CLI installed pfsense packages not showing up in GUI



  • Hi all,

    As the title says I've installed a couple of pfsense packages (open-vm-tools, squid) from the CLI and they're not showing up in the GUI under System > Package Manager > Installed Packages.
    Additionally vSphere reports that my pfsense appliance VM isn't running any VM Tools.

    Is there something else I need to do to activate/configure these packages?

    For reference here's my previous topic on why I'm doing this offline via CLI:
    https://forum.netgate.com/topic/145321/offline-package-management



  • The GUI-based installer is probably adding a section in the main config. The system reconfigures itself at boot based on the config contents, which is why some manual changes you make get lost on a reboot. You might have some luck locating the config file (sorry, I don't remember what it's called or where it is, in /config maybe?) and looking for a packages section, or perhaps you might need to do a test install with the packages installed, and then diff the config to see what was added and add that you your config. It will be messy and I don't know if it would persist through firewall upgrades.


  • LAYER 8 Netgate

    You would want to use pfSsh.php playback installpkg package-name to install a package from the command line. There are several packages available in the repository that are command-line only.

    The command pkg search pfSense-pkg should provide a list of available names. You want everything between ^pfSense-pkg- and -VersionNumber$. This should get you close:

    pkg search -q pfSense-pkg | sed -e 's/^pfSense-pkg-\([a-zA-Z0-9_-]*\)-[0-9,_\.]*$/\1/'

    (Don't judge - it works.)

    When you install a package using pkg no manipulation of the configuration file is done. Something like squid is not going to work. There is more to adding a GUI package that just running pkg. You would want to do something like pfSsh.php playback installpkg squid to install squid from the command line.

    A package such as iperf3, py27-speedtest-cli, etc will never show up in the GUI.



  • Hi Derelict,

    Thanks for that, I've just tried that with the following result:

    pfSsh.php playback installpkg squid-3.5.27_3.txz
    Installing package "squid-3.5.27_3.txz"... Failed.
    

    And found the following in the system log:

    tail /var/log/system.log
    $DATE, $HOSTNAME php-cgi: pfSsh.php: The command '/usr/local/sbin/pfSense-upgrade -y -i pfSense-pkg-squid-3.5.27_3.txz' returned exit code '1', the output was 'ERROR: Unable to compare version of pfSense-repo'
    

    I'm guessing it's not working because it's not connected to the internet? Is there still a way to build a local repo to bypass this?


  • LAYER 8 Netgate

    The command pkg search pfSense-pkg should provide a list of available names. You want everything between ^pfSense-pkg- and -VersionNumber$. This should get you close:

    pkg search -q pfSense-pkg | sed -e 's/^pfSense-pkg-\([a-zA-Z0-9_-]*\)-[0-9,_\.]*$/\1/

    Installing from any repositories other than the official ones is unsupported. Not sure what's going on with that because I have never done it.



  • Here's what I get with that:

    pkg search -q pfSense-pkg | sed -e 's/^pfSense-pkg-\([a-zA-Z0-9_-]*\)-[0-9,_\.]*$/\1/
    pkg: Repository pfSense-core missing. 'pkg update' required
    pkg: Repository pfSense-core load error: access repo file(/var/db/pkg/repo-pfSense-core.sqllite) failed: No such file or directory
    pkg: https://pkg.pfsense.org/pfSense_v2_4_4_amd64-core/meta.txz: No address record
    pkg: https://pkg.pfsense.org/pfSense_v2_4_4_amd64-core/packagesite.txz: No address record
    

    So a pfsense appliance with no access to internet will be entirely unable to install packages and manage them from the GUI?


  • LAYER 8 Netgate

    Yes. It needs access to the repositories.

    If you want to try to duplicate the online repos locally, you will need to also point pkg locally using the repo file. There is probably even more than that required. I wouldn't know what that would be.

    All of the freebsd docs are here:

    https://www.freebsd.org/cgi/man.cgi



  • Cool I will have a look into that, thank you for your time!


  • Rebel Alliance Developer Netgate

    The CLI method of installing packages works fine if you specify the full pfSense-pkg-<name> name. That is identical to what the GUI does, and what the playback script ends up doing as well.

    Good: pkg install pfSense-pkg-squid
    Bad: pkg install squid


  • LAYER 8 Netgate

    Ah, I though you needed to use the pfSsh.php to get bits into config.xml, etc. Thanks.


Log in to reply