Messages

thanks

I wanted to see the packages output more than the kernel and base...that's why I asked for the full output.


Let's try another health check ?

i'm not at home and took some risks (did it with a vpn connection).
From what i saw all was running good until stopping suricata.
Here is the result of update check.

Code Select Expand

***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 26.1.10 (amd64) at Sat Jun 20 10:51:10 CEST 2026
>>> Root file system: zroot/ROOT/default
>>> Check installed kernel version
Version 26.1.10 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 26.1.10 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense (Priority: 11)
mimugmail (Priority: 5)
>>> Check installed plugins
os-acme-client 4.16_1
os-apcupsd 1.2_3
os-caddy 2.1.0
os-cpu-microcode-intel 1.1
os-crowdsec 1.0.12
os-ddclient 1.31_1
os-freeradius 1.10.1
os-igmp-proxy 1.5_6
os-iperf 1.0_2
os-isc-dhcp 1.0_5
os-mdns-repeater 1.2
os-net-snmp 1.6_1
os-opnarp-maxit 1.0_4
os-q-feeds-connector 1.6
os-unifi9-maxit 1.4
os-wol 2.5_4
os-zabbix74-agent 1.19
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .
isc-dhcp44-server-4.4.3P1_2: missing file /usr/local/share/licenses/isc-dhcp44-server-4.4.3P1_2/LICENSE
Checking all packages............ done
>>> Check for core packages consistency
Core package "opnsense" at 26.1.10 has 68 dependencies to check.
Checking packages: ..................................................................... done
***DONE***i don't use isc dhcp.

i open another ssh session and kill pid 15665: opnsense killed the connection and rebooted. Almost all services started.
And i can now request update and health check in gui.

It seems suricata was preventing a reboot.

the update doesn't end in the ssh session:

Code Select Expand

Installing kernel-26.1.10-amd64.txz... done
Installing base-26.1.10-amd64.txz... done
Cleaning obsolete files... done
Please reboot.
>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
Stopping crowdsec_firewall.
Stopping caddy... done
Stopping crowdsec.
Waiting for PIDS: 1455.
Stopping ddclient.
Waiting for PIDS: 81869.
Stopping unifi.
Waiting for PIDS: 83023.
Cleaning up leftover child processes.
kill: 86497: No such process
Stopping acme_http_challenge.
Waiting for PIDS: 15393.
Stopping mdns_repeater.
Waiting for PIDS: 71298.
Stopping hostwatch.
Waiting for PIDS: 12714, 12714.
Stopping zabbix_agentd.
Waiting for PIDS: 803.
Stopping snmpd.
Waiting for PIDS: 39155.
Stopping suricata.
Waiting for PIDS: 15665
in the gui it's like it upgraded to 26.1.10 and rebooted. And many services have not restarted.

i use vivaldi. will try with brave and safari.

edit: same in brave or safari.
When i request update check it displays the result of the last update from the beginning of the mont that was ran in ssh.

edit2: tried also with firefox for the same result.

26.1.10 is out and as before i can no longer update from gui. I can neither run an audit from gui.
Running from ssh is ok and the result of the command (update check or health audit) is displayed in the gui.

i ran update.sh and got errors.

Code Select Expand

[03-Jun-2026 19:02:44 Europe/Luxembourg] PHP Fatal error:  Uncaught Error: Class "OPNsense\Base\Menu\MenuContainer" not found in /usr/local/opnsense/mvc/app/models/OPNsense/DHCPv4/Menu/Menu.php:34
Stack trace:
#0 /usr/local/opnsense/mvc/app/library/OPNsense/Autoload/Loader.php(49): require_once()
#1 [internal function]: OPNsense\Autoload\Loader->autoload('OPNsense\\DHCPv4...')
#2 /usr/local/opnsense/mvc/script/run_migrations.php(64): ReflectionClass->__construct('OPNsense\\DHCPv4...')
#3 {main}
  thrown in /usr/local/opnsense/mvc/app/models/OPNsense/DHCPv4/Menu/Menu.php on line 34
After the reboot many services didn't start automatically. I had to start manually. Acme started only after applying config from settings page.
And still no possibility to run any audit from gui. This works only from ssh.
At least all services seem to work correctly with firmware 26.1.9. I go on vacation tomorrow and have not much time to investigate.

