Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - astrandb

Pages1 2 3
#1
25.1, 25.4 Production Series / Re: Haproxy does not update properly on 25.1.1
February 12, 2025, 06:08:53 PM
I repeated on instance #3 and exatly the same happened again.

Just to clarify. The update completes, but there is an error message about haproxy. See the relevant part of the log below:
Code Select
[42/42] Upgrading haproxy from 3.0.7 to 3.0.8...
[42/42] Extracting haproxy-3.0.8: ........ done
pkg-static: Fail to rename /usr/local/etc/rc.d/.pkgtemp.haproxy.qaAZHiGtVWae -> /usr/local/etc/rc.d/haproxy:No such file or directory
Starting web GUI...done.
When I retry the update only haproxy is upgraded but not restarted. Everything OK after manual start of the service.

Extract from log from second upgrade:
Code Select
***GOT REQUEST TO UPDATE***
Currently running OPNsense 25.1.1 (amd64) at Wed Feb 12 18:04:18 CET 2025
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
Checking for upgrades (1 candidates): . done
Processing candidates (1 candidates): . done
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
haproxy: 3.0.7 -> 3.0.8

Number of packages to be upgraded: 1
[1/1] Upgrading haproxy from 3.0.7 to 3.0.8...
[1/1] Extracting haproxy-3.0.8: ........ done
haproxy-3.0.7: missing file /usr/local/share/licenses/haproxy-3.0.7/GPLv2
haproxy-3.0.7: missing file /usr/local/share/licenses/haproxy-3.0.7/LGPL21
haproxy-3.0.7: missing file /usr/local/share/licenses/haproxy-3.0.7/LICENSE
haproxy-3.0.7: missing file /usr/local/share/licenses/haproxy-3.0.7/catalog.mk
Checking integrity... done (0 conflicting)
Nothing to do.
Checking all packages: .......... done
#2
25.1, 25.4 Production Series / Haproxy does not update properly on 25.1.1
February 12, 2025, 04:36:28 PM
Update OPNsense from 25.1 => 25.1.1 fails when updating haproxy.
The update procedure tries to update haproxy from 3.0.7 to 3.0.8 but it fails with an error message in th elog window. The rest of the update is OK and the router reboots as expected. However, haproxy service does not start. When I click update again I am presented with an upgrade of haproxy 3.0.7=>3.0.8. Accepting that and the update succeeds but the service does not start. After starting manually everything seems to work.

I have tried this on two different installations with exactly the same behaviour.
#3
25.1, 25.4 Production Series / Re: How to remove old picture file ??
February 07, 2025, 10:03:54 AM
Thank you. Worked like a charm!
#4
25.1, 25.4 Production Series / How to remove old picture file ??
February 01, 2025, 11:42:56 AM
I have an old picture widget file that is hanging around. It adds > 1 Mb to every backup file. How can I get rid of this file?
#5
Tutorials and FAQs / Re: How to remove old picture file
February 01, 2025, 11:40:31 AM
Sorry, I think I posted this in wrong forum.
#6
Tutorials and FAQs / How to remove old picture file
February 01, 2025, 11:36:54 AM
I have an old picture widget file that is hanging around. It adds > 1 Mb to every backup file. How can I get rid of this file?
#7
24.1, 24.4 Legacy Series / Re: Upgrade to 24.1 ends up with 23.7.12_5
January 31, 2024, 05:30:43 PM
The forced update worked like a charm.
Thank you!
#8
24.1, 24.4 Legacy Series / Upgrade to 24.1 ends up with 23.7.12_5
January 31, 2024, 01:12:08 PM
I have updated a couple of devices to 24.1 without issues. But when I resumed the work this morning the upgrade fails on two units.
After the step where I expected 24.1 to be in place the router restarted with these versions:
Code Select

OPNsense 23.7.12_5-amd64
FreeBSD 13.2-RELEASE-p9
OpenSSL 3.0.12


When I try to upgrade again I get this:
Code Select

***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 23.7.12_5 at Wed Jan 31 13:06:23 CET 2024
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 863 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (77 candidates): .......... done
Processing candidates (77 candidates): ... done
Checking integrity... done (1 conflicting)
  - openssl111-1.1.1w conflicts with openssl-3.0.12_2,1 on /usr/local/bin/c_rehash
Checking integrity... done (0 conflicting)
The following 58 package(s) will be affected (of 0 checked):

Installed packages to be REMOVED:
cpdup: 1.22_1
haproxy28: 2.8.5_4
hostapd: 2.10_9
openssl: 3.0.12_2,1
opnsense: 23.7.12_5
opnsense-installer: 24.1
opnsense-update: 24.1
os-haproxy: 4.2
php82: 8.2.15
php82-ctype: 8.2.15
php82-curl: 8.2.15
php82-dom: 8.2.15
php82-filter: 8.2.15
php82-gettext: 8.2.15
php82-google-api-php-client: 2.4.0
php82-ldap: 8.2.15
php82-mbstring: 8.2.15
php82-pcntl: 8.2.15
php82-pdo: 8.2.15
php82-pear: 1.10.13
php82-pear-Crypt_CHAP: 1.5.0_1
php82-pecl-mcrypt: 1.0.6
php82-pecl-radius: 1.4.0b1_2
php82-phalcon: 5.3.1
php82-phpseclib: 3.0.34
php82-session: 8.2.15
php82-simplexml: 8.2.15
php82-sockets: 8.2.15
php82-sqlite3: 8.2.15
php82-xml: 8.2.15
php82-zlib: 8.2.15
sudo: 1.9.15p5_3

