updating to acme 1.0 breaks system beyond repair: need to restore from backup

MarvinFS

OK I've done some additional testing, as I was curios what the hell is happening - so I can now confirm installing crowdsec with their packages breaks further packages installation system completely.. regardless cli or UI.. not sure about 2.7.2 but 2.8.0 got completely broken
I used that:
https://docs.crowdsec.net/docs/next/getting_started/install_crowdsec_pfsense/

Then I've also tried to install qemu-guest tools and to reinstall ACME - the very same situation with REMOVE packages... so crowdsec breaks the system I believe. I'm too lazy to report to their github, I guess I'll just avoid them until official support from Netgate.
@jimp

MarvinFS

on the other hand I might report it...

raidflex

@MarvinFS said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:

on the other hand I might report it...

It's been years since the Crowdsec package was first released for pfSense and it has yet to be added as an official package, not sure why. So prob better to report it because who knows if it ever will be released.

I waited a while for the official package before installing Crowdsec, but gave up and have been using it for at least 6 months without issue until the ACME update. I try not to install anything outside the official packages, it's the only one that I have done this way. I will just have to be more careful with updates, and maybe uninstall Crowdsec when applying other updates first.

MarvinFS

@raidflex said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:

maybe uninstall Crowdsec when applying other updates first.

It seems like it doesn't help at least from what I see on my system... it changes something.. so it must be definitely reported to their github. I have never experienced that before and crowsec was installed.. maybe with 2.8.0 something have changed

Ximix

I also crashed my system yesterday with an ACME update. I can't say whether I had Crowdsec installed or not. But I've tried things like that in the past, so it's quite possible.

proven3257

I also had a fatal crash yesterday. My fix after restoring from a backup was to uninstall crowdsec using the install script sh install-crowdsec.sh --uninstall, updating and installing additional packages, and then fetching the new install script as shown on the crowdsec site. This seems to allow everything to work without needing to reconfigure anything and I am doing some testing to ensure that crowdsec is actually working. After installing pfblocker, it seems that re2 needed to be removed and was the likely cause of the conflict.

I installed crowdsec a while back so I don't know if the issue is fixed but the latest version of the install script mentions breaking dependencies and what seems to be a new baked in fix for it (Versions that are distributed with dynamically linked abseil/re2 are not recommended to avoid dependency issues), and installing other packages with crowdsec currently installed does not seem to break things now.

MarvinFS

Yes seems like they release a fixed script and new version doesn't break anything! I've tried on my system already!

v0.1.5 w/ crowdsec 1.6.11 and 0.0.33 (with support for pfsense 2.8) Latest
@mmetc mmetc released this 20 Aug 15:01
v0.1.5-1.6.11-33-2.8
This is the first version tested with pfsense 2.8.
The new install script will also fix a dependency issue caused by the previous versions.

provels

This same mess happened to me, even w/o Acme, going from 25.07 to *.1. Blew, reinstalled w/ Crowdsec, blew again, reinstalled, clipped all the Crowdsec info from config.xml, restored config, back to normal. Crowdsec is a great concept, but I think I'm out.

raidflex

@provels said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:

This same mess happened to me, even w/o Acme, going from 25.07 to *.1. Blew, reinstalled w/ Crowdsec, blew again, reinstalled, clipped all the Crowdsec info from config.xml, restored config, back to normal. Crowdsec is a great concept, but I think I'm out.

I never had this issue with Crowdec before the ACME update, even with updating from 2.7 to 2.8 there was no issues. In fact after restoring from a backup after the ACME update, Crowdsec reinstalled just fine, and this was before the recent release a couple days ago that contained a fix.

JeGr

@raidflex said in updating to acme 1.0 breaks system beyond repair: need to restore from backup:

In fact after restoring from a backup after the ACME update, Crowdsec reinstalled just fine, and this was before the recent release a couple days ago that contained a fix.

Yeah, that may be, but if you install packages with dependencies on the console rather then the package manager, those may have (old) dependencies for specific versions. So if that crowdsec package has a dependency on an older pfsense base package or something like that and you install any other package (like Acme) which may collide with that, the package manager makes a decision to solve the conflict. Not always the most sane one - sure - but that's like any other distro out there. Manually installing packages on the console always may get you into dependency hell :)

Just saying, because now it was acme, next time it could easily be some other package triggering such an effect.

Cheers