System Patches package version 2.2.x

jimp

@johnpoz said in System Patches package version 2.2:

@jimp wow there is a lot ;) Guess will be doing a reboot in the morning when My change window opens..

change window = when I wake up and nobody is using the internet or plex ;)

There are even more things we've fixed that didn't make the cut, and some more may come in yet. I didn't add entries for some of the less common edge cases we've seen and fixed since they were much less likely to be encountered in the wild than the ones I included in the list.

michmoor

@jimp Thanks Jim. Appreciate the teams hard work.

SteveITS

@jimp said in System Patches package version 2.2:

reboot to activate

Could there be some sort of a reboot column/check/icon in the row for those patches? Would help steer those who Apply All and don't read all the redmine entries. :)

michmoor

@steveits dude get out of my head. I was thinking about that when replying to the thread but i decided against it.
But yeah, notification of a reboot required message would solve issues..especially here in the forums.

johnpoz

@steveits said in System Patches package version 2.2:

and don't read

Well yeah that is always problematic - why would they read the email sent? ;) Just sayin hehehe

Even just a breeze over of all those entries should be pretty easy to spot that many of them that say reboot required.. Not saying users won't miss it.. hehe.. But its not like 1 in 20, but 4 out of the top 5 in my list state "requires reboot"

I could see if there was 1 out 20 of them, and it was number 17 in the list or something ;)

And then Jim in Bold bigger font states in this post "Reboot is Likely Necessary"

SteveITS

@michmoor said in System Patches package version 2.2:

dude get out of my head

Nope. I'm all for idi*t-proofing where possible. Though I wouldn't call it that in public. :) As someone once told me, paraphrased, "I want to be all powerful, but a prompt of 'are you sure, knuckehead?' would be appreciated."

And yeah, I didn't install the package update yet and couldn't really read the scrolling image well but the text does say to reboot. So, d'oh!

mcury

Today is a holiday here, so I decided to perform a clean 23.01 install.
Restored my config, then applied all these patches, everything working smoothly for a few hours now.
System: SG-3100 - pfblockerng, wireguard, softflowd (version from older repository).

michmoor

Curious, if there are new patches for 23.05 in the future, will the list get automatically populated or do we need to initiate something?

SteveITS

@michmoor said in System Patches package version 2.2:

if there are new patches for 23.05 in the future, will the list get automatically populated or do we need to initiate something?

The patch list is updated by updating the package. So with 23.01 (3 weeks ago) the package updated and the list was blank.

edit: I read this as, "after 23.05 is released"

jimp

@michmoor said in System Patches package version 2.2:

Curious, if there are new patches for 23.05 in the future, will the list get automatically populated or do we need to initiate something?

23.05 wouldn't use the system patches package that way since it's getting daily snapshot builds. Any fixes that go in would be in the builds the next day.

jdeloach

@jimp said in System Patches package version 2.2:

@michmoor said in System Patches package version 2.2:

Curious, if there are new patches for 23.05 in the future, will the list get automatically populated or do we need to initiate something?

23.05 wouldn't use the system patches package that way since it's getting daily snapshot builds. Any fixes that go in would be in the builds the next day.

I'm confused. I'm running pfSense 2.6.0 CE and I see these dozen or so patches as being available to apply, yet when I open the Redmine associated with each patch, it states that the target is for 2.7.0/plus target 23.01.

Are these patches really safe to apply to 2.6.0 CE? No where do I see anything in the redmine that states it is for 2.6.0???

slu

@jdeloach said in System Patches package version 2.2:

Are these patches really safe to apply to 2.6.0 CE?

See the package update today on the 2.6.0 CE and have the same question, save to apply because the System_Patches package is available on 2.6.0 CE?

Bob.Dig

~~@slu They are patches till the can be backed in the new version, so this is normal.~~

slu

@bob-dig but this affect 23.x only or 2.6.0 CE as well?
With other words, can I break the system with patches or is there some version check in the background?

Bob.Dig

@slu Good question. Is there anything related to FreeBSD 14 or PHP 8.1 in it? Then wait.

23.01:

Screenshot 2023-03-17 at 11-33-20 pfSense.home.arpa - System Patches.png

and 6. I remember are 23.1 only for example, so if you have them too, then this is not for you.

jimp

@jdeloach said in System Patches package version 2.2:

I'm confused. I'm running pfSense 2.6.0 CE and I see these dozen or so patches as being available to apply, yet when I open the Redmine associated with each patch, it states that the target is for 2.7.0/plus target 23.01.

Are these patches really safe to apply to 2.6.0 CE? No where do I see anything in the redmine that states it is for 2.6.0???

The patches for 2.6.0 are not new. They have been there for weeks, since 23.01 released. The ones you see on 2.6.0 are safe to apply on 2.6.0. On 2.6.0 the only change you'll see from this new version of the package is the apply/revert all buttons.

The recommended patch list is version filtered. You only see the patches relevant to whatever you are running.

slu

@jimp said in System Patches package version 2.2:

The recommended patch list is version filtered. You only see the patches relevant to whatever you are running.

Thank you, now its clear to me.

JonathanLee

@jimp thanks!!!

JonathanLee

@jimp speaking of patches, how long until they are approved to be added in as recommend? For example the YouTube issue with none.
https://redmine.pfsense.org/issues/13811

jimp

@jonathanlee said in System Patches package version 2.2:

@jimp speaking of patches, how long until they are approved to be added in as recommend? For example the YouTube issue with none.
https://redmine.pfsense.org/issues/13811

There isn't any set schedule, mostly depends on the amount of time devs have who are also familiar with the package and so on. But that's completely unrelated to this thread, "patches" in the sense of this package are not always tied to PRs or commits.