Now Available: pfSense® CE 2.8.0-RELEASE
-
@stephenw10
I think I figured out part of what you were saying. I uploaded a text file titled "test1.txt". It didn't complain.
"Uploaded file to /tmp/test1.txt."I have no idea how to check if filesystem is read-only. But I would guess it is not if I was able to upload a file.
-
@stephenw10
I now realize I put the command in the wrong field for PHP and not Command Prompt. So reentered "certctl rehash" and it showed 3 lines:Scanning /usr/share/certs/untrusted for certificates... Scanning /usr/share/certs/trusted for certificates... Scanning /usr/local/share/certs for certificates...I think that did do something. The System Update now shows 2.7.1 as latest base system that is available. Previously this was 2.7.0.
So I presume that I should apply that version and then hopefully apply 2.7.2 and then 2.80 will show and I can apply that. I let you know how it goes. -
@pfFog29 said in Now Available: pfSense
CE 2.8.0-RELEASE:Running command seems to fail when running "certctl rehash".
That's because it's not a PHP command. Run it in the 'Execute Shell Command' field.
To test the filesystem create a file in /root (for example) by running:
touch /root/testfile.txtThen reboot and check the file is still there.
-
Ah, missed your reply!
Yes upgrade to whatever it offers you.
That's interesting though. It implies your 'admin' user may not be the default admin user which is the root user.
-
@stephenw10
I did successfully upgrade to 2.8.0. But I have a comment and question.Comment: The reason I was 2 iterations behind is because when I login the first thing I see is a widget on the dashboard that "always" says I'm up to date. This is not accurate. It should says there are other releases not applied even if they are not in the current train. Also, it would be great if there was a way to receive an email when there is an update or upgrade available for pfSense.
Question: Is there something I need to do with my certs or users? Its not clear to me what the command "certctl rehash" does. I have only 2 admin, one was built in and the other has all the same rights & privileges as the built in admin but just a different name. Both are members of the admin group. I want to avoid repeating this mess ;-)
Lastly, Thanks for your help.
-
There was a bug in 2.7.0 that required manually running that before it can connect to check the repos if it was rebooted after the first check.
That is both why it didn't updates and why you couldn't upgrade. Additionally in 2.8 it will report a failure of the connection check rather than just that it hasn't seen an update.
Both are fixed in 2.8. You shouldn't see that going forward.
-
@pfFog29 said in Now Available: pfSense
CE 2.8.0-RELEASE:great if there was a way to receive an email when there is an update or upgrade available for pfSense.
This comes up occasionally here. Netgate has a email newsletter and blog, or watch https://docs.netgate.com/pfsense/en/latest/releases/index.html. For instance https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#troubleshooting. There’s also a dashboard widget to view blog posts IIRC.
-
@stephenw10
