Upgrade 2.3.2-RELEASE (i386) to 2.3.4_1 fails
-
After I killed a PFSense by using GUI to upgrade months ago, I only use the console for it.
I have never seen any other LINUX/UNIX/FreeBSD that makes this often problems on updates ....
Normaly I always try to be up to date on security relevant systems, but with PFSense I am always scared to install an Upgrade, as the failure rate is such high on upgrades.This time I tried the update, an ran into the Pkg.pfsense.org appears to be dead issue. So I added this Server to my DNS. What is the problem to just add an a Record?!?
Then first all looked fine, I saw no error messages, system rebooted. I logged in GUI and it tells me there's an Update avaiable ?!?
OK .... let's try again
Chose 13 again to give it a second try ....... "Theres already an update running"?!? What the heck? I have let the system allone then for several hours. Logged into GUI .... still old version.Third try failed now with error messages:
/usr/local/libexec/pfSense-upgrade: gnid: not found >>> Updating repositories metadata... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. >>> Unlocking package pfSense-kernel-pfSense_wrap... done. **** WARNING **** Duplicate slice required!! Before starting the upgrade process, the currently mounted nanobsd partition needs to be cloned to the secondary partition, where the update will happen After installation a reboot will be required to switch partition. Proceed with upgrade? (y/N) y mount: /dev/ufs/pfsense1: Device busy >>> Cleaning secondary partition... done. >>> Duplicating current slice... done. >>> Restoring slice label... done. >>> Testing duplicated partition integrity... done. >>> Mounting second partition to run upgrade... done. >>> Removing resolv.conf symlink from upgrade partition... done. >>> Copying resolv.conf to upgrade partition... done. >>> Downloading upgrade packages... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. Checking for upgrades (125 candidates): .......... done Processing candidates (125 candidates): pkg-static: unbound has a missing dependency: libevent2 Processing candidates (125 candidates).......... done Checking integrity... done (1 conflicting) - openvpn23-2.3.17 [pfSense] conflicts with openvpn-2.3.11 [installed] on /usr/local/include/openvpn-plugin.h Checking integrity... done (0 conflicting) The following 100 package(s) will be affected (of 0 checked): Installed packages to be REMOVED: openvpn-2.3.11 New packages to be INSTALLED: libevent: 2.1.8 [pfSense] libnghttp2: 1.21.0 [pfSense] openvpn23: 2.3.17 [pfSense] norm: 1.5r6 [pfSense] libidn2: 2.0.4 [pfSense] libunistring: 0.9.7 [pfSense] json-c: 0.12.1 [pfSense] Installed packages to be UPGRADED: wol: 0.7.1_2 -> 0.7.1_3 [pfSense] unbound: 1.5.9 -> 1.6.1 [pfSense] uclcmd: 0.1 -> 0.1_1 [pfSense] strongswan: 5.5.0 -> 5.5.1_1 [pfSense] sqlite3: 3.13.0 -> 3.17.0 [pfSense] smartmontools: 6.5_1 -> 6.5_2 [pfSense] python27: 2.7.12 -> 2.7.13_3 [pfSense] php56-zlib: 5.6.23 -> 5.6.31 [pfSense] php56-xmlwriter: 5.6.23 -> 5.6.31 [pfSense] php56-xmlreader: 5.6.23 -> 5.6.31 [pfSense] php56-xml: 5.6.23 -> 5.6.31 [pfSense] php56-tokenizer: 5.6.23 -> 5.6.31 [pfSense] php56-sysvshm: 5.6.23 -> 5.6.31 [pfSense] php56-sysvsem: 5.6.23 -> 5.6.31 [pfSense] php56-sysvmsg: 5.6.23 -> 5.6.31 [pfSense] php56-sqlite3: 5.6.23 -> 5.6.31 [pfSense] php56-sockets: 5.6.23 -> 5.6.31 [pfSense] php56-simplexml: 5.6.23 -> 5.6.31 [pfSense] php56-shmop: 5.6.23 -> 5.6.31 [pfSense] php56-session: 5.6.23 -> 5.6.31 [pfSense] php56-readline: 5.6.23 -> 5.6.31 [pfSense] php56-posix: 5.6.23 -> 5.6.31 [pfSense] php56-pfSense-module: 0.12 -> 0.13 [pfSense] php56-pdo_sqlite: 5.6.23 -> 5.6.31 [pfSense] php56-pdo: 5.6.23 -> 5.6.31 [pfSense] php56-pcntl: 5.6.23 -> 5.6.31 [pfSense] php56-openssl: 5.6.23 -> 5.6.31 [pfSense] php56-opcache: 5.6.23_1 -> 5.6.31 [pfSense] php56-mcrypt: 5.6.23 -> 5.6.31 [pfSense] php56-mbstring: 5.6.23 -> 5.6.31 [pfSense] php56-ldap: 5.6.23 -> 5.6.31 [pfSense] php56-json: 5.6.23 -> 5.6.31 [pfSense] php56-hash: 5.6.23 -> 5.6.31 [pfSense] php56-gettext: 5.6.23 -> 5.6.31 [pfSense] php56-filter: 5.6.23 -> 5.6.31 [pfSense] php56-dom: 5.6.23 -> 5.6.31 [pfSense] php56-curl: 5.6.23 -> 5.6.31 [pfSense] php56-ctype: 5.6.23 -> 5.6.31 [pfSense] php56-bz2: 5.6.23 -> 5.6.31 [pfSense] php56-bcmath: 5.6.23 -> 5.6.31 [pfSense] php56: 5.6.23 -> 5.6.31 [pfSense] php-xdebug: 2.4.0 -> 2.5.0 [pfSense] php-suhosin: 0.9.38 -> 0.9.38_3 [pfSense] pftop: 0.7_6 -> 0.7_8 [pfSense] pfSense-rc: 2.3.2 -> 2.3.4_1 [pfSense-core] pfSense-pkg-darkstat: 3.1.2_1 -> 3.1.3_4 [pfSense] pfSense-kernel-pfSense_wrap: 2.3.2 -> 2.3.4_1 [pfSense-core] pfSense-default-config-serial: 2.3.2 -> 2.3.4_1 [pfSense-core] pfSense-base-nanobsd: 2.3.2 -> 2.3.4_1 [pfSense-core] pfSense-Status_Monitoring: 1.4.4_2 -> 1.6.3 [pfSense] pfSense: 2.3.2 -> 2.3.4_1 [pfSense] perl5: 5.20.3_13 -> 5.24.1 [pfSense] pecl-zmq: 1.1.3_1 -> 1.1.3_2 [pfSense] pecl-ssh2: 0.12 -> 0.13 [pfSense] pecl-rrd: 1.1.3_3 -> 1.1.3_4 [pfSense] pecl-radius: 1.3.0 -> 1.4.0.b1 [pfSense] pcre: 8.39 -> 8.40 [pfSense] ntp: 4.2.8p8 -> 4.2.8p10_2 [pfSense] nginx: 1.10.1,2 -> 1.12.1,2 [pfSense] nettle: 3.2 -> 3.3 [pfSense] lzo2: 2.09 -> 2.10_1 [pfSense] links: 2.9,1 -> 2.13,1 [pfSense] libzmq4: 4.1.4_1 -> 4.1.5 [pfSense] libxml2: 2.9.3 -> 2.9.4 [pfSense] libssh2: 1.7.0,2 -> 1.8.0,3 [pfSense] libsodium: 1.0.8 -> 1.0.12 [pfSense] libiconv: 1.14_9 -> 1.14_10 [pfSense] ldns: 1.6.17_5 -> 1.7.0 [pfSense] isc-dhcp43-server: 4.3.4 -> 4.3.5 [pfSense] isc-dhcp43-relay: 4.3.4_1 -> 4.3.5 [pfSense] isc-dhcp43-client: 4.3.4 -> 4.3.5 [pfSense] ipmitool: 1.8.17_1 -> 1.8.18 [pfSense] idnkit: 1.0_5 -> 1.0_6 [pfSense] gmp: 5.1.3_3 -> 6.1.2 [pfSense] glib: 2.46.2 -> 2.46.2_5 [pfSense] expat: 2.1.1_2 -> 2.2.0_1 [pfSense] dnsmasq: 2.76,1 -> 2.78,1 [pfSense] dhcp6: 20080615_7 -> 20080615.2 [pfSense] curl: 7.49.1 -> 7.54.1 [pfSense] ca_root_nss: 3.25 -> 3.30.2 [pfSense] bind-tools: 9.10.4P2 -> 9.11.1P1 [pfSense] Installed packages to be REINSTALLED: vstr-1.0.15_1 [pfSense] scponly-4.8.20110526_2 [pfSense] (options changed) rrdtool-1.6.0_1 [pfSense] (direct dependency changed: perl5) openldap-client-2.4.44 [pfSense] oniguruma5-5.9.6_1 [pfSense] miniupnpd-1.9.20160113,1 [pfSense] (options changed) libucl-0.8.0 [pfSense] libmcrypt-2.5.8_3 [pfSense] libltdl-2.4.6 [pfSense] libedit-3.1.20150325_2,1 [pfSense] check_reload_status-0.0.7 [pfSense] (direct dependency changed: libevent) Number of packages to be removed: 1 Number of packages to be installed: 7 Number of packages to be upgraded: 81 Number of packages to be reinstalled: 11 The process will require 24 MiB more space. >>> Upgrading pfSense kernel... Checking integrity... done (0 conflicting) The following 2 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense-kernel-pfSense_wrap: 2.3.2 -> 2.3.4_1 [pfSense-core] pfSense-rc: 2.3.2 -> 2.3.4_1 [pfSense-core] Number of packages to be upgraded: 2 [1/2] Upgrading pfSense-rc from 2.3.2 to 2.3.4_1... [1/2] Extracting pfSense-rc-2.3.4_1: .... done [2/2] Upgrading pfSense-kernel-pfSense_wrap from 2.3.2 to 2.3.4_1... [2/2] Extracting pfSense-kernel-pfSense_wrap-2.3.4_1: .......... done ===> Keeping a copy of current kernel in /boot/kernel.old >>> Locking package pfSense-pkg-darkstat... done. >>> Upgrading necessary packages... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. Checking for upgrades (123 candidates): .... pfSense-pkg-darkstat-3.1.2_1 is locked and may not be modified Checking for upgrades (123 candidates)......... done Processing candidates (123 candidates): pkg-static: unbound has a missing dependency: libevent2 Processing candidates (123 candidates).......... done Checking integrity... done (1 conflicting) - openvpn23-2.3.17 [pfSense] conflicts with openvpn-2.3.11 [installed] on /usr/local/include/openvpn-plugin.h Checking integrity... done (0 conflicting) The following 97 package(s) will be affected (of 0 checked): Installed packages to be REMOVED: openvpn-2.3.11 New packages to be INSTALLED: libevent: 2.1.8 [pfSense] libnghttp2: 1.21.0 [pfSense] openvpn23: 2.3.17 [pfSense] norm: 1.5r6 [pfSense] libidn2: 2.0.4 [pfSense] libunistring: 0.9.7 [pfSense] json-c: 0.12.1 [pfSense] Installed packages to be UPGRADED: wol: 0.7.1_2 -> 0.7.1_3 [pfSense] unbound: 1.5.9 -> 1.6.1 [pfSense] uclcmd: 0.1 -> 0.1_1 [pfSense] strongswan: 5.5.0 -> 5.5.1_1 [pfSense] sqlite3: 