Please create an account to participate in the Slashdot moderation system


Forgot your password?
BSD Operating Systems

End Of OpenBSD 3.0-STABLE Branch - Upgrade To 3.2 72

jukal writes "From here: "Hello folks, Due to the upcoming release of OpenBSD 3.2, the 3.0-STABLE branch will be out of regular maintainance starting december 1st. There will be NO MORE fixes commited to this branch after this day. People relying on 3.0-STABLE (or older releases even) are strongly advised to upgrade to a more recent release (preferrably 3.2 as it becomes available) as soon as possible. Thanks for reading, Miod" Download from your preferred FTP mirror."
This discussion has been archived. No new comments can be posted.

End Of OpenBSD 3.0-STABLE Branch - Upgrade To 3.2

Comments Filter:
  • buy it (Score:5, Insightful)

    by raffe ( 28595 ) on Monday October 07, 2002 @08:29AM (#4401858) Journal
    No, dont download it. Buy it! [] Support the brave people how work hard to get openbsd to work!
  • by disappear ( 21915 ) on Monday October 07, 2002 @09:26AM (#4402107) Homepage
    They think that in two months I can take all of my production servers, build replacement boxes, test them, and put the new boxes into production? When the newest release of the OS isn't even available yet? (Why upgrade to the intermediate release when that'll be dropped as soon as the next one comes out...)

    Do they assume I have only one box, or that I don't bother to test things, or that I don't lose any money if the upgrade is perfectly smooth? Do they assume that I won't switch to something with a better support policy (and more notice for dropping support) than what they do?

    Do any of these people know anyone who manages systems for a living, or do they only talk to other developers?
    • More notice for dropping support? Isn't there stated policy that they support only the current release and the previous release? Look at the fancy ASCII map [] of their release schedule. It clearly shows that only two releases are maintained at one time. I've been using OpenBSD since 2.9, and I was always aware of their support scheme. Where have you been?

      Do you assume that they have the resources to support older releases just because it is an inconvenience for your to upgrade? They are offering you a really great OS for free. They work really hard to make sure that it is the best it can be. And what I like most about the OpenBSD team is that they really take a stand for freedom issues in software (read Theo's stance on the Sun ECC code being included in OpenSSL in this message [], or check out the entire thread []).

      Give these guys a break. You had 6 months to test 3.1 and upgrade your boxes from 3.0. If you don't like their policy, use something else. As someone said over a, if you want support for older releases, pay someone to provide patches for your system. Whatever you decide to do, stop complaining about something they give away for free.
      • Give these guys a break. You had 6 months to test 3.1 and upgrade your boxes from 3.0. If you don't like their policy, use something else. As someone said over a, if you want support for older releases, pay someone to provide patches for your system. Whatever you decide to do, stop complaining about something they give away for free.

        So I've had six months? Great --- that's about how much time it takes to do testing for a substantial site. Now I'm done and can work on other tasks? Nope, gotta do it again for the new release.

        You're right: the problem isn't the amount of notice they give. I was off on that point. However, the amount of time you get isn't enough for me to use OpenBSD at a customer's site. Eighteen months as the lifespan of a product isn't substantial enough, in my opinion.

        • the amount of time you get isn't enough for me to use OpenBSD at a customer's site. Eighteen months as the lifespan of a product isn't substantial enough, in my opinion.
          Then, clearly, OpenBSD does not meet your requirements. Try another *BSD or switch to Linux or buy AIX or HP-UX or Solaris or something.

          • Being a consultant, I run what the customers (already) run. Many of my customers do run Linux, and others run various BSD flavors and/or Solaris. I'll run HPUX or AIX when the customers demand it. :-)

            But decisions like this do mean that I don't recommend OpenBSD to most customers. (Or Debian, for precisely the same reason.) Isn't it disappointing not to be able to run a technically superior product for reasons like this? I find it disappointing.
            • Your expectations are misguided and unfair. I don't know of ANY free software project that provides support for arbitrarily old releases -- unless you pay for it. Conversely, if you're willing to pay for support then you can surely find someone to support OpenBSD for you.
            • There is no reason they cannot continue to use 3.0 if it suits their needs. It's not like it's going to roll up and die in December.

              And, ignoring the 'technically superior' issue, because that's a whole different argument, what issue is it that lets you not be able to run something?

            • You don't recommend Debian because the OpenBSD project has a new major release every 6 months? Would you mind clarifying that?

