Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to check for updates

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    33 Posts 13 Posters 10.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      anak1n @rcoleman-netgate
      last edited by

      @rcoleman-netgate "When it's done it will be done." ? I see this comment it's 7 days ago, at least netgate could send a banner about this issue. It cannot be that we're stuck in this, is there any update on this matter?

      S T 2 Replies Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @anak1n
        last edited by

        @anak1n https://forum.netgate.com/topic/178080/unable-to-check-for-updates/21
        You can install from USB if you don’t want to wait. They need to make sure it will properly abort on affected devices.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 0
        • S SteveITS referenced this topic on
        • S SteveITS referenced this topic on
        • T
          tshaw256 @anak1n
          last edited by

          @anak1n Yeah it threw me off too, BUT, the v22 for the 2100 is working. I can vouch for that at least. v23 is not yet.

          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS Galactic Empire @tshaw256
            last edited by

            @tshaw256 That’s the other thing…unless someone needs a new feature 22.05 will continue to work and has the security patches backported. If they do need something new, or a package installed, the USB install works fine.

            If Netgate had caught this before release* and just said 23.01 would be ready mid March then, no issues. :)

            *at the time (at release) Netgate staff posted they couldn’t duplicate the problem which makes it hard to catch in testing. Obviously it affects a lot in the wild…my 2100 among them. And several of our clients judging by the partition sizes.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote 👍 helpful posts!

            T 1 Reply Last reply Reply Quote 0
            • T
              TheGushi @SteveITS
              last edited by

              Having read more about this, I'm sort of fascinated by it (because nerd).

              Netgate has a whole product team managing this that I'm sure will figure it out, but right now, there's a limitation in how pkg itself works that there's no way to just send a message, or say "there are updates, but you can't install them because of reasons".

              Packages can't do things like require a set amount of disk space, or a set partition layout, or a set type of boot environment (uefi or bios). There's no mechanism to check these when pulling packages down.

              I've thought of hacky ways around this, like installing a pkg that in turn ran a script that installed a "pseudo package" that met requirements if your root partition were big enough.

              In production at work where I have distant machines with no remote hands, I've totally solved this issue by booting into a ramdisk with MFSbsd, ssh'ing back in, paving over the existing layout, then re-downloading the OS. Yes, this could be automated (but I didn't). Yes, this will brick your device if it goes wrong, but so will interrupting any update, really.

              I've referred to this process (with a nod to ancient egypt) as "getting the brain out through the nose, then getting a new one back in the same way."

              But again, making a package that does all that is way harder. Packages really can only have preinstall and postinstall scripts, and once the preinstall script is running, it can't really "nope out" and refuse to install.

              That would be a very sidesteppy process that would have to be built into pfsense from an earlier version, and qa'd and tested. If we're at the point where we're telling people to restore from backup, telling them to break out their serial cables and run a script is not much better.

              I am surprised that I can't check for updates in my existing release train, but that is perhaps just an overabundance of caution.

              S 1 Reply Last reply Reply Quote 0
              • S
                SteveITS Galactic Empire @TheGushi
                last edited by

                @thegushi Hmm, so a 22.05.02 that only adds a check for, and shows a warning on, devices with the (in hindsight, absurdly) small EFI partition? And then prevents updating to 23.01.

                Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                Upvote 👍 helpful posts!

                T 1 Reply Last reply Reply Quote 0
                • T
                  TheGushi @SteveITS
                  last edited by

                  @steveits Right -- and if the partition scheme is okay, adds a "fake" package (i.e. runs a shell script to add manually) a pkg that cannot be installed normally from the repos, which 23.xx requires.

                  Hacky, yes, but until pkg in base FreeBSD gets fixed to be able to check more things, that would be how I went about it if I had a fleet of these in end-user places that I didn't have access to.

                  1 Reply Last reply Reply Quote 0
                  • E
                    emptyinbox
                    last edited by

                    Dang this sucks. Hopefully, they have a fix soon.

                    https://forum.netgate.com/topic/178049/pfsense-plus-23-01-updates-on-the-1100-and-2100-systems

                    Says that if disk 1 is over 800k. It shouldnt be an issue. But mine is 200M and its still an issue.

                    => 1 15273599 mmcsd0 MBR (7.3G)
                    1 409600 1 efi (200M)
                    409601 70012 2 fat32 (34M)
                    479613 14793987 3 freebsd [active] (7.1G)

                    => 0 14793987 mmcsd0s3 BSD (7.1G)
                    0 16 - free - (8.0K)
                    16 14793971 1 freebsd-zfs (7.1G)

                    E 1 Reply Last reply Reply Quote 0
                    • E
                      emptyinbox @emptyinbox
                      last edited by

                      @emptyinbox I don't know if I fixed it or just well timed but I copied

                      /usr/local/share/pfSense/pkg/repos/pfSense-repo.conf

                      from a working 6100 and approx 30 mins later. I had updates and packages. Updates don't allow 23.01 but I think that's intentional. OK by me I just really needed ovpn package.

                      1 Reply Last reply Reply Quote 1
                      • J
                        jonathan.johnson @rcoleman-netgate
                        last edited by

                        @rcoleman-netgate

                        Ah thanks for the correction and the clarification! I'll look into requesting the 23.01 image from TAC.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.