Are we close to an RC release?
-
This #13227 was updated 30 minutes ago, it seems that will be ready for 24.03
-
@mcury Not sure if you saw this. it's not a big deal, but it's worth mentioning:
https://forum.netgate.com/topic/186825/boot-environment-verification
-
@DefenderLLC I saw that but I didn't test 24.03 snapshots yet.
I watched the Netgate videos in Youtube, I think it was from Christian, showing this feature which is pretty neat indeed. -
@mcury That thread I mentioned is not about the feature itself, but rather that the verification keeps coming back after subsequent reboots within the defined threshold. It shouldn't do that after it's already been verified.
-
@DefenderLLC said in Are we close to an RC release?:
@mcury That thread I mentioned is not about the feature itself, but rather that the verification keeps coming back after subsequent reboots within the defined threshold. It shouldn't do that after it's already been verified.
Indeed, did you open a redmine for that ?
-
@mcury Not yet, but I'll try and submit one today if I can find the time.
-
That should be fixed if you upgrade from something earlier to the current beta snapshot.
-
@stephenw10 If that was meant for me, it did reoccur on today's build from early this morning.
-
Hmm, that was after upgrading from yesterdays build? Was it already showing the verification issue before the upgrade?
-
@stephenw10 Yes and yes. It's actually been just like this for at least the last 4 or 5 builds or even possibly whenever this feature was recently added. I upgrade each time one is presented - because I'm one of those people. :).
I upgraded from yesterday's build, verified it after the post-install reboot, did my testing, deleted the old boot environment, cleared the logs (they go to a syslog server for long-term use), and then reboot another time manually. Upon that next login (even after my 300 second threshold has passed), the verification prompt returns counting down from "0" although it doesn't actually perform any actions. It's not a big deal, but it might confuse a novice.
-
Did something break on the packages? I can't see the March 21st update anymore, and all its telling me is it cant find a meta file.
ERROR: It was not possible to determine pkg remote version
Updating repositories metadata...
pkg-static: Warning: Major OS version upgrade detected. Running "pkg bootstrap -f" recommended
Updating pfSense-core repository catalogue...
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
repository pfSense-core has no meta file, using default settings
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
Unable to update repository pfSense-core
Updating pfSense repository catalogue...
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
repository pfSense has no meta file, using default settings
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
Unable to update repository pfSense
Error updating repositories!Locking package pkg... done.
ERROR: It was not possible to determine pfSense-upgrade remote version
ERROR: It was not possible to determine pfSense-upgrade remote version -
The branch was marked as beta but I wouldn't expect that to be an issue.
What build are you trying to upgrade from?
Try running
pkg-static -d update
see what errors are shown. -
-
I wouldn't expect that to fix it. It will show additional error output that might show what's failing though.
-
@stephenw10
cant upgrade to beta
from
24.03-BETA (amd64)
built on Wed Mar 13 23:23:00 EDT 2024
FreeBSD 15.0-CURRENTpackages available
release branches show unknown and unknownpkg-static clean -ay; pkg-static install -fy pkg pfSense-repo pfSense-upgrade
pkg-static: Warning: Major OS version upgrade detected. Running "pkg bootstrap -f" recommended
Updating pfSense-core repository catalogue...
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
repository pfSense-core has no meta file, using default settings
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
Unable to update repository pfSense-core
Updating pfSense repository catalogue...
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
repository pfSense has no meta file, using default settings
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
Unable to update repository pfSense
Error updating repositories! -
@grandrivers
I rolled back and upgraded from different boot environment -
Just does this over and over
-
Ok great so it's a certificate problem.
Try running:
certctl rehash
That should be run automatically from any recent snap though, including Mar 13th.Try running:
pfSense-repoc
That is what should pull the client certs. -
None of those worked, and when i run the bootstrap command this is what i get.
This is looking like a reinstall.
[24.03-BETA][admin@pfSense.local.lan]/root: pkg bootstrap -f
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from pkg+https://pfsense-plus-pkg.netgate.com/pfSense_plus-v23_09_1_amd64-pfSense_plus_v23_09_1, please wait...
Certificate verification failed for /C=US/ST=Texas/L=Austin/O=Rubicon Communications, LLC (Netgate)/OU=pfSense Plus/CN=pfsense-plus-pkg00.atx.netgate.com
002021DD0E3C0000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:/var/jenkins/workspace/pfSense-Plus-snapshots-master-main/sources/FreeBSD-src-plus-devel-main/crypto/openssl/ssl/statem/statem_clnt.c:1890:
Certificate verification failed for /C=US/ST=Texas/L=Austin/O=Rubicon Communications, LLC (Netgate)/OU=pfSense Plus/CN=pfsense-plus-pkg01.atx.netgate.com
002021DD0E3C0000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:/var/jenkins/workspace/pfSense-Plus-snapshots-master-main/sources/FreeBSD-src-plus-devel-main/crypto/openssl/ssl/statem/statem_clnt.c:1890:
Certificate verification failed for /C=US/ST=Texas/L=Austin/O=Rubicon Communications, LLC (Netgate)/OU=pfSense Plus/CN=pfsense-plus-pkg00.atx.netgate.com
002021DD0E3C0000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:/var/jenkins/workspace/pfSense-Plus-snapshots-master-main/sources/FreeBSD-src-plus-devel-main/crypto/openssl/ssl/statem/statem_clnt.c:1890:
Certificate verification failed for /C=US/ST=Texas/L=Austin/O=Rubicon Communications, LLC (Netgate)/OU=pfSense Plus/CN=pfsense-plus-pkg01.atx.netgate.com
002021DD0E3C0000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:/var/jenkins/workspace/pfSense-Plus-snapshots-master-main/sources/FreeBSD-src-plus-devel-main/crypto/openssl/ssl/statem/statem_clnt.c:1890:
Certificate verification failed for /C=US/ST=Texas/L=Austin/O=Rubicon Communications, LLC (Netgate)/OU=pfSense Plus/CN=pfsense-plus-pkg00.atx.netgate.com
002021DD0E3C0000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:/var/jenkins/workspace/pfSense-Plus-snapshots-master-main/sources/FreeBSD-src-plus-devel-main/crypto/openssl/ssl/statem/statem_clnt.c:1890:
Certificate verification failed for /C=US/ST=Texas/L=Austin/O=Rubicon Communications, LLC (Netgate)/OU=pfSense Plus/CN=pfsense-plus-pkg01.atx.netgate.com
002021DD0E3C0000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:/var/jenkins/workspace/pfSense-Plus-snapshots-master-main/sources/FreeBSD-src-plus-devel-main/crypto/openssl/ssl/statem/statem_clnt.c:1890:
pkg: Error fetching https://pfsense-plus-pkg.netgate.com/pfSense_plus-v23_09_1_amd64-pfSense_plus_v23_09_1/Latest/pkg.txz: Authentication error
A pre-built version of pkg could not be found for your system.
Consider changing PACKAGESITE or installing it from ports: 'ports-mgmt/pkg'. -
@stephenw10 FYI, I did not see the repeated verification prompt with today's build; however, I did wait until my 300 seconds was surpassed before attempting to logon after the manual reboot.