Package Update triggers only half 2.4.4 Update

  • LAYER 8 Moderator


    yes I'm already aware of the patch notes etc. but I see that as quite a problem where we get multiple customer support reports ATM:

    • Customer wants to remain on 2.4.3-p1 (to wait ~1 week before updating to be on the safe side)
    • Customer sees package updates from critical packages (like openvpn client export) or errors in log
    • Customer updates package -> package has dependencies belonging to PHP 7(.2) and that triggers update chaos

    We had that already twice today with complete system failures due to the customer updating the ACME package which has a PHP7.2 dependency and triggers updating around 110 packages - BUT does NOT do a complete update.
    Afterwards you have a dead system as there are huge bunches of failures belonging to PHP and no running configuration (like no IP addresses or filters configured, services running etc.)

    So one should probably issue a warning to NOT touch any package updates either if you don't want to risk having a dead system due to dependency installations. As many of our customers run the ACME package for good TLS usage, there is quite a cascade reaction ATM...

    Could cheat the system into running this way:

    • connected via (serial) console
    • symlinked old PHP SO directory (2013...) to new one (2017...)
    • manually configured WAN interface (ifconfig) and setup default route (route add default...)
    • manually forced pkg updating
    • triggered update via console that updated the other around 45 old packages, that acme had left untouched.


  • Rebel Alliance Developer Netgate

  • @jegr Have just experience a similar issue with updating acme package

Log in to reply