Shared object "libdl.so.1" not found, required by "openvpn"
-
This post is deleted!
-
Upgrade to 2.4.4.
-
Hi,
can you explain why it is necessary to upgrade?
-
Somehow you managed to get a newer version of OpenVPN on the box than it expected, which means you have a mismatched set of binaries on there. There isn't a way to get back into a working state except to upgrade to pfSense 2.4.4.
-
Hi, thank you for your quick answer.
I do not understand how I made to get a new version of openvpn, could you develop that point?
These are the 2 packages that are installed and that I try to maintain up to date :- openvpn-client-export ;
- zabbix-agent34.
May that come from these?
-
So you updated a package without updating pfsense would be my guess.. The most current export-client has a dep of openvpn-2.4.6_1
So yeah it prob updated that when you clicked on updating that package without updating pfsense..
https://www.netgate.com/docs/pfsense/install/upgrade-guide.html
Warning
Do not upgrade packages before upgrading pfSense. Either remove all packages or leave the packages alone before running the update.I think there was some threads where people were running into the same sort of problem - I believed they put in some safeguards to prevent this from happening?
I never update packages after a new release drops until after I have updated.. Per the warning in the upgrade guide which I believe has stated that for really really long time.
-
A variation of this bug: https://redmine.pfsense.org/issues/8938
-
Ok, that make sense.
Do you confirm that unless you update core pfSense, it is not possible to update any package individually? Is there any official documentation on that? May I suggest that pfSense warn users about this and maybe disable package update if we are in this case?Anyway, updating pfSense to 2.4.4 resolved the problem.
Regards.
-
They have warned users! ;) As I have stated its been in the upgrade guide for like forever ;) Problem is users don't normally read anything before they happy go clicking away.. ;)
-
@johnpoz said in Shared object "libdl.so.1" not found, required by "openvpn":
https://www.netgate.com/docs/pfsense/install/upgrade-guide.html
Tanks you! This is the warning I was looking for :-)
-
@johnpoz
That is why I would suggest to disable package update if a core upgrade is pending...
-
They prob need to work on some sort of lets keep the users from shooting themselves in the foot... Where packages versions are LOCKED and do not even show an update available until they are on the correct version of the base install.
Prob working on that with the issues seen in this update - jimp would know more on that.. But prob a lot of work.. Maybe could put a warning label in the package section, you know like the ones they have on your coffee cup warning you its HOT ;)
-
@johnpoz said in Shared object "libdl.so.1" not found, required by "openvpn":
They prob need to work on some sort of lets keep the users from shooting themselves in the foot
Agreed, like not showing package upgrades that would break their systems due to missing dependencies. I thought it was ridiculous that users could break their systems by upgrading a package that relied on a major pfSense upgrade. Either the package shouldn't have been presented in the first place, or the package installer should have bailed out right away when the requirements weren't met.
-
+1
-
pfsense is reversing the order of things, how do you not recommend updating the available packages and informing when you have an update ?! things are getting confusing and the fear of updating pfsense and everything gets worse is great.
-
Nothing is reversed. The recommendation for pfSense has always been to remove all packages and then upgrade. Never upgrade packages and then the OS.
-
@jimp may have been recommended this way since always, but it is so normal to update a package, the first time I see cause so many problems for openvpn.
-
@jimp said in Shared object "libdl.so.1" not found, required by "openvpn":
The recommendation for pfSense has always been to remove all packages and then upgrade
So say you have some packages configured (squid, zabbix-agent, openvpn-export etc).
You need to:
1/ remove them
2/ reboot
3/ upgrade
4/ reinstall them
5/ configure themCan you confirm?
-
Read the upgrade guide, it has the officially recommended procedure.
-
@faust so it's in the recommendation that's right ... I'll never update a package again.
-
@foxrcesar said in Shared object "libdl.so.1" not found, required by "openvpn":
@jimp may have been recommended this way since always, but it is so normal to update a package, the first time I see cause so many problems for openvpn.
That is not normal for pfSense and never has been. I'm not sure what you're thinking of. Not even that way for FreeBSD. You update the base OS and then update installed software because when making a version jump, the binaries might be backward compatible but they are not necessarily forward compatible. Also you'll end up reinstalling all packages after anyway since they wouldn't match the base OS after upgrade if they were pulled from an old repo.
-
@foxrcesar said in Shared object "libdl.so.1" not found, required by "openvpn":
@faust so it's in the recommendation that's right ... I'll never update a package again.
We have code in place now to prevent these kinds of problems in the future.
I can't replicate this kind of error on 2.4.3-p1 installs now. Every package update or install request fails saying there is a new version, upgrade first.
-
@jimp Thank you. This will surely save some people down the road.
-
@jimp Thanks for the explanation, it makes sense and I see that you have a warning when trying to install a new package in a late version of pfsense, I will update pfsense and I do not have the option to update the packages separately. have a nice day.
-
Read the upgrade guide, it has the officially recommended procedure."
Thank you, I read it more than once but some points remains not clear sorry...
I can't find answer to point 5/ (do we need to reconfigure packages or configuration are kept?).
I am only talking about official pfSense packages, I understand you cannot maintain third party packages.
-
Package configurations are kept, unless the package does otherwise. Some packages have an option to not retain the configuration. In those cases, it's up to you and how you configured those packages.
-
@jimp Thank you for this confirmation.
I don't now what are the implication for the package manager but I think that the proposition of @KOM should be considered as it would prevent a lots of trouble.Agreed, like not showing package upgrades that would break their systems due to missing dependencies. I thought it was ridiculous that users could break their systems by upgrading a package that relied on a major pfSense upgrade. Either the package shouldn't have been presented in the first place, or the package installer should have bailed out right away when the requirements weren't met.
Because my mistake (and I am surely not alone) was to think that pfSense package manager was similar to PKG or APT (as it relies on PKG) and it is clearly not as simple as that. You are allowed to upgrade a package without upgrading the whole system (and break it).
-
Except as I've said a few times now, you can't do that anymore. There is code in place to prevent that from happening. We've done all we can to protect against that in the future.
-
@jimp said in Shared object "libdl.so.1" not found, required by "openvpn":
Except as I've said a few times now, you can't do that anymore. There is code in place to prevent that from happening. We've done all we can to protect against that in the future.
Ok perfect, but I will check this point on next upgrade because I actually had the problem upgrading from 2.4.3-p1...
