd
The pflogd(8) daemon now runs in privilege separated mode, and requires a new user and group _pflogd. Add the group by running
# groupadd -g 74 _pflogdas root, and add the user entry using vipw(8):
_pflogd:*:74:74::0:0:pflogd privsep:/var/empty:/sbin/nologin
Several pseudo network drivers (like gif(4), lo(4), and tun(4)) have been moved to support cloning, i.e. creation and destruction of devices on the fly. If you depend on these interfaces, you have to install an updated ifconfig(8) and netstart(8) before rebooting your new kernel.
First build and install your new kernel as usual, then
# cd /usr/src && make includes
# cd sbin/ifconfig
# make obj depend
# make
# make install
# cp /usr/src/etc/netstart /etc
Now reboot your machine and proceed with building a new userland.
The new bgpd(8) daemon runs in privilege separated mode, and requires a new user and group _bgpd. Add the group by running
# groupadd -g 75 _bgpdas root, and add the user entry using vipw(8):
_bgpd:*:75:75::0:0:BGP Daemon:/var/empty:/sbin/nologin
The join(1) command has been updated to follow the POSIX standard when writing non-matching lines. As a consequence security(8) has to be updated:
# cp /usr/src/etc/security /etc
The way the sudo(8) command is built has changed. A side-effect of this is that you will need to run:
# rm -f /usr/obj/usr.bin/sudo/*
before you can successfully do a "make build". If this is not done,
the build will abort when attempting to make obj dirs.
The tcpdump(8) command now runs in privilege separated mode, and requires a new user and group _tcpdump. Add the group by running
# groupadd -g 76 _tcpdumpas root, and add the user entry using vipw(8):
_tcpdump:*:76:76::0:0:tcpdump:/var/empty:/sbin/nologin
A change to machdep.c requires that binutils be rebuilt before the kernel can be compiled. This only affects i386.
# cd /usr/src/gnu/usr.bin/binutils # make -f Makefile.bsd-wrapper cleandir # make -f Makefile.bsd-wrapper obj # make -f Makefile.bsd-wrapper depend # make -f Makefile.bsd-wrapper # make -f Makefile.bsd-wrapper install
Now you can rebuild the kernel and rest of the system according to section 1.5
You must update /usr/share/mk/bsd.own.mk to get the USE_GCC3 definition:
# cd /usr/src/share/mk
# make install
OpenBSD/sparc64 has converted to gcc3. To upgrade,
# rm -rf /usr/include/g++
Now, build gcc3, (using the gcc3 directory) then
build the kernel and system as usual.
To enable i386 Writable xor eXecute support, OpenBSD/i386 has changed from a.out executable format to ELF. The flexibility of ELF allows better control over the executable layout which allows for W^X support. a.out compatibility is only available in a limited form. Static a.out binaries will work as before, dynamic a.out binaries ARE NOT SUPPORTED.
SOURCE UPGRADES FROM a.out -> ELF WILL NOT BE SUPPORTED. INSTALL A SNAPSHOT and then you can rebuild from source. This is i386-only, other architectures are NOT affected by this change.
The parameters to the mquery system call were changed to match mmap(). This requires the system to be upgraded in the correct order:
1. Build and boot new kernel.
2. (cd /usr/src && sudo make includes)
3. (cd /usr/src/libexec/ld.so && make && sudo make install)
4. 'make build'
Only i386 uses mquery, so other architectures do not need to
follow this strict build order.
To allow MAXDSIZ to be changed back to 1G, the base address of all executables changes from 0 to 0x1c000000. The combination of these changes requires updating from snapshot. Updating from source is not supported. This only affects i386.
KerberosIV-based authentication has been removed. As a result, you will need to remove all references to krb4 in /etc/login.conf.
Moving swapgeneric.c required a change to config(8). Before building a new kernel, you must first build and install the updated config(8):
# cd /usr/src/usr.sbin/config # make clean # make obj # make # make installNow, config your kernel configuration and run "make depend" in your kernel compile directory as detailed above.
__attribute__((bounded)) is now used to detect incorrect arguments
for functions which take buffer lengths as one of their parameters.
You will need to rebuild gcc according to section
1.8
of the Mini-FAQ before proceeding with make build.
The syslogd(8) daemon now runs in privilege separated mode, and requires a new user and group _syslogd. Add the group by running
# groupadd -g 73 _syslogdas root, and add the user entry using vipw(8):
_syslogd:*:73:73::0:0:Syslog Daemon:/var/empty:/sbin/nologin
A new format attribute __kprintf__ is now used in kernel header files to
make gcc aware of the format extensions in the kernel
printf(9).
You will need to rebuild gcc according to section 1.8
of the Mini-FAQ before proceeding with make build. You only need to rebuild
gcc once from current sources to also support the __bounded__ attribute described
in section 3.3.6.
Perl has been updated to version 5.8.0.
In Perl 5.8.0, the XS module API has changed due to a switch
from stdio to PerlIO (see the perldelta manual page for more information).
This means that any XS modules (perl .so files) you have installed
must be rebuilt. If you encounter an error such as
Undefined symbol "perl_get_sv" this is your problem. If the
only modules you have installed were installed as packages or via the
ports system, you can check your system for XS modules by running:
# grep '\.so' /var/db/pkg/p5-*/+CONTENTS | cut -d: -f1 | sort -u
You can then remove the offending modules with pkg_delete -f
and rebuild/install them from the ports tree.
Several new groups have been added:
# groupadd -g 63 _radius # chgrp _radius /etc/raddb /etc/raddb/servers # chmod g+x /etc/raddb # chmod g+r /etc/raddb/servers # groupadd -g 64 _token # chgrp _token /etc/activ.db /etc/crypto.db /etc/snk.db # chmod 0640 /etc/activ.db /etc/crypto.db /etc/snk.db # groupadd -g 65 _shadow # chgrp _shadow /etc/spwd.db # chmod 0640 /etc/spwd.dbDon't worry about error messages indicating that a file was not found. That just means you haven't setup token or radius authentication.
