Total failure after update attempt

Started by maxxell, August 05, 2025, 07:51:47 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 05, 2025, 07:51:47 PM Last Edit: August 05, 2025, 08:06:30 PM by maxxell
Hi!

I have OPNSense installed on a Protectli FW4B.  After ignoring updates for a little while, I was running through several last night.  After the upgrade to 25.1, I got a weird message so I rebooted the FW4B.  However, it failed to come back online.  I quickly switched over to an EERO as router and now have time to troubleshoot the OPNSense situation.

I brought the box into my workstation and got it plugged into a monitor.  I'm seeing this error:
Fatal error: Uncaught Error: Call to undefined function OPNsense/Copre/simplexml_load_string() in /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php:389.

Then I get left at the root. 

Any idea how to get this working again?  How would I navigate to find a backup so I can reinstall and restore from backup?  Is that's what's left to try at this point?

Edit / Update:  I found a config backup from October 2024.  That's probably good enough for a restore.  Should I try anything to save this install or just jump straight to reinstalling OPNsense from scratch and restore from this backup?
August 05, 2025, 09:09:02 PM #1
I debugged this just today after failing to reproduce it for weeks... https://github.com/opnsense/ports/issues/234#issuecomment-3155565903

If you have a cached package from the upgrade that is an easy fix, otherwise impossible to recover without network.

# pkg add -f /var/cache/pkg/php83-simplexml-8.3.23.pkg

If you can manage to get a network via 'dhclient em1' (em1 being your WAN) this should also work

# opnsense-revert php83-simplexml

Also check that php83-dom is at 8.3.23, otherwise you get the other error for undefined dom_import_simplexml().


Cheers,
Franco
August 05, 2025, 09:20:13 PM #2
@franco ah - that one. Got bitten by it, too. Although PHP 8.1 theoretically has security support until the end of the year it will not build with current libxml2. And you want current libxml2 because a couple of CVEs ... lovely, but not much the FreeBSD project can do. Upstream problem in both cases, IMHO.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 05, 2025, 09:27:55 PM #3
IMO https://github.com/opnsense/ports/commit/8d0a0b43039 is pretty clever if you see what it does. I just need to hotfix 25.1.12 with it...
August 05, 2025, 10:13:47 PM #4
Thanks all for the insight.  In the end, I decided a fresh install and then recovery from backup was the path of least resistance. 
August 05, 2025, 10:24:10 PM #5 Last Edit: August 05, 2025, 10:39:59 PM by maxxell
After doing a full install with no issues I get to the step where I plug a desktop PC into LAN and log into the WEBUI.  But the default Username and Password aren't being accepted. 

WTF?!?!  All the documentation says that the username is "root" and the password is "opnsense" but my new install wont accept these?  I even tried my pre-crash credentials but those dont work either. 

Now what?!?

... and now I cant even access 192.168.1.1.  Starting to think my FW4B might be having hardware problems

... okay rebooted the FW4B and it did let me access 192.168.1.1, and I was able to log in and restore my prior backup config.
August 06, 2025, 10:49:14 AM #6
There is a password recovery option in the installer media for this particular reason.

What I don't understand now is whether you set up a new install or used an older config.xml.

There's absolutely no reason for the password to not be accepted in a clean install. It's usually the keyboard, serial console or keymap being the issue when trying to type a password or the fact that a TOTP is required or the password actually isn't "opnsense" because it was changed in the post-install or it was a password that came from an imported config.xml.


Cheers,
Franco
August 06, 2025, 10:50:37 AM #7
August 06, 2025, 02:30:01 PM #8
Quote from: franco on August 06, 2025, 10:49:14 AMThere's absolutely no reason for the password to not be accepted in a clean install

Shrug... 
Ultimately, the solution was to use username "root" and the password I set up during the installation process.  I am 100% sure that I tried that and it was rejected.  After several more tries, the webgui stopped being offered entirely.  It wasn't until I rebooted the FW4B that I was able to log in with those credentials.  It was what I expected to work, so it was definitely something I tried before the reboot. 

I was able to restore from my October 2024 backup, so the box seems to be happily restored.  I haven't yet gotten around to putting it back into my actual home network tho.  If something goes wrong, I'll report back.

Thanks again all for the consult on this.

And franco - I saw your posted comment and You're Welcome!  ;-)
August 06, 2025, 04:13:53 PM #9
Happy to hear you got further. Situations like the one here causing the initial Config.php error are rare to say the least. It has been dealt with today in the most user-friendly way that I could think of and hopefully such breakage will not happen anytime soon.


Thanks,
Franco
Print
Go Up Pages1
User actions