Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Netgate 1100(on 22.05-Release) can no longer update nor install apps

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    13 Posts 4 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      davidylau
      last edited by

      I have a Netgate SG-1100 running version 22.05-Release.

      The system no longer gets update information. In the Retrieving section of System>Update>SystemUpdate, the cog icon spins indefinitely.
      If I power-cycle the box, after a long time, the Retrieving section says "Unable to check for Updates".

      --
      I have another problem that I don't know if it's related or not.
      The package manager no longer is able to install a new package.

      When I try to install the NUT package, I get this response:
      "Another instance of pfsense-upgrade is running. Try again later."

      Anybody experience these issues and hopefully solved them? Thanks in advance..

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        It could be a number of things.

        At the command line try entering: pkg-static -d update

        See what error(s) it returns.

        Steve

        D 1 Reply Last reply Reply Quote 0
        • D
          davidylau @stephenw10
          last edited by

          @stephenw10
          Thanks for the quick response.

          When I first posted my problems, I was using <alternative_admin_account>. When I ran "pkg-static -d update" using that account, I got this error:
          pkg-static: Insufficient privileges to update the repository catalogue.

          So I then re-enabled the default admin account and re-ran the pkg-static command. That worked. It finished with
          [fetching a bunch of files]
          pfSense repository is up to date.
          All repositories are up to date.

          Again, using the default admin account, I was able to install the NUT package.

          It's a little weird, since I re-enabled the default admin account using the <alternative_admin_account>. So I would have thought <alternative_admin_account> would have all of the privileges to do everything.

          Thanks again.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Ah, interesting. Hmm, you actually disabled the admin account?

            D 1 Reply Last reply Reply Quote 0
            • D
              davidylau @stephenw10
              last edited by

              @stephenw10 Yeah, I was mimic'ing the recommendations from some NAS vendors : create an alternative admin account and disable the default admin account.

              Minor security-by-obscurity attempt I guess.

              GertjanG 1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan @davidylau
                last edited by

                @davidylau said in Netgate 1100(on 22.05-Release) can no longer update nor install apps:

                Yeah, I was mimic'ing the recommendations from some NAS vendors

                NASs are not firewalls/router.
                The first shares resources among a lot of users. All these users have typically their own login ID and password. 'root' or admin can access all resources (files) of all users.

                Firewall share ..... nothing, and are administrated, as a NAS, by typically one user, the admin.

                If you think the admin account is exposed, their is one easy and final solution : accept admin logins into pfSense only to from your IP, on the pfsense LAN interface.
                For daily use, create other interfaces for yourself, friends, family, co-workers or visitors, and block the admin access (block the access to pfsense itself) on all these interfaces.
                If you need to admin pfsense, hook yourself physically up to the LAN interface.
                Lock pfSense up in a physical non accessible place and you'll be fine.

                Btw : I'm doing the same thing with my Synology NAS : I don't care about their advise that I should rename my admin account : it accepts admin access only from my device, my IP on its LAN. Added a double auth to the admin account, and I feel safe enough.

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                D 1 Reply Last reply Reply Quote 0
                • F
                  FSC830
                  last edited by

                  off-topic:
                  Me too do not follow these advise! I guess OP is using a QNAP NAS.
                  QNAP indeed recommends to disable the origin admin account and use an alternative admin account instead.
                  That is because a very large number of users did expose their NAS without any security to internet and was attacked and hacked with malware/ransomware.
                  But even when doing so at a QNAP, the alternative admin does not have all privileges, even with sudo some things wont work.
                  A significant count of apps do not work or cant be installed, because they refer "hard-coded" to the origin admin account.
                  So this advise is really "security-by-obscurity".

                  Regards

                  D 1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Hmm, that's curious. I can't replicate that here, and I didn't expect to be able to.
                    How exactly did you disable the account?

                    There are some things that must be run as admin/root but the gui processes always do that.

                    Steve

                    D 1 Reply Last reply Reply Quote 0
                    • D
                      davidylau @Gertjan
                      last edited by

                      @gertjan Thanks for the comment.

                      I had already implemented the other steps you mentioned.

                      1 Reply Last reply Reply Quote 0
                      • D
                        davidylau @FSC830
                        last edited by

                        @fsc830 Thanks for the comment.

                        Which other QNAP apps won't work with another admin account? I haven't experienced that.

                        1 Reply Last reply Reply Quote 0
                        • D
                          davidylau @stephenw10
                          last edited by

                          @stephenw10 How I disabled the admin account:

                          System>User Manager>Users>Edit , I clicked the "Disable, This user cannot login" button.

                          1 Reply Last reply Reply Quote 0
                          • stephenw10S
                            stephenw10 Netgate Administrator
                            last edited by

                            Mmm, by itself that should not cause a problem with the pkg system. I wonder if it was failing for some other related reason. Are you able to recreate it? No worries if not.

                            Steve

                            D 1 Reply Last reply Reply Quote 0
                            • D
                              davidylau @stephenw10
                              last edited by

                              @stephenw10 I'd rather not muck with the fire-wall as my house has multiple users who need internet most of the time :-)

                              FWIW, I don't remember changing anything else to get the package manager working again.

                              1 Reply Last reply Reply Quote 1
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.