3.13.0 -> 3.17.0 [pfSense] smartmontools: 6.5_1 -> 6.5_2 [pfSense] python27: 2.7.12 -> 2.7.13_3 [pfSense] php56-zlib: 5.6.23 -> 5.6.31 [pfSense] php56-xmlwriter: 5.6.23 -> 5.6.31 [pfSense] php56-xmlreader: 5.6.23 -> 5.6.31 [pfSense] php56-xml: 5.6.23 -> 5.6.31 [pfSense] php56-tokenizer: 5.6.23 -> 5.6.31 [pfSense] php56-sysvshm: 5.6.23 -> 5.6.31 [pfSense] php56-sysvsem: 5.6.23 -> 5.6.31 [pfSense] php56-sysvmsg: 5.6.23 -> 5.6.31 [pfSense] php56-sqlite3: 5.6.23 -> 5.6.31 [pfSense] php56-sockets: 5.6.23 -> 5.6.31 [pfSense] php56-simplexml: 5.6.23 -> 5.6.31 [pfSense] php56-shmop: 5.6.23 -> 5.6.31 [pfSense] php56-session: 5.6.23 -> 5.6.31 [pfSense] php56-readline: 5.6.23 -> 5.6.31 [pfSense] php56-posix: 5.6.23 -> 5.6.31 [pfSense] php56-pfSense-module: 0.12 -> 0.13 [pfSense] php56-pdo_sqlite: 5.6.23 -> 5.6.31 [pfSense] php56-pdo: 5.6.23 -> 5.6.31 [pfSense] php56-pcntl: 5.6.23 -> 5.6.31 [pfSense] php56-openssl: 5.6.23 -> 5.6.31 [pfSense] php56-opcache: 5.6.23_1 -> 5.6.31 [pfSense] php56-mcrypt: 5.6.23 -> 5.6.31 [pfSense] php56-mbstring: 5.6.23 -> 5.6.31 [pfSense] php56-ldap: 5.6.23 -> 5.6.31 [pfSense] php56-json: 5.6.23 -> 5.6.31 [pfSense] php56-hash: 5.6.23 -> 5.6.31 [pfSense] php56-gettext: 5.6.23 -> 5.6.31 [pfSense] php56-filter: 5.6.23 -> 5.6.31 [pfSense] php56-dom: 5.6.23 -> 5.6.31 [pfSense] php56-curl: 5.6.23 -> 5.6.31 [pfSense] php56-ctype: 5.6.23 -> 5.6.31 [pfSense] php56-bz2: 5.6.23 -> 5.6.31 [pfSense] php56-bcmath: 5.6.23 -> 5.6.31 [pfSense] php56: 5.6.23 -> 5.6.31 [pfSense] php-xdebug: 2.4.0 -> 2.5.0 [pfSense] php-suhosin: 0.9.38 -> 0.9.38_3 [pfSense] pftop: 0.7_6 -> 0.7_8 [pfSense] pfSense-default-config-serial: 2.3.2 -> 2.3.4_1 [pfSense-core] pfSense-base-nanobsd: 2.3.2 -> 2.3.4_1 [pfSense-core] pfSense-Status_Monitoring: 1.4.4_2 -> 1.6.3 [pfSense] pfSense: 2.3.2 -> 2.3.4_1 [pfSense] perl5: 5.20.3_13 -> 5.24.1 [pfSense] pecl-zmq: 1.1.3_1 -> 1.1.3_2 [pfSense] pecl-ssh2: 0.12 -> 0.13 [pfSense] pecl-rrd: 1.1.3_3 -> 1.1.3_4 [pfSense] pecl-radius: 1.3.0 -> 1.4.0.b1 [pfSense] pcre: 8.39 -> 8.40 [pfSense] ntp: 4.2.8p8 -> 4.2.8p10_2 [pfSense] nginx: 1.10.1,2 -> 1.12.1,2 [pfSense] nettle: 3.2 -> 3.3 [pfSense] lzo2: 2.09 -> 2.10_1 [pfSense] links: 2.9,1 -> 2.13,1 [pfSense] libzmq4: 4.1.4_1 -> 4.1.5 [pfSense] libxml2: 2.9.3 -> 2.9.4 [pfSense] libssh2: 1.7.0,2 -> 1.8.0,3 [pfSense] libsodium: 1.0.8 -> 1.0.12 [pfSense] libiconv: 1.14_9 -> 1.14_10 [pfSense] ldns: 1.6.17_5 -> 1.7.0 [pfSense] isc-dhcp43-server: 4.3.4 -> 4.3.5 [pfSense] isc-dhcp43-relay: 4.3.4_1 -> 4.3.5 [pfSense] isc-dhcp43-client: 4.3.4 -> 4.3.5 [pfSense] ipmitool: 1.8.17_1 -> 1.8.18 [pfSense] idnkit: 1.0_5 -> 1.0_6 [pfSense] gmp: 5.1.3_3 -> 6.1.2 [pfSense] glib: 2.46.2 -> 2.46.2_5 [pfSense] expat: 2.1.1_2 -> 2.2.0_1 [pfSense] dnsmasq: 2.76,1 -> 2.78,1 [pfSense] dhcp6: 