Updating to 2.4.4 version is safe now?

emammadov

Hello,

I am running pfSense 2.4.3p1 version. I see many people are complaining about php errors occurring in 2.4.4 release. Will the same errors occur if I update to 2.4.4?
My installed packages are: Cron, freeradius3, nmap, Notes, ntopng, openvpn-client-export, pfBlockerNG (not devel version), Service_Watchdog, Status_Traffic_Totals, tftpd.

emammadov

Coudl you please reply to my post?

hbauer

I guess nobody will be able to confirm this. You will probably have to try it yourself.

I myself had errors and can tell you that there is quite a safe backup plan

• prepare a boot medium for your current version
• create a backup for your configuration
• remove all additional packages
• run the update
• if successful reinstall packages
• if unsuccessful reinstall current version and restore backup.

I can confirm that the fallback was working for me.

Grimson

Better yet, replicate your setup in a VM and try it there. Some of the above packages will no longer install with 2.4.3p1 as they require PHP 7.2. Or make a ZFS snapshot first, if pfSense is installed with ZFS.

abdo22

in my experience no
for one reason
after updating
ICAP Inteface for Squid and ClamAV integration
can not start
and i have no idea what should i do
my advice is to wait

Grimson

@abdo22 said in Updating to 2.4.4 version is safe now?:

and i have no idea what should i do

How about checking redmine instead of sitting around:
https://redmine.pfsense.org/issues/8832
https://redmine.pfsense.org/issues/8975

abdo22

@grimson
Thanks a lot
I am still beginner really
Not experienced

johnpoz

The problem I have noticed is people updating packages that mess with php without updating pfsense first.

You should update pfsense before you update packages after a new version is released - because more likely then not the packages have been updated to work with the new version of pfsense, and may not work with old version.

emammadov

Thanks for your replies. There are updates for packages right now. I have to first update pfsense, after update has been finished, then I have to update packages, right?

johnpoz

Yes is what I would do ;) But make sure you read through the release notes on any upgrade info.. And as always good practice with any time you update something to new version - especially when base OS is changing and something as major as big change in the PHP base..

But pfsense should update the packages after it updates on its own.

Have a backup of your config, and have a backup of the install media. So if worse case happens only take minutes to get back up and running.

jimp

It was always safe if you follow best practices.

Read the Upgrade Guide completely and thoroughly.

Read the Release Announcement and Release Notes as well.

abdo22

@grimson said in Updating to 2.4.4 version is safe now?:

https://redmine.pfsense.org/issues/8832

i followed the instructions in the link
it is working
thanks a lot man
but i do not understand what is ( chmod -w )
something is missing for me
i used this command instead
chflags schg /usr/local/etc/c-icap/c-icap.conf

emammadov

Is this way safe, backup current configuration, install fresh 2.4.4 and restore that configuration to new 2.4.4? I have backedup all. I want to know, after restoration has been done, everything including previously installed packages, openvpn users and etc. will be restored?

jimp

@emammadov said in Updating to 2.4.4 version is safe now?:

Is this way safe, backup current configuration, install fresh 2.4.4 and restore that configuration to new 2.4.4? I have backedup all. I want to know, after restoration has been done, everything including previously installed packages, openvpn users and etc. will be restored?

Yes, that is safe and config.xml holds all of the settings, including users, so it will all be there after you restore.

fireodo

This post is deleted!

fireodo

@emammadov said in Updating to 2.4.4 version is safe now?:

Is this way safe, backup current configuration, install fresh 2.4.4 and restore that configuration to new 2.4.4? I have backedup all. I want to know, after restoration has been done, everything including previously installed packages, openvpn users and etc. will be restored?

Thats what I have done and everything is working well (as far as I can see) ... no OpenVPN here ...

emammadov

I have backedup everything, installed fresh 2.4.4 and restore config xml, selected Package Manager to restore. Reinstall Package button appeared, clicked it, but it is stuck: saying "Please wait while the update system initializes"

jimp

You do not need to use that button. When you restore the config it will reinstall the packages for you.