i have done health check in cli:

Code Select Expand

/usr/local/opnsense/scripts/firmware $ sudo ./health.sh
>>> Root file system: zroot/ROOT/default
>>> Check installed kernel version
Version 26.1.7 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 26.1.7 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense (Priority: 11)
mimugmail (Priority: 5)
>>> Check installed plugins
os-acme-client 4.16_1
os-apcupsd 1.2_3
os-caddy 2.1.0
os-cpu-microcode-intel 1.1
os-crowdsec 1.0.12
os-ddclient 1.31
os-freeradius 1.10.1
os-igmp-proxy 1.5_6
os-iperf 1.0_2
os-isc-dhcp 1.0_4
os-mdns-repeater 1.2
os-net-snmp 1.6_1
os-opnarp-maxit 1.0_4
os-q-feeds-connector 1.6
os-unifi9-maxit 1.4
os-wol 2.5_4
os-zabbix74-agent 1.19
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .
isc-dhcp44-server-4.4.3P1_2: missing file /usr/local/share/licenses/isc-dhcp44-server-4.4.3P1_2/LICENSE
Checking all packages............ done
>>> Check for core packages consistency
Core package "opnsense" at 26.1.8_5 has 68 dependencies to check.
Checking packages: ..
ca_root_nss-3.117_2 version mismatch, expected 3.124
Checking packages: .....................
openvpn-2.6.20 version mismatch, expected 2.7.4
Checking packages: .
opnsense-26.1.8_5 version mismatch, expected 26.1.9
Checking packages: ...
opnsense-update-26.1.7_1 version mismatch, expected 26.1.9
Checking packages: ...
php83-ctype-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-curl-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-dom-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-filter-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-gettext-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-ldap-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-pcntl-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-pdo-8.3.30 version mismatch, expected 8.3.31
Checking packages: .....
php83-session-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-simplexml-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-sockets-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-sqlite3-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-xml-8.3.30 version mismatch, expected 8.3.31
Checking packages: .
php83-zlib-8.3.30 version mismatch, expected 8.3.31
Checking packages: ....
py313-duckdb-1.5.2 version mismatch, expected 1.5.2_1
Checking packages: ...
py313-numpy1-1.26.4_3 has no upstream equivalent
Checking packages: .
py313-pandas-2.3.3_1,1 version mismatch, expected 2.3.3_2,1
Checking packages: .
py313-requests-2.33.1 version mismatch, expected 2.34.2
Checking packages: ..
py313-ujson-5.12.0 version mismatch, expected 5.12.1
Checking packages: .......
suricata-8.0.4 version mismatch, expected 8.0.5
Checking packages: ..
unbound-1.25.0 version mismatch, expected 1.25.1
Checking packages: .. done
and now it's this health check that's displayed in the gui but still no possibility to check for updates in gui.

doesn't work for me as stated in the first post.

not really:

Code Select Expand

sudo killall pkg pkg-static
No matching processes were found

when i select check update from status page i have "Firmware status requires to check for update first to provide more information."
and the it opens update page which displays the result from an health check from may 13.
Whatever i ask from status page (update check, all the audits available) i'm back to the update page with the result of health check from  may 13.

Is there a thing i can do to make it work like befor ?

it seems to be ok now but i had to run /usr/local/opnsense/scripts/firmware/check.sh
without that it wouldn't do update check.


edit: spoke too soon. Now i can't run any command on firmware status page

rerun the command:

Code Select Expand

sudo opnsense-update -p
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
Fetching meta.conf: 100%    179 B   0.2kB/s    00:01
mimugmail repository is up to date.
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
Fetching meta.conf: 100%    179 B   0.2kB/s    00:01
mimugmail repository is up to date.
All repositories are up to date.
Checking for upgrades (17 candidates): 100%
Processing candidates (17 candidates):   5%
pkg-static: glib has a missing dependency: python311
Processing candidates (17 candidates): 100%
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking integrity... done (0 conflicting)
Nothing to do.
Checking all packages: 100%
Nothing to do.
Flushing temporary package files... done
When i try to reinstall glib it goes to the update tab but the content of the screen is the result of the update.
It doesn't do anything from gui.

