opnsense / update

OPNsense update tools
https://opnsense.org/
BSD 2-Clause "Simplified" License
126 stars 76 forks source link

Bootstrap script 24.1 fails on Azure VM #93

Closed wshamroukh closed 3 months ago

wshamroukh commented 3 months ago

I am trying to run bootstrap script on FreeBSD 13.2 running on Azure VM. It fails with the following message:

sudo sh ./opnsense-bootstrap.sh.in -r 24.1
This utility will attempt to turn this installation into the latest
OPNsense 24.1 release.  All packages will be deleted, the base
system and kernel will be replaced, and if all went well the system
will automatically #reboot.

Proceed with this action? [y/N]: y
fetch: https://github.com/opnsense/core/archive/stable/24.1.tar.gz: size of remote file is not known
/tmp/opnsense-bootstrap/core.tar.gz                   7650 kB 8556 kBps    01s
pkg: 19 packages installed
azure-agent-2.8.0.11: already unlocked

I used to run this script 22.1 and earlier on FreeBSD 13.1 on Azure VM and it used to work just fine. It is just when I tried the new version 24.1 this is when I got this message. Any help is really appreciated

AdSchellevis commented 3 months ago

we do offer an official image on azure as well https://docs.opnsense.org/manual/how-tos/installazure.html

wshamroukh commented 3 months ago

we do offer an official image on azure as well https://docs.opnsense.org/manual/how-tos/installazure.html

I know there is one in Azure Marketplace, but because it needs purchase, and my subscription is not eligible for purchasing azure marketplace images, I am used to the bootstrap script, so I would appreciate it if I can find a fix for my issue.

wshamroukh commented 3 months ago

Commenting out this line seems to make the script run just fine https://github.com/opnsense/update/blob/master/src/bootstrap/opnsense-bootstrap.sh.in#L28

fichtner commented 3 months ago

Well, something errors out but you haven't said what. It's not in your output. set -e just makes sure it doesn't nuke something later on when an individual step cannot continue.

wshamroukh commented 3 months ago

azure-agent-2.8.0.11: already unlocked

Sorry if I wasn't clear here! The scripts throws this message after downloading the opnsense package and it stops

azure-agent-2.8.0.11: already unlocked

fichtner commented 3 months ago

I don't see how that's an error. It's a diagnostic message.

fichtner commented 3 months ago
# pkg unlock -y git && foo
git-2.45.2: already unlocked
foo: Command not found.
rippleFCL commented 3 months ago

i have a feeling this isnt azure specific. im able to replicate this on a freebsd 13.3 deploy. commenting out set -e dose work but thats not fix. i cant find what command actually errors tho. there isnt even a error message in shell

fichtner commented 3 months ago

Add

set -x

to the script and run it.

fichtner commented 3 months ago

13.2 is EoL on their end so that might be the reason the tooling fails, but impractical if the error is not observed.

rippleFCL commented 3 months ago

added set -x script worked find and didnt get stuck at already unlocked incredibly strange

rippleFCL commented 3 months ago

just incase i compleatly missunderstood what you where asking me to do i ran it with set -e -x and it seams to get stuck here https://github.com/opnsense/update/blob/f2a68310adc96dda4b49b928a2fe50ef7a27b974/src/bootstrap/opnsense-bootstrap.sh.in#L202

heres my command output too

+ fetch -o /tmp/opnsense-bootstrap/core.tar.gz https://github.com/opnsense/core/archive/stable/24.1.tar.gz
/tmp/opnsense-bootstrap/core.tar.gz                   7649 kB   24 MBps    01s
+ tar -C /tmp/opnsense-bootstrap -xf /tmp/opnsense-bootstrap/core.tar.gz
+ [ -z '' ]
+ pkg -N
pkg: 16 packages installed
+ pkg unlock -a
fusefs-libs-2.9.9_2: already unlocked
fichtner commented 3 months ago

Er what pkg version is installed? Maybe someone changed the return code to failure but it doesn’t make much sense as it’s not really an error if it is unlocked. 🤨

rippleFCL commented 3 months ago

my pkg version: pkg-1.21.3. been toying with it and it seams if you try and unlock a unlocked package the command returns 1 and the script failes. why its trying to unlock a unlocked package i cant tell you. it seams to only be fusefs-libs-2.9.9_2 it allways tries to unlock tho.

last point in the script shouldnt it be pkg unlock -a -y in the script? as it will just wait for the user to answer yes to all the locked packges otherwise

fichtner commented 3 months ago

Ok so this was changed somewhere in pkg. I don’t know if -ya is backwards compatible but if it works you can use it or just comment out that line. It’s mostly to prevent failure on manually changed installs.

rippleFCL commented 3 months ago

no clue if its helpful but you could list all locked packages then pipe that to pkg unlock as that seams to not return false positives. bit of a work around tho but should be backwards compat

fichtner commented 3 months ago

I tried adding pkg unlock -ya but to be frank the upstream pkg version is broken as it also ignores -a and just bails after the first already unlocked package. Not going to fix it or workaround it. If you want to kill all packages beforehand you won't run into this error:

# pkg delete -fya

Cheers, Franco

fichtner commented 3 months ago

https://github.com/freebsd/pkg/commit/41fea2de0f fixes this so pkg will fix itself sooner or later.