pfSense 2.4.3-Release (factory image) - PHP 5.6 removed after single package (aws-wizard) upgrade
-
Hello,
at our company we have two Netgate XG-7100 1U appliances, running the factory installed image (pfSense 2.4.3-Release in our case).
Today, after attempting to upgrade the installed packages (not the whole system, just one package at a time) on one of those appliances, I have ended with a partially broken system. Hope this can help as a warning for some other users, as well as a way to receive some advice on how to proceed with our current installation.
I just have tried to upgrade the aws-wizard package, from 0.7 to 0.7_2. That package came preinstalled with the factory release. Unfortunately, I didn't notice that 4 additional packages where about to be installed, php72 among them. pfSense 2.4.3 is based on php 5.6 while the newer 2.4.4 release is based on php 7.2. PHP 5.6 has been removed during PHP 7.2 installation on our pfSense 2.4.3-based system, leading to a broken system. Actually, I can still browse the GUI, but for example the Dashboard is constantly showing that a crash has been detected, and console option 15 (Restore recent configuration) throws a fatal error related with the PHP Startup. The routing/firewall services are still runnning fine, at least apparently.
I would appreciate that the pfSense developers take this issue into account, so that a single package upgrade do not lead to a broken system because of incompatible dependencies. I would also like to receive some advice on how to recover our installation. The firewall is in production and I would like to avoid a downtime to fix it by means of factory image reinstallation + config recovery, which I would like to leave as a last option... maybe there are some better alternatives. Thanks in advance.
Package Upgrade log:
0_1537870344859_Single package upgrade removes PHP56 on 2.4.3 installation.txt -
Well the stable branch is now at 2.4.4 with php7, as there is no legacy branch for 2.4 you will have to update to 2.4.4 if you want to install/upgrade packages.
-
We have added some safety belts to the pkg system to prevent that from happening again. See https://redmine.pfsense.org/issues/8938
-
@it_dept I have run into the same problem - have you resolved this issue yet? The only thing I have done is removed that AWS package as I have no use for that wizard anyhow. Wondering if it would be ok to reinstall 2.4.3 from firmware image and then restore latest config backup....vs going to 2.4.4 at this point...
-
You can go to the latest 2.4.4 release and restore your latest backup, this should work without any Problems.
-Rico
-
@srjinatl No I haven't yet.
If you prefer to stay on 2.4.3, then according to the following comment from a Netgate developer you should run pkg-static upgrade pfSense-upgrade from console to prevent this issue from happening again :
https://forum.netgate.com/topic/135868/php-errors-after-upgrade-to-2-4-4/16
. I can not confirm what I'll say now, but just to be safe, if you have installed additional packages I would run the above command before restoring the configuration. The reason is that, by default, a configuration's backup does include package information, and the system could try to reinstall the additional packages right after restoring the configuration, thus breaking the system again. Just a guess, not a claim.
-
@rico OK - so perhaps a stupid question but when I go to the firmware images link I see two files for the 2.4.4 release - one has an 'ADI' within the name - one does not. Which one should I be using for a SG-4860?
-
ADI
https://portal.pfsense.org/firmware/memstick/pfSense-netgate-memstick-ADI-2.4.4-RELEASE-amd64.img.gz
Thank you.
-
Thanks for the replies - used the image to install 2.4.4 and then restored my config - that went just fine - only issue is that the menu item for the old autoconfig backup remains - which confused me at first until I read about where the new one is located under the services menu.
-
The ACB menu entry left under Diagnostics is a known issue, we'll come up with a fix for that in 2.4.4-p1: https://redmine.pfsense.org/issues/8959
-
@jimp Great - thanks for the response.
-
@rico Yeah, but it causing lots of problems for many users, what is your solution then?
-
Then just jump back to 2.4.3-p1 and wait for 2.4.4-p1 ;-)
-Rico
-
@rico 2.4.3 p1 is no available.
Only option is the 2.4.3 image I had.
Did 2.4.3 p1 come as an isntaller image? I thought the patches were applied as an update? -
Yes there are 2.4.3-p1 Images around, pfSense-netgate-memstick-2.4.3-RELEASE-p1-amd64.img.gz for example.
-Rico
-
@rico said in pfSense 2.4.3-Release (factory image) - PHP 5.6 removed after single package (aws-wizard) upgrade:
pfSense-netgate-memstick-2.4.3-RELEASE-p1-amd64.img.gz
Do you have that image, it's pulled from the web.
If somone has this image, pls share a link, either here or by private message -
The -p1 images are only for Netgate hardware, not installations using the community edition. There were no -p1 installers for CE.