Solved pkg update returns in Permission denied and No route to host

hilda

hilda

Hi,
I have problems with two FreeBSD 11.2-RELEASE-p8 prod machines when I try to run “pkg update”. The two machines is pretty much the same as one is master an the other is slave. They only get files from other servers via scp every hour and analyse them with some scripts, that’s it.

I installed 11.1 before and updated to 11.2 for some month ago. Everything worked perfect for some time with the updates etc. Recently, I can’t run “pkg update” any more. Freebsd-update fetch etc. works, it’s only pkg that’s is the problem.


On one machine I get:
Code: 
 # pkg update
Updating FreeBSD repository catalogue...
pkg: Repository FreeBSD load error: access repo file(/var/db/pkg/repo-FreeBSD.sqlite) failed: No such file or directory
pkg: http://pkg.FreeBSD.org/FreeBSD:11:amd64/latest/meta.txz: No route to host
repository FreeBSD has no meta file, using default settings
pkg: http://pkg.FreeBSD.org/FreeBSD:11:amd64/latest/packagesite.txz: No route to host
Unable to update repository FreeBSD
Error updating repositories!


I got the same on the other machine before (I think) and tried to reinstall pkg, but it won’t work. So I get this:
Code: 
 # pkg update
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/latest, please wait...
pkg: Error fetching http://pkg.FreeBSD.org/FreeBSD:11:amd64/latest/Latest/pkg.txz: Permission denied
A pre-built version of pkg could not be found for your system.
Consider changing PACKAGESITE or installing it from ports: 'ports-mgmt/pkg'.


This is the info of the machines:
Code: 
 # uname -a
FreeBSD 1934 11.2-RELEASE-p8 FreeBSD 11.2-RELEASE-p8 #0: Tue Jan  8 21:35:12 UTC 2019     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64

Code: 
# uname -UK
1102000 1102000


I have tried # pkg -o OSVERSION=1102000 update -f but no luck.

In /usr/local/etc/pkg.conf I tried:
Code: 
FETCH_RETRY = 3;
FETCH_TIMEOUT = 300;
OSVERSION = 1102000;


The servers have deleted /var/db/pkg/repo-FreeBSD.sqlite. I have one backup repo-FreeBSD.sqlite.xz on one server, and I tried it, doesn’t work.


I have url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest", in /etc/pkg/FreeBSD.conf .


DNS etc. works fine on the servers.

Does someone have some tip?

//hilda
 
"No route to host" means you're not online or there's a firewall blocking your outgoing traffic. "Permission denied" might be caused by a proxy on your network.

hilda said:
I have url: "pkg+[URL]http://pkg.FreeBSD.org/$[/URL]{ABI}/latest", in /etc/pkg/FreeBSD.conf.
Click to expand...
Don't modify /etc/pkg/FreeBSD.conf, put your changes in /usr/local/etc/pkg/repos/FreeBSD.conf.
 
Tnx for the answer… Did some tests here.

(OK… you can skip this section if you don’t want to read about my stupid…. Yheaaa.. the fix is in the last section)


My dmz-customer-net is back off multiply firewalls there I don’t control all of them.. The easiest way to control it was to set up a new machine on the same net, and it worked! No problem with any firewall or proxy.

I scp the brand new repo-FreeBSD.sqlite to one of the broken machine. I also made the /use/local/etc/pkg/repos/FreeBSD.conf file with:
Code: 
FreeBSD: {
   url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest"
}

And got the same result more or less:
Code: 
 # pkg update
Updating FreeBSD repository catalogue...
pkg: Repository FreeBSD has a wrong packagesite, need to re-create database
pkg: http://pkg.FreeBSD.org/FreeBSD:11:amd64/latest/meta.txz: No route to host
repository FreeBSD has no meta file, using default settings
pkg: http://pkg.FreeBSD.org/FreeBSD:11:amd64/latest/packagesite.txz: No route to host
Unable to update repository FreeBSD
Error updating repositories!


Now I have 3 FreeBSD 11.2 boxes side by side (same net, same nameservers etc.). 2 is broken (old ones) and one with a clean install that work with pkg update. Same uname -a/UK.

The net (and applications) on the two broken machines work perfectly, it’s only # pkg update I get No route to host.


[The Fix]
In the middle when I write this.. Can it be my pf on the box? I have tcpdump with fplog0 running and nothing (I log more or less everything). But I have some heavy rules so I disable them with # pfctl -d and bam… it worked..

A couple a mount without pkg update and struggling to get it on track.. my own pf.. stupid stupid stupid…. You never ever learn.

So something had happen with the package repo, pf or something else. Time to go through the pf rules.

Tnx for the help.. sometime you need a kick somewhere.
 
Seems you missed the two lines marked with an arrow.
Code: 
FreeBSD: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
=>  mirror_type: "srv",
=> enabled: yes
}
 
Not required, settings in /usr/local/etc/pkg/repos/FreeBSD.conf are merged with the settings from /etc/pkg/FreeBSD.conf.
 
You must log in or register to reply here.
Back
Top