The propolice stack protection extension has been merged into gcc. This requires a slightly different upgrade scenario:
# cd /usr/src
# make obj
For ELF platforms (alpha, macppc, sparc, sparc64):
# cd /usr/src/libexec/ld.so
# make depend && make && make install
For a.out platforms (amiga, hp300, i386, mac68k, mvme68k):
# cd /usr/src/gnu/usr.bin/ld/rtld
# make depend && make && make install
# cd /usr/src/include
# make prereq && make includes
# cd /usr/src/lib/libc
# make depend && make NOMAN=1 && make NOMAN=1 install
Note that, if your compiler is too old, it will not be able to build
libc. In this case, you'll have to do a binary upgrade from a snapshot.
A new user and a new group _spamd for the spamd(8) daemon have been added. Add the group by running
# groupadd -g 62 _spamdas root, and add the user entry using vipw(8):
_spamd:*:62:62::0:0:Spam daemon:/var/empty:/sbin/nologin
A new alias for ipv6-icmp, icmp6 , has been added to /etc/protocols. If you wish to use the icmp6 alias (used in the pfctl(8) regression tests) you must modify the ipv6-icmp line in /etc/protocols, adding the icmp6 keyword before the #. The line should read as follows:
ipv6-icmp 58 IPv6-ICMP icmp6 # ICMP for IPv6
The _lkm group controls access to /dev/lkm. modstat(8) is now setgid _lkm.
You will need to add this group and adjust the permissions on /dev/lkm before running a "make build". The following commands, run as root, will do this:
# groupadd -g 61 _lkm # chgrp _lkm /dev/lkm
libc_r and libnpthread have been removed and replaced by libpthread. Threaded programs should still be compiled using the -pthread option; the compiler does the right thing.
Before removing libc_r and libnpthread threaded applications must be re-compiled using libpthread. The recommended build sequence is:
build gcc according to section 1.8.
re-build the system according to section 1.5.
re-build all threaded ports.
remove the now unused libraries:
# rm /usr/lib/libc_r* /usr/lib/libnpthread*
Binutils/ld have been changed to introduce a new security feature to ELF executables. Instead of allowing the data section of executables and shared libraries to be marked executable by the linker, the layout has been changed to only mark the appropriate sections of the program image as executable. This change only affects ELF based architectures: alpha, sparc, sparc64, macppc.
It is recommended that binutils be rebuilt before the rest of the system.
# cd /usr/src/gnu/usr.bin/binutils # make -f Makefile.bsd-wrapper cleandir # make -f Makefile.bsd-wrapper obj # make -f Makefile.bsd-wrapper depend # make -f Makefile.bsd-wrapper # make -f Makefile.bsd-wrapper install
Then re-build the system according to section 1.5
The contents of /var/at have been merged into /var/cron now that at has been integrated into cron. Furthermore, the cron allow and deny files have been renamed cron.allow and cron.deny for POSIX compliance and consistency with at.allow and at.deny.
First re-build the system according to section 1.5 Then move the existing files and restart cron as follows:
# mv /var/at/* /var/cron # mv /var/cron/jobs /var/cron/atjobs # mv /var/cron/allow /var/cron/cron.allow # mv /var/cron/deny /var/cron/cron.deny # rm -rf /var/at # kill `cat /var/run/cron.pid` # /usr/sbin/cron
Disregard any warnings about missing allow or deny files. Not all of them are part of the default installation.
If you do not already have a cron.deny file (it was not installed prior to OpenBSD 3.3) you will need one to run crontab as a user other than the superuser.
# install -c -o root -g crontab -m 660 /dev/null /var/cron/cron.deny
Perl has been updated to version 5.8.0.
In Perl 5.8.0, the XS module API has changed due to a switch
from stdio to PerlIO (see the perldelta manual page for more information).
This means that any XS modules (perl .so files) you have installed
must be rebuilt. If you encounter an error such as
Undefined symbol "perl_get_sv" this is your problem. If the
only modules you have installed were installed as packages or via the
ports system, you can check your system for XS modules by running:
# grep '\.so' /var/db/pkg/p5-*/+CONTENTS | cut -d: -f1 | sort -u
You can then remove the offending modules with pkg_delete -f
and rebuild/install them from the ports tree.
Several new groups have been added:
# groupadd -g 63 _radius # chgrp _radius /etc/raddb /etc/raddb/servers # chmod g+x /etc/raddb # chmod g+r /etc/raddb/servers # groupadd -g 64 _token # chgrp _token /etc/activ.db /etc/crypto.db /etc/snk.db # chmod 0640 /etc/activ.db /etc/crypto.db /etc/snk.db # groupadd -g 65 _shadow # chgrp _shadow /etc/spwd.db # chmod 0640 /etc/spwd.dbDon't worry about error messages indicating that a file was not found. That just means you haven't setup token or radius authentication.
The propolice stack protection extension has been merged into gcc. This requires a slightly different upgrade scenario:
# cd /usr/src
# make obj
For ELF platforms (alpha, macppc, sparc, sparc64):
# cd /usr/src/libexec/ld.so
# make depend && make && make install
For a.out platforms (amiga, hp300, i386, mac68k, mvme68k):
# cd /usr/src/gnu/usr.bin/ld/rtld
# make depend && make && make install
# cd /usr/src/include
# make prereq && make includes
# cd /usr/src/lib/libc
# make depend && make NOMAN=1 && make NOMAN=1 install
Note that, if your compiler is too old, it will not be able to build
libc. In this case, you'll have to do a binary upgrade from a snapshot.
A new user and a new group _spamd for the spamd(8) daemon have been added. Add the group by running
# groupadd -g 62 _spamdas root, and add the user entry using vipw(8):
_spamd:*:62:62::0:0:Spam daemon:/var/empty:/sbin/nologin
A new alias for ipv6-icmp, icmp6 , has been added to /etc/protocols. If you wish to use the icmp6 alias (used in the pfctl(8) regression tests) you must modify the ipv6-icmp line in /etc/protocols, adding the icmp6 keyword before the #. The line should read as follows:
ipv6-icmp 58 IPv6-ICMP icmp6 # ICMP for IPv6
The _lkm group controls access to /dev/lkm. modstat(8) is now setgid _lkm.
