Auto update check, checks for updates to base system + packages and sends email alerts

Gertjan

@wgstarks said in Auto update check, checks for updates to base system + packages and sends email alerts:

Should I get notifications for new system patches?

When new patches for the "System_Patches" are created, they are included in the "System_Patches" pfSense package. This will bump the version number. You see this as a new package, "System_Patches" avaible for you.

Upgrade it, and have a look at the new patch or patches, and apply that interest you, or, by default, apply them all.

wgstarks

@Gertjan
Looks like I need to do some troubleshooting when I get home. When I try to run the command

/usr/local/bin/php -q /root/pkg_check.php

I get this-

Could not open input file: /root/pkg_check.php

provels

@wgstarks Permissions?

wgstarks

@provels
Actually it was missing completely. After upgrading from a 3100 to my 4200 many (or maybe all) packages were missing so it's not surprising that this script was also missing. Re-created it with the permissions you showed and all is working now.
Thanks

stephenw10

That's not a pfSense package so it won't be added when restoring a config unless you've used the filer pkg.

wgstarks

@stephenw10 said in Auto update check, checks for updates to base system + packages and sends email alerts:

That's not a pfSense package so it won't be added when restoring a config unless you've used the filer pkg.

Thanks. The filer package looks like it could be useful. I’ll have to install it and give it a try.

MarinSNB

To clarify, if there are no updates to any of the packages, does this script still send an email at the times as specified in your cron job? Thanks!

wgstarks

@MarinSNB said in Auto update check, checks for updates to base system + packages and sends email alerts:

To clarify, if there are no updates to any of the packages, does this script still send an email at the times as specified in your cron job? Thanks!

No. At least not in my case. I only get an email when an update exists.

wgstarks

@stephenw10 said in Auto update check, checks for updates to base system + packages and sends email alerts:

That's not a pfSense package so it won't be added when restoring a config unless you've used the filer pkg.

This question is way off topic for this thread (apologies) but since it looks like the filer pkg docs have been removed from pfsense docs perhaps you can tell me how to use filer to modify what is backed up by the auto config backup? I see a sync tab but the help link just links back to the full pfsense docs.

MarinSNB

@wgstarks sounds good! That is what is am finding out here too! Thanks much!

Gertjan

@MarinSNB said in Auto update check, checks for updates to base system + packages and sends email alerts:

To clarify, if there are no updates to any of the packages, does this script still send an email at the times as specified in your cron job? Thanks!

It's 'open source' ;)

As the script language is somewhat backed up English, it says :

If the 'message' ($msg) is not empty (so there was a message ! == thing to update/upgrade) then
87) log a message in to system log ( here : StatusSystem LogsSystemGeneral )
88) show the message on the command line (visible if you executed the command yourself)
89) and... send/notify the message by mail.

I 'see' you thinking : is it really that simple ? Yes, it is.

stephenw10

@wgstarks It stores custom files base64 encoded in the config. So you could use it to store the pkg_check.php file and it would be restore into a system when you restore the config. Though you might need to do it in several steps or manually save since the first boot would install the Filer package.

wgstarks

@stephenw10 said in Auto update check, checks for updates to base system + packages and sends email alerts:

@wgstarks It stores custom files base64 encoded in the config. So you could use it to store the pkg_check.php file and it would be restore into a system when you restore the config. Though you might need to do it in several steps or manually save since the first boot would install the Filer package.

So if I use filer rather than my usual SFTP for installing custom files they are added to the config which gets backed up by Auto Config Backup correct? So I should delete the current files and re-add them using filer?

stephenw10

You don't have to delete them. Filer simply won't do anything if the files are already there. And identical.

wgstarks

@stephenw10 said in Auto update check, checks for updates to base system + packages and sends email alerts:

Filer simply won't do anything if the files are already there. And identical.

But the object would be for filer to add the file to the config database.

Gertjan

@wgstarks said in Auto update check, checks for updates to base system + packages and sends email alerts:

So if I use filer rather than my usual SFTP for installing custom files they are added to the config which gets backed up by Auto Config Backup correct? So I should delete the current files and re-add them using filer?

I never used 'filer' myself, but yes, that's the beauty of the package :
When you export your config, you export it with packages and package 'settings'.
The filer package settings are, amongst others, the files and the place where they are stored.

So, importing the config will import/install the package and will also import the config == settings of the package == big magic : all your private additions (files) are also restored.

For myself, I'm doing things the old fashioned way. Not that I stick dozens of Post-It's on my pfSense (I did that before) but I use the Notes package :

and I add, for every setting and change that I made a
Why / when / what to observe / where to get it, etc.
So, when I have to re-install pfSense, I also re install these Notes, and I have my road-book ready after a phenix event.
Hummmm. Maybe I should have a closer look at this filer package after all.

wgstarks

@Gertjan
Thanks for the Notes suggestion. I lost a few packages recently and been thinking about creating a pfsense logbook since it looks like some packages in Package Manager don’t get included in backups and I’m willing to bet custom packages that aren’t in package manager won’t be either. This looks like it’s perfect for that.

michmoor

@stephenw10
can we make it a package my good sir?

stephenw10

Mmm, I was just thinking that as I wrote it.

No developer time right now though, it would have to be a user PR. For now at least.

Gertjan

@michmoor

One tiny PHP file ?
( and a cron entry, which somewhat forces you also to install the Cron package)

The overhead of 'official' package maintenance will be way bigger as the 80 or so lines.
Let's keep this the 'read the forum and you'll find a nice hidden forum package ^^' suggestion.
Or : the official way : go here.
It already exists ....

edit : Can some one bake this into a System_patch ? I wonder if writing in cron file /etc/cron.d./ for a cron entry would do the trick ....

edit : but actually, it should be here :

Just a button or a set of buttons, one for each notification method, that says :

Do you want to receive a notification when a pfSense upgrade, a pfSense package or a 'core' FreeBSD update is available ?

As soon as one of the notification methods is selected, the cron gets inserted, etc.

edit :
Ok, just for the fun :