              As for OpenBSD, you only need to upgrade when there is a flaw in some part of the system that you use, or a security risk. That should take less than 6 months to test. Hell, if you can wait 6 months before rolling out a security fix, then what's the sudden rush? You don't need to install OpenBSD 3.1, by the time you are done evaluating each security fix, just install OpenBSD 3.3 or 3.4.

              Seriously, if you can't handle the 1 year (6 + 6 months) upgrade cycle, then just use Debian stable. You really need to explain that unfounded pot shot at Debian, which is very stable, and doesn't force you to reinstall at all... just keep up to date with the security patches, and you shouldn't have to upgrade in your hardware's lifetime.

              Oh, and screw H-PU-X , Slowlaris or ACHES, your customers need to demand IRIX!
              • Seriously, if you can't handle the 1 year (6 + 6 months) upgrade cycle, then just use Debian stable. You really need to explain that unfounded pot shot at Debian, which is very stable, and doesn't force you to reinstall at all... just keep up to date with the security patches, and you shouldn't have to upgrade in your hardware's lifetime.

                Remember when potato came out? Two weeks later (or was it three?) they gave four (or was it six) weeks notice that they were dropping support for the previous Debian stable.

                Six weeks is enough for me to evaluate it for personal use, but not to upgrade and test stuff before real-world deployment.

                That really pissed me off. I still have customers who use Debian, and I'm happy enough to support them, but I tend not to recommend it for new installations based on that experience.

                Oh, and screw H-PU-X , Slowlaris or ACHES, your customers need to demand IRIX!

                Gee, I thought you'd say PH-UX. And, actually, I've been on a team responsible for a number of large IRIX systems. The C compiler is really, really picky, but beside that the boxes were great. I hear that several OS revs further in the past there were stability problems, but by 1998 when I got to them, they were rock-solid.

                And I understand SGI's supported release policy, too. ;-)

                • ever tried out apt-get dist-upgrade ? I'm pretty sure Debian does tons more testing with major releases than you do.
                  • ever tried out apt-get dist-upgrade ?

                    Er, yeah....

                    I'm pretty sure Debian does tons more testing with major releases than you do.

                    Er, no.

                    That is, not with in-house or third-party apps deployed on the server.

                    <VERYLITTLEWORDS>This may shock you, but sometimes people run software on computers. Sometimes even software that doesn't ship with the operating system.

                    If you upgrade from one Debian stable (Potato, say) to another (like Woody), many, many underyling software versions change.

                    These changes are necessary: after all, if the software versions didn't change, there wouldn't be a new release of the distribution, would there? But sometimes these changes break things. Changing from PHP 3 to PHP 4 sure breaks things. Upgrading from 4.0.6 to 4.1.x breaks things, too. Just ask the HORDE people.

                    Some people use many features of the operating system, and have a lot of custom code running on their servers. Often this is in addition to running a full compliment of basic services.

                    Testing the local code can take a long time, if there's a lot of it. Especially if it depends heavily on features (or even bugs!) of its development language. Perl tends not to break things, but even that happens sometimes.

                    The OS isn't the only piece that needs to be tested. Modern Linux works pretty much out-of-the-box in that regard. But that's hardly the only thing to test.</VERYLITTLEWORDS>

                    You've never worked in a large production environment, have you?

    • by honold ( 152273 ) on Monday October 07, 2002 @11:18AM (#4402935)
      man release to get started

      i have a single master system that builds a release distribution and publishes it to a private site. i run the following script to do an in-place binary upgrade of all my systems:

      rm -rf /usr/upgradetmp
      mkdir -p /usr/upgradetmp
      cd /usr/upgradetmp
      ftp http://WEBSITE/3.1/i386/bsd
      ftp http://WEBSITE/3.1/i386/base31.tgz
      ftp http://WEBSITE/3.1/i386/comp31.tgz
      ftp http://WEBSITE/3.1/i386/game31.tgz
      ftp http://WEBSITE/3.1/i386/man31.tgz
      ftp http://WEBSITE/3.1/i386/misc31.tgz
      cp /bsd /bsd.old
      cp bsd /bsd
      tar xzvpf base31.tgz -C /
      tar xzvpf comp31.tgz -C /
      tar xzvpf game31.tgz -C /
      tar xzvpf man31.tgz -C /
      tar xzvpf misc31.tgz -C /
      cd ..
      rm -rf upgradetmp
      reboot /etc changes have to be merged manually but i keep my global configs in private cvs. bsd tar unlinks everything before overwriting, so doing it multi-user isn't a problem.

