OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: Drohne on November 19, 2021, 12:59:40 pm

Title: Update via local mirror: pkg: invalid scheme pkg+file
Post by: Drohne on November 19, 2021, 12:59:40 pm

The OPNsense installation is a test case for validating the use of OPNsense within a secure network, so OPNsense does not have any kind of access to the world-wide-network.

Mirroring the repository as suggested to a local host and then copying the whole repo as it is to a large USB flash drive, works fine. Also the mounting of the USB flash drive via ZFS pool import works fine (one has to have access to the console since the automated or GUI delegated importing of USB flash drives is not supported).

The ZFS flash drive is mounted to /mnt/OPNSENSE00/, the repo is located beneath /mnt/OPNSENSE00/repo.

In the GUI of a OPNsense running 21.7.3_3 OpenSSL, commit 17aec4ed4, the config is as follows to reflect the local repository:

Mirror: other
file:///mnt/OPNSENSE00/repo/
Flavour: default (or OpenSSL, doesn't matter)
Type: Community (or Development, doesn't matter)

Updating via option 12 on the console gives several errors like

pkg: invalid scheme pkg+file
pkg: Cannot parse configuration file!


or from the GUI:
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 21.7.3_3 (amd64/OpenSSL) at Fri Nov 19 12:18:07 CET 2021
Fetching changelog information, please wait... done
pkg: invalid scheme pkg+file
pkg: Cannot parse configuration file!
pkg: invalid scheme pkg+file
pkg: Cannot parse configuration file!
***DONE***

I have no clue what causes the problem.Setting in /usr/local/etc/pkg.conf:

pkg_env={
MIRROR_TYPE: "NONE",
}

did not resolve anything so far.

Need some advise. Thanks in advance.

Title: Re: Update via local mirror: pkg: invalid scheme pkg+file
Post by: franco on November 19, 2021, 01:02:25 pm

I can't really do support for this file:///mnt/OPNSENSE00/repo/ and I suspect the FreeBSD package tool (pkg) doesn't like it either.


Cheers,
Franco

Title: Re: Update via local mirror: pkg: invalid scheme pkg+file
Post by: franco on November 19, 2021, 01:08:19 pm

PS: https://www.freebsd.org/cgi/man.cgi?query=pkg-repository&apropos=0&sektion=5&manpath=FreeBSD+10.3-RELEASE+and+Ports&arch=default&format=html mentions "file" too so maybe it trips over "pkg+file" only, but I'm relatively sure we shouldn't support this from the GUI.

Title: Re: Update via local mirror: pkg: invalid scheme pkg+file
Post by: Drohne on November 23, 2021, 06:58:31 am

Thanks for the reply.

If you do not support this scheme from GUI (supposed the pkg tool maintainer will manage it to make pkg+file working), what is the strategy for updating/upgrading an OPNsense FW completely isolated from the internet?

Title: Re: Update via local mirror: pkg: invalid scheme pkg+file
Post by: franco on November 23, 2021, 07:23:11 am

LAN-based HTTP(S) mirror rsynced to e.g. https://mirror.leaseweb.com/ (they do have instructions on there)


Cheers,
Franco