CA is lost after update
-
Diff is in those line besides
2/1/11 10:38:06 (system): Removed OpenVPN Client Export Utility package.
1/25/11 18:56:11 admin: Creating restore point before package installation.Configuration diff from 1/25/11 18:56:11 to 2/1/11 10:38:06 --- /conf/backup/config-1295974571.xml 2011-02-01 10:38:06.000000000 +0200 +++ /conf/backup/config-1296549486.xml 2011-02-01 10:38:08.000000000 +0200 @@ -794,9 +794,10 @@ <sequence>system_information-container:col1:show,captive_portal_status-container:col1:close,carp_status-container:col1:close,cpu_graphs-container:col1:close,gateways-container:col1:close,gmirror_status-container:col1:close,installed_packages-container:col1:close,interface_statistics-container:col1:close,interfaces-container:col2:show,ipsec-container:col2:close,load_balancer_status-container:col2:close,log-container:col2:close,picture-container:col2:close,rss-container:col2:close,services_status-container:col2:close,traffic_graphs-container:col2:close</sequence> <revision>- <time>1295974571</time> - - <username>admin</username> + <time>1296549486</time> + <description>+]]></description> + <username>(system)</username></revision> <openvpn><openvpn-server>@@ -856,28 +857,8 @@ <service><tab>- <tab>- <name>Client Export</name> - <tabgroup>OpenVPN</tabgroup> - <url>/vpn_openvpn_export.php</url> -</tab> <menu> <package>- <name>OpenVPN Client Export Utility</name> - - <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <depends_on_package>p7zip-9.13.tbz</depends_on_package> - <depends_on_package>zip-3.0.tbz</depends_on_package> - <build_port_path>/usr/ports/archivers/p7zip</build_port_path> - <build_port_path>/usr/ports/archivers/zip</build_port_path> - <version>0.5</version> - <status>BETA</status> - <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> - <configurationfile>openvpn-client-export.xml</configurationfile> -</package> - <package><name>Open-VM-Tools</name> <website>http://open-vm-tools.sourceforge.net/</website> @@ -894,13 +875,6 @@</package> <dhcrelay>- <ca>- <refid>4d2efa305ac2a</refid> - - <crt>(deleted)</crt> - <prv>(deleted)</prv> - <serial>2</serial> -</ca> <ppps><gateways></gateways></ppps></dhcrelay> </menu></tab></service></openvpn-server></openvpn> -
That's slightly different than it was before, it was lost at one of the "intermediate" steps before.
Was that an upgrade to the snapshot from late last night?
2.0-BETA5 (i386)
built on Mon Jan 31 23:05:36 EST 2011?
-
It was
From Tue Jan 25 07:56:16 EST 2011
To new version: Mon Jan 31 19:36:10 EST 2011 -
OK, I was finally able to reproduce this with a CF image supplied by someone who had the problem (thanks!)
Using that I was able to track down (and fix) where the loss occurred during the boot process. Funny thing, it had nothing to do with the packages except that the package reinstall caused a config write which resulted in the data loss from the bug.
The next new snapshot should have the fix - I just restarted the builders.
-
Yay! That's great to hear! I was about to say "hey, would you like a copy of my VM?" but it sounds like you got essentially the same thing. It didn't seem like a Packages bug to me directly either because the second box (the one I sent my config from with the other a while back) has been upgrading just fine the past few times, not losing the same two packages or the CAs, where it was at some point in the past, so the packages thing just seemed to be the most visible, sometimes-reproducible symptom. Looking forward to this one being gone for sure!
Would the data loss affect any other areas of the config file as well or just the CA? Should I restore to an older backup version?
-
I only noticed the loss with CAs.
It was a faulty function in the certificate handling that abused references. There could be other functions that are broken in the same way, but there isn't an easy way to track them down.
Just need to wait and see if anyone else reports similar issues.
-
Hi,
I updated my two boxes without problems the last few times but really nice to hear, that could reproduce the bug and hopefully fixed it :-) Great work!
-
updated to built on Wed Feb 2 00:06:58 EST 2011
CA is NOT lost
thanks jimp
-
Both boxes that had issues in the past upgraded with no issues, CA still there, packages still there. Thanks Jim, very awesome to have this fixed finally!
-
Good to hear. :-)
-
Multiple upgrades on multiple pfSense installs since last post, and still rock solid CAs and packages! I'm done posting in this thread unless I experience another problem with the same issue…definitely considering it closed, can't say I'll remember the troubleshooting process too fondly :-)
-
…and I won't remember the debugging process too fondly!
:-)
-
Well, regardless of difficulty, thank you Jim for sticking with it and figuring it out! I know the fact that multiple people had the problem indicated that I wasn't crazy but it was a tough little bugger, and I and others I'm sure appreciate the fix very much!
