Issue with going from 2.7.0 to 2.7.2
-
@stephenw10 said in Issue with going from 2.7.0 to 2.7.2:
@Understudy said in Issue with going from 2.7.0 to 2.7.2:
I said No so I could show this issue that showed up on the mismatch.
What version are you upgrading from?
If you run
pfSense-upgrade
it allows for an ABI mismatch like that. But CE has been built on 14 for sometime now.Current Version is 2.7.0
I will run pfSense-upgrade and let you know.
Thank you
-
@stephenw10 said in Issue with going from 2.7.0 to 2.7.2:
@Understudy said in Issue with going from 2.7.0 to 2.7.2:
I said No so I could show this issue that showed up on the mismatch.
What version are you upgrading from?
If you run
pfSense-upgrade
it allows for an ABI mismatch like that. But CE has been built on 14 for sometime now.[2.7.0-RELEASE][admin@Ignis.brendhanhorne.com]/root: pfSense-upgrade pfSense-repoc-static: failed to fetch the repo data failed to read the repo data. failed to update the repository settings!!! failed to update the repository settings!!! [2.7.0-RELEASE][admin@Ignis.brendhanhorne.com]/root:
Something is not quite right. What would be be next step?
-
@stephenw10
Yes, connectivity is fine. I looked for info everywhere and found some steps in this thread. I triedpkg-static upgrade pfSense-repoc
andpkg-static upgrade
and it messed up everything because I think I went too far.I just did a fresh install and I am now running 2.7.2. The installer restored the config.xml but none of the packages are installed. The same issues are still here:
-
Available packages page shows "Unable to retrieve package information".
-
pkg-static -d update
shows:
DBG(1)[3313]> pkg initialized pkg-static: Unable to open '/usr/local/etc/pkg/repos//pfSense.conf':No such file or directory No active remote repositories configured.
Internet connectivity is fine on pfSense and on the network behind it.
UPDATE:
Reading your latest message above for @Understudy, I triedpfSense-upgrade
and it seems to have recreated the database. After another restore and reboot, everything seems to be back to normal. It was not easy, but thank you for all the information on this forum. -
-
@trucmuche said in Issue with going from 2.7.0 to 2.7.2:
pkg-static: Unable to open '/usr/local/etc/pkg/repos//pfSense.conf':No such file or directory
Just for reference if you see that error just resave the repo branch or select a different branch and then switch back (which also resaves it).
-
@stephenw10 said in Issue with going from 2.7.0 to 2.7.2:
@Understudy said in Issue with going from 2.7.0 to 2.7.2:
I said No so I could show this issue that showed up on the mismatch.
What version are you upgrading from?
If you run
pfSense-upgrade
it allows for an ABI mismatch like that. But CE has been built on 14 for sometime now.Tried it again. Different message.
[2.7.0-RELEASE][admin@Ignis.brendhanhorne.com]/root: pfSense-upgrade ERROR: It was not possible to determine pkg remote version >>> Updating repositories metadata... Updating pfSense-core repository catalogue... pkg-static: An error occured while fetching package pkg-static: An error occured while fetching package repository pfSense-core has no meta file, using default settings pkg-static: An error occured while fetching package pkg-static: An error occured while fetching package Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg-static: An error occured while fetching package pkg-static: An error occured while fetching package repository pfSense has no meta file, using default settings pkg-static: An error occured while fetching package pkg-static: An error occured while fetching package Unable to update repository pfSense Error updating repositories! ERROR: It was not possible to determine pfSense-upgrade remote version ERROR: It was not possible to determine pfSense-upgrade remote version >>> Upgrading pfSense-upgrade... failed. [2.7.0-RELEASE][admin@Ignis.brendhanhorne.com]/root:
-
@Understudy said in Issue with going from 2.7.0 to 2.7.2:
pfSense-repoc-static: failed to fetch the repo data
failed to read the repo data.
failed to update the repository settings!!!Send me your NDI in chat and I'll check it.
-
@Understudy @stephenw10 I had exactly the same issue - and under the GUI it was all showing green. Saw a youtube video about the patch and the fixes it includes and wondered if I had it.
The UI said the current stable 2.7.2 branch was selected. And that the current/latest and installed (base) versions were 2.7.0 and were up to date. I almost assumed that meant that the .2 update didn't show there and I was all good.
Only after checking this forum and trying option 13 and getting the same then fixing it with the
certctl rehash
command then following up with
pfSense-upgrade
did it suddenly spring back into life.I really wish there was a better UI display that something had gone wrong here and that I was actually out of date.
Is the rehash thing something I should get it to run on cron weekly or something to ensure this doesn't happen again? -
No going forward from 2.7.2 that is run before checking anyway. You don't need to do anything further.