20080615_7 -> 20080615.2 [pfSense] curl: 7.49.1 -> 7.54.1 [pfSense] ca_root_nss: 3.25 -> 3.30.2 [pfSense] bind-tools: 9.10.4P2 -> 9.11.1P1 [pfSense] Installed packages to be REINSTALLED: vstr-1.0.15_1 [pfSense] scponly-4.8.20110526_2 [pfSense] (options changed) rrdtool-1.6.0_1 [pfSense] (direct dependency changed: perl5) openldap-client-2.4.44 [pfSense] oniguruma5-5.9.6_1 [pfSense] miniupnpd-1.9.20160113,1 [pfSense] (options changed) libucl-0.8.0 [pfSense] libmcrypt-2.5.8_3 [pfSense] libltdl-2.4.6 [pfSense] libedit-3.1.20150325_2,1 [pfSense] check_reload_status-0.0.7 [pfSense] (direct dependency changed: libevent) Number of packages to be removed: 1 Number of packages to be installed: 7 Number of packages to be upgraded: 78 Number of packages to be reinstalled: 11 The process will require 24 MiB more space. Child process pid=22637 terminated abnormally: Killed >>> Locking package pfSense-kernel-pfSense_wrap... done. pkg-static: open(/bin/sh): No such file or directory pkg-static: open(/bin/sh): No such file or directory pkg-static: open(/bin/sh): No such file or directory pkg-static: open(/bin/sh): No such file or directory pkg-static: No packages installed *** Welcome to pfSense 2.3.2-RELEASE (i386 nanobsd) on pfSensePor *** WAN (wan) -> vr1 -> v4/DHCP4: 192.168.1.2/24 LAN (lan) -> vr0 -> v4: 172.17.172.2/24 PRIVATE (opt1) -> vr2 -> v4: 192.168.5.1/24 OPVPN (opt2) -> ovpnc1 -> BRIDGE (opt3) -> bridge0 -> 0) Logout (SSH only) 9) pfTop 1) Assign Interfaces 10) Filter Logs 2) Set interface(s) IP address 11) Restart webConfigurator 3) Reset webConfigurator password 12) PHP shell + pfSense tools 4) Reset to factory defaults 13) Update from console 5) Reboot system 14) Disable Secure Shell (sshd) 6) Halt system 15) Restore recent configuration 7) Ping host 16) Restart PHP-FPM 8) Shell
Is netgate trying to make money by users sending broken boxes back to them for resetting or why upgrade is such hard on this system? It is such a great system ..... except from upgrading.
I hardly recommend to have a spare firewall next to the productive one for upgrade issues.Is there any other option now as throwing this box out of the window? I don't want to try another time ... at the moment the box ist at least working.
-
If I was hitting that I would install 2.3.5 onto a new CF card and then restore the config from the old install.
That is by far the safest thing to do there. You will still have the old card to boot into if required.
When the update system reports
Theres already an update running
it means there's a pkg update running not an upgrade necessarily. So you probably had the dashboard open for example.You should consider swapping out th ALIX (I'm guessing) for something newer though. End of all support for that is coming soon.
Steve