[WORKAROUND] Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed)
-
@nollipfsense said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
@sergei_shablovsky I just updated and installed pfBlockerNG, no problem...I did the update from the console and the install from the webGUI...
Update from console looks like normally screen output (see previous message).
maybe you have another update.
What exactly a You mean? I download LATEST snapshot from official pfSense web
-
May be some issue with SSH keys? (Please look at the error description that I write above)...
-
@stephenw10 said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
Ok what I expect here is that you install a 2.7 snapshot clean (new snaps should be available later today).
Make sure that has connectivity as expected.
Then restore the complete config file and it should pull in the required packages at first boot.If that's failing then something in the config file is breaking access to the pkg repo.
Check the repo line itself matches, for 2.7 is should be:
<pkg_repo_conf_path>/usr/local/share/pfSense/pkg/repos/pfSense-repo-devel.conf</pkg_repo_conf_path>
Checked double twice: all as You wrote.
-
It looks like something in the config you're restoring is causing it to brake the pkg repo such that it overwrites the existing pkgs and cannot replace them.
I have failed to replicate it here restoring a backup from 2.7 into 2.7.Try testing a basic backup config made after the clean install. That restores OK for me so if that also fails for you it must somehow be in your environment.
Steve
-
@stephenw10 said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
It looks like something in the config you're restoring is causing it to brake the pkg repo such that it overwrites the existing pkgs and cannot replace them.
I come to same conclusion. Because this I decide trying to restore from .xml backup file step-by-step (mean one category at a time), so we return to my 2-nd post in this tread (with the list of packages, please see it).
I have failed to replicate it here restoring a backup from 2.7 into 2.7.
Try testing a basic backup config made after the clean install. That restores OK for me so if that also fails for you it must somehow be in your environment.
No, restoring the basic backup config was made successfully.
-
I still think the most likely thing here is pfBlocker. It can add aliases or Unbound lists that are unpopulated at first boot after a restore resulting in the firewall being unable to reach the pkg repo.
-
@sergei_shablovsky said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
What exactly a You mean? I download LATEST snapshot from official pfSense web
Okay, sorry my bad, thought you were updating an earlier install.
-
@stephenw10 said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
I still think the most likely thing here is pfBlocker. It can add aliases or Unbound lists that are unpopulated at first boot after a restore resulting in the firewall being unable to reach the pkg repo.
If so, how to ensure that exactly this are the source of problem?
-
Remove pfBlocker and any associated rules and lists.
Make a new backup.
Restore that into a clean 2.7 install.Steve
-
@stephenw10 said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
Remove pfBlocker and any associated rules and lists.
Make a new backup.
Restore that into a clean 2.7 install.You mean delete from .xml backup file?
-
You can try to do that but it would be very easy to miss something.
I mean remove the pfBlocker package from the 2.7 instance that is failing to see updates then take a new backup from that. Then try restoring that into a clean 2.7 install.
-
This post is deleted! -
@stephenw10 said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
I mean remove the pfBlocker package from the 2.7 instance that is failing to see updates then take a new backup from that. Then try restoring that into a clean 2.7 install.
How to remove pfBlocker?
No any packages are visible as installed in System / Package Manager...
-
If packages have been removed then try backing up that config and restoring it into a clean 2.7 install. You will need to manually add packages again but the config will still be there.
-
Do you have RAM disks enabled in the config you're restoring?
If so you're probably hitting this: https://redmine.pfsense.org/issues/13182
I managed to hit that earlier and it presents exactly as you are describing here.
Remove the config line that enables RAM disks and retest if you can:
<use_mfs_tmpvar></use_mfs_tmpvar>
Reinstall 2.7 clean and restore the config again without ramdisks.
Steve
-
@stephenw10 said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
Do you have RAM disks enabled in the config you're restoring?
Remove the config line that enables RAM disks and retest if you can:
<use_mfs_tmpvar></use_mfs_tmpvar>
Thanks You for suggestions, Steve!
Please confirm, this string in /conf/config.xml are equally the RAM Disk Settings (Reboot to Apply Changes) item in System / Advanced / Miscellaneous, yes?
-
@stephenw10 said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
Do you have RAM disks enabled in the config you're restoring?
If so you're probably hitting this: https://redmine.pfsense.org/issues/13182
I managed to hit that earlier and it presents exactly as you are describing here.
I make this (checked double twice):
1.
installing CE 2.7.X (current snapshot from 20220520) on bare metal server (with hw RAID1, physicaly 2 HD in mirror, logically 1 Virtual Device)
ping, traceroute, pkg update/upgrade, NetGate servers resolved- all OK
hw reboot
2.
restore from config.xml backup file (RAM disk ENABLED)
hw reboot
ping, traceroute, - OK
NetGate servers resolving - OK
pkg update/upgrade - NOIf restoring from config.xml backup file with manually deleted <use_mfs_tmpvar></use_mfs_tmpvar> string, this error not happened.
If restoring form config.xml where <use_mfs_tmpvar></use_mfs_tmpvar> exist, then hw reboot, then manually in editor or webGUI delete <use_mfs_tmpvar></use_mfs_tmpvar>, then hw reboot,- this error still persist.
So now I'l waiting for a BUG fixing from NetGate Dev side...
Thank You, Steve for patience and help!
-
@sergei_shablovsky said in Unable to update and package install (ERROR: It was not possible to identify which pfSense kernel is installed):
If restoring form config.xml where <use_mfs_tmpvar></use_mfs_tmpvar> exist, then hw reboot, then manually in editor or webGUI delete <use_mfs_tmpvar></use_mfs_tmpvar>, then hw reboot,- this error still persist.
That's expected because by that point the conflicy in /var has happened and the pkg db is lost. The workaround currently is to remove that line from the config before restoring it.
Steve
-
@stephenw10
Thank You, Steve!What about SSH Error that a describe before in this thread?
-
This?
SSH KeyGen pfSense has started creating missing SSH keys. SSH Startup will be delayed. Please note that reloading the filter rules and changes will be delayed until this operation is completed. @ 2022-05-01 12:55:10
That's normal whenever new keys are created. Which until 22.01/2.6 was every install or config reset.
Steve