Zenarmor Update issue

[sy]

Hi,

After the 24.7 update, Zenarmor packages are not installed from the new ABI repo. If the OPNsense update runs again, the packages are installed from the FreeBSD 14 repo and start to work normally.

[Seimus]

I can confirm,

If you run OPNsense with ZenArmor, the update needs to be done in two steps

1. Update to update OPN to 24.7
2. Update to update ZenArmor to proper packages for FreeBSD 14.1

After this all works well.

Regards,
S.

[dirtyfreebooter]

this did not work for me.

https://forum.opnsense.org/index.php?topic=41737.0

[fractalcounty]

this did not work for me.

https://forum.opnsense.org/index.php?topic=41737.0

Same here, same errors. I did have to do two upgrades- one for the 24.7 itself and the other for the resulting packages, but Elasticsearch still doesn't seem to be working.

[cyhchong]

You have to reinstall Elastic DB. I hit an error on the DB during index check. So I just reinstall the DB and it is all good now.

[franco]

> After the 24.7 update, Zenarmor packages are not installed from the new ABI repo.

Just to clarify: this is by design to ensure minimal friction during offline upgrade process.

If we were to download more packages or try to upgrade third party repos the upgrade procedure would start trying to download packages at a point where no network connectivity is set up (also on purpose) and fetch "some" state of packages that is impossible to track later on as the mirror content changes or breaks intermittently.

That's why we download the full "packages" set for a controllable and repeatable scope. :)


Cheers,
Franco

[dirtyfreebooter]

i read the docs. went through the process. after upgrade, reboot, i re-run the update check and zenarmor packages reinstalled and i still had the issue. which is why i posted, since i thought it might be a configuration error or something not related to the package upgrades.

checked for new packages via UI and pkg on command line many times to show no new packages. problem persisted. forcefully reinstalled the elasticsearch8 package and things resolved.

[franco]

For good measure the instructions should mention a reboot since services are not restarted on updates. ;)


Cheers,
Franco

[FredsterNL]

I removed ZenArmor before upgrading to 24.7 and reinstalled it after the upgrade: I experienced no issues doing it this way

[hakuna]

I removed ZenArmor before upgrading to 24.7 and reinstalled it after the upgrade: I experienced no issues doing it this way

This has been the only option to avoid problems really with major updates.

From 24.1 to 24.7 tho I did a clean install anyway because the last time I checked, a instruction was gonna be provided for folks willing to make the upgrade.
To me that smells possible problems so a clean install was a must.

[GuruLee]

I upgraded without any noticable issue to Zenarmor.

[satvrnvs]

I removed ZenArmor before upgrading to 24.7 and reinstalled it after the upgrade: I experienced no issues doing it this way

This has been the only option to avoid problems really with major updates.

From 24.1 to 24.7 tho I did a clean install anyway because the last time I checked, a instruction was gonna be provided for folks willing to make the upgrade.
To me that smells possible problems so a clean install was a must.

So we need to uninstall ZenArmor and reinstall if we did not do this??

[satvrnvs]

I can't figure out how to delete this comment... 

[franco]

It's a FreeBSD package manager bug with multiple repositories going out of sync. It's not nice but it's also harmless.


Cheers,
Franco

[DiskWizard001]

The very last update from 20th of Novermber 2024 seems to break down elasticesearch

elasticsearch8-8.11.3: checksum mismatch for /usr/local/lib/elasticsearch/lib/jna-0.0.0.jar