Regression #14896: Suricata is removed when upgrading the base system - pfSense - pfSense bugtracker

Custom queries

2.4.5-p1 - Resolved/Closed
2.5.0 - Resolved/Closed
2.5.1 - Resolved/Closed
2.5.2 - Resolved/Closed
2.6.0 - Resolved/Closed
2.7.0 - Resolved/Closed
2.7.1 - All Open Issues
2.7.1 - Resolved/Closed
2.7.2 - Resolved/Closed
2.8.0 - All Open Bugs
2.8.0 - All Open Features
2.8.0 - All Open Issues
2.8.0 - All Open Regressions
2.8.0 - Feedback
2.8.0 - Needs Attention
2.8.0 - New/Confirmed
2.8.0 - Pull Requests
2.8.0 - Regressions affecting 2.7.0
2.8.0 - Resolved/Closed
21.02.2/2.5.1 - Resolved/Closed
21.05 Plus - All Closed Issues
21.05.1 Plus Target - All Closed Issues
21.05.1 Target - All Closed Issues
22.01 Plus - All Closed Issues
22.01 Target - All Closed Issues
22.05 Plus - All Closed Issues
22.05 Target - All Closed Issues
23.01 Plus - All Closed Issues
23.01 Target - All Closed Issues
23.05 Plus - All Closed Issues
23.05 Target - All Closed Issues
23.05.1 Plus - All Closed Issues
23.05.1 Target - All Closed Issues
23.09 Plus - All Closed Issues
23.09 Target - All Closed Issues
23.09.1 Plus - All Closed Issues
23.09.1 Target - All Closed Issues
24.03 Plus - All Closed Issues
24.03 Target - All Closed Issues
24.11 Plus - All Closed Issues
24.11 Plus - All Open Issues
24.11 Plus - Feedback Issues
24.11 Plus - Needs Attention/Work
24.11 Plus - New/Confirmed/In Progress Issues
24.11 Target - All Closed Issues
24.11 Target - All Open Issues
25.01 Plus - All Closed Issues
25.01 Plus - All Open Issues
25.01 Plus - Feedback Issues
25.01 Plus - Needs Attention/Work
25.01 Plus - New/Confirmed/In Progress Issues
25.01 Plus - Pull Request Review
25.01 Plus - Waiting on Merge
25.01 Target - All Closed Issues
25.01 Target - All Open Issues
All Open Issues assigned to Me
All Open Pull Requests
Any Target - All Open Regressions
Any Target - Feedback Issues
CE-Next - All Closed Issues (Move to specific target)
CE-Next - All Open Issues
CE-Next - Feedback (Likely needs target changed)
New Issues by Category - Future Target
New Issues by Category - No Target
New Issues by Category - No Target+Future
No Target - All Open Issues (Base Only)
No Target - New Issues (Base Only)
No Target - New Issues (Base and Packages)
Release Notes - Plus Target Version (DO NOT EDIT)
Release Notes - Target Version (DO NOT EDIT)

Actions

Copy link

Regression #14896

closed

Suricata is removed when upgrading the base system

Added by Brian Dahlquist about 1 year ago. Updated about 1 year ago.

Status:

Resolved

Priority:

Normal

Assignee:

Marcos M

Category:

Package System

Target version:

2.7.1

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

23.09

Release Notes:

Force Exclusion

Affected Version:

Affected Architecture:

All

Description

After upgrading from 23.05.01 to 23.09 beta on a clean install (and on a second install) the Suricata package will not be reinstalled following the upgrade even though it's present before hand.
I've also noticed going between beta builds the past several days that this issue reappears each time pfSense Plus is upgraded between builds.
Logs after the upgrade show nothing and even waiting 30 minutes in hopes of a reinstall occurring eventually for the package bear nothing.
Build Info:
23.09-BETA (amd64)
built on Wed Oct 18 23:37:00 EDT 2023
FreeBSD 14.0-CURRENT

Files

Upgrade Logs.txt (20.8 KB) Upgrade Logs.txt

Brian Dahlquist, 10/19/2023 03:51 PM

History
Notes
Property changes

Actions

Copy link

Updated by Brian Dahlquist about 1 year ago

From the Netgate forums working with another user who provided possible insight:
https://forum.netgate.com/topic/183136/suricata-uninstalled-on-updates/28?_=1697732116695

After looking around in the pfSense upgrade code, I found a spot where there might be a problem. But I'm not sure. That spot is in this function: https://github.com/pfsense/pfsense/blob/e67b20f4851d7754477c0cdead1c8ea37babde73/src/etc/inc/pkg-utils.inc#L1139.
It could be that the package name Suricata is storing for itself in config.xml is not getting properly recognized after the pfSense upgrade when the code is attempting to find and reinstall the previously installed packages.

Actions

Copy link

Updated by Marcos M about 1 year ago

Subject changed from Suricata Not Reinstalled in 23.09 to Suricata is removed when upgrading base system
Priority changed from High to Normal

I was able to reproduce this upgrading between 23.09-BETA versions: Show Hide

>>> Updating repositories metadata... 
Updating pfSense-core repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: . done
Processing entries: . done
pfSense-core repository update completed. 5 packages processed.
Updating pfSense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: ...... done
Processing entries: .......... done
pfSense repository update completed. 725 packages processed.
All repositories are up to date.
>>> Creating automatic rollback boot environment... done.
>>> Scheduling package pfSense-pkg-suricata for removal... 
>>> Scheduling package suricata for removal... 
>>> Scheduling package pfSense-pkg-suricata for removal... 
>>> Removing vital flag from php82... done.
>>> Downloading upgrade packages... 
Updating pfSense-core repository catalogue...
Fetching meta.conf: 
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
Fetching meta.conf: 
pfSense repository is up to date.
All repositories are up to date.
Checking for upgrades (7 candidates): ....... done
Processing candidates (7 candidates): ....... done
The following 7 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
    pfSense: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense]
    pfSense-base: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]
    pfSense-boot: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]
    pfSense-default-config: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense]
    pfSense-kernel-debug-pfSense: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]
    pfSense-kernel-pfSense: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]
    pfSense-repo: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense]

