Upgrade from SSH

Started by Feldunost, June 20, 2017, 03:22:06 PM

Previous topic - Next topic
Hello,

I'm managing one OPNsense that is functionnal behind another proxy, modifications are done properly to set :
- a parent proxy in squid.conf
- setenv for parent proxy in pkg.conf.


However when i attempt to upgrade from SSH, it returns me :

Fetching packages-17.1-OpenSSL-amd64.tar: .............................................................opnsense-verify: Unable to open /var/cache/opnsense-update/2640/packages-17.1-OpenSSL-amd64.tar: No such file or directory
failed


Any pointer to look into this problem ?

Regards.

Problem is still up ...
Can't seems to find solution.

Fetch is probably not using the proxy...

You can preload everything given the correct environment PROXY vars are set on the command line:

# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.obsolete
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.obsolete.sig
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.txz.sig
# fetch https://pkg.opnsense.org/sets/kernel-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/kernel-17.1-amd64.txz.sig
# fetch https://pkg.opnsense.org/sets/packages-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/packages-17.1-amd64.txz.sig
# opnsense-update -l . -ur 17.1
# /usr/local/etc/rc.reboot

Note that if you are having these issues, you likely didn't receive kernel/base updates in the past.


Cheers,
Franco

The problem is indeed about fetch, but i can't seems to find a proper functionnal solution.
It throws me back "Proxy authentication required" even though i specified username and password for the proxy in environment.

Hmm, fetch supports the following:

QuoteSee fetch(3) for a description of additional environment variables,
     including FETCH_BIND_ADDRESS, FTP_LOGIN, FTP_PASSIVE_MODE, FTP_PASSWORD,
     FTP_PROXY, ftp_proxy, HTTP_ACCEPT, HTTP_AUTH, HTTP_PROXY, http_proxy,
     HTTP_PROXY_AUTH, HTTP_REFERER, HTTP_USER_AGENT, NETRC, NO_PROXY,
     no_proxy, SSL_CA_CERT_FILE, SSL_CA_CERT_PATH, SSL_CLIENT_CERT_FILE,
     SSL_CLIENT_KEY_FILE, SSL_CRL_FILE, SSL_ALLOW_SSL3, SSL_NO_TLS1,
     SSL_NO_TLS1_1, SSL_NO_TLS1_2, SSL_NO_VERIFY_HOSTNAME and
     SSL_NO_VERIFY_PEER.

You can add those vars to /root/.cshrc as follows:

setenv HTTP_PROXY Value

And then just:

source .cshrc

Download will work if proxy is being operated correctly.


Cheers,
Franco