1
24.1 Legacy Series / Re: Upgrade to 24.1 ends up with 23.7.12_5
« on: January 31, 2024, 05:30:43 pm »
The forced update worked like a charm.
Thank you!
Thank you!
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
2
24.1 Legacy Series / Upgrade to 24.1 ends up with 23.7.12_5
« on: January 31, 2024, 01:12:08 pm »
I have updated a couple of devices to 24.1 without issues. But when I resumed the work this morning the upgrade fails on two units.
After the step where I expected 24.1 to be in place the router restarted with these versions:
When I try to upgrade again I get this:
After the step where I expected 24.1 to be in place the router restarted with these versions:
Code: [Select]
OPNsense 23.7.12_5-amd64
FreeBSD 13.2-RELEASE-p9
OpenSSL 3.0.12
When I try to upgrade again I get this:
Code: [Select]
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 23.7.12_5 at Wed Jan 31 13:06:23 CET 2024
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 863 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (77 candidates): .......... done
Processing candidates (77 candidates): ... done
Checking integrity... done (1 conflicting)
- openssl111-1.1.1w conflicts with openssl-3.0.12_2,1 on /usr/local/bin/c_rehash
Checking integrity... done (0 conflicting)
The following 58 package(s) will be affected (of 0 checked):
Installed packages to be REMOVED:
cpdup: 1.22_1
haproxy28: 2.8.5_4
hostapd: 2.10_9
openssl: 3.0.12_2,1
opnsense: 23.7.12_5
opnsense-installer: 24.1
opnsense-update: 24.1
os-haproxy: 4.2
php82: 8.2.15
php82-ctype: 8.2.15
php82-curl: 8.2.15
php82-dom: 8.2.15
php82-filter: 8.2.15
php82-gettext: 8.2.15
php82-google-api-php-client: 2.4.0
php82-ldap: 8.2.15
php82-mbstring: 8.2.15
php82-pcntl: 8.2.15
php82-pdo: 8.2.15
php82-pear: 1.10.13
php82-pear-Crypt_CHAP: 1.5.0_1
php82-pecl-mcrypt: 1.0.6
php82-pecl-radius: 1.4.0b1_2
php82-phalcon: 5.3.1
php82-phpseclib: 3.0.34
php82-session: 8.2.15
php82-simplexml: 8.2.15
php82-sockets: 8.2.15
php82-sqlite3: 8.2.15
php82-xml: 8.2.15
php82-zlib: 8.2.15
sudo: 1.9.15p5_3
New packages to be INSTALLED:
openssl111: 1.1.1w
Installed packages to be DOWNGRADED:
cyrus-sasl: 2.1.28_4 -> 2.1.28_1
pkcs11-helper: 1.29.0_2 -> 1.29.0_1
python39: 3.9.18_1 -> 3.9.18
Installed packages to be REINSTALLED:
bind-tools-9.18.20_1 (direct dependency changed: openssl111)
curl-8.5.0 (direct dependency changed: openssl111)
cyrus-sasl-gssapi-2.1.28 (direct dependency changed: openssl111)
isc-dhcp44-server-4.4.3P1 (direct dependency changed: openssl111)
krb5-1.21.2 (direct dependency changed: openssl111)
ldns-1.8.3 (direct dependency changed: openssl111)
libevent-2.1.12 (direct dependency changed: openssl111)
libfido2-1.14.0 (direct dependency changed: openssl111)
lighttpd-1.4.73 (direct dependency changed: openssl111)
monit-5.33.0 (direct dependency changed: openssl111)
ntp-4.2.8p17_1 (direct dependency changed: openssl111)
openldap26-client-2.6.6 (direct dependency changed: openssl111)
openssh-portable-9.6.p1_1,1 (direct dependency changed: openssl111)
openvpn-2.6.8_1 (direct dependency changed: openssl111)
py39-aioquic-0.9.24 (direct dependency changed: openssl111)
py39-cryptography-41.0.7_2,1 (direct dependency changed: openssl111)
socat-1.8.0.0_2 (direct dependency changed: openssl111)
squid-6.6 (direct dependency changed: openssl111)
strongswan-5.9.13 (direct dependency changed: openssl111)
syslog-ng-4.4.0 (direct dependency changed: openssl111)
unbound-1.19.0 (direct dependency changed: openssl111)
wpa_supplicant-2.10_10 (direct dependency changed: openssl111)
Number of packages to be removed: 32
Number of packages to be installed: 1
Number of packages to be reinstalled: 22
Number of packages to be downgraded: 3
The operation will free 107 MiB.
***DONE***
Pressing Update gives the same result.
3
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
« on: August 02, 2023, 10:43:08 am »
Worked like a charm!
Thank you
Thank you
Code: [Select]
root@reserv2:~ # /usr/local/opnsense/mvc/script/run_migrations.php
Migrated OPNsense\Unbound\Unbound from 1.0.4 to 1.0.6
4
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
« on: August 02, 2023, 10:21:47 am »
I can upgrade one more of my routers from 23.1.11 to 23.7 to verify the patch. But what sequence of actions/commands do you recommend?
