Bug #3527
closed
NRPEv2 package distributing empty xml and missing files
0%
Description
Version: 2.1-RELEASE (amd64)
When installing NRPEv2 from package manager GUI, the package install completes successfully, but the GUI configuration menu for NRPEv2 never appears in the 'Services' menu. It appears that the xml downloaded during the package installation is blank:
-rw-r--r-- 1 root wheel 0 Mar 18 10:23 nrpe2.xml
Reinstalling the package does not help. Removing and reinstalling the package does not help.
Comparing this installation to another one that is working, it appears there is also a missing file after install:
working system:/usr/local/pkg(4): ls -al | grep nrpe2
----rwxrwx 1 root wheel 6705 Feb 25 19:12 nrpe2.inc
-rw-r--r-- 1 root wheel 4628 Feb 25 19:11 nrpe2.xml
broken system:/usr/local/pkg(68): ls -al | grep nrpe
-rw-r--r-- 1 root wheel 0 Mar 18 10:23 nrpe2.xml
Updated by Gyles Garber about 10 years ago
I think I may have found why the xml hasn't been downloading correctly. I tried downloading from source on a different machine and got the following:
/tmp# wget https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml
--2014-03-18 11:07:46-- https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml
Resolving packages.pfsense.org (packages.pfsense.org)... 208.123.73.88, 2610:160:11:11::88
Connecting to packages.pfsense.org (packages.pfsense.org)|208.123.73.88|:443... connected.
ERROR: The certificate of `packages.pfsense.org' is not trusted.
If I tell wget to ignore the certificate check, I am able to download the file (and it isn't empty):
/tmp# wget --no-check-certificate https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml
--2014-03-18 11:08:31-- https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml
Resolving packages.pfsense.org (packages.pfsense.org)... 208.123.73.88, 2610:160:11:11::88
Connecting to packages.pfsense.org (packages.pfsense.org)|208.123.73.88|:443... connected.
WARNING: The certificate of `packages.pfsense.org' is not trusted.
HTTP request sent, awaiting response... 200 OK
Length: 4628 (4.5K) [text/plain]
Saving to: `nrpe2.xml'
100%[====================================================================================================================>] 4,628 --.-K/s in 0s
2014-03-18 11:08:32 (100 MB/s) - `nrpe2.xml' saved [4628/4628]
Updated by Gyles Garber about 10 years ago
This is indeed an issue with the certificate. I was able to upload the nrpe2.xml file manually to the pfsense server and time the replacemenet of the empty xml file with the one that I manually uploaded during the package installation process. The package installation then finishes and everything appears to be functioning as intended. The GUI configuration menu for NRPE is now listed under services where it should be.
Updated by Renato Botelho about 10 years ago
Maybe the box you ran wget doesn't know the CA, but inside pfSense you do not have this error:
[2.1.1-PRERELEASE][admin@pfs20x86.localdomain]/root(2): fetch https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml nrpe2.xml 100% of 4628 B 4111 kBps
I've pushed a commit fixing old URLs for all packages, please try again.
Updated by Renato Botelho about 10 years ago
- Status changed from New to Feedback
Updated by Gyles Garber about 10 years ago
When I try and 'fetch' the file from the pfsense install I'm having issues with, after about 30 seconds I get this:
/usr/local/pkg(3): fetch https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml
fetch: https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml: No route to host
However, this host is resolving:
/usr/local/pkg(6): host packages.pfsense.org
packages.pfsense.org has address 208.123.73.88
packages.pfsense.org has IPv6 address 2610:160:11:11::88
I cannot trace all the way, I assume there is some device preventing it:
5 v225.core1.mci3.he.net (216.66.73.221) 75.849 ms 75.568 ms 75.371 ms
6 10ge1-4.core1.chi1.he.net (184.105.222.117) 90.312 ms 99.551 ms 87.503 ms
7 184.105.255.30 (184.105.255.30) 87.718 ms 184.862 ms 87.626 ms
8 66.109.1.67 (66.109.1.67) 101.192 ms
107.14.17.195 (107.14.17.195) 100.416 ms 101.969 ms
9 ae-0-0.cr0.chi30.tbone.rr.com (66.109.6.21) 100.681 ms 101.851 ms 100.571 ms
10 ae15.120.pr0.dfw10.tbone.rr.com (66.109.9.41) 98.167 ms
ae-2-0.cr0.dfw10.tbone.rr.com (66.109.6.22) 100.696 ms 102.103 ms
11 agg3.dllatxl301r.texas.rr.com (107.14.17.137) 102.257 ms 106.508 ms
agg4.dllatxl301r.texas.rr.com (107.14.19.93) 101.650 ms
12 agg1.ausutxla01r.texas.rr.com (24.175.41.47) 112.649 ms 110.994 ms 112.005 ms
13 tge9-1.ausutxla02h.texas.rr.com (24.175.41.59) 104.186 ms 104.180 ms 108.486 ms
14 RTR97-77-1-251.tx.twcbiz.com (97.77.1.251) 107.529 ms 107.509 ms 107.728 ms
15 rrcs-67-78-98-146.sw.biz.rr.com (67.78.98.146) 108.628 ms 107.622 ms 107.555 ms
16 * * *
17 * * *
I'm guessing that it is silently failing during the package install, but I can't say why. However, I do know that the problem persists, as I did a reinstall and end up with an empty file again:
-rw-r--r-- 1 root wheel 0 Mar 18 13:29 nrpe2.xml
I appreciate any additional thoughts you might have.
Updated by Renato Botelho about 10 years ago
- Priority changed from High to Normal
Updated by Renato Botelho about 10 years ago
- Status changed from Feedback to Closed
I'm closing the issue since it seems to be a network issue and not a pfSense issue. The best place to look for help with this kind of subject is forums and/or mailing lists.
Updated by Chris Buechler about 10 years ago
- Target version deleted (
2.1)
I suspect it's trying to get there via v6 for some reason, given the "no route to host" when you clearly have a v4 route to the host. Using "fetch -4" will confirm or deny that. If it is trying v6, it's because you have a config where it thinks it has valid v6 connectivity.
That traceroute looks the way it should for traffic that comes in via our twtelecom path. We didn't have UDP traceroute permitted on the new firewalls that subnet is behind, so that's where it should have stopped at the time. Now you can traceroute all the way through to the server.
But yes, not a bug, something to discuss further on the forum or list if you'd like to continue the discussion.
Updated by Gyles Garber about 10 years ago
Using 'fetch -4' results in similar behavior, but a different error:
/root(4): fetch -4 https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml
fetch: https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml: Operation timed out
I've verified that the setup on this firewall is exactly the same as several other firewalls I manage that don't have this problem. I'll look into pursuing this discussion in another venue if you are sure its not a bug.