From: Kirill A. Korinsky Subject: Re: sysupgrade: allow invalid version with -f and -R To: tech@openbsd.org Date: Thu, 17 Jul 2025 23:31:39 +0200 On Sun, 06 Jul 2025 15:20:48 +0200, "Theo de Raadt" wrote: > > I'm sure you are are that if we make it very easy for people to upgrade > from an arbitrary point in the release cycle, to another arbitrary point, > the failure mores increase. > > A good example is the current tech@ thread "Re: Unprivileged font cache: src", > please see my most recent reply to that. > > But there have been other circumstances like this. You are exposing admins > to something which was not tested. We've only ever really tested > R-.1 -> R > R-.2 -> R > R-.1 -> S > R-.2 -> S > S (less than 6 months old) -> S > S (less than a year old) -> R > > I won't argue jumping around is useful to find bugs. > > That's why we carefully documented it this way: > > -R version > Upgrade to a specific release version. Only upgrades from one > version to the next are tested. Skipping versions may work. > Downgrading is unlikely to work. > > But surely your diff needs a change to this wording. That archive > directory does not contain releases, it contains snapshot dates. > > I think this needs a bit more clarity. > Thanks for rewiew. I had spent some time to thinking about original design, because as you had shown it opens a bad door. Instead, after some thinking, I suggest to add a new option, let say -F which enforces that provided URL is treated as a path. Inlined diff allows to install desired snapshot from archive as: sysupgrade -F https://openbsd.cs.toronto.edu/archive/2025-07-14/amd64/ I not sure about wording in man page, and not sure that -F is good name. Index: sysupgrade.8 =================================================================== RCS file: /home/cvs/src/usr.sbin/sysupgrade/sysupgrade.8,v diff -u -p -r1.22 sysupgrade.8 --- sysupgrade.8 25 Oct 2024 03:42:06 -0000 1.22 +++ sysupgrade.8 17 Jul 2025 21:30:57 -0000 @@ -22,7 +22,7 @@ .Nd upgrade system to the next release or a new snapshot .Sh SYNOPSIS .Nm -.Op Fl fkns +.Op Fl fFkns .Op Fl b Ar base-directory .Op Fl R Ar version .Op Ar installurl | path @@ -57,6 +57,10 @@ instead of .It Fl f For snapshots, force an already applied upgrade. This option has no effect on releases. +.It Fl F +Treat the +.Pa installurl +as a path to a version that should be installed. .It Fl k Keep the files in .Pa /home/_sysupgrade . Index: sysupgrade.sh =================================================================== RCS file: /home/cvs/src/usr.sbin/sysupgrade/sysupgrade.sh,v diff -u -p -r1.58 sysupgrade.sh --- sysupgrade.sh 3 Feb 2025 18:55:55 -0000 1.58 +++ sysupgrade.sh 17 Jul 2025 21:19:10 -0000 @@ -83,10 +83,11 @@ WHAT='release' VERSION=$(uname -r) NEXT_VERSION=$(echo ${VERSION} + 0.1 | bc) -while getopts b:fknrR:s arg; do +while getopts b:fFknrR:s arg; do case ${arg} in b) SETSDIR=${OPTARG}/_sysupgrade;; f) FORCE=true;; + F) FILE=true;; k) KEEP=true;; n) REBOOT=false;; r) ;; @@ -111,8 +112,10 @@ case $# in ;; *) usage esac -[[ $MIRROR == @(file|ftp|http|https)://* ]] || +if [[ ! $MIRROR == @(file|ftp|http|https)://* ]]; then FILE=true + MIRROR=file://$MIRROR/ +fi $FORCE_VERSION && $SNAP && err "incompatible options: -s -R $NEXT_VERSION" $FORCE && ! $SNAP && @@ -128,7 +131,7 @@ fi # Oh wait, this is a path install if $FILE; then - URL=file://$MIRROR/ + URL=$MIRROR ALT_URL= fi