Tinc menu disappears on every upgrade in 2.1



  • It is strange that each time I upgrade, the tinc menu disappears from VPN menu, but it shows up as installed package. Reinstallation of tinc package brings back the menu under VPN list. Could be a bug with tinc!?



  • It has happened once again after an upgrade to 2.1 build from 20130627. Whether it is tinc issue or pfSense 2.1 issue? Anyone confirm?

    With this unstability in mind, how can one creat a mesh network with tinc? Thanks!


  • Rebel Alliance Developer Netgate

    That would have to be an issue with the tinc package, though I'm not sure what it might be offhand.

    That package was submitted by a community member and hasn't really been touched since then. I did bump its version recently because there was a CVE for it, but I didn't touch the package code, just the binaries.

    I haven't worked with tinc myself so I can't comment on the other parts. I use OpenVPN everywhere. :-)



  • Thanks jimp for the update.

    It would be nice if it could be brought to the attention of the community member who contributed tinc package to pfSense 2.1. ;-)


  • Rebel Alliance Developer Netgate

    I don't recall who submitted it but it's in a forum thread here somehwere.

    At a glance I'd say it's because of the way it does a config write in the middle of its install, not quite sure what the reasoning is there, but it seems to cause problems and it stops the package install process dead at that point before it has a chance to add its menus.



  • http://forum.pfsense.org/index.php/topic,53030.0.html

    Looks like apnar is the forum user name.  I'm interested in this on 2.0 as that's primarily what I use and would like to try tinc out over the current OpenVPN solution I use.  Seems almost effortless to add new networks in from the little I have played with it.  Looks like its only 2.1 only due to preference of his most frequent use of 2.1.

    Maybe we can have it added back in?



  • Thanks for the pointer. Sent a PM to him. ;-)



  • @zenny:

    Thanks for the pointer. Sent a PM to him. ;-)

    I took a quick look at the code and jimp made a few small tweaks about 12 days ago that might have fixed the issue.  Can you reinstall the plugin and see if you're still having problems?



  • @Hagabard:

    http://forum.pfsense.org/index.php/topic,53030.0.html

    Looks like apnar is the forum user name.  I'm interested in this on 2.0 as that's primarily what I use and would like to try tinc out over the current OpenVPN solution I use.  Seems almost effortless to add new networks in from the little I have played with it.  Looks like its only 2.1 only due to preference of his most frequent use of 2.1.

    Maybe we can have it added back in?

    The plugin itself should work fine in 2.0 I believe.  I mostly developed it on 2.0 before I moved to 2.1 (for ipv6 stuff).  The only thing that would need to change is the entry in pkg_config.8.xml.amd64 to make sure proper binaries are built and version compatibility added.  I don't have the time to do it now, but if someone else who knows the plugin stuff already wants to it should be reasonably easy.



  • @apnar:

    @zenny:

    Thanks for the pointer. Sent a PM to him. ;-)

    I took a quick look at the code and jimp made a few small tweaks about 12 days ago that might have fixed the issue.  Can you reinstall the plugin and see if you're still having problems?

    Nope, it still didn't work after upgrade.


  • Rebel Alliance Developer Netgate

    It's most likely the config write that happens in the install process. Seems to be there for a reason but it may be a catch-22. Either fix one or break another, I'm not sure what the best way to fix that might be.



  • After upgrade to July 11 build, tinc does not break, but pfjailctl breaks now. ;-)

    So the upgrade breaks one or other package which is not good to deploy for a production system afaiac. However, I remember you stating somewhere that pfjailctl does neither work in 2.0.x nor in 2.1.


  • Banned

    With the patch, reinstal on upgrade causes endless "Packages are currently being reinstalled in the background." So, still kinda broken.



  • Or even when just reapplying a backed up configuration.