-
Ok, the situation for me ended up being a cert issue.
certctl rehash
it also may have taken a bit of tweaking on some of the servers but it did get addressed and my running certctl rehash and pfSense-upgrade ended up being successful.
So we now have 2.7.2 running on the equipment.
Thank you all again.
-
@stephenw10 Your suggestion did help solve the problem in my system upgrading from 23.05.1 to 23.09.1, nothing else worked.
-
Wow. This update sure caught me by surprise. I've been using this for probably 15yrs+ at least. Like everyone stated my 2.7.0 said all up to date...good to go and 2.7.2 was ready to install. It appeared to install fine I guess...I freaked after it didnt come up after 2-3 min because I know it boots faster than that. Then I saw the console was at a login prompt and not the normal prompt after a full boot displaying all the interfaces.
Anyways after this upgrade. I've learned my lesson. This is the 2nd time an update crashed my system and I had to go to the console. I mean that's not bad over 15yrs+ of using pfsense. I need to do some reading up on whats new and whatnot. I did notice at a quick glance I saw something about the dhcp server at the end of life. From now on before upgrading I will read forums for any problems. I always wait to upgrade anyways. I also wait in the professional world just because of stuff like this.
So if anyone wants to just go straight to what worked for me to quickly get it up. First you need to have a kind of recent backup. Which I did have and it was version 2.7.0. I had a full backup with RRD Graphs/packages/etc. I downloaded 2.7.2 and installed it clean, accessed the web gui and restored. Then went back to the console to make sure it had the interfaces aligned still. Logged back in and everything was re-installing in the background. After a few minutes everything came back up. 2 LANs, 2 DHCP...static mappings...etc. Once reinstalling it just took a few minutes to put the backup file on and home networks were up in no time.
HTH - now off to read up on what all is new.
-
I also had this issue and certctl rehash fixed it. It would be nice to see an error message when checking for updates on the dashboard instead of thinking everything is fine. Also in case anyone can't boot after the update you may need a BIOS update. Here's my experience https://forum.netgate.com/post/1151342
-
-
-
-
-
-
-
I'm having similar issues... So I had pfSense deployed on a old Celeron chip/box...
did a backup, got new Topton based on a U300E installed, Had problems to get the backup restored so copied the backup as config.xml to /conf and restarted.discovered none of my packages are installed... and thinking also why my inbound routing to a HA deployed inside network is failing... I have outbound, strangely my inbound onto my OpenVPN is working... so CloudFlare which I use to proxy me is routing to the new device.
Below is the error i get if I execute:
pkg-static -d update
* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults * Hostname pkg00-atx.netgate.com was found in DNS cache * Trying 208.123.73.207:443... * Trying [2610:160:11:18::207]:443... * Immediate connect fail for 2610:160:11:18::207: No route to host * Connected to pkg00-atx.netgate.com (208.123.73.207) port 443 * ALPN: curl offers http/1.1 * CAfile: none * CApath: /etc/ssl/certs/ * SSL certificate problem: unable to get local issuer certificate * Closing connection pkg-static: An error occured while fetching package DBG(1)[44631]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.txz DBG(1)[44631]> curl_open DBG(1)[44631]> Fetch: fetcher used: pkg+https DBG(1)[44631]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.txz DBG(1)[44631]> CURL> attempting to fetch from , left retry 3 * Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults * Hostname pkg00-atx.netgate.com was found in DNS cache * Trying 208.123.73.207:443... * Trying [2610:160:11:18::207]:443... * Immediate connect fail for 2610:160:11:18::207: No route to host * Connected to pkg00-atx.netgate.com (208.123.73.207) port 443 * ALPN: curl offers http/1.1 * CAfile: none * CApath: /etc/ssl/certs/ * SSL certificate problem: unable to get local issuer certificate * Closing connection DBG(1)[44631]> CURL> attempting to fetch from , left retry 2 * Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults * Hostname pkg01-atx.netgate.com was found in DNS cache * Trying 208.123.73.209:443... * Trying [2610:160:11:18::209]:443... * Immediate connect fail for 2610:160:11:18::209: No route to host * Connected to pkg01-atx.netgate.com (208.123.73.209) port 443 * ALPN: curl offers http/1.1 * CAfile: none * CApath: /etc/ssl/certs/ * SSL certificate problem: unable to get local issuer certificate * Closing connection DBG(1)[44631]> CURL> attempting to fetch from , left retry 1
-
@georgelza said in Issue with going from 2.7.0 to 2.7.2:
nable to get local issuer certificat
-
So your new device is running 2.7.0 not 2.7.2?
If so you'll need to run
certctl rehash
to upgrade. -
@stephenw10 you will notice above i did...
eventually got it upgraded to 2.7 then did a restore of backup again and then a resupply of credentials, followed by haproxy which was the critical/missing app to allow inbound routing.
G