pfSense-repoc -NDJ:{ "repos": { "repo": [ ] }, "links": { "next": null, "previous": null }, "count": 0, "messages": [ ], "messages_text": [ ], "pubkey": { "type": "RSA", "key": "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0ww4DLZ1KPhOubCefojk\n+KrkFZ3mvi96AoADnM9ogJ/nykAmAZnAtQeErJyVCQztnKt0OKspHas6grTC4w7O\nt7fw0Lizj2JmY1enA+exmzk2fktY0Bdq1vp+2Y+bZLxdKCs87ocdZtpskC2AbyAf\n48P0pvnr9ueVPO3RotCBUBULAZPr111cHWiDfZbkAQaQ25H9Eh3kcBO7tuwUX0xq\nooDnWzMTPyRX36pczcXu3vqQJwCTvzpozT7D0Qucyf0hwqm3ab4XZmqaIXgjjcj6\nra2tuAIfupXQLZRZnH/hFhqQmBI7UfOVnFLGkZRO1LCQDjSoN3l9Qpiz1o8ARs1r\n94MeSn982worQjdMxvTrGeZSy2mOAexz8c3TH9G5GYN9YSzz4PYYjp0yjgmPfl/6\nSYv7Rp8lEuIklFIjkr3h3gyPi/daIXTZnN8+O3NGc58mfqgQ+kAajQStgnj9kOLZ\noJa3KEie5ravaO961BC9NC6dYJJ5ADl9lznIGfinLxy0TJlstnmavAWbP51lC2F8\newRq0yyJTb+kq7++ZaRHi4xqe7yrkYF/I5gyMR42Heoeq1TQKKiYVkF3X7oWNshq\ntbjaZSOR5ATzTDFehVTDcljBrzeYqIFj0mfgoZ0fIo3QF5iQQcfIOUq/JuFpd0+s\nxWA3MJ4Oq28LRvkMnnVkU40CAwEAAQ==" }, "signature": { "type": "RSA", "signature": "qel7lnz2U/hrKcuUZUt0sNFNCpzlIo7zXeHWi2wKp4f+xa/yz6J8hjkt56CxuKOym07OSVuYlB5xXaFHLo7koBXpN9cly7Gq2eA4W7xtE5gnaFUluf+pAYam/PlxFcRnVv8WnhGN8NftmO4MLv7BULe+JvFp3I64gzBaogW3fhtNjrleMMQV6jvckJEfh9bcRwnQtdyMcSeruJJWB6XW7mfO60ExbIooY8+x18slqQM5KJlWwm9aKlC4F7xtXRkyNUXn9l1GdRNnlLbXGEomi2rIgQ89iipT8bcG3ZmqkW+F5s4NkdcM6sGiN9yr0ZEAWsEW7Ul2lc1t1y8g+i3px/HawsITsmTkvJP7g0Yi8QxLx9SJb5GeiZVi2S4nIh+FcQahMgSzkGeQdm+oD0L+mhT7z80VhkcWIxGYNPqJO6U300rmSIiEiC3bRAMHE6FaZ3eQZhtBFCqYQeTLDfxfwGJmP6kRSVbHwmoo0qjaXchXvsLbo84xTmIXerQZMBbXEOzFzO8sTAlk5KLlKKvMApvWAtIHsQaCLmgXAAiiQD60rmR4fRfag8neHHDtvoJQ8nrsKctx7em36MBWJuvvQnHO9w7BWwhXOTdjzTQJQW1UAv8g5cXynIEsayo7wS0igEXLFZn92UwJ5k00QPE4oaDjfzXvs9BXr8ia8rgOjVM=", "key_signed": "repos.repo" } }I am not running it in Azure, but even if I did I do not see how this should be relevant. I can connect to the instance over SSH/HTTPS so why it would not see a repository?
Anyway, I am not allowed to burn my time on this anymore, sorry.
As I can't even make clean install to work properly, I do not have confidence the software is up to the task I meant it for (I have working PoC on linux, unfortunately without any GUI :-/ ) -
Hmm, so it's actually sending you an empty repos list.
If you can send me the NDI from that in chat I can try to check what the server end is doing.
What does the output from repoc show for the 'Model'? Is it incorrectly showing Azure? If so that's something I'd very much like to fix.
-
S snow referenced this topic on
-
The upgrade went smoothly, but the thermal dashboard widget has an issue on my system with an Intel N100 CPU:
As the image shows, the Core temperature bar graphs are using the Zone Warning and Zone Critical to set their color coding. I mucked around with various values for Warning and Critical in both Zone and Core and only the "Core Warning and Core Critical values influence the bar graph colors.
The full sensor names are:
dev.cpu.0.temperature
dev.cpu.1.temperature
dev.cpu.2.temperature
dev.cpu.3.temperature
hw.acpi.thermal.tz0.temperatureIs this a bug or have I done something wrong?
-
#ff2600CORRECTION:
As the image shows, the Core temperature bar graphs are using the Zone Warning and Zone Critical to set their color coding. I mucked around with various values for Warning and Critical in both Zone and Core and only the "
CoreZone Warning andCoreZone Critical values influence the bar graph colors. -
Hmm, OK I see here. Digging....
