Regression #14896: Suricata is removed when upgrading the base system - pfSense - pfSense bugtracker

Actions

Copy link

Regression #14896

closed

Suricata is removed when upgrading the base system

Added by Brian Dahlquist 7 months ago. Updated 6 months ago.

Status:

Resolved

Priority:

Normal

Assignee:

Marcos M

Category:

Package System

Target version:

2.7.1

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

23.09

Release Notes:

Force Exclusion

Affected Version:

Affected Architecture:

All

Description

After upgrading from 23.05.01 to 23.09 beta on a clean install (and on a second install) the Suricata package will not be reinstalled following the upgrade even though it's present before hand.
I've also noticed going between beta builds the past several days that this issue reappears each time pfSense Plus is upgraded between builds.
Logs after the upgrade show nothing and even waiting 30 minutes in hopes of a reinstall occurring eventually for the package bear nothing.
Build Info:
23.09-BETA (amd64)
built on Wed Oct 18 23:37:00 EDT 2023
FreeBSD 14.0-CURRENT

Files

Upgrade Logs.txt (20.8 KB) Upgrade Logs.txt

Brian Dahlquist, 10/19/2023 03:51 PM

Actions

Copy link

Updated by Brian Dahlquist 7 months ago

From the Netgate forums working with another user who provided possible insight:
https://forum.netgate.com/topic/183136/suricata-uninstalled-on-updates/28?_=1697732116695

After looking around in the pfSense upgrade code, I found a spot where there might be a problem. But I'm not sure. That spot is in this function: https://github.com/pfsense/pfsense/blob/e67b20f4851d7754477c0cdead1c8ea37babde73/src/etc/inc/pkg-utils.inc#L1139.
It could be that the package name Suricata is storing for itself in config.xml is not getting properly recognized after the pfSense upgrade when the code is attempting to find and reinstall the previously installed packages.

Actions

Copy link

Updated by Marcos M 7 months ago

Subject changed from Suricata Not Reinstalled in 23.09 to Suricata is removed when upgrading base system
Priority changed from High to Normal

I was able to reproduce this upgrading between 23.09-BETA versions: Show Hide

>>> Updating repositories metadata... 
Updating pfSense-core repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: . done
Processing entries: . done
pfSense-core repository update completed. 5 packages processed.
Updating pfSense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: ...... done
Processing entries: .......... done
pfSense repository update completed. 725 packages processed.
All repositories are up to date.
>>> Creating automatic rollback boot environment... done.
>>> Scheduling package pfSense-pkg-suricata for removal... 
>>> Scheduling package suricata for removal... 
>>> Scheduling package pfSense-pkg-suricata for removal... 
>>> Removing vital flag from php82... done.
>>> Downloading upgrade packages... 
Updating pfSense-core repository catalogue...
Fetching meta.conf: 
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
Fetching meta.conf: 
pfSense repository is up to date.
All repositories are up to date.
Checking for upgrades (7 candidates): ....... done
Processing candidates (7 candidates): ....... done
The following 7 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
    pfSense: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense]
    pfSense-base: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]
    pfSense-boot: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]
    pfSense-default-config: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense]
    pfSense-kernel-debug-pfSense: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]
    pfSense-kernel-pfSense: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]
    pfSense-repo: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense]

Number of packages to be upgraded: 7

231 MiB to be downloaded.
[1/7] Fetching pfSense-repo-23.09.b.20231019.0337.pkg: . done
[2/7] Fetching pfSense-kernel-pfSense-23.09.b.20231019.0337.pkg: .......... done
[3/7] Fetching pfSense-base-23.09.b.20231019.0337.pkg: .......... done
[4/7] Fetching pfSense-kernel-debug-pfSense-23.09.b.20231019.0337.pkg: .......... done
[5/7] Fetching pfSense-default-config-23.09.b.20231019.0337.pkg: . done
[6/7] Fetching pfSense-23.09.b.20231019.0337.pkg: .......... done
[7/7] Fetching pfSense-boot-23.09.b.20231019.0337.pkg: ..... done
Checking integrity... done (0 conflicting)
>>> Downloading pkg... 
The following packages will be fetched:

New packages to be FETCHED:
    pkg: 1.20.8_1 (10 MiB: 100.00% of the 10 MiB to download)

Number of packages to be fetched: 1

The process will require 10 MiB more space.
10 MiB to be downloaded.
Fetching pkg-1.20.8_1.pkg: .......... done
>>> Upgrading pfSense-boot...>>> Unmounting /boot/efi... done.