You will need to add this group and adjust the permissions on /dev/lkm before running a "make build". The following commands, run as root, will do this:
# groupadd -g 61 _lkm # chgrp _lkm /dev/lkm
libc_r and libnpthread have been removed and replaced by libpthread. Threaded programs should still be compiled using the -pthread option; the compiler does the right thing.
Before removing libc_r and libnpthread threaded applications must be re-compiled using libpthread. The recommended build sequence is:
build gcc according to section 1.8.
re-build the system according to section 1.5.
re-build all threaded ports.
remove the now unused libraries:
# rm /usr/lib/libc_r* /usr/lib/libnpthread*
Binutils/ld have been changed to introduce a new security feature to ELF executables. Instead of allowing the data section of executables and shared libraries to be marked executable by the linker, the layout has been changed to only mark the appropriate sections of the program image as executable. This change only affects ELF based architectures: alpha, sparc, sparc64, macppc.
It is recommended that binutils be rebuilt before the rest of the system.
# cd /usr/src/gnu/usr.bin/binutils # make -f Makefile.bsd-wrapper cleandir # make -f Makefile.bsd-wrapper obj # make -f Makefile.bsd-wrapper depend # make -f Makefile.bsd-wrapper # make -f Makefile.bsd-wrapper install
Then re-build the system according to section 1.5
The contents of /var/at have been merged into /var/cron now that at has been integrated into cron. Furthermore, the cron allow and deny files have been renamed cron.allow and cron.deny for POSIX compliance and consistency with at.allow and at.deny.
First re-build the system according to section 1.5 Then move the existing files and restart cron as follows:
# mv /var/at/* /var/cron # mv /var/cron/jobs /var/cron/atjobs # mv /var/cron/allow /var/cron/cron.allow # mv /var/cron/deny /var/cron/cron.deny # rm -rf /var/at # kill `cat /var/run/cron.pid` # /usr/sbin/cron
Disregard any warnings about missing allow or deny files. Not all of them are part of the default installation.
If you do not already have a cron.deny file (it was not installed prior to OpenBSD 3.3) you will need one to run crontab as a user other than the superuser.
# install -c -o root -g crontab -m 660 /dev/null /var/cron/cron.deny
Several new users/groups have been added. In support of authpf(8), a new group is required. Also, to support sshd(8)'s privilege separation feature, a new user and group named sshd have been added to the system. More new users for system services have been added, they are prefixed with "_". Add the following user entries using vipw(8):
sshd:*:27:27::0:0:sshd privsep:/var/empty:/sbin/nologin _portmap:*:28:28::0:0:portmap:/var/empty:/sbin/nologin _identd:*:29:29::0:0:identd:/var/empty:/sbin/nologin _rstatd:*:30:30::0:0:rpc.rstatd:/var/empty:/sbin/nologin _rusersd:*:32:32::0:0:rpc.rusersd:/var/empty:/sbin/nologin _fingerd:*:33:33::0:0:fingerd:/var/empty:/sbin/nologin _x11:*:35:35::0:0:X server:/var/empty:/sbin/nologin
Add the following to /etc/group:
sshd:*:27: _portmap:*:28: _identd:*:29: _rstatd:*:30: _rusersd:*:32: _fingerd:*:33: _sshagnt:*:34: _x11:*:35: authpf:*:72:
The crontab(1) and at(1) commands are no longer setuid root, they are now setgid crontab.
Before you run "make build", you will need to add the crontab group. Add a line like the following to your /etc/group file:
crontab:*:66:
The "make build" will update some, but not all, permissions for you. After "make build" finishes, you must run following by hand (assumes /bin/csh):
# chgrp crontab /var/at/at.{allow,deny} /var/cron/{allow,deny}
# chmod 0640 /var/at/at.{allow,deny} /var/cron/{allow,deny}
# foreach f ( /var/cron/tabs/* )
set u=`basename $f`
chown $u:crontab $f
end
Note that you probably will not have all of the allow/deny files; this is not a problem.
A new binutils (2.11.2) has gone into the tree, requiring an updated libiberty. To build this library, follow these steps:
# cd /usr/src/gnu/egcs/libiberty # make -f Makefile.bsd-wrapper cleandir # make -f Makefile.bsd-wrapper obj # make -f Makefile.bsd-wrapper depend # make -f Makefile.bsd-wrapper # make -f Makefile.bsd-wrapper install
The old S/Key database file, /etc/skeykeys, has been replaced by a directory, /etc/skey, where each record is an individual file owned by the user it describes. You can convert /etc/skeykeys to the new format by running (as root):
# skeyinit -C # mv /etc/skeykeys /etc/skeykeys.OLD
Note that any third-party programs that utilize S/Key directly will need to be recompiled.
The spool directories used by lpd must now be writable by group daemon in order for lpr to be able to spool files. Additionally, the files within the spool directories must be owned by user and group daemon. This can be accomplished as follows:
# find /var/spool/output /var/spool/lpd -type d \
-execdir chgrp daemon {} \; -execdir chmod g+rwx {} \;
# find /var/spool/output /var/spool/lpd -type f \
-execdir chown daemon:daemon {} \;
The atrun(8) command is no longer needed. Its functionality has been incorporated into cron(8). You should remove the /usr/libexec/atrun job from root's crontab by running the following as root:
# crontab -e
You may also wish to remove /usr/libexec/atrun, /usr/share/man/cat8/atrun.0 and the /var/at/spool directory.
