Hi all, the update went flawlessly. After the update, SSH doesn´t respond, needed to restart it via WUI to bring it back to life. Has Pmacct been merged for Core 157 so far ? If yes, it does not appear in Pakfire.
Some informations from here.
Best,
Erik
This seems to be a recurring problem, of late. Is there a way to avoid it?
Tom
On May 21, 2021, at 8:14 AM, ummeegge ummeegge@ipfire.org wrote:
Hi all, the update went flawlessly. After the update, SSH doesn´t respond, needed to restart it via WUI to bring it back to life. Has Pmacct been merged for Core 157 so far ? If yes, it does not appear in Pakfire.
Some informations from here.
Best,
Erik
Hello,
I ran into this, too, but I didn’t investigate it.
Does this only affect updates that ship a new version of OpenSSH or all of them?
On 21 May 2021, at 13:14, ummeegge ummeegge@ipfire.org wrote:
Hi all, the update went flawlessly. After the update, SSH doesn´t respond, needed to restart it via WUI to bring it back to life. Has Pmacct been merged for Core 157 so far ? If yes, it does not appear in Pakfire.
Pmacct has been merged and has been built:
https://nightly.ipfire.org/master/2021-05-18%2012:51:59%20+0000-d267131b/x86...
Can you try running “pakfire update” and see if it shows up?
-Michael
Some informations from here.
Best,
Erik
Hi All,
On 21/05/2021 15:08, Michael Tremer wrote:
Hello,
I ran into this, too, but I didn’t investigate it.
Does this only affect updates that ship a new version of OpenSSH or all of them?
On 21 May 2021, at 13:14, ummeegge ummeegge@ipfire.org wrote:
Hi all, the update went flawlessly. After the update, SSH doesn´t respond, needed to restart it via WUI to bring it back to life. Has Pmacct been merged for Core 157 so far ? If yes, it does not appear in Pakfire.
Pmacct has been merged and has been built:
https://nightly.ipfire.org/master/2021-05-18%2012:51:59%20+0000-d267131b/x86...
Can you try running “pakfire update” and see if it shows up?
After updating and then rebooting as instructed, I found pmacct in the pakfire list and it successfully installed, is running and shows up in the addon-services section.
Regards,
Adolf.
-Michael
Some informations from here.
Best,
Erik
Hi Michael,
Am Freitag, dem 21.05.2021 um 14:08 +0100 schrieb Michael Tremer:
Hello,
I ran into this, too, but I didn’t investigate it.
Does this only affect updates that ship a new version of OpenSSH or all of them?
It appears that sshd_config has been overwritten and SSH operates right away (before a reboot) via default port 22 even 222 has been configured. SSH have no entry in backup/includes and as far as i can see it is also missing in the exclude file, may the configuration directory has simply been renewed ?
On 21 May 2021, at 13:14, ummeegge ummeegge@ipfire.org wrote:
Hi all, the update went flawlessly. After the update, SSH doesn´t respond, needed to restart it via WUI to bring it back to life. Has Pmacct been merged for Core 157 so far ? If yes, it does not appear in Pakfire.
Pmacct has been merged and has been built:
https://nightly.ipfire.org/master/2021-05-18%2012:51:59%20+0000-d267131b/x86...
Can you try running “pakfire update” and see if it shows up?
Thanks, this was my fault :-) .
-Michael
Some informations from here.
Best,
Erik
On 21 May 2021, at 17:57, ummeegge ummeegge@ipfire.org wrote:
Hi Michael,
Am Freitag, dem 21.05.2021 um 14:08 +0100 schrieb Michael Tremer:
Hello,
I ran into this, too, but I didn’t investigate it.
Does this only affect updates that ship a new version of OpenSSH or all of them?
It appears that sshd_config has been overwritten and SSH operates right away (before a reboot) via default port 22 even 222 has been configured. SSH have no entry in backup/includes and as far as i can see it is also missing in the exclude file, may the configuration directory has simply been renewed ?
On 21 May 2021, at 13:14, ummeegge ummeegge@ipfire.org wrote:
Hi all, the update went flawlessly. After the update, SSH doesn´t respond, needed to restart it via WUI to bring it back to life. Has Pmacct been merged for Core 157 so far ? If yes, it does not appear in Pakfire.
Pmacct has been merged and has been built:
https://nightly.ipfire.org/master/2021-05-18%2012:51:59%20+0000-d267131b/x86...
Can you try running “pakfire update” and see if it shows up?
Thanks, this was my fault :-) .
