Project

General

Profile

Actions

Bug #7310

closed

Packages pre-deinstall script removes temporary files used by pkg

Added by Clinton Cory almost 5 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Category:
Snort
Target version:
-
Start date:
02/23/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.4
Affected Plus Version:
Affected Architecture:

Description

Upgrading from 2.3.3 to 2.4 removes Snort from the drop-down.

During the upgrade process I see this:

The following 4 package(s) will be affected (of 0 checked):

Installed packages to be REINSTALLED:
        pfSense-pkg-snort-3.2.9.2_16 [pfSense] (ABI changed: 'freebsd:10:x86:64' -> 'freebsd:11:x86:64')
        pfSense-pkg-ipsec-profile-wizard-0.9_4 [pfSense] (ABI changed: 'freebsd:10:x86:64' -> 'freebsd:11:x86:64')
        pfSense-pkg-aws-wizard-0.5_1 [pfSense] (ABI changed: 'freebsd:10:x86:64' -> 'freebsd:11:x86:64')
        pfSense-pkg-AutoConfigBackup-1.47 [pfSense] (ABI changed: 'freebsd:10:x86:64' -> 'freebsd:11:x86:64')

Number of packages to be reinstalled: 4
[1/4] Reinstalling pfSense-pkg-snort-3.2.9.2_16...
[1/4] Extracting pfSense-pkg-snort-3.2.9.2_16: .......... done
Removing snort components...
Menu items... done.
Services... done.
Loading package instructions...
pkg: Fail to rename /var/db/snort/sidmods/.disablesid-sample.conf.0NuTs0hpJjDf -> /var/db/snort/sidmods/disablesid-sample.conf: No such file or directory

Once the upgrade completes I can see the Snort package under Installed Packages and noticed this at the bottom of the Installed Packages page:

Newer version available

Package is configured but not (fully) installed

The Snort dashboard still shows but the service is missing from the Services drop-down. Here is the system log pertaining to Snort:

[2.4.0-BETA][root@pfSense.localdomain]/root: clog /var/log/system.log | grep -i snort
Feb 23 17:37:12 pfSense pkg: snort-2.9.8.3 installed
Feb 23 17:37:12 pfSense php: /etc/rc.packages: Beginning package installation for snort .
Feb 23 17:37:12 pfSense php: /etc/rc.packages: [Snort] Package post-installation tasks completed...
Feb 23 17:37:13 pfSense php: /etc/rc.packages: Successfully installed package: snort.
Feb 23 17:37:13 pfSense pkg: pfSense-pkg-snort-3.2.9.2_16 installed
Feb 23 17:37:37 pfSense php-fpm[91937]: /snort/snort_interfaces.php: [Snort] Updating rules configuration for: LAN ...
Feb 23 17:37:37 pfSense php-fpm[91937]: /snort/snort_interfaces.php: [Snort] Warning - no text rules or IPS-Policy selected for: LAN ...
Feb 23 17:37:37 pfSense php-fpm[91937]: /snort/snort_interfaces.php: [Snort] Building new sid-msg.map file for LAN...
Feb 23 17:37:37 pfSense php-fpm[91937]: /snort/snort_interfaces.php: Starting Snort on LAN(igb1) per user request...
Feb 23 17:37:37 pfSense php-fpm[91937]: /snort/snort_interfaces.php: [Snort] Snort START for LAN(igb1)...
Feb 23 17:42:06 pfSense SnortStartup[56768]: Snort START for LAn(18926_igb1)...
Feb 23 17:53:57 pfSense SnortStartup[66634]: Snort START for LAn(18926_igb1)...
Feb 23 17:54:00 pfSense SnortStartup[81505]: Snort STOP for LAn(18926_igb1)...
Feb 23 17:54:01 pfSense snort[78533]: *** Caught Term-Signal
Feb 23 17:54:03 pfSense php: /etc/rc.packages: [Snort] Snort package uninstall in progress...
Feb 23 17:54:14 pfSense php: /etc/rc.packages: [Snort] Removing package files...
Feb 23 17:54:14 pfSense php: /etc/rc.packages: [Snort] Not saving settings... all Snort configuration info and logs will be deleted...
Feb 23 17:54:14 pfSense php: /etc/rc.packages: [Snort] Flushing <snort2c> firewall table to remove addresses blocked by Snort...
Feb 23 17:54:14 pfSense php: /etc/rc.packages: [Snort] The package has been completely removed from this system.

Re-installing the Snort package corrects this issue and retains the user's configuration.

I've tested this on a SG-2220 and C2758.

Actions #1

Updated by Kill Bill almost 5 years ago

Duplicate of Bug #7229.

Actions #2

Updated by Jim Thompson almost 5 years ago

  • Assignee set to Renato Botelho
Actions #3

Updated by Michael Kellogg almost 5 years ago

upgrade from 2.3.4 with snort no problem here

Actions #4

Updated by Kill Bill almost 5 years ago

This is not a Snort bug. Beyond already linked #7229, there's another example of pkg being braindead junk here: https://forum.pfsense.org/index.php?topic=127480.msg703531#msg703531

Number of packages to be reinstalled: 1
[1/1] Reinstalling pfSense-pkg-Cron-0.3.7_1...
[1/1] Extracting pfSense-pkg-Cron-0.3.7_1: .......... done
Removing Cron components...
Menu items... done.
Loading package instructions...
Deinstall commands... done.
pkg: Fail to rename /usr/local/www/packages/cron/.cron.php.tJJigfijGw23 -> /usr/local/www/packages/cron/cron.php: No such file or directory
Failed
Actions #5

Updated by Renato Botelho almost 5 years ago

After dig into it I found the root cause of the problem, which I will describe here and work on a fix later.

During package reinstall process, when old version is removed, PRE-DEINSTALL script is called and run /etc/rc.packages with 'when' argument set to 'deinstall'. This action triggers delete_package_xml() and it has following code:

        /* deinstall commands */
        if ($when == "deinstall" && $pkg_config['custom_php_deinstall_command'] <> "") {
            update_status(gettext("Deinstall commands... "));
            if ($missing_include == false) {
                eval_once($pkg_config['custom_php_deinstall_command']);
                update_status(gettext("done.") . "\n");
            } else {
                update_status("\n". gettext("Not executing custom deinstall hook because an include is missing.") . "\n");
            }
        }

Taking Cron package as an example, when 'custom_php_deinstall_command' is executed it recursively removes '/usr/local/www/packages/cron' and at this time this directory contains temporary files used by pkg, thus we see that 'Fail to rename' message.

We need to verify on all packages for cases like this and provide a way to separate pre and post deinstall actions.

Actions #6

Updated by Renato Botelho almost 5 years ago

A workaround was added on pkg for specific packages and versions when same situation happened there. In our case a complete review of uninstall scripts will be necessary.

https://github.com/freebsd/freebsd-ports/commit/994bce279e172ec5c3f76b9aa5a791f0b1c0c9ef

Actions #7

Updated by Renato Botelho almost 5 years ago

  • Subject changed from Snort installed but missing - upgrading to 2.4 to Packages pre-deinstall script removes temporary files used by pkg
Actions #8

Updated by Renato Botelho almost 5 years ago

  • Status changed from New to Feedback

I've reviewed deinstall functions for all packages and removed commands that can cause this symptom. It still can happen on systems with old versions installed during upgrade.

Actions #9

Updated by Renato Botelho over 4 years ago

  • Status changed from Feedback to Resolved

Works

Actions

Also available in: Atom PDF