Patching/Upgrading OpenSSL
-
Well, frankly said, stuff that cannot be compiled against and run with what's shipped with the base system, well… either needs to be fixed or - failing that - simply should not be packaged and distributed. That's pretty much it. (Simplified, but that basically is the deal. People do not want to end up with 3 versions of openldap, 5 versions of perl and 7 versions of openssl just because some package has bugs and noone wants to fix it. Cannot see how's this beneficial to maintainers either - look at what happened now...
(And yeah, debating PBI would be worth its own topic.)
-
It's not that simple or easy, but may get better in the future after 2.2. Back seat driving is easy, actual solutions not so much. Still off topic for this thread.
-
Packages should be OK now
What is the easiest way to verify that the version of 2.1.1 that we get from mirror sites contains the updates?
make sure to uninstall and then reinstall (not update) to ensure that it obtains the latest binaries.
"Uninstall"? Is that best done by wiping out the pfSense partition? (…after backing up the configuration, of course...)
-
Well, that "back seat driving" is with some 10+ years of hands-on experience with source-based distros, such as Gentoo. Meanwhile, to get back on topic - so what's up with the upgrade/reinstall? So, the ports version has not changed, so the package manager just ignores the changed PBI even though you bump the version in the XML? ??? :o
What is the easiest way to verify that the version of 2.1.1 that we get from mirror sites contains the updates?
"Uninstall"? Is that best done by wiping out the pfSense partition? (…after backing up the configuration, of course...)A total misunderstanding - you need (the not yet available) 2.1.2 to get the OS itself fixed! We've been just debating the optional packages.
-
Packages should be OK now
What is the easiest way to verify that the version of 2.1.1 that we get from mirror sites contains the updates?
make sure to uninstall and then reinstall (not update) to ensure that it obtains the latest binaries.
"Uninstall"? Is that best done by wiping out the pfSense partition? (…after backing up the configuration, of course...)
That is for packages, not the base system. The base system requires an update to 2.1.2 (coming momentarily)
-
Well, that "back seat driving" is with some 10+ years of hands-on experience with source-based distros, such as Gentoo. Meanwhile, to get back on topic - so what's up with the upgrade/reinstall? So, the ports version has not changed, so the package manager just ignores the changed PBI even though you bump the version in the XML? ??? :o
I don't recall the specific logic of the reinstall but the safest way to always ensure you have the correct version is to uninstall/reinstall the package. It's not worth splitting hairs over for something this important.
-
I don't recall the specific logic of the reinstall but the safest way to always ensure you have the correct version is to uninstall/reinstall the package. It's not worth splitting hairs over for something this important.
Just to be sure: If an update for the package is offered, I can install this directly. Or do I need to uninstall every package first?
-
-
Just to be sure: If an update for the package is offered, I can install this directly. Or do I need to uninstall every package first?
You need only uninstall the affected package and reinstall that one affected package. No need to reinstall all. Or just do a firmware upgrade in a bit when 2.1.2 rolls out and the packages will reinstall themselves.
Apparently the former is not safe (as in, it produces completely invalid results, like here).
That guy's invalid results aren't the fault of anything but his broken "testing" methodology.
-
Maybe the "Reinstall all Packages" Button should move to the Packages Section. So one can easily find it, push it if advised to and go for a beverage of choice afterwards…
-
That is for packages, not the base system. The base system requires an update to 2.1.2 (coming momentarily)
Oops. Sorry to waste time with that question. I know everyone there must be busy.
-
Maybe the "Reinstall all Packages" Button should move to the Packages Section. So one can easily find it, push it if advised to and go for a beverage of choice afterwards…
I'm not even sure whether the reinstall does really reinstall or what it does ATM and how that differs from uninstall/install and/or upgrade… Altogether, feeling highly uncomfortable with a package manager that seems to produce totally unpredictable results.
(The placement of the button goes totally beyond me and makes simply no sense.)
-
Hmm, am I missing something? The button is right there in the installed packages screen next to the package listing.
Steve
-
Hmm, am I missing something?
Talking about the Reinstall Packages button in Diagnostics - Backup/Restore
Click this button to reinstall all system packages. This may take a while.
-
Ah, I am missing something. ::)
Steve
-
Diagnostics: Backup/restore has a button to reinstall all installed packages.
-
Looks like 2.1.2 is up?
-
@joltman:
Looks like 2.1.2 is up?
Yep:
https://www.pfsense.org/download/ -
I just saw some people in the forum are getting an error when they're editing their rules. I'm going to hold off for now.
-
@joltman:
I just saw some people in the forum are getting an error when they're editing their rules. I'm going to hold off for now.
2.1.2 installed, working for me. Joltman: what's your IP address? …..
