Project

General

Profile

Todo #10464

Disallow package updates when a system update is available

Added by Craig Leres 7 months ago. Updated about 1 month ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
Upgrade
Target version:
-
Start date:
04/16/2020
Due date:
% Done:

0%

Estimated time:

Description

I use a SG-1100 that was running 2.4.4-p3 and I noticed today there were updates for a couple of packages I had installed (acme and bind). I updated these and then noticed that a system update (2.4.5) was available. I attempted to install the update (via the gui) but it failed (see update.log). Additional attempts failed early in the process. I logged in and found that pkg was broken due libcryptoauth.so.3 not being available.

I think my mistake was that I updated packages and got the 2.4.5 version of pkg (or updated some other package) so that pkg or some shared library was linked against libcryptoauth.so.3 which was not present in my pre-upgrade 2.4.4-p3 box.

Would not allowing package updates when a system update is available would prevent this type of foot shootery?

To recover I replaced /usr/bin/pkg /usr/local/sbin/pkg with /usr/local/sbin/pkg-static and /usr/local/share/pfSense/pkg/repos/pfSense-repo.conf with pfSense-repo-244.descr (since it appears that upgrading unconditionally replaces the symlink pfSense.conf in /usr/local/etc/pkg/repos with a link to /usr/local/share/pfSense/pkg/repos/pfSense-repo.conf. Then I performed the upgrade from the serial console. Afterwards I verified that the files I updated had been replaced.

update.log (7.82 KB) update.log failed update log Craig Leres, 04/16/2020 04:39 PM

History

#1 Updated by Kris Phillips about 2 months ago

Hello Craig,

This is not a bug report and we recommend you open a ticket with our support team.

#2 Updated by Jim Pingle about 1 month ago

  • Tracker changed from Bug to Todo
  • Subject changed from Should package updates be allowed when a system update is available? to Disallow package updates when a system update is available

While not a bug per se, it is something we could improve. It would prevent some accidental breakage if users couldn't upgrade packages when the base OS needs an upgrade first.

Also available in: Atom PDF