OpenBSD /etc Changes
In doing some fairly involved OpenBSD upgrades, I had the need to catalog all the configuration file changes from 2.7 onwards. Now you know.
General Tips on Upgrading
Some things should always be updated between releases. Files to pay special attention include:
- Additions to /etc/protocols and /etc/services
- New sysctls. (see /etc/sysctl.conf)
- Changes to the default cron jobs. See /etc/daily, /etc/weekly, /etc/monthly, and /etc/security
- All rc scripts, including netstart
- Device changes. See 1.12
- File hierarchy changes in /etc/mtree. See 1.13
- New users (/etc/passwd)and groups (/etc/group)
2.7 to 2.8
General Changes
- Several architectures change default console to vt100 (see /etc/ttys)
- Disable talkd and fingerd by default in /etc/inetd.conf
- Tweak ksh.kshrc to fix up titlebars in xterms with ssh
- Put root in the daemon group (/etc/master.passwd)
- HUP ipmon when rolling over ipflogs
- Fix format string vulnerabilities in /etc/security
- Remove ipf output from /var/log/messages (see /etc/syslog.conf
- (errata) do not invoke uucp as root. Use user uucp instead
File Layout Changes
- ifaliases removed - functionality was moved to hostname.if(5) affects makefile, changelist, rc.
- Added /etc/login.conf, /etc/primes
- Add arch subdirs to man pages
- Add keynote
- Add /etc/tcfs
- Add subdirectories for hppa
- Change /root to mode 0700
Startup Script Changes
- Move NFS configuration to /etc/sysctl.conf
- Change handling of /etc/rc.conf.local
- Add ntpdate and rdate rc knobs to /etc/rc.conf
- Add moused
- Disable snmpd by default, even if present
- Bug fix in /etc/hostname.if handling
- Changes in sentmail startup
- Fix host.random handling
Device Changes
- New wscons devices (alpha, powerpc)
- joystick device (amiga)
- utty (usb serial), pcvtctl (console driver control) (i386)
- More devices: usb, raid, ptys (powerpc)
- Large reorganization for sun3
2.8 to 2.9
General changes
- Default console now vt220 (alpha)
- bump miniroot size in /etc/disktab (amiga)
- New group: auth
- Add IPV6 entries to /etc/inetd.conf
- Treat foo.n as a -man page, not a -me doc
- Fix buglet in root termtype prompt
- Add socks, mysql, datametrics, sa-msg-port, and correct radius, radacct entries in /etc/protocols
- (errata) do not invoke uucp as root. Use user uucp instead
Default Cron Jobs
- Don't provide diffs in the security email for sensitive files like keys. Use md5 checksum instead.
- use -n in daily crontab
- Bugfix in mailq checking (/etc/daily)
- Support for long (31-character) user and group names
- Better checking of SSH file permissions
- Fix duplicate UID check for use with YP
Device Changes
- Add usb and raid devices (alpha)
- Move console ttys around (alpha)
- Consistent naming of audio devices across architectures
- i386 console changes to wscons
- serial becomes tty0?, console ttyC? (powerpc)
- Changes for wscons (powerpc)
- Numerous device changes and additions for upcoming VAX resurrection
Build Process
- Install additional bootblocks (alpha)
- Eliminate binutils.tar.gz (alpha)
File Layout Changes
- rdadvd.conf is now gone
- Add /etc/kerberosV
- New apache manual directories
- Add /usr/libexec/auth
- Add /usr/libexec/sm.bin
- Add /usr/include/readline
- Add /usr/share/man/ps[1-9]
- Add primes and ssh files to /etc/mtree/special
Startup Script Changes
- Handle more arguments and skip empty lines in /etc/hostname.if
- Support !command syntax in bridgename.if
- Changes for wscons
- Generate all three SSH keys
- Change sshd initialization to accept flags in rc.conf
- Initialize RAID parity as required
- pcvt goes away
2.9 to 3.0
General Changes
- ipf is gone, replaced by pf. Though the configuration files are similar, there are enough changes that you will want to review your rules
- default sudoers now included
- sync CellSrvDB in afs
- A number of files were inadvertently missing from /etc/changelist
- sendmail initialization is completely changed.
- uucp goes away, becomes a port.
- New users: smmsp (sendmail), popa3d, and proxy (pf).
- Fix wcd function in /etc/ksh.kshrc
- KerberosV was added
- In login.conf, change kerberos entries to refer explicity to krb4.
- Make /etc/remote actually useful
- Add a host of Kerberos-related service names to /etc/services
- remove uucp from weekly cron job
Device Changes
- Out with the ipf, in with the pf
- ALTQ and its associated device added to most architectures
- Add i2o controller (alpha, i386)
- alpha gets /dev/audio
- Copy i386 floppy3 entry (alpha)
- Add /dev/radio0 device (i386)
- Add /dev/crypto support (i386)
- Remove nonfunctional /dev/io support
- /dev/ttyZ? support for Cyclades-z cards (i386)
- Add /dev/pci (i386)
- sparc gets /dev/fd, just like everyone else
- Minor sparc disktab changes
- Clean up rm handling in vax's MAKEDEV
File Layout Changes
- Migrate passwd.conf variables to login.conf.
- /etc/primes renamed to /etc/moduli
- Kill the architectures that never worked anyway: atari, arc, arm32, pc532, pmax, wgrisc.
- Added wsconsctl.conf
- Added /etc/kerberosV
- /var/spool/smtpd got lost
- pmax is now gone
- powerpc changes to macppc and mvmeppc
- Add sparc64 directories
- uucp directories go away
- Changes for the new sendmail
- Add /var/empty
- remove ipf, add pf
Startup Script Changes
- Changes for pf initialization
- Minor changes with multicast initialization
- Change the way swap is initialized
- Add lpd_flags in rc.conf
- support for altq
- wsmouse and wsconsctl.conf support.