5
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
« on: August 02, 2023, 07:22:05 am »
I have noted that the outgoing_interface setting disappears during migration. This causes domain override /query forwarding to stop working in my setup.
6
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
« on: August 01, 2023, 04:57:34 pm »
Same commands on a router that is still running 23.1.11:
Code: [Select]
root@husabyvagen:~ # grep active_interface /conf/config.xml
<active_interface/>
root@husabyvagen:~ # pluginctl -g unbound.active_interface
root@husabyvagen:~ #
7
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
« on: August 01, 2023, 04:54:10 pm »Code: [Select]
<active_interface/>
<active_interface/>
8
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
« on: August 01, 2023, 04:51:13 pm »
Nothing - a blank line
9
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
« on: August 01, 2023, 04:40:24 pm »
I found these lines in System/general log:
Code: [Select]
2023-07-31T21:23:50 Notice kernel <118>You may need to manually remove /usr/local/etc/unbound/unbound.conf if it is no longer needed.
2023-07-31T21:23:42 Notice kernel <118>*** OPNsense\Unbound\Unbound Migration failed, check log for details
2023-07-31T21:23:42 Error config Model OPNsense\Unbound\Unbound can't be saved, skip ( OPNsense\Phalcon\Filter\Validation\Exception: [OPNsense\Unbound\Unbound:general.active_interface] option not in list{}
2023-07-31T21:23:42 Error config [OPNsense\Unbound\Unbound:general.active_interface] option not in list{}
2023-07-31T21:22:50 Notice kernel <118>[87/214] Extracting unbound-1.17.1_3: .......... done
2023-07-31T21:22:50 Notice kernel <118>Using existing user 'unbound'.
2023-07-31T21:22:50 Notice kernel <118>Using existing group 'unbound'.
2023-07-31T21:22:50 Notice kernel <118>[87/214] Upgrading unbound from 1.17.1_2 to 1.17.1_3...
2023-07-31T21:22:50 Notice kernel <118> unbound: 1.17.1_2 -> 1.17.1_3
2023-07-31T21:22:50 Notice kernel <118>unbound-1.17.1_2: already unlocked
10
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
« on: August 01, 2023, 04:32:42 pm »
I have the same problem.
I get this message. Where can I find the log?
I get this message. Where can I find the log?
Code: [Select]
*** OPNsense\Unbound\Unbound Migration failed, check log for details
11
22.7 Legacy Series / Re: HAproxy php error after upgrade 22.1 to 22.7
« on: July 29, 2022, 09:20:33 am »
Patch works fine for me.
12
22.1 Legacy Series / Re: 22.1.10 - IPsec tunnel disappeared from overview
« on: July 07, 2022, 01:10:54 pm »
Yes!
Now the tunnel is showing up again.
Now the tunnel is showing up again.
13
22.1 Legacy Series / Re: 22.1.10 - IPsec tunnel disappeared from overview
« on: July 07, 2022, 12:57:01 pm »
No difference.
Did that patch change anything?
Did that patch change anything?
Code: [Select]
root@reserv2:~ # opnsense-patch becf4e93428
Fetched becf4e93428 via https://github.com/opnsense/core
No file to patch. Skipping...
1 out of 1 hunks ignored while patching opnsense/scripts/ipsec/vici/__init__.py
No file to patch. Skipping...
1 out of 1 hunks ignored while patching opnsense/scripts/ipsec/vici/compat.py
No file to patch. Skipping...
1 out of 1 hunks ignored while patching opnsense/scripts/ipsec/vici/exception.py
No file to patch. Skipping...
1 out of 1 hunks ignored while patching opnsense/scripts/ipsec/vici/protocol.py
No file to patch. Skipping...
1 out of 1 hunks ignored while patching opnsense/scripts/ipsec/vici/session.py
No file to patch. Skipping...
1 out of 1 hunks ignored while patching opnsense/scripts/ipsec/vici/test/test_protocol.py
root@reserv2:~ #
14
22.1 Legacy Series / 22.1.10 - IPsec tunnel disappeared from overview
« on: July 07, 2022, 12:17:05 pm »
After upgrading to 22.1.10 the IPsec tunnel (host-host) has dissapeared both from the dashboard-ipsec widget and from VPN->IPsec->Status Overview.
However, the tunnel itself is working as expected.
However, the tunnel itself is working as expected.
15
21.7 Legacy Series / 21.7.3 Processes are killed due to swap space outage
« on: September 23, 2021, 09:28:55 am »
Upgraded some 10 routers last night without reboot. After a few hours, four of the units failed with one or more services stopped.
Found following in the system/general log
Just restarted the failed processes and everlything looks good after 1 hour.
Found following in the system/general log
Code: [Select]
2021-09-22T23:46:58 configctl[19087] event @ 1632347211.39 msg:
.
approx 7000 identical lines within 1 second
.
2021-09-22T23:46:58 configctl[19087] event @ 1632347211.39 msg:
2021-09-22T23:46:58 kernel pid 34492 (unbound), jid 0, uid 59, was killed: out of swap space
Unbound was stopped in three units, unspecified python process in one and syslog-ng in one.Just restarted the failed processes and everlything looks good after 1 hour.
Pages: [1] 2