click on menu item: system-firmware-status -> OPNsense reboots immediately

Started by lueralba, October 02, 2024, 05:39:20 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 02, 2024, 05:39:20 PM
Hello,

I have a problem with OPNsense since updating to
OPNsense 24.7.5-amd64
FreeBSD 14.1-RELEASE-p4
OpenSSL 3.0.15

If I click on the menu item: system-firmware-status (or -updates) then OPNsense reboots immediately.

Is this behavior known?

Best regards
lueralba
October 02, 2024, 07:10:09 PM #1
I have noticed the same thing.

Going to System-Firmware-(Settings, Changelog, Packages, Status, Plugins, and Updates) and OPNsense restarts the system.
October 02, 2024, 07:22:04 PM #2
So, I tried to reboot via console.
It looks like crowdsec is the problem ... it don't stop !

Quote0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 6

The system will reboot. Do you want to proceed? [y/N]: y

>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
crowdsec_firewall is not running.
Stopping caddy... done
Stopping crowdsec.
Waiting for PIDS: 85484.
Waiting for PIDS: 86241
^C
*** OPNsense.localdomain: OPNsense 24.7.5 ***


I can't stop crowdsec via WebInterface !

Here is something wrong.

Please help ...

lueralba
October 02, 2024, 07:46:05 PM #3
Known problem. Kill crowdsec from an SSH session and reboot manually.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
October 02, 2024, 08:12:10 PM #4 Last Edit: October 02, 2024, 08:26:51 PM by lueralba
Hallo Patrick M. Hausen,

thanks for that hint.

kill -9 PID  and reboot works for me :)

lueralba
October 02, 2024, 09:29:36 PM #5 Last Edit: October 02, 2024, 09:32:18 PM by mmetc
Hi, I'm the plugin maintainer

This can happen with 1.6.2 when crowdsec is misbehaving for other reasons (possibly misconfigured, port not available etc) then the daemon manager won't stop it correctly because it's stuck in a restart loop. The opnsense upgrade should install 1.6.3 which fixed the issue by using a "stronger" signal to terminate the daemon manager.

I suggest kill -9, or even the broader

```
# kill -9 `ps xw | grep crowdsec | grep -v grep | awk '{print $1'}`
```

then update to 1.6.3, but should happen with the opnsense upgrade


If there is an underlying issue preventing crowdsec from working correctly, the most "complete" way to report it is via "cscli support dump" and email the resulting file to support@crowdsec.net. This includes logs and part of the configuration so it saves us time asking for details.
Print
Go Up Pages1
User actions