Opkg upgrade vs. flashing sysupgrade


I have a general question.

When do I have to flash a sysupgrade.bin (and potentially loose all my settings)?

As far as I understand, using "opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade" if new versions are available should keep me up to date.

But what about releases like 19.07.1 --> 19.07.2 ? Do I have to flash a sysupgrade.bin or is "opkg upgrade" still OK?

Greetings from Germany


Always flash a new version. In most cases, you can preserve settings when running an upgrade for point revisions (I.e. 19.07.1 > 19.07.2). You can make a backup first, too. You will need to reinstall packages, but that is fairly easy and there are some scripts available to help automate that process.

Never, ever use opkg upgrade - this method will likely cause you major problems and does not actually upgrade the version. Some people will say that they have used opkg upgrade successfully, but for every one of those people, there are many more who have problems caused entirely by that process - some minor, some major. Just don’t do it (search the forums for more detail if you need or don’t believe me).


Well, then I have a few questions:

a) Why is there "opkg upgrade" in the first place if you will destroy your installation?

b) Why is there no "user friendly" upgrade script already integrated into OpenWrt? I have only a few packages installed (p910nd, SQM QoS, Adblock) but reinstalling and especially configurating those (and my Static Leases) Each. Time. Again. Is really painful and time consuming.

For someone who isn't a Linux Pro, this kinda sucks...
(But thanks for your reply!)


It an be used to selectively upgrade individual packages.

sysupgrade is rather complex due to the limited flash space in many routers. OpenWrt supports hundreds of different router models, and they have widely different flash structures and update methods. Quite different that "let's update Linux in x86 PC with unlimited storage space".

Note that you can preserve your settings in sysupgrade, so there should be no reason to reconfig static lease etc. But you need to re-install the packages.


I use opkg upgrade (opkg install) for installing new versions of packages but they dont have any kernel update or things like that.
they are mostly luci and tor and nano and stuff like that.

are you telling me that using opkg upgrade is never ok even when used exclusively for non-kernel packages that are in the stable repo of that version?
I dont use opkg upgrade for upgrade of openwrt version itself (so I mean I use flashing from webui for new versions of openwrt) but you are telling me that I should never use the normal opkg operation to for example update luci? or tor? or nano?

I thought that the main advantage of openwrt was security and using packages that are updated in the same version as the installed openwrt version is still bad?

YMMV. I always discourage the use of opkg upgrade because it has a bunch of downsides (already discussed), including potentially soft-bricking the device or unusual behaviors that may be difficult to pin down. It doesn't mean that you will always have issues, though. It can depend on which packages you upgrade and the underlying dependencies for those packages. Blindly upgrading all packages is fraught, but some (possibly even many?) packages are upgradable without issue. But because of the uncertainty, it is usually better to avoid upgrading packages unless there is a specific reason.

It should be stated that there are many users, including some of my fellow "regulars" (i.e. people who have a lot of experience with OpenWrt and even more time invested in helping people on these forums) who have never run into a problem with opkg upgrade. But many of us still feel it is best to warn people so that they can be aware of the risk.

That's good, because it is not possible :wink:

Selectively updating certain packages may not be an issue, but you never know. I'd say sure for something like nano -- it's not a system level process and if the upgrade goes bad it is unlikely to affect the system stability/performance. But I'd stay away from LuCI, as an example.

Security is an advantage of OpenWrt. As are the packages. And the recommendation to not use opkg upgrade does not negate either of those things. Keep in mind that just because an update is available doesn't mean you should apply it. It doesn't necessarily mean it is better or more secure. Sometimes a new feature is added that actually regresses performance, security, or introduces bugs. Don't tell me you've never regretted applying an update to your computer/phone or other devices?

In the event of the discovery of a serious vulnerability, there will be indications and instructions in the forums about how to mitigate the issue. It could potentially involve using opkg upgrade for specific package(s), or maybe it will come in the form of a service release that is expedited to patch the problematic components. But it is important to decouple these types of situations from general upgrades to packages which rarely contain critical security updates.

so you are telling me to just forget about updates and just wait for openwrt versions? (i track them with rss)
unless I need a package updated like maybe tor ?
so I just let the openwrt system be till next update?

and twice I regretted updating my software.
once was with the piece of $hit company nvidia that gave a beta version of driver for my graphic gard and caused its fan to stop and burned the card.
(after that and my laptop dual card getting shit support for linux from nvidia I no longer buy anything nvidia)

and the second time was kde 3 to 4 that removed persian calendar that I used throughout the system.( fun fact: now windows 10 support that but kde doesnt)

That is my recommendation. Unless there is a must have feature, bug fix, or security patch, I recommend using the official releases as the upgrade path.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.