/etc/nat.conf is now merged into /etc/pf.conf. You need to insert your NAT rules in pf.conf after scrub rules and before filter rules.
pfctl(8) has a new option to load the ruleset, -f, and the -R and -N options have new meanings now. Make sure to check the manpage and to update your /etc/rc.
login(1) needs to chown /dev/wsmouse to the new _x11 user that is used by xdm for privilege revocation purposes on many architectures. The change to /etc/fbtab needed is architecture dependent. The file is created via this process (assuming sources in /usr/src):
# cat /usr/src/etc/fbtab.head > /etc/fbtab # cat /usr/src/etc/etc.`uname -m`/fbtab >> /etc/fbtab # cat /usr/src/etc/fbtab.tail >> /etc/fbtab
If you had custom changes to /etc/fbtab, you will have to merge them back into the new file manually.
__attribute__((sentinel)) is now employed to warn when certain
exec(3)
functions are used without a terminating NULL pointer.
You will need to rebuild gcc according to section
1.8
of the Mini-FAQ before proceeding with make build.
You must build and install a new version of the mtree(8) utility before "make build" will succeed.
# cd /usr/src/usr.sbin/mtree # make cleandir # make obj # make depend # make # make install
ELF-based platforms (alpha, macppc and sparc64) do not use libdl anymore. The upgrade from a libdl system to a non-libdl is best done following these steps:
Recompile your system:
# cd /usr/src # make build
If your "make build" completed successfully, you can step ahead and remove libdl. Note that packages that have been linked against it should be reinstalled after that. If you are not ready for this, you can skip this step for now. Snapshots with correct packages will be made available.
# rm -f /usr/lib/libdl.* /usr/lib/libdl_pic.a
With libdl removed, regenerate your shared libraries cache:
# ldconfig -R
A new infrastructure for regression tests has been introduced and bsd.regress.mk has been added. You will need to install this file before running make obj.
# cd /usr/src/share/mk # make install
You need to create /etc/ssh/ first, see section 1.13
Recompile your system:
# cd /usr/src # make build
Move your /etc/ssh*_* files into the newly created /etc/ssh/ directory:
# cd /etc # mv ssh*_* ssh/
You will need to change your rc scripts to reflect these changes as well.
Update any HostKey lines in your sshd_config to reflect the new location. For example:
HostKey /etc/ssh_host_key
should be changed to:
HostKey /etc/ssh/ssh_host_key
After this, you can restart the sshd daemon.
First, with the addition of the pf(4) firewalling package, and its ftp-proxy(8) suite, a new user and group named proxy were added to the system. To support this addition, add the following user entry using vipw(8):
proxy:*:71:71::0:0:Proxy Services:/nonexistent:/sbin/nologin
Also add the proxy group to /etc/group:
proxy:*:71:
Second, as part of the Sendmail 8.12 upgrade, sendmail no longer runs setuid root. Both a new user and a new group, named smmsp, have been added to the system. Add a line like the following to your /etc/group:
smmsp:*:25:
Then, run vipw(8) and add the following line for the smmsp user:
smmsp:*:25:25::0:0:Sendmail Message Submission Program:/nonexistent:/sbin/nologin
Make sure this line appears before any yp(8) settings line.
Finally, a new user and group were added for Solar Designer's popa3d server, now part of the core system. Add the following to /etc/group:
popa3d:*:26:
And using vipw(8), add
popa3d:*:26:26::0:0:POP3 server:/var/empty:/sbin/nologin
The IPF firewalling package that has been part of previous OpenBSD releases has been replaced with an all-new firewalling suite called pf(4). As a result, a number of changes need to be made.
First, pf depends on a new device file. To ensure that this special device is created, do the following:
# cd /dev # cp /usr/src/etc/etc.`machine`/MAKEDEV ./ # ./MAKEDEV all
Second, a number of filesystem change have occurred. For your reference, the following binaries have been replaced:
OLD: /sbin/ipf /sbin/ipfstat /sbin/ipnat /usr/sbin/ipfs /usr/sbin/ipftest /usr/sbin/ipmon /usr/sbin/ipresend /usr/sbin/ipsend /usr/sbin/iptest NEW: /sbin/pfctl /usr/libexec/ftp-proxy
Similarly, for the devices:
OLD: /dev/ipl /dev/ipnat /dev/ipstate /dev/ipauth NEW: /dev/pf
And finally, the filter configuration files:
OLD: /etc/ipf.rules /etc/ipnat.rules NEW: /etc/pf.conf /etc/nat.conf
The old ipfilter sample configuration files may be removed:
# rm -rf /usr/share/ipf
A mechanism for safely enabling pf has been added to the /etc/rc and /etc/rc.conf files. You will need to update these files to include the new hooking mechanism. If you wish to enable pf, set PF=YES in /etc/rc.conf.
There have been changes to make(1) and its data files which may cause difficulties in the build process. This usually manifests as errors from bsd.own.mk during the build. To avoid these issues, first update the data files:
# cd /usr/src/share/mk # make install
Then build and install the new make.
# cd /usr/src/usr.bin/make # make clean && make obj && make depend && make # make install
Now proceed with your upgrade.
Before you try building the whole system, you need to first build KerberosV.
First, there is a new KerberosV configuration directory in /etc. If you have not already done so, use the mtree(8) procedure described in section 1.13 to create it:
Now, build KerberosV
# cd /usr/src/kerberosV # make obj # cd lib/roken # make # cd ../../usr.bin/asn1_compile # make # make install
You may also need to update your /etc/login.conf, to reflect that the file /usr/libexec/auth/login_krb-or-pwd has been renamed to login_krb4-or-pwd.
sendmail(8) has been upgraded to version 8.12. As this version of sendmail no longer runs setuid root, significant changes have resulted.