      this makes managing 10+ openbsd servers a breeze.
      • almost forgot (Score:2, Informative)

        by honold ( 152273 )
        i do 'lynx -dump http://WEBSITE/|sh' to upgrade so i don't have to keep local copies of the script incase it changes
    • Then don't use OpenBSD.
    • any reason why you *have* to upgrade? i have a number of systems which have been running 2.4 since early '99. i have never had to *have* to upgrade. connected to the internet, no ipmasq/nat biz going on either. if it ain't broke, don't fix it.
    • you dont really use openbsd, do you? if did, you'd know how to work within the release cycle. i really dont see what's wrong with a consistent release cycle. you always know when the release is coming, no one is springing it on you, it is never late. sure it forces you to know your machines - as in whether they even need upgraded or whether you can still be running 2.7 w/o problem - but that sounds like a good thing, and w/ organization (and less /. reading) it is possible to handle even for large installations.
  • by lamontg ( 121211 ) on Monday October 07, 2002 @01:15PM (#4403940)
    I admin 850 linux boxes, and as far as I am concerned "release early, release often (and provide no support for older versions)" is open source's major flaw. Developers doing it for fun don't want to support old versions. They're lazy. This laziness has been turned around into some kind of virtue by the open source movement.

    What open source needs is a company which provides an 18 month upgrade cycle and supports three concurrent versions. This is exactly what Sun provides with Solaris, and is something that system admins really badly need. And its not just the upgrading issue. You also lose time on the front end of this release cycle because it takes a long time for vendors to certify their software for the new release of the operating system. RedHat is starting to ge some kind of clue about this and is switching to an 18 month release cycle with their advanced server product. They still put on this godawfully stupid dog and pony show though about they'll come in and (for a price) help to upgrade all you machines every time they release a new version. This is entirely unacceptable and waste of resource and a waste of money spent on RedHat. It is basically RedHat trying to turn their laziness into a business model.

    And please don't talk about how you've got a couple of scripts whipped together to make it easy to manage 10 openbsd boxes. I'm on a team that manages *850* open source boxes. Whatever you suggest doing simply doesn't scale well enough to deal with doing 850 upgrades every 6-12 months. An upgrade will take everyone on my team offline for at least a month, and we can't afford to be doing that all the time. Also, the next upgrade we're doing is from RH6.2 to RH7.2. We haven't had the time yet to certify all our software for RH7.3 or RH8.0 so we're actually going to be starting out behind once again... This is how system management works at very large sites though.

    • Guess what? This problem isn't restricted to Open Source. At most Fortune 500 companies the Microsoft release cycle is problematic. Many companies are just now wrapping up their migration from Windows 95/98 to Windows 2000, and they have no plans to migrate to XP anytime soon -- especially since it seems the easiest way to switch to XP is to simply buy new computers. Word 97 does memos on a PII 233 just as well today as it did in 1997; "upgrading" to Windows/Office XP on a 1.2GHz box buys them nothing but "support" from Microsoft.

      They could support OpenBSD releases for five years and it wouldn't be long enough for some folks.

      • Except that Win2k is going to be supported by MS for a long, long time to come. Hotfixes are scheduled through March 31, 2007. Pay-per-incident support is available 2005. Hourly support is available through 2007.

        Thats a long way from now. Five years. If you migrated at the beginning of the process its a SEVEN year lifecycle for Win2k.

        Seriously, thats not to bad.
    • by Anonymous Coward
      Sure just assume they are all lazy... thats the *obvious* conclusion.... or could it be because SUPPORTING OLDER RELEASES IS TIME CONSUMING AND SUCKS FROM ALREADY LIMITED RESOURCES... perhaps? Are you paying their rent every month? If so then I believe you have every right to demand such a thing... if not, then who are you to make such grand claims? Oh you admin N amount of open source boxes.... and you bitch about support for software you didn't pay for? See the problem here? You want support, pay for it. If you ain't paying for it you have no reason to make any such demands.

      Hey you want your software certified on new versions of redhat? I'm sure they'd be glad to do it for you... PAY THEM. Quit bitching about how "you don't have enough time", developers are not going to put security and reliability patches on hold so you can make sure everything works just spiffy for you. Hire some people who can do their job faster.