There is a known problem with that button, see https://redmine.pfsense.org/issues/8933

emammadov

Ok, I try again, I choose Package Manager to restore, I don't click Reinstall packages button. It says: The configuration are has been restored. The firewall may need to be rebooted. But nothing happens next. Shall I have to wait something to happen or it will reboot itself?

In Config History:

10/2/18 14:01:03 18.8 151 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner) Current configuration
10/2/18 14:47:54 18.8 12 KiB (system): wan IP configuration from console menu
10/2/18 14:43:39 18.8 12 KiB (system): wan IP configuration from console menu
10/2/18 14:40:31 18.8 11 KiB (system): Generated new self-signed HTTPS certificate (5bb3835f15f7b)
10/2/18 14:40:12 18.8 7 KiB (system): Upgraded config version level from 18.0 to 18.8
10/2/18 13:58:44 18.8 143 KiB (system): Removed tftpd package.
10/2/18 13:48:33 18.8 151 KiB admin@192.168.4.10 (Local Database): Creating restore point before package installation.
10/2/18 13:47:49 18.8 151 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 13:46:48 18.8 143 KiB admin@192.168.4.10 (Local Database): Restored openvpn of config file (maybe from CARP partner)
10/2/18 13:44:54 18.8 137 KiB (system): Removed tftpd package.
10/2/18 13:29:13 18.8 145 KiB admin@192.168.4.10 (Local Database): Creating restore point before package installation.
10/2/18 13:27:43 18.8 145 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 13:26:28 18.8 137 KiB (system): Removed tftpd package.
10/2/18 13:26:27 18.8 142 KiB (system): Removed ntopng package.
10/2/18 13:24:24 18.8 145 KiB admin@192.168.4.10 (Local Database): /system_advanced_network.php made unknown change
10/2/18 13:22:31 18.8 145 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 12:54:28 18.8 145 KiB admin@192.168.4.10 (Local Database): Creating restore point before package installation.
10/2/18 12:54:15 18.8 145 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 12:40:01 18.8 137 KiB admin@192.168.4.10 (Local Database): Successfully edited user admin
10/2/18 12:39:44 18.8 137 KiB admin@192.168.4.10 (Local Database): Restored aliases of config file (maybe from CARP partner)
10/2/18 12:35:34 18.8 125 KiB (system): Removed tftpd package.
10/2/18 12:35:33 18.8 133 KiB (system): Removed OpenVPN Client Export Utility package.
10/2/18 12:33:16 18.8 133 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 12:31:19 18.8 125 KiB (system): password changed from console menu
10/2/18 12:29:33 18.8 125 KiB (system): password changed from console menu
10/2/18 12:28:01 18.8 125 KiB (system): Removed tftpd package.
10/2/18 12:28:00 18.8 131 KiB (system): Removed ntopng package.
10/2/18 12:25:55 18.8 133 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 12:25:26 18.8 103 KiB admin@192.168.4.10 (Local Database): Restored dhcpd of config file (maybe from CARP partner)
10/2/18 12:24:03 18.8 11 KiB admin@192.168.4.10 (Local Database): Configuration saved on completion of the pfSense setup wizard.
10/2/18 12:24:01 18.8 11 KiB admin@192.168.4.10 (Local Database): Configuration changed via the pfSense wizard subsystem.

NetResolver

No, is not safe !

Think twice if you go update.

emammadov

@luisrafael I don't click update. I try to test it in fresh installed 2.4.4 version and restore config.xml. You think this way is not safe too?

jimp

@luisrafael said in Updating to 2.4.4 version is safe now?:

No, is not safe !

Think twice if you go update.

If you follow best practices, it is safe. Do not spread FUD.

jimp

@emammadov said in Updating to 2.4.4 version is safe now?:

Ok, I try again, I choose Package Manager to restore, I don't click Reinstall packages button. It says: The configuration are has been restored. The firewall may need to be rebooted. But nothing happens next. Shall I have to wait something to happen or it will reboot itself?

