OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: Nekromantik on December 16, 2018, 02:21:04 am

Title: update packages breaks opnsense
Post by: Nekromantik on December 16, 2018, 02:21:04 am

hi
after installing 19.1 if you do a update package, when its removing suricata it all of a sudden breaks the UI as in a refresh you get a 403 forbidden and even ssh access is gone.
if you reboot it does not boot up correctly and box is broken as you cannot login as opnsense file is missing according to login on the console.
only fix is to start again from usb install.
is this known issue?

Title: Re: update packages breaks opnsense
Post by: franco on December 16, 2018, 08:07:34 pm

Hi,

Unless ports are built from a local /usr/ports tree this shouldn't happen.

What are the steps to reproduce?


Cheers,
Franco

Title: Re: update packages breaks opnsense
Post by: Nekromantik on December 17, 2018, 01:34:33 am

Hi

This is not ports.
After installing 19.1 I went to the GUI and updates section and pressed check for updates. It then wanted to update suricata etc to newer version. I pressed update and after it removes current version it breaks the UI. You can no longer access it. I get a 403 error on 192.168.1.1 page and all other pages I get 404.
After reboot you can no longer login as you get error about not finding opensense login file.

I had to restore to 18.7.9 so cant do tests. Just wanted to let people know of the issue in case there was a fix.

Title: Re: update packages breaks opnsense
Post by: franco on December 17, 2018, 07:19:50 am

Hi there,

I just did an upgrade test on 19.1-BETA and the system came back up, OpenSSL and LibreSSL alike.

I simply want to state the facts that go with the harmlessness in updating 19.1-BETA under the conditions that:

1. The base and kernel are not unlocked or forcefully downgraded.
2. No ports are being built.

It's mentioned again here because in another thread you talked about getdns not being able to build anymore and I can see two things that are potentially devastating:

Running custom-built software, even from the provided ports tree. As well as building them on 19.1-BETA which has a different base and kernel layout and causes shared libraries to shift and break our current 18.7 binary packages on updates.

I'm not sure what happened here and I need to know the steps to reproduce to be able to inspect it.

That being said additional BETA risk for custom-built software goes away when 19.1-RC is out. But while it generally works, we cannot guarantee risk-free manipulation of our system that goes beyond the limitations that we have and have set.


Cheers,
Franco

Title: Re: update packages breaks opnsense
Post by: Nekromantik on December 17, 2018, 11:53:04 am

sure
If getdns is not available as a package install on 19.1 yet then I will stick with 18.7 for now,
Yes I did install opnsense toolkit and do a make update on it so maybe thats what causes the issues.
thanks for testing.