Probably not. It might take a little while until all mirrors have synced…
-Michael
Some informations from here.
Best,
Erik
Hi All,
After updating and doing the reboot I got the following message on the boot screen.
Starting Unbound DHCP Leases Bridge... Traceback (most recent call last): File "/usr/sbin/unbound-dhcp-leases-bridge", line 35, in <module> import inotify.adapters ModuleNotFoundError: No module named 'inotify' [FAIL]
The prior message was Starting DHCP Server... [OK]
The following message was Starting SSH Server... [OK] which is interesting as the ssh connection would not work until I had pressed Save in the ssh WUI page
Regards,
Adolf.
Hello,
Is this problem still happening with the recent builds?
Best, -Michael
On 21 May 2021, at 14:26, Adolf Belka adolf.belka@ipfire.org wrote:
Hi All,
After updating and doing the reboot I got the following message on the boot screen.
Starting Unbound DHCP Leases Bridge... Traceback (most recent call last): File "/usr/sbin/unbound-dhcp-leases-bridge", line 35, in <module> import inotify.adapters ModuleNotFoundError: No module named 'inotify' [FAIL]
The prior message was Starting DHCP Server... [OK]
The following message was Starting SSH Server... [OK] which is interesting as the ssh connection would not work until I had pressed Save in the ssh WUI page
Regards,
Adolf.
Hi Michael,
On 25/05/2021 12:18, Michael Tremer wrote:
Hello,
Is this problem still happening with the recent builds?
I just tried it now, 13:30 in Netherlands, and got the same result.
This is on my VirtualBox vm testbed.
Regards, Adolf.
Best, -Michael
On 21 May 2021, at 14:26, Adolf Belka adolf.belka@ipfire.org wrote:
Hi All,
After updating and doing the reboot I got the following message on the boot screen.
Starting Unbound DHCP Leases Bridge... Traceback (most recent call last): File "/usr/sbin/unbound-dhcp-leases-bridge", line 35, in <module> import inotify.adapters ModuleNotFoundError: No module named 'inotify' [FAIL]
The prior message was Starting DHCP Server... [OK]
The following message was Starting SSH Server... [OK] which is interesting as the ssh connection would not work until I had pressed Save in the ssh WUI page
Regards,
Adolf.
Okay, thank you for double-checking.
I assume this is a fresh installation?
Can you try loading the inotify Python module on a Python 3 shell?
-Michael
On 25 May 2021, at 12:33, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Michael,
On 25/05/2021 12:18, Michael Tremer wrote:
Hello, Is this problem still happening with the recent builds?
I just tried it now, 13:30 in Netherlands, and got the same result.
This is on my VirtualBox vm testbed.
Regards, Adolf.
Best, -Michael
On 21 May 2021, at 14:26, Adolf Belka adolf.belka@ipfire.org wrote:
Hi All,
After updating and doing the reboot I got the following message on the boot screen.
Starting Unbound DHCP Leases Bridge... Traceback (most recent call last): File "/usr/sbin/unbound-dhcp-leases-bridge", line 35, in <module> import inotify.adapters ModuleNotFoundError: No module named 'inotify' [FAIL]
The prior message was Starting DHCP Server... [OK]
The following message was Starting SSH Server... [OK] which is interesting as the ssh connection would not work until I had pressed Save in the ssh WUI page
Regards,
Adolf.
Hi Michael,
On 25/05/2021 13:35, Michael Tremer wrote:
Okay, thank you for double-checking.
I assume this is a fresh installation?
No, this was a working Core Update 156 vm that I cloned and changed to Testing and did the update. The error message came up when rebooting after the upgrade.
Can you try loading the inotify Python module on a Python 3 shell?
I will give that a try and come back with what I find.
Regards, Adolf.
-Michael
On 25 May 2021, at 12:33, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Michael,
On 25/05/2021 12:18, Michael Tremer wrote:
Hello, Is this problem still happening with the recent builds?
I just tried it now, 13:30 in Netherlands, and got the same result.
This is on my VirtualBox vm testbed.
Regards, Adolf.
Best, -Michael
On 21 May 2021, at 14:26, Adolf Belka adolf.belka@ipfire.org wrote:
Hi All,
After updating and doing the reboot I got the following message on the boot screen.
Starting Unbound DHCP Leases Bridge... Traceback (most recent call last): File "/usr/sbin/unbound-dhcp-leases-bridge", line 35, in <module> import inotify.adapters ModuleNotFoundError: No module named 'inotify' [FAIL]
The prior message was Starting DHCP Server... [OK]
The following message was Starting SSH Server... [OK] which is interesting as the ssh connection would not work until I had pressed Save in the ssh WUI page
Regards,
Adolf.