-
Just to be clear you didn't see this in 2.7.2 with the same hardware?
-
Yeah, I see how this is failing. And would always have failed.
-
@stephenw10 said in Now Available: pfSense
CE 2.8.0-RELEASE:Yeah, I see how this is failing. And would always have failed.
Sorry for my delay in replying. Working through the 2.8.0 update process today pushed the cores well above where I had the Zone Warning set. That's probably why this problem only today caught my eye.
Thank you for so quickly jumping on this and determining the root cause. I see that you've targeted the fix for 2.9.0, which I fear could be a long way off. Is there any chance of creating a patch for 2.8.0 sometime in the next few months? I mean that as a humble ask, not an entitled demand.
-
Yup you can test the patch if you're able to:
-
@stephenw10 Works great! I just did a cut & paste from the file to the System_Patches utility, pasted the description "Thermal Sensors Widget Thresholds not Evaluated," and applied the patch. The problem was immediately fixed, with the following screenshot showing the results (with test values for thresholds to illustrate the change):
If you're planning to push it out as a formal patch, I think that you're good to go.
Thanks again!
-
S stephenw10 forked this topic
-
I upgraded a couple of weeks ago. I mistakenly forgot to remove snort before upgrading, but it didn't seem to cause any obvious problems.
I have noticed that the GUI is often slow and frequently reports "This site can't be reached..." Refreshing a few times usually brings it back.
This morning, I started having major problems with DHCP and Unbound. This started when I attempted to reassign a couple of DHCP reservations to make room in the sequence for a new server.
I deleted the existing reservation, then used ipconfig /release and ipconfig /renew to force the host to get a new dynamic address, which worked fine. Then I created a new reservation and again used ipconfig /release and ipconfig /renew to force the host to use the new address.
After this, pfSense shows the new reservation is active, but the host is still using the DHCP address. I tried restarting the DHCP service on the host and it made no difference.
To see if this problem was specific to the host, I tried the same procedure on another host. It worked, so I tried one more to see what would happen. It failed.
By this time, the GUI was very slow and was frequently unresponsive, unbound was stopped and would not restart, then crash reports started.
Here are some messages from the DHCP log:
Jul 5 16:41:56 kea2unbound 32656 Unbound reloaded: /var/unbound/unbound.conf Jul 5 16:41:56 kea2unbound 32656 Include updated: /var/unbound/leases/leases4.conf (5404252cd3db2c6d) Jul 5 16:41:56 kea2unbound 32656 Unbound lease include is missing or inconsistent: /var/unbound/leases/leases4.conf Jul 5 16:41:55 kea-dhcp6 30761 WARN [kea-dhcp6.dhcp6.0x199b00612000] DHCP6_MULTI_THREADING_INFO enabled: yes, number of threads: 2, queue size: 64 Jul 5 16:41:55 kea-dhcp4 30320 WARN [kea-dhcp4.dhcp4.0x169f0cc12000] DHCP4_MULTI_THREADING_INFO enabled: yes, number of threads: 2, queue size: 64 Jul 5 16:41:55 kea-dhcp6 30761 WARN [kea-dhcp6.dhcp6.0x199b00612000] DHCP6_RESERVATIONS_LOOKUP_FIRST_ENABLED Multi-threading is enabled and host reservations lookup is always performed first. Jul 5 16:41:55 kea-dhcp6 30761 WARN [kea-dhcp6.dhcpsrv.0x199b00612000] DHCPSRV_MT_DISABLED_QUEUE_CONTROL disabling dhcp queue control when multi-threading is enabled. Jul 5 16:41:55 kea-dhcp4 30320 WARN [kea-dhcp4.dhcp4.0x169f0cc12000] DHCP4_RESERVATIONS_LOOKUP_FIRST_ENABLED Multi-threading is enabled and host reservations lookup is always performed first. Jul 5 16:41:55 kea-dhcp4 30320 WARN [kea-dhcp4.dhcpsrv.0x169f0cc12000] DHCPSRV_MT_DISABLED_QUEUE_CONTROL disabling dhcp queue control when multi-threading is enabled.I will update this with some crash reports.
