Updating all OpenBSD packages with pkg_add

Using pkg_add

Keeping your systems stable and secure

Every system needs to stay up-to-date with its packages, including OpenBSD. Most OpenBSD users already use pkg_add for the installation of packages. This utility can also be used for package upgrades.

Option 1: Use /etc/installurl

Newer OpenBSD versions use the file /etc/installurl to select the mirror for pkg_add.

Option 2: PKG_PATH

The first thing to do is defining your PKG_PATH. This will usually be the address of a FTP or HTTP server, which has the latest packages available. To have this variable set every time you log in, use the file .profile in your home directory (e.g. /root/.profile). Add the full export line below:

export PKG_PATH=”http://ftp.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(arch -s)/”

Since it won’t be active the first time you added it, execute the command, so the variable PKG_PATH will be set.

Tip: use a mirror to improve your performance and reduce load on the main systems.


Next step is the actual execution of pkg_add. To upgrade us the -u, use the -i for interactive and -v for verbose output.

# pkg_add -uvi
Update candidates: quirks-2.9 -> quirks-2.9 (ok)
quirks-2.9 signed on 2014-07-31T22:37:55Z
Update candidates: gettext-0.19.1p0 -> gettext-0.19.1p0 (ok)
Update candidates: libiconv-1.14p1 -> libiconv-1.14p1 (ok)
Update candidates: libidn-1.28p0 -> libidn-1.28p0 (ok)
Update candidates: p5-Clone-0.36p0 -> p5-Clone-0.36p0 (ok)
Update candidates: p5-Curses-1.28p3 -> p5-Curses-1.28p3 (ok)
Update candidates: p5-Curses-UI-0.9609 -> p5-Curses-UI-0.9609 (ok)
Update candidates: p5-DBD-SQLite-1.35p3v0 -> p5-DBD-SQLite-1.35p3v0 (ok)
Update candidates: p5-DBI-1.631p0 -> p5-DBI-1.631p0 (ok)
Update candidates: p5-FreezeThaw-0.5001 -> p5-FreezeThaw-0.5001 (ok)
Update candidates: p5-MLDBM-2.05 -> p5-MLDBM-2.05 (ok)
Update candidates: p5-Net-Daemon-0.48 -> p5-Net-Daemon-0.48 (ok)
Update candidates: p5-Params-Util-1.07p0 -> p5-Params-Util-1.07p0 (ok)
Update candidates: p5-PlRPC-0.2018p1 -> p5-PlRPC-0.2018p1 (ok)
Update candidates: p5-SQL-Statement-1.405 -> p5-SQL-Statement-1.405 (ok)
Update candidates: p5-Term-ReadKey-2.30p6 -> p5-Term-ReadKey-2.30p6 (ok)
Update candidates: pcre-8.35 -> pcre-8.35 (ok)
Update candidates: pkg_mgr-0.2.1p2 -> pkg_mgr-0.2.1p2 (ok)
Update candidates: sqlports-compact-4.1 -> sqlports-compact-4.1 (ok)
Update candidates: wget-1.15 -> wget-1.15 (ok)

When updates are available you will be prompted to install it. In this case, our system was up-to-date, which results in the “(ok)” behind each package.

One more thing...

Keep learning

So you are interested in Linux security? Join the Linux Security Expert training program, a practical and lab-based training ground. For those who want to become (or stay) a Linux security expert.

See training package

Lynis Enterprise screenshot to help with system hardeningSecurity scanning with Lynis and Lynis Enterprise

Run automated security scans and increase your defenses. Lynis is an open source security tool to perform in-depth audits. It helps with system hardening, vulnerability discovery, and compliance.



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.