Hi,
I had a little look and it seems that python3-inotify is missing in the updater.
Apart from that, it should work on a fresh installation.
-Michael
On 25 May 2021, at 12:42, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Michael,
On 25/05/2021 13:35, Michael Tremer wrote:
Okay, thank you for double-checking. I assume this is a fresh installation?
No, this was a working Core Update 156 vm that I cloned and changed to Testing and did the update. The error message came up when rebooting after the upgrade.
Can you try loading the inotify Python module on a Python 3 shell?
I will give that a try and come back with what I find.
Regards, Adolf.
-Michael
On 25 May 2021, at 12:33, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Michael,
On 25/05/2021 12:18, Michael Tremer wrote:
Hello, Is this problem still happening with the recent builds?
I just tried it now, 13:30 in Netherlands, and got the same result.
This is on my VirtualBox vm testbed.
Regards, Adolf.
Best, -Michael
On 21 May 2021, at 14:26, Adolf Belka adolf.belka@ipfire.org wrote:
Hi All,
After updating and doing the reboot I got the following message on the boot screen.
Starting Unbound DHCP Leases Bridge... Traceback (most recent call last): File "/usr/sbin/unbound-dhcp-leases-bridge", line 35, in <module> import inotify.adapters ModuleNotFoundError: No module named 'inotify' [FAIL]
The prior message was Starting DHCP Server... [OK]
The following message was Starting SSH Server... [OK] which is interesting as the ssh connection would not work until I had pressed Save in the ssh WUI page
Regards,
Adolf.
Hi Michael,
On 25/05/2021 13:49, Michael Tremer wrote:
Hi,
I had a little look and it seems that python3-inotify is missing in the updater.
Apart from that, it should work on a fresh installation.
I am not sure if your commit https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=c253116d250aedcb9e340dc6... is in the Testing build now or not yet. I just tried a fresh clone of 156 and upgraded to 157 and the same thing still happened. I am not sure if I have just been too eager.
-Michael
On 25 May 2021, at 12:42, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Michael,
On 25/05/2021 13:35, Michael Tremer wrote:
Okay, thank you for double-checking. I assume this is a fresh installation?
No, this was a working Core Update 156 vm that I cloned and changed to Testing and did the update. The error message came up when rebooting after the upgrade.
Can you try loading the inotify Python module on a Python 3 shell?
I will give that a try and come back with what I find.
I tried importing inotify into python3 and got the following message Python 3.8.7 (default, Mar 26 2021, 14:28:13) [GCC 10.2.0] on linux Type "help", "copyright", "credits" or "license" for more information.
import inotify
Traceback (most recent call last): File "<stdin>", line 1, in <module> ModuleNotFoundError: No module named 'inotify'
I then tried the same with python2 and got Python 2.7.18 (default, Mar 26 2021, 14:26:55) [GCC 10.2.0] on linux2 Type "help", "copyright", "credits" or "license" for more information.
import inotify
Regards, Adolf.
Regards, Adolf.
-Michael
On 25 May 2021, at 12:33, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Michael,
On 25/05/2021 12:18, Michael Tremer wrote:
Hello, Is this problem still happening with the recent builds?
I just tried it now, 13:30 in Netherlands, and got the same result.
This is on my VirtualBox vm testbed.
Regards, Adolf.
Best, -Michael
On 21 May 2021, at 14:26, Adolf Belka adolf.belka@ipfire.org wrote:
Hi All,
After updating and doing the reboot I got the following message on the boot screen.
Starting Unbound DHCP Leases Bridge... Traceback (most recent call last): File "/usr/sbin/unbound-dhcp-leases-bridge", line 35, in <module> import inotify.adapters ModuleNotFoundError: No module named 'inotify' [FAIL]
The prior message was Starting DHCP Server... [OK]
The following message was Starting SSH Server... [OK] which is interesting as the ssh connection would not work until I had pressed Save in the ssh WUI page
Regards,
Adolf.
Hello *,
Core Update 157 (testing, see: https://blog.ipfire.org/post/ipfire-2-25-core-update-157-available-for-testi...) is running here for about two days by now. While it did not introduce a major issue or a show-stopper, some minor quirks came to my attention:
(a) As several other testers already noticed, the update script is missing a "/usr/local/bin/sshctrl" call to apply changed SSH configurations. Patch https://patchwork.ipfire.org/patch/4351/ will fix that, bug #12627 has been filed for this.