Updating pfSense-core repository catalogue...
Fetching meta.conf: 
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
Fetching meta.conf: 
pfSense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
    pfSense-boot: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]

Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-boot from 23.09.b.20231013.0600 to 23.09.b.20231019.0337...
[1/1] Extracting pfSense-boot-23.09.b.20231019.0337: .......... done
>>> Upgrading pfSense kernel... 
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
    pfSense-kernel-pfSense: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]

Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-kernel-pfSense from 23.09.b.20231013.0600 to 23.09.b.20231019.0337...
[1/1] Extracting pfSense-kernel-pfSense-23.09.b.20231019.0337: .......... done
===> Keeping a copy of current kernel in /boot/kernel.old
>>> Removing unnecessary packages... done.
>>> Activating boot environment default... done.
System is going to be upgraded.  Rebooting in 10 seconds.
Success

Actions

Copy link

Updated by Bill Meeks 7 months ago

Hi Netgate team: I will need a little help addressing this issue. I currently do not have a pfSense Plus test environment. Plus, I'm not sure exactly how the new package remove/reinstall code is working. My suspicion is maybe the Suricata package name is not getting correctly recognized, but that's just a guess. I do know that nothing has changed in the package's XML manifest in years. It has been storing the same package name in config.xml for a very long time.

Although I've not seen any reports, it's possible the Snort package may have the same problem.

Bill

Actions

Copy link

Updated by Marcos M 6 months ago

Status changed from New to In Progress
Assignee set to Marcos M
Affected Architecture All added
Affected Architecture deleted (~~amd64~~)

Actions

Copy link

Updated by Marcos M 6 months ago

Tracker changed from Bug to Regression
Project changed from pfSense Plus to pfSense
Subject changed from Suricata is removed when upgrading base system to Suricata is removed when upgrading the base system
Category changed from Package System to Package System
Status changed from In Progress to Pull Request Review
Target version set to 2.8.0
Release Notes changed from Default to Force Exclusion
Affected Plus Version deleted (~~23.09~~)
Plus Target Version set to 23.09

Thanks for taking a look Bill. The issue does not affect Snort. It turns out that a workaround for a recent bug with pkg rquery incorrectly triggers some suricata specific package code. The rquery issue itself has been resolved in recent pkg versions, so we can simply revert the workaround commit.

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/370

Actions

Copy link

Updated by Bill Meeks 6 months ago

Thank you, Marcos. Glad it was an easy fix.

Actions

Copy link

Updated by Marcos M 6 months ago

Status changed from Pull Request Review to Feedback

Actions

Copy link

Updated by Marcos M 6 months ago

Status changed from Feedback to Resolved

Verified working after an upgrade to 23.09: Show Hide

>>> Updating repositories metadata... 
Updating pfSense-core repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: . done
Processing entries: . done
pfSense-core repository update completed. 5 packages processed.
Updating pfSense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .... done
Processing entries: .......... done
pfSense repository update completed. 726 packages processed.
All repositories are up to date.
>>> Creating automatic rollback boot environment... done.
>>> Removing vital flag from php82... done.
>>> Downloading upgrade packages... 
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...

I did run into an unrelated Suricata issue afterwards - info here: https://redmine.pfsense.org/issues/14898#note-1

Actions

Copy link

Updated by Jim Pingle 6 months ago

Target version changed from 2.8.0 to 2.7.1

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries