[SOLVED] Unbound Migration failed

utkonos · January 30, 2023, 03:01:22 PM

On the most recent update an error "Unbound Migration failed" was in the update logs. This may have started with an earlier upgrade, but I am just noticing the error because it stands out. The error message says to check log for details. Here is what is shown in the log.

Code Select

[ERROR] Model OPNsense\Unbound\Unbound can't be saved, skip ( OPNsense\Phalcon\Filter\Validation\Exception: [OPNsense\Unbound\Unbound:advanced.dnssecstripped] value should be a boolean (0,1){on}
[ERROR] [OPNsense\Unbound\Unbound:advanced.dnssecstripped] value should be a boolean (0,1){on}

Here is the exact text of the error in the update log:

Code Select

>>> Invoking update script 'refresh'
*** OPNsense\Unbound\Unbound Migration failed, check log for details

I can see exactly what to fix: change the entry in the config XML from "on" to "1" and then the scripts should work. However, I hesitate to fix this manually when there are probably many others with the same problem.

Is this a bug in the migration process?

Fright · January 30, 2023, 06:53:48 PM

if your config is not native but related to https://gist.github.com/utkonos/57c79f1a0b68dd6a79cbf2de68db995a then its probably the reason ;)
i think native config uses bool for this field

utkonos · May 07, 2023, 04:11:31 AM

I have observed this same bug again in a recent update. First, please apologise for the snark: you are wrong about which format of boolean the native config uses.

You can verify that older stock installs of OPNsense from the official ISO did indeed use "on" rather than "1" for the Unbound configuration that I am talking about. These are changes that occur when the choices about Unbound are made during the initial wizard. If you start with "OPNsense-21.1-OpenSSL-dvd-amd64.iso.bz2" from this location:
https://mirror.wdc1.us.leaseweb.net/opnsense/releases/21.1/

Perform a plain vanilla install and then during the install wizard choose the DNSSEC configuration settings. Then take a look at the diff of the config.xml. You will see the the "on" booleans that are causing this bug. Here is a screenshot or two.

utkonos · May 07, 2023, 03:51:35 PM

Quote from: Fright on January 30, 2023, 06:53:48 PM
i think native config uses bool for this field

No.

https://github.com/opnsense/core/commit/01922175549b3db79b20c9fb1ec19cc52c784b15

Fright · May 07, 2023, 04:56:06 PM

QuoteNo.

Yes.
you just didn't mention wizard in the first post.

wizard is fixed (an you found the commit).
but migration script should probably take that into account too

utkonos · May 08, 2023, 04:10:25 AM

Quote from: utkonos on January 30, 2023, 03:01:22 PM
Is this a bug in the migration process?

Yes.

https://github.com/opnsense/core/issues/6550

franco · May 08, 2023, 10:32:25 AM

It would help to lead with tickets created as soon as possible to avoid other people's time to be wasted trying to help (and guess).

Cheers,
Franco

franco · May 08, 2023, 10:57:46 AM

https://github.com/opnsense/core/commit/378d9a3

# opnsense-patch 378d9a3

[SOLVED] Unbound Migration failed

utkonos

January 30, 2023, 03:01:22 PM Last Edit: May 08, 2023, 04:11:52 AM by utkonos

Fright

January 30, 2023, 06:53:48 PM #1

utkonos

May 07, 2023, 04:11:31 AM #2 Last Edit: May 07, 2023, 04:37:09 AM by utkonos

utkonos

May 07, 2023, 03:51:35 PM #3

Fright

May 07, 2023, 04:56:06 PM #4

utkonos

May 08, 2023, 04:10:25 AM #5

franco

May 08, 2023, 10:32:25 AM #6

franco

May 08, 2023, 10:57:46 AM #7