(b) Currently, the update still misses an updated version of the backup.pl script, leaving users vulnerable to #12619. Patch https://patchwork.ipfire.org/patch/4352/ will fix that.
(c) Other parts of the https://patchwork.ipfire.org/project/ipfire/list/?series=2069 patch series clean up bits and pieces left over from pppd 2.4.8, and fix some permissions for NRPE plugins. Just mentioning that for the sake of completeness, none of that is critical.
(d) The output of "memory.cgi" file is missing some information due to insufficient parsing of "free" results. Bug #12628 has been filed for that - feel free to grab it and work on that, as the Perl script appears rather hacky to me -; this issue appeared on Core Update 156 as well.
Every now and then, I continue to suffer from an unknown bug causing VoIP calls not to be established properly (see: https://lists.ipfire.org/pipermail/development/2021-March/009656.html). The changelog file for Linux 4.14.222 (https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.222) mentions a commit f66f9f73e0303e0b498529cc72febbbfa11e2103, which reads "netfilter: conntrack: skip identical origin tuple in same zone only" and _might_ be related to that.
Unfortunately, I can currently neither confirm nor deny that this issue has been fixed, as I am unable to install the testing update on a second, productive IPFire machine as well.
Tested IPFire functionalities in detail: - IPsec (N2N connections only) - Squid (authentication enabled, using an upstream proxy) - OpenVPN (RW connections only) - IPS/Suricata (with Emerging Threats community ruleset enabled) - Guardian - Quality of Service - DNS (using DNS over TLS and strict QNAME minimisation) - Dynamic DNS - Tor (relay mode)
(a) to (c) require rebuilding Core Update 157. After this has been done and validated to be fixing the problems mentioned, I look forward to the release of this Core Update.
Thanks, and best regards, Peter Müller
Hello,
On 23 May 2021, at 17:15, Peter Müller peter.mueller@ipfire.org wrote:
Hello *,
Core Update 157 (testing, see: https://blog.ipfire.org/post/ipfire-2-25-core-update-157-available-for-testi...) is running here for about two days by now. While it did not introduce a major issue or a show-stopper, some minor quirks came to my attention:
(a) As several other testers already noticed, the update script is missing a "/usr/local/bin/sshctrl" call to apply changed SSH configurations. Patch https://patchwork.ipfire.org/patch/4351/ will fix that, bug #12627 has been filed for this.
Merged. Thank you.
(b) Currently, the update still misses an updated version of the backup.pl script, leaving users vulnerable to #12619. Patch https://patchwork.ipfire.org/patch/4352/ will fix that.
Also merged.
(c) Other parts of the https://patchwork.ipfire.org/project/ipfire/list/?series=2069 patch series clean up bits and pieces left over from pppd 2.4.8, and fix some permissions for NRPE plugins. Just mentioning that for the sake of completeness, none of that is critical.
Merged this too, although it strictly didn’t need to be in 157.
(d) The output of "memory.cgi" file is missing some information due to insufficient parsing of "free" results. Bug #12628 has been filed for that - feel free to grab it and work on that, as the Perl script appears rather hacky to me -; this issue appeared on Core Update 156 as well.
Looks like this is going into 158 then.
Every now and then, I continue to suffer from an unknown bug causing VoIP calls not to be established properly (see: https://lists.ipfire.org/pipermail/development/2021-March/009656.html). The changelog file for Linux 4.14.222 (https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.222) mentions a commit f66f9f73e0303e0b498529cc72febbbfa11e2103, which reads "netfilter: conntrack: skip identical origin tuple in same zone only" and _might_ be related to that.
Unfortunately, I can currently neither confirm nor deny that this issue has been fixed, as I am unable to install the testing update on a second, productive IPFire machine as well.
Tested IPFire functionalities in detail:
- IPsec (N2N connections only)
- Squid (authentication enabled, using an upstream proxy)
- OpenVPN (RW connections only)
- IPS/Suricata (with Emerging Threats community ruleset enabled)
- Guardian
- Quality of Service
- DNS (using DNS over TLS and strict QNAME minimisation)
- Dynamic DNS
- Tor (relay mode)
(a) to (c) require rebuilding Core Update 157. After this has been done and validated to be fixing the problems mentioned, I look forward to the release of this Core Update.
They are pushed and the build should be available in a couple of hours.
Thanks for the feedback…
-Michael
Thanks, and best regards, Peter Müller
-
Adolf Belka -
Michael Tremer -
Peter Müller -
Tom Rymes -
ummeegge