Code Select Expand

Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
Fetching meta.conf: 100%    179 B   0.2kB/s    00:01
mimugmail repository is up to date.
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
Fetching meta.conf: 100%    179 B   0.2kB/s    00:01
mimugmail repository is up to date.
All repositories are up to date.
Checking for upgrades (33 candidates): 100%
Processing candidates (33 candidates):   6%
pkg-static: glib-bootstrap has a missing dependency: python311
pkg-static: glib has a missing dependency: python311
pkg-static: glib-bootstrap has a missing dependency: python311
Processing candidates (33 candidates):  36%
pkg-static: glib-bootstrap has a missing dependency: python311
pkg-static: glib-bootstrap has a missing dependency: python311
Processing candidates (33 candidates): 100%
The following 17 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
colordiff: 1.0.22 [OPNsense]

Installed packages to be UPGRADED:
bind-tools: 9.20.19 -> 9.20.20 [OPNsense]
caddy-custom: 2.11.1.0.0.4.5.9 -> 2.11.2.0.0.4.5.10 [OPNsense]
crowdsec: 1.7.6_1 -> 1.7.6_2 [OPNsense]
crowdsec-firewall-bouncer: 0.0.32_12 -> 0.0.34 [OPNsense]
groff: 1.23.0_5 -> 1.24.0_1 [OPNsense]
libunistring: 1.4.1 -> 1.4.2 [OPNsense]
libxml2: 2.15.1_1 -> 2.15.2 [OPNsense]
opnsense: 26.1.3 -> 26.1.4 [OPNsense]
opnsense-lang: 26.1.1 -> 26.1.4 [OPNsense]
os-ddclient: 1.30 -> 1.30_1 [OPNsense]
os-q-feeds-connector: 1.5 -> 1.5_1 [OPNsense]
py313-filelock: 3.20.1 -> 3.25.0 [OPNsense]
strongswan: 6.0.3_1 -> 6.0.4 [OPNsense]
suricata: 8.0.3_1 -> 8.0.3_2 [OPNsense]
syslog-ng: 4.10.2 -> 4.11.0 [OPNsense]

Installed packages to be REINSTALLED:
net-snmp-5.9.5.2,1 [OPNsense] (options changed)

Number of packages to be installed: 1
Number of packages to be upgraded: 15
Number of packages to be reinstalled: 1

