unbound fails to start after upgrade - traceback in jinja2

[sorro]

After installing 22.1.5, unbound failed to start. Below is the traceback (sorry if its a little mangled - it came from my syslog server) and health audit output. Can reproduce it by simply trying to restart the Unbound service.

The health report shows `py37-markupsafe` is missing dependency: python37 ... - I have no idea why any py37 packages are still in the package list.

Also I installed `ddclient` with a view to replacing dyndns and then removed it trying to sort out this issue. Either way it seems to have no bearing on this problem.

Code Select Expand


Apr 10 20:57:19 leia.home.metrak.com configd.py[466]: error generating template
OPNsense/Unbound/core : Traceback (most recent call last):   
File "/usr/local/opnsense/service/modules/template.py", line 270, in _generate
content = j2_page.render(cnf_data)   
File "/usr/local/lib/python3.8/site-packages/jinja2/environment.py", line 1304,
in render     self.environment.handle_exception()   
File "/usr/local/lib/python3.8/site-packages/jinja2/environment.py", line 925,
in handle_exception     raise rewrite_traceback_stack(source=source)   
File
"/usr/local/opnsense/service/modules/../templates/OPNsense/Unbound/core/dot.conf",
line 6, in top-level template code     {%   for type, dots in
all|groupby("type") %}   
File "/usr/local/lib/python3.8/site-packages/jinja2/async_utils.py", line 36,
in wrapper     return normal_func(*args, **kwargs)   
File "/usr/local/lib/python3.8/site-packages/jinja2/filters.py", line 1238, in
sync_do_groupby     for key, values in groupby(sorted(value, key=expr), expr)
jinja2.exceptions.UndefinedError: 'collections.OrderedDict object' has no
attribute 'type' 
During handling of the above exception, another exception occurred: 
Traceback (most recent call last):   
File "/usr/local/opnsense/service/modules/template.py", line 338, in generate     
for filename in self._generate(template_name, create_directory):   
File "/usr/local/opnsense/service/modules/template.py", line 273, in _generate     
raise Exception("%s %s %s" % (module_name, template_filename,
render_exception))
Exception: OPNsense/Unbound/core OPNsense/Unbound/core/dot.conf 'collections.OrderedDict object' has no attribute 'type'


Code Select Expand


***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 22.1.5 (amd64/OpenSSL) at Sun Apr 10 21:30:03 AEST 2022
>>> Check installed kernel version
Version 22.1.5 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 22.1.5 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
SunnyValley
OPNsense
>>> Check installed plugins
os-acme-client 3.9
os-api-backup 1.0_1
os-dmidecode 1.1_1
os-etpro-telemetry 1.6_1
os-iperf 1.0_1
os-nginx 1.26
os-nut 1.8.1
os-sensei 1.11
os-sensei-agent 1.11
os-sensei-updater 1.11
os-sunnyvalley 1.2_1
os-wireguard 1.10
>>> Check for missing package dependencies
Checking all packages: .......... done
py37-markupsafe has a missing dependency: python37
py37-markupsafe has a missing dependency: py37-setuptools
py37-markupsafe is missing a required shared library: libpython3.7m.so.1.0
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" has 65 dependencies to check.
Checking packages: ................................................................... done
***DONE***

[Vesalius]

for the second issue try # pkg remove py37-markupsafe

https://forum.opnsense.org/index.php?topic=26835.msg130020#msg130020

[sorro]

Thanks - that worked.

[sorro]

When I run configctl from the command line it reports OK however the traceback in the OP is logged and unbound is not started.

Code Select Expand

# configctl unbound restart
OK


Is there a way to run this verbosely or run the jinja templates from the command line?
I can start hacking on the python code but I don't want to go down that path if possible.

[sorro]

I may be up and running - not sure if the issue is fixed (I am still seeing the stacktrace in the log):

Code Select Expand

$ configctl unbound check
/var/unbound/unbound.conf:105: error: cannot open include file '/var/unbound/private_domains.conf': No such file or directory
read /var/unbound/unbound.conf failed: 1 errors in configuration file


I manually added my local network name to private_domains.conf and clients are able to resolve addresses in spite of the stack trace.