Really big problem to go to 2.2.2 from 2.2.1
-
Especially when that specific hardware has been bog-standard for 30+ years, and generally hasn't caused a problem with anything during that time with extremely minor exceptions.
-
Really? Physical access to the machine by authorized personnel at time of initial OS installation and configuration equates to compromised? Furthermore I would hope that whoever is setting up said machine would verify BIOS settings prior to installing OS anyway. So just KISS it then. And be down with it.
-
Note to self - always read release notes. What a painful, painful way to find out the hard way. Tyan motherboard with dual opteron 2212s is very, very unhappy with this at the moment. Here's hoping disabling serial does the trick. It'd be nice to have the update pulled or fixed if this was known about yesterday…
-
Really? Physical access to the machine by authorized personnel at time of initial OS installation and configuration equates to compromised? Furthermore I would hope that whoever is setting up said machine would verify BIOS settings prior to installing OS anyway. So just KISS it then. And be down with it.
I'm not sure what world you live in, but where I come from disabling the serial port on machines without built-in ILO is the furthest thing from "KISS" you can get.
-
I live in a modern world. KISS does not equate to disabling something you need. But how many of the people getting bit by this issue actually need the serial port. A few sure but most probably not.
-
Note to self - always read release notes. What a painful, painful way to find out the hard way. Tyan motherboard with dual opteron 2212s is very, very unhappy with this at the moment. Here's hoping disabling serial does the trick. It'd be nice to have the update pulled or fixed if this was known about yesterday…
It would be even nicer if people would practice some disciplined behavior and take responsibility for their own faults and oversights (like not bothering to read and follow instructions) rather than expecting something to be withheld from everyone else to protect their self and a minority few others at everyone else's expense.
If you're not going to read and follow the instructions then don't be expecting everyone else to be put out and penalized for the sake of yourself and a minority few others.
World needs to get over catering to LCD (lowest common denominator) and move on. It's a costly mind set to govern by and hampers progress.
Develop self discipline and other good qualities, practices and behaviors that will enable you to not be an LCD that expects everyone else to be held back to your pace and level of ability.
-
I have to admit I didn't read the notes but I'd have been surprised if "Turn of serial console" was in there.
I think that was a surprise for everyone. Am I wrong?
Not blaming the devs but also not blaming the people who got burned.
-
Notice was added yesterday. Anyone getting bit by this today or thereafter has no cause to point finger at anyone but the mirror for not being disciplined enough to read and follow instructions. And especial then also to call for pulling the upgrade when there is a viable proven easy quick workaround for a problem that only affects a minority of systems. To me that's an LCD mind set.
-
Hi jimp,
Thank you very much for this workaround. It works great. The only thing which confuses me is after applying the patch and rebooting the system when I go into System\Advanced\Admin Access - in the Serial Communications field the primary console is still set to "serial console", where my primary console should be VGA (please refer to the attachment). Is this part of the issue or it's just me not understanding the primary console option?
Thanks one more time!
Kind Regards,
Nick
 -
Thank you very much for this workaround. It works great. The only thing which confuses me is after applying the patch and rebooting the system when I go into System\Advanced\Admin Access - in the Serial Communications field the primary console is still set to "serial console", where my primary console should be VGA (please refer to the attachment). Is this part of the issue or it's just me not understanding the primary console option?
The second settings don't matter if the first is unchecked.
-
@NYOB: Given that pfSense is a firewall distribution, and most firewalls run headless, serial is much more common on equipment running pfSense than it otherwise might be. Ideally, it should not be disabled in the BIOS, it should be enabled as an alternate console if it's available or put to use other ways (e.g. NTP).
Serial isn't "old" as in outdated. It's time-tested, reliable, and still heavily used in networking gear and time keeping, among other places. USB may be easy but it's not as reliable for timing/PPS, for example.
I might recommend disabling sound cards, unneeded extra disk controllers, and so on, but I'd rarely if ever recommend disabling a serial port.
-
Who said anything about serial being old outdated etc. I say KISS it. If it ain't need, not going to be used, isn't part of a failsafe plan etc, axe it. Obviously a headless system does not fall into that category. So removing it would not qualify as KISS for such a system.
…, but I'd rarely if ever recommend disabling a serial port.
I would. Any time and every time it is not needed.
-
The second settings don't matter if the first is unchecked.
Perhaps graying it out when not selected would be in order for a future update.
-
So why do y'all have your serial port enabled if you are not using it. …
It's the same sort of philosophy as with security. Only what is needed is permitted, stored/kept, provided, etc.
First thing I did when initially setting up my pfSense machine was go into the BOIS and turn off everything not being used. .
Are you f*ing kidding me buddy? Did you crack open the machine and pull out the data cable from the cdrom drive too? Don't forget to remove the video card! Why, don't you know that every single 1337 h4x0r in the world USES A MONITOR to hack things!!! Why do they even install serial ports and video cards in machines? They are just asking for trouble. Its reckless insecurity!
Oh and make sure to disable the USB and PS2 ports. Never know when some rogue keyboard will fly into them and FUCK_SHIT_UP. You will also need to create your BIOS password by randomly mashing on the keyboard. Its not secure unless it takes a CMOS wipe to access the machine.. AMIRITE!!!
Last tip, grind down the serial port headers with an angle grinder after you turn them off. CANT BE TOO CAREFUL!!!
-
Who said anything about security or hacking? Similar to others seemingly trying to change the subject to making about something else like energy savings etc.
Apparently not many people comprehend KISS. I feel like Walter White trying to explain chemistry to Jesse Pinkman. KISS doesn't mean to get rid of something that is needed, used, etc. That obviously would be anti-KISS.
Oh by the way. Yes, removed the CD-ROM, and HDD, there where no cables to be removed though. The video card is integrated, and beside it is being used. So that would not qualify as KISS. If the BIOS permits it the PS2 port is disabled since it is not being used for anything. The USB ports are being used. So again that would not be a KISS candidate.
Regarding grinding down serial port headers. Now you're just being idiotic. That's okay though, it's your right (maybe, depending on where you are/live). OS can not detect "port headers" (connectors). Poke fun if like but I didn't spend hours troubleshooting a failed upgrade due to a serial port issue on a system that has no need for a serial port. Many here did.
-
Another thread gone haywire :D
Disabling serial console in bios gone to grinding of serial port console along with graphics and sound cards…..
Yippiiiie!
-
Thanks Supermule. I needed that laugh. +1 karma for you.
-
I just pulled 2GB of RAM out of my box since it seemed to not be in use (Kidding).
-
I think I will take the cases off all my boards, cases don't seem to be used either :P
-
I just pulled 2GB of RAM out of my box since it seemed to not be in use (Kidding).
Another good one. LOL +1 karma for you too.
Although… The more there is the greater odds of a failure... If it's really not needed and never will be. There's really no point in it being there. No upside to it, only down side. Though I admit my system has 2 x 1GB modules and only using about 20% according to the dashboard (memory usage + tmp and var ramdisks).
But if I pull out the extra module I'll probably lose it. And then some day need it for some reason. Think I'll just continue living dangerously.