Add the following to root's crontab(1). This is necessary since sendmail is no longer setuid root, and relies on this entry to do parts of its job:
# sendmail clientmqueue runner */30 * * * * /usr/sbin/sendmail -L sm-msp-queue -Ac -q
Upgrade sendmail:
# cd /usr/src/gnu/usr.sbin/sendmail # make clean && make obj && make depend && make && make install
Note: The files submit.cf and localhost.cf have been installed to your /etc/mail directory. The first of these, submit.cf (referred to as the "client" configuration file in current sendmail documentation) is used by mail user agents that want to submit mail locally for delivery via sendmail. Due to the permissions changes described above, this does not require root privileges; the sendmail binary is set-groupid to group smmsp. The second file, localhost.cf, is an OpenBSD-ism that runs sendmail only listening on the localhost interface to accept mail from the local host but not accept connections from the network (you almost certainly want this if you also use e.g., smtpd(8) listening on the SMTP port on your outside interface). For more details, see the file SECURITY in /usr/src/gnu/usr.sbin/sendmail/sendmail.
It is highly recommended that you regenerate and update your sendmail configuration files in /etc/mail. You can find some working configuration files in /usr/share/sendmail/cf. Note that localhost.cf is generated from openbsd-localhost.mc.
If you were running sendmail without the -bd option in /etc/rc.conf, as the default installation settings do, you will need to use localhost.cf. Edit rc.conf to use the following:
# For normal use: "-L sm-mta -bd -q30m" sendmail_flags="-L sm-mta -C/etc/mail/localhost.cf -bd -q30m"
Once your configuration file is ready, kill(1) the existing sendmail:
kill `sed 1q /var/run/sendmail.pid`
Restart the new sendmail with the appropriate options, for example:
/usr/sbin/sendmail -L sm-mta -bd -q30m
for a configuration accepting mail from outside, or
/usr/sbin/sendmail -L sm-mta -C/etc/mail/localhost.cf -bd -q30m
for a local mail-only configuration.
Note: the -bd flag is now needed in both cases.
The new sendmail should now be running.
/etc/primes has been renamed to /etc/moduli. Simply copy this file from its old location or from /usr/src/etc.
A new group, auth, gid 11, has been added to the system. Add a line like the following to your /etc/group:
auth:*:11:
The pcvt console driver has been replaced with the wscons console system. Before using wscons, you will need to create the new wscons-related devices. Ensure you have the latest MAKEDEV installed, then make all devices:
# cp /usr/src/etc/etc.i386/MAKEDEV /dev/MAKEDEV # cd /dev # ./MAKEDEV all
If you are running X, change the Pointer section of your XF86Config file to contain the following:
Protocol "wsmouse"
Device "/dev/wsmouse"
config(8) has been updated. Building with the old config will result in errors like:
Undefined symbol `_pdevnames_size' referenced Undefined symbol `_pdevnames' referenced
To correct this, compile and install the new config:
# cd /usr/src/usr.sbin/config # make clean && make depend && make # make install
Now, recompile a new kernel as before.
A significant gcc change was introduced that makes it all too easy to generate self-referencing libc libraries. For this reason, upgrades should follow exactly this procedure:
Build and install a new linker. This must be done before a full gcc build.
$ cd /usr/src/gnu/usr.bin/ld $ make clean && make obj && make $ sudo make install
Build a new kernel. Do not install it yet
$ cd /usr/src/sys/arch/`machine`/conf $ config GENERIC $ cd ../compile/GENERIC $ make clean && make depend && make
Because of some libc changes, your machine may hang on startup unless your /etc/resolv.conf contains lookup file bind. Add this line if necessary
# echo "lookup file bind" >> /etc/resolv.conf
# cd /usr/src/sys/arch/`machine`/compile/GENERIC # mv /bsd /bsd.old # mv bsd /bsd # chown root.wheel /bsd # shutdown -r now
(If this step fails, you can recover by booting the old kernel - bsd.old - at the boot> prompt.)
Build and install the new make (and support files). Do not skip the make depend step.
$ cd /usr/src/usr.bin/make $ make clean && make obj && make depend && make $ sudo make install $ cd /usr/src/share/mk $ sudo make install
Install the latest mtree, and ensure the necessary directory structure is present.
$ cd /usr/src/etc/mtree $ sudo install -c -o root -g wheel -m 444 4.4BSD.dist /etc/mtree $ sudo mtree -qdef /etc/mtree/
# cd /usr/src && make build
There is a new termcaps.master file. You will need to regenerate the terminfo and termcaps files with the current version of tic(1). If you are upgrading via make build, the correct version of tic(1) will be used and this will be done for you. If not, you will get the following error:
terminfo.src is corrupt! You need to update /usr/bin/tic
In this case, you must either rebuild and install tic(1) (being sure to use the current version of libcurses) or simply build the version of tic(1) in your source tree.
(Note: pn is used below for simplicity. This should be taken to read pn, mx, al, or ax as appropriate)
These four drivers were replaced with a unified dc driver. You must change all occurrences of pn*, mx, al, or ax in your configuration files. This includes:
If you are modifying a custom kernel, make sure you have included the dcphy device in your kernel config, as follows:
dcphy* at mii? phy ? # Digital Clone PHYs
While you are at it, you may also want to add:
ukphy* at mii? phy ? # "unknown" PHYs
gcc 2.95.2 was merged into the OpenBSD source tree around January 19, 2000. In order for gcc to build properly, a more recent (post 2.6) libiberty is required. To build this library, do the following:
cd /usr/src/gnu/egcs/libiberty make -f Makefile.bsd-wrapper clean make -f Makefile.bsd-wrapper obj make -f Makefile.bsd-wrapper make -f Makefile.bsd-wrapper install
NOTE: On mips-based architectures, such as pmax, you must perform an explicit ldconfig after new libraries are build.
Once libiberty is build, you may proceed with a standard gcc bootstrap:
cd /usr/src/gnu/egcs/gcc make -f Makefile.bsd-wrapper clean make -f Makefile.bsd-wrapper obj make -f Makefile.bsd-wrapper -DBOOTSTRAP make -f Makefile.bsd-wrapper -DBOOTSTRAP install make -f Makefile.bsd-wrapper clean make -f Makefile.bsd-wrapper make -f Makefile.bsd-wrapper install
For Kerberos IV to build correctly, you will have to perform the following steps:
Obtain and build the latest usr.bin/compile_et.