New packages to be INSTALLED:
openssl111: 1.1.1w

Installed packages to be DOWNGRADED:
cyrus-sasl: 2.1.28_4 -> 2.1.28_1
pkcs11-helper: 1.29.0_2 -> 1.29.0_1
python39: 3.9.18_1 -> 3.9.18

Installed packages to be REINSTALLED:
bind-tools-9.18.20_1 (direct dependency changed: openssl111)
curl-8.5.0 (direct dependency changed: openssl111)
cyrus-sasl-gssapi-2.1.28 (direct dependency changed: openssl111)
isc-dhcp44-server-4.4.3P1 (direct dependency changed: openssl111)
krb5-1.21.2 (direct dependency changed: openssl111)
ldns-1.8.3 (direct dependency changed: openssl111)
libevent-2.1.12 (direct dependency changed: openssl111)
libfido2-1.14.0 (direct dependency changed: openssl111)
lighttpd-1.4.73 (direct dependency changed: openssl111)
monit-5.33.0 (direct dependency changed: openssl111)
ntp-4.2.8p17_1 (direct dependency changed: openssl111)
openldap26-client-2.6.6 (direct dependency changed: openssl111)
openssh-portable-9.6.p1_1,1 (direct dependency changed: openssl111)
openvpn-2.6.8_1 (direct dependency changed: openssl111)
py39-aioquic-0.9.24 (direct dependency changed: openssl111)
py39-cryptography-41.0.7_2,1 (direct dependency changed: openssl111)
socat-1.8.0.0_2 (direct dependency changed: openssl111)
squid-6.6 (direct dependency changed: openssl111)
strongswan-5.9.13 (direct dependency changed: openssl111)
syslog-ng-4.4.0 (direct dependency changed: openssl111)
unbound-1.19.0 (direct dependency changed: openssl111)
wpa_supplicant-2.10_10 (direct dependency changed: openssl111)

Number of packages to be removed: 32
Number of packages to be installed: 1
Number of packages to be reinstalled: 22
Number of packages to be downgraded: 3

The operation will free 107 MiB.
***DONE***

Pressing Update gives the same result.
#9
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
August 02, 2023, 10:43:08 AM
Worked like a charm!
Thank you

Code Select
root@reserv2:~ # /usr/local/opnsense/mvc/script/run_migrations.php
Migrated OPNsense\Unbound\Unbound from 1.0.4 to 1.0.6
#10
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
August 02, 2023, 10:21:47 AM
I can upgrade one more of my routers from 23.1.11 to 23.7 to verify the patch. But what sequence of actions/commands do you recommend?
#11
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
August 02, 2023, 07:22:05 AM
I have noted that the outgoing_interface setting disappears during migration. This causes domain override /query forwarding to stop working in my setup.
#12
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
August 01, 2023, 04:57:34 PM
Same commands on a router that is still running 23.1.11:
Code Select
root@husabyvagen:~ # grep active_interface /conf/config.xml
    <active_interface/>
root@husabyvagen:~ # pluginctl -g unbound.active_interface

root@husabyvagen:~ #
#13
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
August 01, 2023, 04:54:10 PM
Code Select
    <active_interface/>
        <active_interface/>
#14
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
August 01, 2023, 04:51:13 PM
Nothing - a blank line
#15
23.7 Legacy Series / Re: Unbound failed to start after upgrading to 23.7, Domain Overrides Issue
August 01, 2023, 04:40:24 PM
I found these lines in System/general log:
Code Select
2023-07-31T21:23:50 Notice kernel <118>You may need to manually remove /usr/local/etc/unbound/unbound.conf if it is no longer needed.
2023-07-31T21:23:42 Notice kernel <118>*** OPNsense\Unbound\Unbound Migration failed, check log for details
2023-07-31T21:23:42 Error config Model OPNsense\Unbound\Unbound can't be saved, skip ( OPNsense\Phalcon\Filter\Validation\Exception: [OPNsense\Unbound\Unbound:general.active_interface] option not in list{}
2023-07-31T21:23:42 Error config [OPNsense\Unbound\Unbound:general.active_interface] option not in list{}
2023-07-31T21:22:50 Notice kernel <118>[87/214] Extracting unbound-1.17.1_3: .......... done
2023-07-31T21:22:50 Notice kernel <118>Using existing user 'unbound'.
2023-07-31T21:22:50 Notice kernel <118>Using existing group 'unbound'.
2023-07-31T21:22:50 Notice kernel <118>[87/214] Upgrading unbound from 1.17.1_2 to 1.17.1_3...
2023-07-31T21:22:50 Notice kernel <118> unbound: 1.17.1_2 -> 1.17.1_3
2023-07-31T21:22:50 Notice kernel <118>unbound-1.17.1_2: already unlocked
Pages1 2 3