updating to acme 1.0 breaks system beyond repair: need to restore from backup
-
@MarvinFS said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
it was cleanly installed not long ago after release of 2.8.0.
installed or upgraded?
@MarvinFS said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
can't use netinstall as new installer doesn't want to connect to my pppoe during setup for unknown reason - so I can't use it, but it works just perfectly fine in GUI)
more details here would be good.
@MarvinFS said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
I've had zenarmor manually installed and crowdsec.
hope your foot is OK
-
@jwt said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
installed or upgraded?
2.7.2 was installed first from iso then upgraded to 2.8 then config restored - that resolved the issue.
@jwt said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
more details here would be good.
no details - unfortunately installer doesn't provide any logs or troubleshooting info, except "unable to contact netgate servers" during install. Despite same PPPoE username and password specified in the initial prompt as used during normal operations.
-
Same issue, completely broke my system as soon as I started the package upgrade. I could not even SSH into the system and upon rebooting the system it would not boot anymore. I had to also restore from a backup. I have never had a package in pfsense completely hose the system like that.
When I ran the reinstall of 2.8.0 l restored the config directly from the drive and everything is working. The ACME package is also on version 1.0 after the restore now.
-
I upgrade from 0.9 to 1.0 on 2.8.0 today, no issue.
-
@slu said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
I upgrade from 0.9 to 1.0 on 2.8.0 today, no issue.
There must be some particular config or package conflict that causes the issue for some people. A package should not be able to break the system that bad though.
-
The OP of this thread had unsupported packages installed from third-party repositories, which is almost certainly where the problem originated. It doesn't matter if the repo configs were removed -- if local packages were installed/changed by those repos, those packages are still present.
While we do not deliberately break such configurations, if you install a package from unsupported repositories and they replace or mess with base system dependencies, then there is no telling what will break over time like this.
One of many reasons we discourage using anything but Netgate repositories for packages.
-
@jimp said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
While we do not deliberately break such configurations, if you install a package from unsupported repositories and they replace or mess with base system dependencies, then there is no telling what will break over time like this.
Understood - thank you very much for the clarification. I need crowdsec though... and there are no official support yet. I don't mind reinstalling the system, it takes reasonable amount of time, unless I found netinstaller fails to connect to my pppoe which tripled the time of restoration. For that I have no explanation and it is obviously not related to the dependencies, but that's offtopic in this thread.
-
OK I've done some additional testing, as I was curios what the hell is happening - so I can now confirm installing crowdsec with their packages breaks further packages installation system completely.. regardless cli or UI.. not sure about 2.7.2 but 2.8.0 got completely broken
I used that:
https://docs.crowdsec.net/docs/next/getting_started/install_crowdsec_pfsense/Then I've also tried to install qemu-guest tools and to reinstall ACME - the very same situation with REMOVE packages... so crowdsec breaks the system I believe. I'm too lazy to report to their github, I guess I'll just avoid them until official support from Netgate.
@jimp -
on the other hand I might report it...
-
@MarvinFS said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
on the other hand I might report it...
It's been years since the Crowdsec package was first released for pfSense and it has yet to be added as an official package, not sure why. So prob better to report it because who knows if it ever will be released.
I waited a while for the official package before installing Crowdsec, but gave up and have been using it for at least 6 months without issue until the ACME update. I try not to install anything outside the official packages, it's the only one that I have done this way. I will just have to be more careful with updates, and maybe uninstall Crowdsec when applying other updates first.
-
@raidflex said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:
maybe uninstall Crowdsec when applying other updates first.
It seems like it doesn't help at least from what I see on my system... it changes something.. so it must be definitely reported to their github. I have never experienced that before and crowsec was installed.. maybe with 2.8.0 something have changed