# cd /usr/src/usr.bin/compile_et # make clean && make depend && make && make install
Obtain and build the latest lib/libcom_err.
# cd /usr/src/lib/libcom_err # make clean && make depend && make && make install
Clean out and reinstall the Kerberos header files:
# rm -r /usr/include/kerberosIV/* # cd /usr/src/kerberosIV # make includes
Now, rebuild the Kerberos library files:
# cd /usr/src/kerberosIV/lib # make clean && make depend && make && make install
If you are not doing a complete make build, rebuild Kerberos:
# cd /usr/src/kerberosIV # make cleandir && make depend && make && make install
The version of m4 that shipped with OpenBSD 2.6 will get into an infinite loop while processing the sendmail .mc files into .cf files. Because of this you will need to install the new version of m4 before you attempt a make build. In other words:
# cd /usr/src/usr.bin/m4
# make && make install && make cleandir
In sendmail 8.10.X, locations (and names) of the sendmail configuration files have changed. Everything but the pid file now lives in /etc/mail. Additionally, several files have changed names.
| OLD | NEW |
| /etc/sendmail.cf | /etc/mail/sendmail.cf |
| /etc/sendmail.cw | /etc/mail/local-host-names |
| /etc/sendmail.ct | /etc/mail/trusted-users |
| /etc/sendmail.oE | /etc/mail/error-header |
| /etc/aliases | /etc/mail/aliases |
| /etc/service.switch | /etc/mail/service.switch |
| /etc/userdb | /etc/mail/userdb |
| /usr/share/misc/sendmail.hf | /etc/mail/helpfile |
There are a couple of ways to convert from the old sendmail config to the new, but the first step is always the same.
include(`../m4/cf.m4')since it will be included for you by make. Also note that when adding machines to class w (via "Cw machinename"), you now need to do that in the LOCAL_CONFIG section (see openbsd-lists.mc for an example).
You need to update your bootblocks. See Section 14.8 of the OpenBSD FAQ for details.
The default group for the daemon user has been changed from 31 to 1. Use vipw to effect this change so that the daemon user looks like:
daemon:*:1:1::0:0:The devil himself:/root:/sbin/nologin
The latest version of Perl (5.005_03) requires a new version of make to compile properly. You must rebuild make before building the new Perl. Do a:
# cd /usr/src/usr.bin/make # make clean && make && make install
Then go ahead and rebuild the new Perl. You will need to clean out the Perl
obj directory by hand before building.
Perl developers should take note of the latest changes. From millert@openbsd.org:
The version of perl in the OpenBSD source tree (post 2.5) has been upgraded to 5.005_03. The build method has changed somewhat but most of that should be invisible. The important changes that affect people are as follows: 1) Perl lib files have moved from /usr/lib/perl5 to the more correct /usr/libdata/perl5 2) The default site_perl directories now live in /usr/local. Ie: if you install a perl module, it will place itself in /usr/local/libdata/perl5/site_lib. This makes it easy to see what non-stock modules you have. It also means that we can have perl modules in the ports system easily. 3) The perl library man pages are now install in /usr/share/man/cat3p You'll need to update your man.conf based on the src/etc/man.conf to take advantage of them. This means you can now do "man 3p less" and get info on the less pragma but "man less" will still get you the less pager manpage. If you have modules or other non-stock perl files the simplest thing to do is to move /usr/lib/perl5 to /usr/libdata/perl5 and add a link from /usr/lib/perl5 to /usr/libdata/perl5. Alternately, you could just edit the installed Config.pm file and fix up the paths there.
This change is likely the most significant change you will encounter. For detailed instructions, see section 2.5.2.
The statfs structure has changed as of May 31. You must rebuild your kernel before attempting a make build. See 2.5.3 for details.
The safest way will be to upgrade to a recent snapshot, once one is available. Look for a snapshot first!. Bootstrapping the new compiler from the old should be a last resort.
First, note that some platforms have not been bootstrapped successfully yet. To date, the following should work, if you are careful:
mips and rs6000 have problems.
To test whether your platform can be bootstrapped, grab and install the egcs-snapshot, available from the ports collection. If this works, the in-tree version likely will, too. This is the safest method of proceeding.
Now, before going any further, ensure that your copies of binutils, gas, and ld are up to date. Note that there are two copies of gas and ld in the tree. On i386 and sparc, the binutils versions are not used. Check /usr/src/gnu/usr.bin/gas and /usr/src/gnu/usr.bin/ld instead.
The following instructions referred to the original egcs snapshot (egcs-990517). Since that time, a second snapshot (egcs-990608) has gone into the tree. If you are coming from vanilla 2.5, it is unlikely that you will be able to build the latest version directly. In this event, you will have to bootstrap an intermediate version using these instructions.
