Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    24.03 servicewatchdog_cron unbound certificate no such file (service won't start)

    Scheduled Pinned Locked Moved General pfSense Questions
    17 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GertjanG
      Gertjan @4o4rh
      last edited by

      @4o4rh said in 24.03 servicewatchdog_cron unbound certificate no such file (service won't start):

      servicewatchdog_cron.php:

      Simply put : the service watchdog package has no brains.
      It's like the guy that has a heart defibrillator in it's pocket, and sees someone lying on the street, not moving, and clearly in agony.
      Our guy doesn't think, gets out the manual, apply the electric-patches, arms the defibrillator and activates a 'shock'.
      Our guy never noticed that medics were already occupied with our person on the ground, and that the shouldn't have done what he just did.
      The result was : one person and several medics electrocuted. More medics are needed now.

      More to the point :
      The "service watchdog package" is a package that was meant to be used by a pfsense software developer.
      During my last 10+ years of pfSense & unbound usage : I never found my 'unbound' in a not running state (except when I was messing around, but I know what I do, and can undo what I've done).
      If unbound stops, the reason why it stopped should be found, and resolved.
      pfSense itself can, under circumstances like : the admin changed a setting, or an interface went down (why ?) and the unbound gets restarted. If this took some time, and thus the "service watchdog package" kicks in, while unbound was already in a OS generated restarting sequence, everything has been setup to create a perfect mess. The result is classic, "DNS" will be out of order.

      And you just discovered a new effect : as pfSense thinks the system didn't rebooted ok, you found this :

      "Boot verification failed for default. Netgate pfSense Plus was automatically rebooted back

      My advise : get rid of this "service watchdog package".
      Or, at least, do what you have to, but don't bother unbound with it.

      unbound still fails on you :
      Tell us about your pfSense / hardware / settings and I'm sure we'll figure it out.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      JonathanLeeJ 1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Yes try disabling the watchdog for Unbound and then try to upgrade again.

        4 1 Reply Last reply Reply Quote 0
        • 4
          4o4rh @stephenw10
          last edited by

          @stephenw10 disabling/removing the watchdog didn't work. It seems I made the mistake of not removing pfblockerng and specifically suricata before i upgraded. when i subsequently removed both packages, the suricata still showed in the installed packages with a red exclamation mark. When I try to reinstall it though, it gets stuck on "installing snort rules", however, if you open a new window and check the status on suricata it shows the rules having been successfully updated

          1 Reply Last reply Reply Quote 0
          • jimpJ jimp moved this topic from Problems Installing or Upgrading pfSense Software on
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            So it did upgrade successfully with those packages removed?

            4 1 Reply Last reply Reply Quote 0
            • 4
              4o4rh @stephenw10
              last edited by

              @stephenw10 still having some issues getting wireguard to start, pfblocker and suricata. but definitely should have removed them before the upgrade i think

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                I wouldn't expect to need to but it will take a lot longer to upgrade with them in place.

                4 1 Reply Last reply Reply Quote 0
                • 4
                  4o4rh @stephenw10
                  last edited by

                  @stephenw10 looks like may actually be issue with pfblockerng in the new build
                  ERROR: Type: 1, File: /usr/local/www/pfblockerng/pfblockerng_category_edit.php, Line: 391, Message: Uncaught ValueError: range(): Argument #3 ($step) must be greater than 0 for increasing ranges in /usr/local/www/pfblockerng/pfblockerng_category_edit.php:391
                  Stack trace:
                  #0 /usr/local/www/pfblockerng/pfblockerng_category_edit.php(391): range()
                  #1 {main}

                  GertjanG 1 Reply Last reply Reply Quote 0
                  • GertjanG
                    Gertjan @4o4rh
                    last edited by

                    @4o4rh said in 24.03 servicewatchdog_cron unbound certificate no such file (service won't start):

                    ERROR: Type: 1, File: /usr/local/www/pfblockerng/pfblockerng_category_edit.php, Line: 391, Message: Uncaught ValueError: range(): Argument #3 ($step) must be greater than 0 for increasing ranges in /usr/local/www/pfblockerng/pfblockerng_category_edit.php:391

                    This one ?

                    No "help me" PM's please. Use the forum, the community will thank you.
                    Edit : and where are the logs ??

                    1 Reply Last reply Reply Quote 1
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      Yup almost certainly that is generating that error.

                      But that shouldn't prevent upgrading. Or running pfBlocker in 24.03. It only happens if you try to edit a list.

                      4 1 Reply Last reply Reply Quote 0
                      • 4
                        4o4rh @stephenw10
                        last edited by

                        @stephenw10 yep. i was trying to remove one of the failing downloads. how do you add the official patch via system/patches pls?

                        I tried a couple of methods i get

                        • does not aply cleanly
                        • does not revert cleanly
                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          The default settings there should work:
                          Screenshot from 2024-04-25 17-14-56.png

                          4 2 Replies Last reply Reply Quote 0
                          • 4
                            4o4rh @stephenw10
                            last edited by

                            @stephenw10 got that thanks. seems there are still some issues with dns resolution on the internal network

                            1 Reply Last reply Reply Quote 0
                            • JonathanLeeJ
                              JonathanLee @Gertjan
                              last edited by

                              @Gertjan haha 🤣 noooo watchdog is like a beefed up junkyard dog that won’t stop barking until you find out what is going on

                              Make sure to upvote

                              4 1 Reply Last reply Reply Quote 1
                              • 4
                                4o4rh @stephenw10
                                last edited by

                                @stephenw10 Static DHCP entries are not resolving. Upon checking the ui for DNS Resolver, there is no longer the checkbox for "DHCP Registration" and "Static DHCP"

                                1 Reply Last reply Reply Quote 0
                                • 4
                                  4o4rh @JonathanLee
                                  last edited by 4o4rh

                                  @JonathanLee misdirection. I already posted what the root cause was. everything is working now, except Static DHCP registrations in the DNS Resolver - checkbox is missing now

                                  GertjanG 1 Reply Last reply Reply Quote 0
                                  • GertjanG
                                    Gertjan @4o4rh
                                    last edited by

                                    @4o4rh

                                    You mean these :

                                    8a6cb976-dabe-4b43-9f40-d88c21a92d53-image.png

                                    I'm using 24.03, and I see them.

                                    Probably because :

                                    6732fc99-50c6-4b11-ac0e-f0ffdf8eb769-image.png

                                    No "help me" PM's please. Use the forum, the community will thank you.
                                    Edit : and where are the logs ??

                                    1 Reply Last reply Reply Quote 0
                                    • First post
                                      Last post
                                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.