On 2022-08-23 07:47, Jeremie Courreges-Anglas wrote:
On Mon, Aug 22 2022, J Doe <[email protected]> wrote:
Hello,
I am upgrading an OpenBSD 7.0 firewall to OpenBSD 7.1. The firewall
only has two packages: vim and Bind 9.16.
Before performing the upgrade on the actual hardware, I created
a duplicate in VMware. The upgrade of the test VM via: sysupgrade
works, as expected. I then performed a package update:
$ doas pkg_add -uvi
Again, everything upgrades successfully, with my upgraded Bind version
being 9.16.30, but the post install package notes for Bind caught my
eye. When I originally installed Bind 9.16 on the firewall, I went with
the GeoIP flavor. As a result, the post-package upgrade install notes
that I may want to do the following:
$ rm /var/db/GeoIP/*
...however, I noticed that the one file in this directory:
GeoLite2-Country.mmdb, was upgraded during the install (based on the
filesystem date and time). When the post-package upgrade notes state
that I should consider deleting this, aren't I then deleting a file that
was part of the upgrade ?
The message is most probaby bogus, I suggest you ignore it.
As a side note - pre-OpenBSD 7.1 + package upgrade, I did not store any
Maxmind databases in: /var/db/GeoIP. I had not yet utilized the GeoIP
functionality.
But you already had the libmaxminddb package installed and there were
already files in /var/db/GeoIP, even if you did not create them.
The files shipped by the various maxminddb subpackages are @sampled in
/var/db/GeoIP so that they can be modified by the user, who gets
reminded on updates that the file should be merged with the latest
version.
But libmaxminddb also has this in PLIST-main:
@extraunexec rm /var/db/GeoIP/*
Frederic, I think we could do without it since most people won't edit
the @sampled files, which will get removed by pkg_delete, along with the
/var/db/GeoIP directory if empty.
The main issue here is that the @extraunexec message is printed even on
upgrades, so the users are shown unhelpful hints. This is a known
defect in pkg_add -u, which leads to data loss and users scratching
their heads.
Hi Jeremie,
Thank you for your answer. I have completed the upgrade on the firewall
itself and everything for Bind appears to be ok.
- J