From espie@openbsd.org:
Today, the compiler changes. Exit gcc 2.8.1, enter egcs... or more precisely, gcc 2.95 prerelease. This is probably going to be a rough ride, but I can't work out all the kinks on every architecture by myself. I'm going to start importing stuff *now*. There will be a second message to tech@ once things are settled... Thanks to everyone who helped me sorting stuff out, most especially niklas, turan, and millert. Why the switch -------------- as most of you already know, egcs is now the *official* compiler supported by the FSF. The upcoming july release as been re-christened gcc 2.95. Just looking at the log messages will show you many improvements: support for newer processors is better, C++ is more accurately matching the ANSI/ISO standards, Fortran 77 is more closely integrated. There are also countless bug-fixes and code generation improvements. Also the development is more open. There is a cvs tree, there are several mailing-lists available, and we are cooperating closely with the egcs team. More precisely, I've been feeding patches back to the egcs team so that OpenBSD configurations are officially supported. Also, the development team is highly responsive to bug-reports, and problems get fixed. There also is a band-wagon phenomenon: everyone is switching to egcs, which means lots of code to test the compiler on, and that we can benefit from related projects. Why now ------- egcs-1.1 was unfit for some purposes. Specifically, code size on i386 was larger than gcc 2.8.1, which yielded floppy-disks problems. At 2.5 freeze, the only code fit to include was a somewhat unstable snapshot. In the interest of stability, after much pondering, egcs was not put into 2.5. Right now, the egcs project is going through a release cycle which will yield egcs 1.2. Judging from their time schedule, there is ample margin between egcs 1.2 and the next release of OpenBSD. Also, we want to get in now, so that we get a chance to report problems on less frequently used architectures, and get everything fixed for 1.2. egcs `feature freeze' is supposed to occur on may 7th, and the current snapshot 19990502 looks solid. What works and what doesn't --------------------------- egcs runs an i386 OpenBSD system without problems. m68k works as well, with a few work-arounds linked to obscure bugs that will get fixed. sparc seems to be running as well. There is some linker trouble on some other arches that needs to be fixed before our next release. Right now, constructors across dynamic libraries are not quite ready. egcs now features a stand-alone cpp which is going to be better than the current hackish solution we use. This means a few interface changes and possibly weird warnings. Keeping gcc 2.8.1 ? ------------------- due to size constraints, as soon as egcs is imported, gcc is going to move to cvs Attic. If you don't want to deal with egcs now, you'll have to be careful through your cvs updates. Some Makefiles are bound to change: includes, gnu/usr.bin, and gnu/lib. xlint and cpp.sh are going to change as well. How to bootstrap the compiler ----------------------------- the simplest way is probably to trust the various arch maintainers and download a snapshot. If you want to do stuff the hard way, you must first remake proper obj dirs: cd /usr/src make obj If you run i386, gas must be up-to-date. If you run sparc, ld must be up-to-date. then build libiberty: cd /usr/src/gnu/egcs/libiberty make -f Makefile.bsd-wrapper clean make -f Makefile.bsd-wrapper depend make -f Makefile.bsd-wrapper make -f Makefile.bsd-wrapper install then the C compiler: cd /usr/src/gnu/egcs/gcc make -f Makefile.bsd-wrapper clean make -f Makefile.bsd-wrapper depend make -f Makefile.bsd-wrapper make -f Makefile.bsd-wrapper install rebuild the C compiler with the new version: cd /usr/src/gnu/egcs/gcc make -f Makefile.bsd-wrapper clean make -f Makefile.bsd-wrapper depend make -f Makefile.bsd-wrapper make -f Makefile.bsd-wrapper install rebuild the includes cd /usr/src/include make includes build all egcs libraries and install them cd /usr/src/gnu/egcs make -f Makefile.bsd-wrapper clean make -f Makefile.bsd-wrapper depend make -f Makefile.bsd-wrapper make -f Makefile.bsd-wrapper install install the new cpp driver cd /usr/src/usr.bin/cpp make install then you're all set, and a standard make build should work...[author note: Actually, it doesn't quite work. xlint will fail to build. The fix is simple though. Simply do a
make && make installin the/usr/src/usr.bin/xlint/xlintdirectory before you attempt a make build and proceed. See 2.5.2.2.]If it doesn't, you're using an arch that didn't go through make build yet. The most probably occurrence is an Internal Compiler Error, as known as an ICE. First try to see if the ICE will go away with -O1 or -O0. In that case, you can put a work-around in the Makefile until it's fixed (see /usr/src/lib/libm/Makefile for an example of how to put in such work-arounds for m68k). Then the error needs to be reported to the egcs-bugs mailing list. At a minimum, you must run the source through the same compiler invocation, with an addition of -v -save-temps to the options. -v yields the precise sequence of commands invoked by gcc. -save-temps will give you a pre-processed C file (.i) or C++ (.ii) that the egcs people can make sense of... you can't ask them to run OpenBSD on their boxes. If you have more time, you can try to trim down the pre-processed C file to the bare minimum that triggers the bug. Dichotomy works nicely.
If you made it through this procedure, and everything is still working, congratulations. If not, check the following sections for advice. Problems not listed here should be posted to tech@openbsd.org.
This is true. egcs uses the cleaner __i386__ and __sparc__. If you need to compile code that relies on the old defines, add a -Dsparc or -Di386 to the appropriate location of your Makefile.
This is due to semantic differences in cpp. The workaround is simple, and similar to the cap_mkdb issue described in 2.4.2.
Do a:
# cd /usr/src/usr.bin/xlint/xlint # make && make install
now re-run make, and the build should continue.
You have fallen victim to a linker bug. Here's a relevant message:
From: Marc Espie <Marc.Espie@liafa.jussieu.fr>
Subject: egcs core-dumping on uthread_autoinit.c
If this happens to you, this is a known linker problem... the cc1 you have
was linked in a weird way.
Initially, I made cc1 link against static /usr/lib/libiberty.a to avoid this
problem, but this was cutting things too close, and the bug reappeared,
probably thanks to unrelated changes in libc or elsewhere...
The tree has been patched with a work-around in
src/gnu/egcs/f/lang-options.h
make sure you have the kludged version of that file (at least rev 1.2),
recompile and reinstall cc1, the problem should go away.
What's going on is that the 386 linker gets something wrong because of
the huge strings array in toplev.c, and something gets mislinked, so
that
void f(void) __attribute((constructor)) {}
kills cc1.
As a work-around, I've killed Fortran options help texts, until someone finds
where the linker errs.
It is, but there is a reason. egcs performs more optimizing passes. Data alignment and other such functionality will be better with egcs-generated code.
Yes it does. This is especially noticeable with the old -O2 gcc switch. egcs introduces a new option, -Os which optimizes for space. This is roughly comparable to the old -O2 behavior.
egcs installs into a different subdirectory than gcc 2.8.1. You may remove gcc once egcs is bootstrapped and working.
On a related note, the perl changes mentioned in 2.5.1 mean that you can remove the /usr/lib/perl5 directory. The new location for this data is /usr/libdata/perl5.
libcurses now relies on the latest version of cpp. Fetch the latest version, rebuild cpp, and continue. Eg:
# cd /usr/src/usr.bin/cpp && make install
And try the make build again.
