There is a small window of mixed version sets at the newvers tagging from release to beta, likely due to the way currently mirrors are clearing the previous and syncing during that automatically (not signalled). There will be another one from beta to release and new version for snaps too.
At these times sysupgrade(8) picks the old sets from partial incompletely "deleted" version sets breaking the snapshot upgrades, instead of the latter correct new version ones which are a complete sets. This results in failure to upgrade to a valid snapshot on the mirrors, and users having to wait a new snapshot fanout without mixed sets and checksum files containing both versions (incompletely the older). It can be fixed by adjusting the sysupgrade(8) script to narrow the sets version to the current new version of the snapshot sets. Here is how it looks on the mirrors during that period: before (contains one version, normal) https://ftp.hostserver.de/archive/2023-09-18-0105/snapshots/i386/ during (two versions, older incomplete, picked and failing) https://ftp.hostserver.de/archive/2023-09-19-0105/snapshots/i386/ https://ftp.hostserver.de/archive/2023-09-19-0105/snapshots/i386/index.txt https://ftp.hostserver.de/archive/2023-09-19-0105/snapshots/i386/SHA256 after (one version again, normal) https://ftp.hostserver.de/archive/2023-09-20-0105/snapshots/i386/ during (same as i386, probably affecting other arches too) https://ftp.hostserver.de/archive/2023-09-19-0105/snapshots/amd64/ https://ftp.hostserver.de/archive/2023-09-19-0105/snapshots/amd64/index.txt https://ftp.hostserver.de/archive/2023-09-19-0105/snapshots/amd64/SHA256 The script uses SHA256 for picking up the list of sets, and it picks the incomplete one and fails. With the change it picks the complete one and finishes successfully. I have not tested on newvers rolling locally, so try to proof-reason about it yourself too. Let me know if you need clarification around the beta release / snap conditions or the logic of the proposed change, adjust accordingly / test as you will. Pardon the primitive diff-ing by hand. Here is the proposed narrowing version sets as a unified diff: $ diff -u $(dirname `which sysupgrade`)/sysupgrade{,.nv} --- /usr/sbin/sysupgrade Tue Sep 26 13:35:56 2023 +++ /usr/sbin/sysupgrade.nv Tue Sep 26 13:36:14 2023 @@ -121,7 +121,11 @@ if $RELEASE && [[ ${_KERNV[1]} == '-beta' ]]; then NEXT_VERSION=${_KERNV[0]} else + if ! $SNAP; then NEXT_VERSION=$(echo ${_KERNV[0]} + 0.1 | bc) + else + NEXT_VERSION=${_KERNV[0]} + fi fi if $SNAP; then @@ -136,9 +140,12 @@ echo "Fetching from ${URL}" unpriv -f SHA256.sig ftp -N sysupgrade -Vmo SHA256.sig ${URL}SHA256.sig -_KEY=openbsd-${_KERNV[0]%.*}${_KERNV[0]#*.}-base.pub -_NEXTKEY=openbsd-${NEXT_VERSION%.*}${NEXT_VERSION#*.}-base.pub +_KV=${_KERNV[0]%.*}${_KERNV[0]#*.} +_NV=${NEXT_VERSION%.*}${NEXT_VERSION#*.} +_KEY=openbsd-${_KV}-base.pub +_NEXTKEY=openbsd-${_NV}-base.pub + read _LINE <SHA256.sig case ${_LINE} in *\ ${_KEY}) SIGNIFY_KEY=/etc/signify/${_KEY} ;; @@ -156,9 +163,9 @@ exit 0 fi -# INSTALL.*, bsd*, *.tgz +# INSTALL.*, bsd*, *${_NV}.tgz SETS=$(sed -n -e 's/^SHA256 (\(.*\)) .*/\1/' \ - -e '/^INSTALL\./p;/^bsd/p;/\.tgz$/p' SHA256) + -e '/^INSTALL\./p;/^bsd/p;/'${_NV}'\.tgz$/p' SHA256) OLD_FILES=$(ls) OLD_FILES=$(rmel SHA256 $OLD_FILES)