      And it seems like you don't like even redhat...fine go elsewhere.... if you hate their release cycle so much who the fuck is holding your head to the chopping block that is preventing you from switching to something else?
      • The company that I work for has a business relationship with RedHat and pays RedHat an extremely large flat-fee every year (take the average IT salary and multiply by approximately a factor of 10). So yes, I'm bitching about software that we pay for, not software which is free. And in the open source model we were *supposed* to be able to get all the features and service that we got out of commerical Unixes, particularly if we paid for the service. That doesn't seem to be happening.

        And there's no where else to go to get a decent release cycle other than Sun or another commercial unix vendor. If open source wants that to be the answer that they give, that's fine for me, I'll start trying to set management expectations to avoid open source.
        • If your problem with Open Source software is the brief support and releace cycles, then you don't want Red Hat, you want Debian.

          If you want to pay somebody to support it, I suggest you look at Progeny, who are very experienced with Debian, and used to support their own distribution... unless you prefer LibraNet's customized Debian distribution. Either way, I believe that Progeny will support any Debian derived OS, and they have much experience and history with the Debian Project.

          If you aren't looking for flashiness, but for solid performance and reliability, then go with standard Debian Stable - their release cycle is paced much better, they really are Stable, and they support their releases much longer than other Open Source OSes. Either look into Progeny [] or find something else here. []
    • if there were sufficient demand for COMMERCIAL ENTITIES (e.g. red hat) to support 5 versions, they would do it. that's because they have the money to throw resources at it.

      openbsd could offer to support 5 versions too, and that would place forward development at a virtual stand-still because of the overhead required.

      when the world needs that level of support from red hat, they will have it. that level of support from totally volunteer-based projects will show up WAY later.

      as an aside to all this, openbsd simply isn't the kind of os people put on 850 machines. if there's a single grouping of 500 somewhere i'd still eat my hat. it's not a performance/clustering os, it's an edge/internet server os. even if it had exponentially greater development resources, the focus would likely still be on the future as opposed to the past because farms of it simply don't exist.
    • What open source needs is a company which provides an 18 month upgrade cycle and supports three concurrent versions

      When Debian did that, it got nothing but flak.
    • Look at []

      RELENG_4_3 was last patched Thu May 2 20:37:12 2002

      RELENG_4_4 was last patched Fri Sep 13 15:09:04 2002

      RELENG_4_5 was last patched Fri Sep 13 15:07:23 2002

      RELENG_4_6 was last patched Fri Sep 13 15:04:16 2002

      RELENG_4_7 has not been released.

      Seems to me that's at least three supported versions.

      FreeBSD 4.3 RELEASE was done April 21, 2001. Last patch was done 13 months after that. You could still use it if you used OpenSSL, OpenSSH, BIND, etc. from the ports tree.

    • One question...if you are concerned about downtime...why upgrade?
      • it isn't downtime that's the problem. we can do rolling upgrades so that we never lose any services. the problem is that you start to lose support for older versions of the O/S both in software and for hardware. eventually it becomes a pain to maintain old versions of the operating system, particularly when you'd like some of the newer features.

        the problem is that it would be best to do those upgrades on your own schedule, rather than the "release early, release often" 6 month upgrade cycle.
  • Newbie (Score:2, Interesting)

    by penguin_punk ( 66721 )
    I know this should really be an "Ask Slashdot" question, but I am _really_ interested in learning how to admin OpenBSD systems, and I am having a hard time trying to find books and websites aimed for beginners. Here is my question:

    Any good (Open)BSD books on the shelves?

    I am currently a sysadmin/netadmin/sys-support guy for a (really) small isp/hsoting company. Our boxes are a mixture of NT/W2K and I'm looking into operating systems for our new servers whenever they arrive. I feel adequate running a linux distro such as Slackware as a new web server, but I would love to put up a *bsd box. (As well as run mySQL, radius, ids[snort], on *nix flavours, as opposed to MS)

    I've played with Linux for about 5 years, but not consistently until this past year, where I ran Apache under Mandrake for a websrever for my friends and I (that didn't last long), as well as installed Slack 8.0 on an old p133 for a router/firewall and Slack 8.0 on my laptop. I'm not 100% fluent in *nix scripting and such, but I'm trying really hard to become less reliant on Windows. Both at home (desktop) and at work (servers). Back to my question, now that I can pull my weight with Linux, what is the best way to teach myself more OpenBSD? I've tried using it on a couple of different occasions, but I found the command names and devices so.. so... cryptic(?) to me. I have extra boxes to play on (including two new Celerons 1.3's) at home, but my spare time is almost non-existent, so I'd rather have a book I can read on the shitter or before I go to bed.