If your make obj fails, citing errors in a Makefile, your makefile includes are likely out of date. For example:
===> lib/libkvm
"Makefile", line 30: Malformed conditional ((${UVM} == "yes"))
"Makefile", line 30: Missing dependency operator
"Makefile", line 32: if-less endif
"Makefile", line 32: Need an operator
Fatal errors encountered -- cannot continue
This can be solved by rebuilding the makefile includes. Do a:
cd /usr/src/share/mk && make install
and try the build again.
Short Answer:
The kernel structure statfs has changed. You will need to recompile the kernel before attempting a make build.
Long Answer:
The kernel structure statfs has changed. The new struct statfs has the following features:
Other changes:
When upgrading to 2.6 you'll need to create one simple link for gcc.
cd /usr/lib/gcc-lib
ln -s ${ARCH}-unknown-openbsd2.5 ${ARCH}-unknown-openbsd2.6
tar: Unable to remove directory ./usr/include/machine <Directory not empty>
In 2.5, /usr/include/machine was a directory, and /usr/include/i386 was a link to it. In 2.6, this situation is reversed.
To correct the problem, escape to the shell, remove the /usr/include/machine directory, and retry the upgrade.
Several man pages were moved from section 1 to later sections. Unfortunately, if the old man pages are left in section 1, unwary users will not see the latest version of the page.
The following pages should be removed:
/usr/share/man/cat1/ipf.0 /usr/share/man/cat1/ipnat.0 /usr/share/man/cat1/ipsecadm.0
Symptom:
A make build resulted in an error like this:
cap_mkdb -i -f terminfo terminfo.src cap_mkdb: illegal option -- i usage: cap_mkdb [-v] [-f outfile] file1 [file2 ...] *** Error code 1
Fix:
The syntax for invoking cap_mkdb has changed slightly. Before doing a make build, rebuild cap_mkdb from the latest sources:
# cd /usr/src/usr.bin/cap_mkdb # make clean && make && make install
The make build should then run to completion
You will need to remove the contents of the obj directory before
upgrading /usr/src/games/snake.
After 2.3, the named DNS daemon was moved to a chroot jail. To make this change possible, the named user was created. If you do not have it already, you will need to create this user to ensure that all directories get created properly during the build process.
Add the following entry to /etc/passwd using vipw(8):
named:*:70:70::0:0:BIND Daemon:/var/named:/sbin/nologin
Add the following to /etc/group:
named:*:70:
You are likely missing an entry for the named user in your password file.
Short Answer:
Create this user prior to the build.
Long Answer:
The named user is required in order to set permissions correctly. If this user is missing, part of the build process fails. If you capture your build to a file (say, with a make build &>/tmp/build.log) you will notice the following message:
(cd /usr/src/etc && make DESTDIR=/ distrib-dirs) install -d -o root -g wheel -m 755 / mtree -def mtree/4.4BSD.dist -p // -u mtree: unknown user named mtree: failed at line 1632 of the specification *** Error code 1 (ignored)
Unfortunately for us, the build continued happily on its way, totally ignoring the fact that an error occurred.
If the named user exists, mtree works properly:
missing: ./var/named (created) missing: ./var/named/dev (created) missing: ./var/named/etc (created) missing: ./etc/afs (created) missing: ./etc/ssl (created) missing: ./etc/ssl/private (created) missing: ./usr/obj (not created: File exists) missing: ./usr/share/doc/html (created) missing: ./usr/share/doc/html/lynx_help (created) missing: ./usr/share/doc/html/lynx_help/keystrokes (created) missing: ./usr/share/doc/usd/13.viref (created) missing: ./usr/share/man/cat4/powerpc (created) missing: ./usr/share/man/man4/alpha (created) missing: ./usr/share/man/man4/pmax (created) missing: ./usr/share/man/man4/powerpc (created) missing: ./usr/share/tmac/mdoc (created) missing: ./var/www/htdocs/manual/vhosts (created) missing: ./usr/include/ssl (created)
The reason for the fail, then, is that the /usr/include/ssl directory was never created. Without the header files, the ssleay build fails.
Fix:
Create the named user and group. Remove /usr/include/ssl, /var/named, and any other directory from the list above that was mistakenly created as a normal file by the make build.
Your directory tree is incomplete. Specifically, the /usr/share/man/cat4/powerpc directory is missing.
Quick Fix:
Create this directory and proceed with the compilation
Complete Fix:
Create the entire directory tree. Do a:
# cd /usr/src/etc && make DESTDIR=/ distrib-dirs
You will likely see an output like the following:
install -d -o root -g wheel -m 755 / mtree -def mtree/4.4BSD.dist -p // -u missing: ./var/named (created) missing: ./var/named/dev (created) missing: ./var/named/etc (created) missing: ./etc/afs (created) missing: ./etc/ssl (created) missing: ./etc/ssl/private (created) missing: ./usr/obj (not created: File exists) missing: ./usr/share/doc/html (created) missing: ./usr/share/doc/html/lynx_help (created) missing: ./usr/share/doc/html/lynx_help/keystrokes (created) missing: ./usr/share/doc/usd/13.viref (created) missing: ./usr/share/man/cat4/powerpc (created) missing: ./usr/share/man/man4/alpha (created) missing: ./usr/share/man/man4/pmax (created) missing: ./usr/share/man/man4/powerpc (created) missing: ./usr/share/tmac/mdoc (created) missing: ./var/www/htdocs/manual/vhosts (created) missing: ./usr/include/ssl (created)
Note that /usr/share/man/cat4/powerpc was one of the directories created by this process.
--
$OpenBSD: upgrade-old.html,v 1.13 2005/11/01 11:50:01 nick Exp $
Copyright © 1998-2003, Kjell Wooding.
Please send any comments, questions, or suggestions to
kjell@openbsd.org