It should reboot on its own and then reinstall packages after the reboot. From the config history it looks like maybe it already did?

Are all of your settings present? If so, it is probably fine, but you might reboot it manually anyhow. If not, then start a new thread and we can investigate it separately.

emammadov

It didn't reboot. Installed packages appeared in menu, but when I click one of them, it says:

In Config History:

10/2/18 14:01:03 18.8 151 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner) Current configuration
10/2/18 14:47:54 18.8 12 KiB (system): wan IP configuration from console menu
10/2/18 14:43:39 18.8 12 KiB (system): wan IP configuration from console menu
10/2/18 14:40:31 18.8 11 KiB (system): Generated new self-signed HTTPS certificate (5bb3835f15f7b)
10/2/18 14:40:12 18.8 7 KiB (system): Upgraded config version level from 18.0 to 18.8
10/2/18 13:58:44 18.8 143 KiB (system): Removed tftpd package.
10/2/18 13:48:33 18.8 151 KiB admin@192.168.4.10 (Local Database): Creating restore point before package installation.
10/2/18 13:47:49 18.8 151 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 13:46:48 18.8 143 KiB admin@192.168.4.10 (Local Database): Restored openvpn of config file (maybe from CARP partner)
10/2/18 13:44:54 18.8 137 KiB (system): Removed tftpd package.
10/2/18 13:29:13 18.8 145 KiB admin@192.168.4.10 (Local Database): Creating restore point before package installation.
10/2/18 13:27:43 18.8 145 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 13:26:28 18.8 137 KiB (system): Removed tftpd package.
10/2/18 13:26:27 18.8 142 KiB (system): Removed ntopng package.
10/2/18 13:24:24 18.8 145 KiB admin@192.168.4.10 (Local Database): /system_advanced_network.php made unknown change
10/2/18 13:22:31 18.8 145 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 12:54:28 18.8 145 KiB admin@192.168.4.10 (Local Database): Creating restore point before package installation.
10/2/18 12:54:15 18.8 145 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 12:40:01 18.8 137 KiB admin@192.168.4.10 (Local Database): Successfully edited user admin
10/2/18 12:39:44 18.8 137 KiB admin@192.168.4.10 (Local Database): Restored aliases of config file (maybe from CARP partner)
10/2/18 12:35:34 18.8 125 KiB (system): Removed tftpd package.
10/2/18 12:35:33 18.8 133 KiB (system): Removed OpenVPN Client Export Utility package.
10/2/18 12:33:16 18.8 133 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 12:31:19 18.8 125 KiB (system): password changed from console menu
10/2/18 12:29:33 18.8 125 KiB (system): password changed from console menu
10/2/18 12:28:01 18.8 125 KiB (system): Removed tftpd package.
10/2/18 12:28:00 18.8 131 KiB (system): Removed ntopng package.
10/2/18 12:25:55 18.8 133 KiB admin@192.168.4.10 (Local Database): Restored installedpackages of config file (maybe from CARP partner)
10/2/18 12:25:26 18.8 103 KiB admin@192.168.4.10 (Local Database): Restored dhcpd of config file (maybe from CARP partner)
10/2/18 12:24:03 18.8 11 KiB admin@192.168.4.10 (Local Database): Configuration saved on completion of the pfSense setup wizard.
10/2/18 12:24:01 18.8 11 KiB admin@192.168.4.10 (Local Database): Configuration changed via the pfSense wizard subsystem.

NetResolver

@emammadov

@emammadov said in Updating to 2.4.4 version is safe now?:

@luisrafael I don't click update. I try to test it in fresh installed 2.4.4 version and restore config.xml. You think this way is not safe too?

If you have a fresh installation 2.4.4 maybe you don't have problem with the packages.

I update 2.4.3 to 2.4.4 ... and squid package didn't work. Now i update freeradius3 and i have the "some" package not work.

Is it stable for me ?

thanks