    Any ideas are GREATLY appreciated.

    (I haven't looked into this for about 6 months, but this slashdot article renewed my appreciation and lust for OpenBSD. There may have been kick-ass books and websites written within the past 6 months that deal with BSD administration, but like I said, I'm really busy and my time is tight, so even if you have a pointer that seems obvious to you, please post it up.)

    Submit/Preview?? I'll take Submit.
    • Genuine OpenBSD Books are rare. AFAIK, there's only one out there, and that's pretty outdated: "Building Linux and OpenBSD Firewalls" by Sonnereich and Yates. As it describes OpenBSD 2.5 it doesn't really explain new features.

      Nevertheless there is enough documentation on the web and plenty of help on IRC (esp #open-bsd), the newbie openbsd mailinglist, O'Reilly and man pages, so go for it and join up. Even Lowendpc [] has a good openbsd section for newbies. It's easier than you think, and the installation is a doddle.

      • Thanks for the info!

        I have subscribed to some lists and hope to get a working OpenBSD box up and running this week. It's too bad I can't Mod you up for this one....

        Just like everything else, I'm sure if I dive into it for a week or two, I'll be fluent. (Even the disk device names and such confse me at first glance)

        I think my first box will be an ipchains-based firewall with snort to log attempts and do real-time attacker blocking. Possible? I believe so.

        It might be overkill for my home ADSL connection, but it's something that can transfer over to a production box.

        I think I'm high as a kite right now on caffeine. I keep imagining this spider climbing up my back. Water cooler, here I come.
    • I don't know of any OpenBSD books. (Though I do know of a couple of FreeBSD books.) My advice would be to get generic Unix books. Books such as "UNIX Power Tools" and "the purple book", "Unix System Administration" (which includes FreeBSD information) (you'll know the latter from the immitators with the same name because of it being a purple $70 paperback :-) ), would help lots even if some of the advice might need modification for OpenBSD.

      I run NetBSD myself and am a former FreeBSD and Linux user. A lot of the knowledge I had from the others and books on the other Unices directly translates to what I run now, which is the operating system most akin to OpenBSD.

      • Is there a site you know of (or used book store) that would have these CHEAP?

        Maybe anyone reading this has the books mentioned?
        • Is there a site you know of (or used book store) that would have these CHEAP?
          Unfortunately, good computer books are very expensive; as they are either priced according to textbook or professional book prices. Try getting them from an online used bookstore or an auction or discount site like
    • A good source of 'how to' for OpenBSD is's guide to installing and locking down OpenBSD. Whenever I do a fresh installation, I always double-check said site to make sure I haven't forgotten anything. It isn't complete, but it's a damned good start.

      Really, though, the best way to learn OpenBSD is to just start using it. As you need to do new things, you'll learn how to effectively use the man pages, sites like Geodsoft, and the misc@OpenBSD mailing list to tackle your questions.

    • Any good (Open)BSD books on the shelves?

      Michael Lucas (author of Absolute BSD: The Ultimate Guide to FreeBSD) is due out with a book on OpenBSD in a few months (Q1 03?)

      so, can you wait? ;-)

  • The OpenBSD team has confirmed it, OpenBSD 3.0 is dead. After an initial increase in use the decline has become visible even for them and they decided not to support it anymore. Everybody who was using it has dropped it in support for version 3.1 and 3.2. This is a clear message to the community: OpenBSD 3.0 is dead. Upgrade NOW!.
  • Wow an old version of OpenBSD is being EOL'd. I don't see how this is even remotely news worthy. This happens every release.
  • Okay... so fetching source from the openbsd cvs mirrors.

    All the docs on the openbsd site are a bit dated, and you have to piece things together..

    everyone talks of -stable and -current. Are these actual CVS tags?
    Can I do a cvs get -rSTABLE and get the latest stable?

    I know that, for instance, OPENBSD_3_1 is the 3.1-stable tree....

    is there somewhere where the cvs tagging is properly documented?

Neutrinos have bad breadth.