The operation will free 9 MiB.
112 MiB to be downloaded.
[1/17] Fetching groff-1.24.0_1.pkg: 100%    3 MiB   2.7MB/s    00:01
[2/17] Fetching libunistring-1.4.2.pkg: 100%  705 KiB 721.7kB/s    00:01
[3/17] Fetching crowdsec-1.7.6_2.pkg: 100%   62 MiB  65.0MB/s    00:01
[4/17] Fetching syslog-ng-4.11.0.pkg: 100%    1 MiB   1.1MB/s    00:01
[5/17] Fetching colordiff-1.0.22.pkg: 100%   16 KiB  16.3kB/s    00:01
[6/17] Fetching os-ddclient-1.30_1.pkg: 100%   33 KiB  33.4kB/s    00:01
[7/17] Fetching caddy-custom-2.11.2.0.0.4.5.10.pkg: 100%   14 MiB  15.0MB/s    00:01
[8/17] Fetching net-snmp-5.9.5.2,1.pkg: 100%    2 MiB   2.5MB/s    00:01
[9/17] Fetching libxml2-2.15.2.pkg: 100%  902 KiB 923.3kB/s    00:01
[10/17] Fetching bind-tools-9.20.20.pkg: 100%    2 MiB   1.6MB/s    00:01
[11/17] Fetching crowdsec-firewall-bouncer-0.0.34.pkg: 100%    4 MiB   4.6MB/s    00:01
[12/17] Fetching os-q-feeds-connector-1.5_1.pkg: 100%   29 KiB  30.2kB/s    00:01
[13/17] Fetching py313-filelock-3.25.0.pkg: 100%   46 KiB  47.4kB/s    00:01
[14/17] Fetching suricata-8.0.3_2.pkg: 100%   12 MiB  12.6MB/s    00:01
[15/17] Fetching opnsense-26.1.4.pkg: 100%    6 MiB   6.1MB/s    00:01
[16/17] Fetching strongswan-6.0.4.pkg: 100%  893 KiB 914.7kB/s    00:01
[17/17] Fetching opnsense-lang-26.1.4.pkg: 100%    3 MiB   3.4MB/s    00:01
Checking integrity... done (0 conflicting)
[1/17] Upgrading bind-tools from 9.20.19 to 9.20.20...
[1/17] Extracting bind-tools-9.20.20: 100%
[2/17] Upgrading caddy-custom from 2.11.1.0.0.4.5.9 to 2.11.2.0.0.4.5.10...
[2/17] Extracting caddy-custom-2.11.2.0.0.4.5.10: 100%
[3/17] Installing colordiff-1.0.22...
[3/17] Extracting colordiff-1.0.22: 100%
[4/17] Upgrading crowdsec-firewall-bouncer from 0.0.32_12 to 0.0.34...
[4/17] Extracting crowdsec-firewall-bouncer-0.0.34: 100%
crowdsec_firewall is running as pid 70614.
Stopping crowdsec_firewall.
[5/17] Upgrading crowdsec from 1.7.6_1 to 1.7.6_2...
[5/17] Extracting crowdsec-1.7.6_2: 100%
crowdsec is running as pid 66897.
Stopping crowdsec.
Waiting for PIDS: 66897.
Updating crowdsec hub data
Loaded: 161 parsers, 11 postoverflows, 777 scenarios, 9 contexts, 5 appsec-configs, 196 appsec-rules, 161 collections
Unmanaged items: 1 local, 0 tainted
Starting crowdsec.
[6/17] Upgrading groff from 1.23.0_5 to 1.24.0_1...
[6/17] Extracting groff-1.24.0_1: 100%
[7/17] Upgrading libunistring from 1.4.1 to 1.4.2...
[7/17] Extracting libunistring-1.4.2: 100%
[8/17] Upgrading libxml2 from 2.15.1_1 to 2.15.2...
[8/17] Extracting libxml2-2.15.2: 100%
[9/17] Reinstalling net-snmp-5.9.5.2,1...
===> Creating groups
Using existing group 'snmpd'
===> Creating users
Using existing user 'snmpd'
[9/17] Extracting net-snmp-5.9.5.2,1: 100%
[10/17] Upgrading opnsense-lang from 26.1.1 to 26.1.4...
[10/17] Extracting opnsense-lang-26.1.4: 100%
[11/17] Upgrading os-ddclient from 1.30 to 1.30_1...
[11/17] Extracting os-ddclient-1.30_1: 100%
Stopping configd...done
Starting configd.
Reloading plugin configuration
Flushing all caches...done.
Configuring system logging...done.
Reloading template OPNsense/Syslog: OK
Reloading template OPNsense/ddclient: OK
[12/17] Upgrading os-q-feeds-connector from 1.5 to 1.5_1...
[12/17] Extracting os-q-feeds-connector-1.5_1: 100%
Stopping configd...done
Starting configd.
Reloading plugin configuration
Flushing all caches...done.
Configuring system logging...done.
Reloading template OPNsense/QFeeds: OK
Service `cron' has been restarted.
[13/17] Upgrading py313-filelock from 3.20.1 to 3.25.0...
[13/17] Extracting py313-filelock-3.25.0: 100%
[14/17] Upgrading strongswan from 6.0.3_1 to 6.0.4...
[14/17] Extracting strongswan-6.0.4: 100%
[15/17] Upgrading suricata from 8.0.3_1 to 8.0.3_2...
[15/17] Extracting suricata-8.0.3_2: 100%
[16/17] Upgrading syslog-ng from 4.10.2 to 4.11.0...
[16/17] Extracting syslog-ng-4.11.0: 100%
[17/17] Upgrading opnsense from 26.1.3 to 26.1.4...
[17/17] Extracting opnsense-26.1.4: 100%
Stopping configd...done
Resetting root shell
Updating /etc/shells
Unhooking from /etc/rc
Unhooking from /etc/rc.shutdown
Updating /etc/shells
Registering root shell
Hooking into /etc/rc
Hooking into /etc/rc.shutdown
Starting configd.
>>> Invoking update script 'refresh.sh'
Flushing all caches...done.
Writing firmware settings: FreeBSD OPNsense
Writing trust files...done.
Scanning /usr/share/certs/untrusted for certificates...
Scanning /usr/share/certs/trusted for certificates...
Scanning /usr/local/share/certs for certificates...
certctl: Modified 192 trust store links.
Writing trust bundles...done.
Configuring login behaviour...done.
Configuring cron...done.
Configuring system logging...done.
You may need to manually remove /usr/local/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml if it is no longer needed.
You may need to manually remove /usr/local/etc/crowdsec/config.yaml if it is no longer needed.
You may need to manually remove /usr/local/etc/crowdsec/local_api_credentials.yaml if it is no longer needed.
You may need to manually remove /usr/local/etc/crowdsec/online_api_credentials.yaml if it is no longer needed.
=====
Message from net-snmp-5.9.5.2,1:

--
snmpd now drops privileges by default after initialization is completed.
Ensure that any extension commands defined in your snmpd.conf can be executed
by the snmpd user.

It is possible to start and run snmpd entirely as a non-root user with the
following steps:

1. Add the following lines to /etc/rc.conf:

snmpd_user="snmpd"
snmpd_group="snmpd"
snmpd_pidfile="/var/net-snmp/snmpd.pid"

2. Configure the mac_portacl(4) kernel module:

   a. Load mac_portacl.ko at boot time by adding the following line to
      /etc/rc.conf:

kld_list="mac_portacl"

   b. Configure the following sysctls in sysctl.conf(5):

      net.inet.ip.portrange.reservedhigh=0
      security.mac.portacl.rules=gid:344:udp:161,gid:344:tcp:161,gid:344:tcp:199,gid:344:tcp:705

   This allows snmpd to bind to these privileged ports without holding
   special privileges.

3. Make sure that the snmpd user has read/write or read-only access to the
   following:

RW - /var/log/snmpd.log
RW - /var/net-snmp/*
RO - /usr/local/share/snmp/*

   Note that snmpd creates the /var/net-snmp directory upon its initial
   startup, and this cannot be done by the snmpd user.

4. Ensure that any and all extension commands defined in snmpd.conf can be
   executed by the snmpd user.
=====
Message from strongswan-6.0.4:

--
The default strongSwan configuration interface have been updated to vici.
To use the stroke interface by default either compile the port without the vici option or
set 'strongswan_interface="stroke"' in your rc.conf file.
You may need to manually remove /usr/local/etc/suricata/classification.config if it is no longer needed.
You may need to manually remove /usr/local/etc/suricata/reference.config if it is no longer needed.
You may need to manually remove /usr/local/etc/suricata/suricata.yaml if it is no longer needed.
You may need to manually remove /usr/local/etc/syslog-ng.conf if it is no longer needed.
=====
Message from opnsense-26.1.4:

--
One step ahead, one step behind it, now you gotta run to get even
Checking integrity... done (0 conflicting)
Nothing to do.
Checking all packages: 100%
The following package files will be deleted:
/var/cache/pkg/strongswan-6.0.4~ed94b06ef3.pkg
/var/cache/pkg/crowdsec-firewall-bouncer-0.0.34.pkg
/var/cache/pkg/libxml2-2.15.2~4af2bc4b58.pkg
/var/cache/pkg/caddy-custom-2.11.2.0.0.4.5.10~2dcf099933.pkg
/var/cache/pkg/caddy-custom-2.11.2.0.0.4.5.10.pkg
/var/cache/pkg/groff-1.24.0_1~22d230794f.pkg
/var/cache/pkg/libunistring-1.4.2.pkg
/var/cache/pkg/os-q-feeds-connector-1.5_1.pkg
/var/cache/pkg/suricata-8.0.3_2~dd572055ee.pkg
/var/cache/pkg/syslog-ng-4.11.0~82419d7eef.pkg
/var/cache/pkg/py313-filelock-3.25.0~da88d7097b.pkg
/var/cache/pkg/suricata-8.0.3_2.pkg
/var/cache/pkg/net-snmp-5.9.5.2,1.pkg
/var/cache/pkg/groff-1.24.0_1.pkg
/var/cache/pkg/colordiff-1.0.22~3aad2bc5c6.pkg
/var/cache/pkg/os-q-feeds-connector-1.5_1~9b52641aec.pkg
/var/cache/pkg/syslog-ng-4.11.0.pkg
/var/cache/pkg/crowdsec-1.7.6_2~0d51523a18.pkg
/var/cache/pkg/opnsense-26.1.4~a301052b11.pkg
/var/cache/pkg/opnsense-26.1.4.pkg
/var/cache/pkg/os-ddclient-1.30_1~8edee5f3a6.pkg
/var/cache/pkg/libunistring-1.4.2~5e8f30955c.pkg
/var/cache/pkg/crowdsec-1.7.6_2.pkg
/var/cache/pkg/net-snmp-5.9.5.2,1~ea5bfcfec1.pkg
/var/cache/pkg/crowdsec-firewall-bouncer-0.0.34~d9a17cf6a6.pkg
/var/cache/pkg/py313-filelock-3.25.0.pkg
/var/cache/pkg/bind-tools-9.20.20.pkg
/var/cache/pkg/opnsense-lang-26.1.4.pkg
/var/cache/pkg/strongswan-6.0.4.pkg
/var/cache/pkg/os-ddclient-1.30_1.pkg
/var/cache/pkg/colordiff-1.0.22.pkg
/var/cache/pkg/opnsense-lang-26.1.4~7577f137d2.pkg
/var/cache/pkg/bind-tools-9.20.20~75d18e9d99.pkg
/var/cache/pkg/libxml2-2.15.2.pkg
The cleanup will free 112 MiB
Deleting files: 100%
Flushing temporary package files... done

Finally i could run it by disabling password for sudo:

Code Select Expand

sudo  /usr/local/opnsense/scripts/firmware/health.sh
>>> Root file system: zroot/ROOT/default
>>> Check installed kernel version
Version 26.1.3 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 26.1.3 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense (Priority: 11)
mimugmail (Priority: 5)
>>> Check installed plugins
os-acme-client 4.14
os-apcupsd 1.2_3
os-caddy 2.1.0
os-cpu-microcode-intel 1.1
os-crowdsec 1.0.12
os-ddclient 1.30
os-freeradius 1.10.1
os-igmp-proxy 1.5_6
os-iperf 1.0_2
os-isc-dhcp 1.0_4
os-mdns-repeater 1.2
os-net-snmp 1.6_1
os-opnarp-maxit 1.0_4
os-q-feeds-connector 1.5
os-unifi9-maxit 1.4
os-wol 2.5_3
os-zabbix74-agent 1.18
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .
isc-dhcp44-server-4.4.3P1_2: missing file /usr/local/share/licenses/isc-dhcp44-server-4.4.3P1_2/LICENSE
Checking all packages............ done
>>> Check for core packages consistency
Core package "opnsense" at 26.1.3 has 67 dependencies to check.
Checking packages: .......................
opnsense-26.1.3 version mismatch, expected 26.1.4
Checking packages: ..
opnsense-lang-26.1.1 version mismatch, expected 26.1.4
Checking packages: .....................................
strongswan-6.0.3_1 version mismatch, expected 6.0.4
Checking packages: ..
suricata-8.0.3_1 version mismatch, expected 8.0.3_2
Checking packages: .
syslog-ng-4.10.2 version mismatch, expected 4.11.0
Checking packages: ... done
should i reinstall all listed mismatch packages? It sounds weird as for now i haven't get a chance to upgrade to 26.1.4 so why is it expecting 26.1.4 packages?

when i connect with ssh i have no option to choose. and if i execute health.sh i have:

Code Select Expand

/usr/local/opnsense/scripts/firmware/health.sh
/usr/local/opnsense/scripts/firmware/config.sh: cannot create /tmp/pkg_upgrade.progress: Permission denied
if i execute it with sudo it won't take my password.