-
@bimmerdriver Here are some bug reports:
[05-Jul-2025 14:41:35 America/Vancouver] PHP Fatal error: Uncaught TypeError: array_get_path(): Argument #1 ($arr) must be of type array, string given, called in /usr/local/pfSense/include/www/services_dhcp.inc on line 174 and defined in /etc/inc/util.inc:3961 Stack trace: #0 /usr/local/pfSense/include/www/services_dhcp.inc(174): array_get_path() #1 /etc/inc/system.inc(629): kea6_earlydnsreg_mappings() #2 /etc/inc/system.inc(660): system_hosts_entries() #3 /etc/inc/services.inc(4983): system_hosts_generate() #4 /etc/rc.linkup(164): services_unbound_configure() #5 /etc/rc.linkup(236): handle_argument_group() #6 {main} thrown in /etc/inc/util.inc on line 3961 [05-Jul-2025 14:41:39 America/Vancouver] PHP Fatal error: Uncaught TypeError: array_get_path(): Argument #1 ($arr) must be of type array, string given, called in /usr/local/pfSense/include/www/services_dhcp.inc on line 174 and defined in /etc/inc/util.inc:3961 Stack trace: #0 /usr/local/pfSense/include/www/services_dhcp.inc(174): array_get_path() #1 /etc/inc/system.inc(629): kea6_earlydnsreg_mappings() #2 /etc/inc/system.inc(660): system_hosts_entries() #3 /etc/inc/interfaces.inc(4459): system_hosts_generate() #4 /etc/rc.linkup(177): interface_configure() #5 /etc/rc.linkup(236): handle_argument_group() #6 {main} thrown in /etc/inc/util.inc on line 3961 [05-Jul-2025 14:42:07 America/Vancouver] PHP Fatal error: Uncaught TypeError: array_get_path(): Argument #1 ($arr) must be of type array, string given, called in /usr/local/pfSense/include/www/services_dhcp.inc on line 174 and defined in /etc/inc/util.inc:3961 Stack trace: #0 /usr/local/pfSense/include/www/services_dhcp.inc(174): array_get_path() #1 /etc/inc/system.inc(629): kea6_earlydnsreg_mappings() #2 /etc/inc/system.inc(660): system_hosts_entries() #3 /etc/inc/services.inc(4983): system_hosts_generate() #4 /etc/rc.linkup(164): services_unbound_configure() #5 /etc/rc.linkup(236): handle_argument_group() #6 {main} thrown in /etc/inc/util.inc on line 3961 [05-Jul-2025 14:42:12 America/Vancouver] PHP Fatal error: Uncaught TypeError: array_get_path(): Argument #1 ($arr) must be of type array, string given, called in /usr/local/pfSense/include/www/services_dhcp.inc on line 174 and defined in /etc/inc/util.inc:3961 Stack trace: #0 /usr/local/pfSense/include/www/services_dhcp.inc(174): array_get_path() #1 /etc/inc/system.inc(629): kea6_earlydnsreg_mappings() #2 /etc/inc/system.inc(660): system_hosts_entries() #3 /etc/inc/interfaces.inc(4459): system_hosts_generate() #4 /etc/rc.linkup(177): interface_configure() #5 /etc/rc.linkup(236): handle_argument_group() #6 {main} thrown in /etc/inc/util.inc on line 3961Let me know if any other information would be helpful.
Since the system is running so poorly, I'm considering reinstalling it from scratch. I don't know what else to do.
-
I would run
pkg-static upgradeand make sure there are no upgraded packages offered. If it aborted the upgrade part way through for any reason that can result in errors like that.