Number of packages to be upgraded: 7

231 MiB to be downloaded.
[1/7] Fetching pfSense-repo-23.09.b.20231019.0337.pkg: . done
[2/7] Fetching pfSense-kernel-pfSense-23.09.b.20231019.0337.pkg: .......... done
[3/7] Fetching pfSense-base-23.09.b.20231019.0337.pkg: .......... done
[4/7] Fetching pfSense-kernel-debug-pfSense-23.09.b.20231019.0337.pkg: .......... done
[5/7] Fetching pfSense-default-config-23.09.b.20231019.0337.pkg: . done
[6/7] Fetching pfSense-23.09.b.20231019.0337.pkg: .......... done
[7/7] Fetching pfSense-boot-23.09.b.20231019.0337.pkg: ..... done
Checking integrity... done (0 conflicting)
>>> Downloading pkg... 
The following packages will be fetched:

New packages to be FETCHED:
    pkg: 1.20.8_1 (10 MiB: 100.00% of the 10 MiB to download)

Number of packages to be fetched: 1

The process will require 10 MiB more space.
10 MiB to be downloaded.
Fetching pkg-1.20.8_1.pkg: .......... done
>>> Upgrading pfSense-boot...>>> Unmounting /boot/efi... done.

Updating pfSense-core repository catalogue...
Fetching meta.conf: 
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
Fetching meta.conf: 
pfSense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
    pfSense-boot: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]

Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-boot from 23.09.b.20231013.0600 to 23.09.b.20231019.0337...
[1/1] Extracting pfSense-boot-23.09.b.20231019.0337: .......... done
>>> Upgrading pfSense kernel... 
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
    pfSense-kernel-pfSense: 23.09.b.20231013.0600 -> 23.09.b.20231019.0337 [pfSense-core]

Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-kernel-pfSense from 23.09.b.20231013.0600 to 23.09.b.20231019.0337...
[1/1] Extracting pfSense-kernel-pfSense-23.09.b.20231019.0337: .......... done
===> Keeping a copy of current kernel in /boot/kernel.old
>>> Removing unnecessary packages... done.
>>> Activating boot environment default... done.
System is going to be upgraded.  Rebooting in 10 seconds.
Success

Actions

Copy link

Updated by Bill Meeks about 1 year ago

Hi Netgate team: I will need a little help addressing this issue. I currently do not have a pfSense Plus test environment. Plus, I'm not sure exactly how the new package remove/reinstall code is working. My suspicion is maybe the Suricata package name is not getting correctly recognized, but that's just a guess. I do know that nothing has changed in the package's XML manifest in years. It has been storing the same package name in config.xml for a very long time.

Although I've not seen any reports, it's possible the Snort package may have the same problem.

Bill

Actions

Copy link

Updated by Marcos M about 1 year ago

Status changed from New to In Progress
Assignee set to Marcos M
Affected Architecture All added
Affected Architecture deleted (~~amd64~~)

Actions

Copy link

Updated by Marcos M about 1 year ago

Tracker changed from Bug to Regression
Project changed from pfSense Plus to pfSense
Subject changed from Suricata is removed when upgrading base system to Suricata is removed when upgrading the base system
Category changed from Package System to Package System
Status changed from In Progress to Pull Request Review
Target version set to 2.8.0
Release Notes changed from Default to Force Exclusion
Affected Plus Version deleted (~~23.09~~)
Plus Target Version set to 23.09

Thanks for taking a look Bill. The issue does not affect Snort. It turns out that a workaround for a recent bug with pkg rquery incorrectly triggers some suricata specific package code. The rquery issue itself has been resolved in recent pkg versions, so we can simply revert the workaround commit.

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/370

Actions

Copy link

Updated by Bill Meeks about 1 year ago

Thank you, Marcos. Glad it was an easy fix.

Actions

Copy link

Updated by Marcos M about 1 year ago

Status changed from Pull Request Review to Feedback

Actions

Copy link

Updated by Marcos M about 1 year ago

Status changed from Feedback to Resolved

Verified working after an upgrade to 23.09: Show Hide

>>> Updating repositories metadata... 
Updating pfSense-core repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: . done
Processing entries: . done
pfSense-core repository update completed. 5 packages processed.
Updating pfSense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .... done
Processing entries: .......... done
pfSense repository update completed. 726 packages processed.
All repositories are up to date.
>>> Creating automatic rollback boot environment... done.
>>> Removing vital flag from php82... done.
>>> Downloading upgrade packages... 
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...

I did run into an unrelated Suricata issue afterwards - info here: https://redmine.pfsense.org/issues/14898#note-1

Actions

Copy link

Updated by Jim Pingle about 1 year ago

Target version changed from 2.8.0 to 2.7.1

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Regression #14896

Suricata is removed when upgrading the base system

Updated by Brian Dahlquist about 1 year ago

Updated by Marcos M about 1 year ago

Updated by Bill Meeks about 1 year ago

Updated by Marcos M about 1 year ago

Updated by Marcos M about 1 year ago

Updated by Bill Meeks about 1 year ago

Updated by Marcos M about 1 year ago

Updated by Marcos M about 1 year ago

Updated by Jim Pingle about 1 year ago