Solved Problem running pkg update

I'm running FreeBSD 13.0p4 and I'm having the following problem when trying to run pkg update:
Code:
# pkg update
Updating FreeBSD repository catalogue...
Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
Fetching packagesite.pkg: 100%    6 MiB   6.7MB/s    00:01
pkg: Unable to drop privileges: No error: 0
pkg: No signature found
Unable to update repository FreeBSD
Error updating repositories!

I tried to run the following command to try to adjust, but without success:

# pkg bootstrap -f

There is no file in /usr/local/etc/pkg/repos/FreeBSD.conf, follow pkg variables
Code:
# pkg -vv
Version : 1.17.2
PKG_DBDIR = "/var/db/pkg";
PKG_CACHEDIR = "/var/cache/pkg";
PORTSDIR = "/usr/ports";
INDEXDIR = "";
INDEXFILE = "INDEX-13";
HANDLE_RC_SCRIPTS = false;
DEFAULT_ALWAYS_YES = false;
ASSUME_ALWAYS_YES = false;
REPOS_DIR [
    "/etc/pkg/",
    "/usr/local/etc/pkg/repos/",
]
PLIST_KEYWORDS_DIR = "";
SYSLOG = true;
ABI = "FreeBSD:13:amd64";
ALTABI = "freebsd:13:x86:64";
DEVELOPER_MODE = false;
VULNXML_SITE = "http://vuxml.freebsd.org/freebsd/vuln.xml.xz";
FETCH_RETRY = 3;
PKG_PLUGINS_DIR = "/usr/local/lib/pkg/";
PKG_ENABLE_PLUGINS = true;
PLUGINS [
]
DEBUG_SCRIPTS = false;
PLUGINS_CONF_DIR = "/usr/local/etc/pkg/";
PERMISSIVE = false;
REPO_AUTOUPDATE = true;
NAMESERVER = "";
HTTP_USER_AGENT = "pkg/1.17.2";
EVENT_PIPE = "";
FETCH_TIMEOUT = 30;
UNSET_TIMESTAMP = false;
SSH_RESTRICT_DIR = "";
PKG_ENV {
}
PKG_SSH_ARGS = "";
DEBUG_LEVEL = 0;
BY THE WAY {
    all-depends = "query %dn-%dv";
    annotations = "info -A";
    build-depends = "info -qd";
    cinfo = "info -Cx";
    comment = "query -i \"%c\"";
    csearch = "search -Cx";
    desc = "query -i \"%e\"";
    download = "fetch";
    iinfo = "info -ix";
    isearch = "search -ix";
    prime-list = "query -e '%a = 0' '%n'";
    prime-origins = "query -e '%a = 0' '%o'";
    leaf = "query -e '%#r == 0' '%n-%v'";
    list = "info -ql";
    noauto = "query -e '%a == 0' '%n-%v'";
    options = "query -i \"%n - %Ok: %Ov\"";
    origin = "info -qo";
    provided-depends = "info -qb";
    rall-depends = "rquery %dn-%dv";
    raw = "info -R";
    rcomment = "rquery -i \"%c\"";
    rdesc = "rquery -i \"%e\"";
    required-depends = "info -qr";
    roptions = "rquery -i \"%n - %Ok: %Ov\"";
    shared-depends = "info -qB";
    mes = "info -f -k";
    size = "info -sq";
    unmaintained = "query -e '%m = \"ports@FreeBSD.org\"' '%o (%w)'";
    runmaintained = "rquery -e '%m = \"ports@FreeBSD.org\"' '%o (%w)'";
}
CUDF_SOLVER = "";
SAT_SOLVER = "";
RUN_SCRIPTS = true;
CASE_SENSITIVE_MATCH = false;
LOCK_WAIT = 1;
LOCK_RETRIES = 5;
SQLITE_PROFILE = false;
WORKERS_COUNT = 0;
READ_LOCK = false;
PLIST_ACCEPT_DIRECTORIES = false;
IP_VERSION = 0;
AUTOMERGE = true;
VERSION_SOURCE = "";
CONSERVATIVE_UPGRADE = true;
PKG_CREATE_VERBOSE = false;
AUTOCLEAN = false;
DOT_FILE = "";
REPOSITORIES {
}
VALID_URL_SCHEME [
    "pkg+http",
    "pkg+https",
    "https",
    "http",
    "filet",
    "ssh",
    "ftp",
    "ftps",
    "pkg+ssh",
    "pkg+ftp",
    "pkg+ftps",
]
ALLOW_BASE_SHLIBS = false;
WARN_SIZE_LIMIT = 1048576;
METALOG = "";
OSVERSION = 1300139;
IGNORE_OSVERSION = false;
BACKUP_LIBRARIES = false;
BACKUP_LIBRARY_PATH = "/usr/local/lib/compat/pkg";
PKG_TRIGGERS_DIR = "/usr/local/share/pkg/triggers";
PKG_TRIGGERS_ENABLE = true;
AUDIT_IGNORE_GLOB [
]
AUDIT_IGNORE_REGEX [
    "NULL",
]
COMPRESSION_LEVEL = -1;
ARCHIVE_SYMLINK = false;
REPO_ACCEPT_LEGACY_PKG = false;


Repositories:
  FreeBSD: {
    url : "pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/quarterly",
    enabled : yes,
    priority : 0,
    mirror_type : "SRV",
    signature_type : "FINGERPRINTS",
    fingerprints : "/usr/share/keys/pkg"
  }


Does anyone happen to know any way to resolve this?
Thanks for any help.
 
Hi, thank you for your help.
I tested it again, but it insists on installing version 1.17.2 as you can see below:

Code:
# pkg bootstrap -f
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/quarterly, please wait...
Verifying signature with trusted certificate pkg.freebsd.org.2013102301... done
Installing pkg-1.17.2...
package pkg is already installed, forced install
Extracting pkg-1.17.2: 100%

Apparently he's not finding 1.17.3, then that could be the problem, even forcing the reinstallation.
Do you happen to know any way to "force" the latest version?

The version of FreeBSD I am using is:
Code:
# freebsd-version -k
13.0-RELEASE-p4
# freebsd-version -u
13.0-RELEASE-p5


I also tried to do a clean pkg, with no success.
Code:
# pkg clean
pkg: Repository FreeBSD missing. 'pkg update' required
pkg: No package database installed.  Nothing to do!

# pkg update
Updating FreeBSD repository catalogue...
Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
Fetching packagesite.pkg: 100%    6 MiB   6.7MB/s    00:01
pkg: Unable to drop privileges: No error: 0
pkg: No signature found
Unable to update repository FreeBSD
 
Thanks for providing exact information.

Unable to drop privileges sounds like a database issue, which might be not resolved through packaging.

What's the file system?

… FreeBSD 13.0p4 …

tunefs -p /

grep dismounted /var/log/messages
 
I tested it again, but it insists on installing version 1.17.2 as you can see below:

# pkg bootstrap -f
...
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/quarterly, please wait...
...
Apparently he's not finding 1.17.3,
Your package repository configuration (/etc/pkg/FreeBSD.conf) is set to "quarterly". Currently ports-mgmt/pkg on "quarterly" is at version 1.17.2 for FreeBSD:13:amd64.

... any way to "force" the latest version?
Create /usr/local/etc/pkg/repos directory and /usr/local/etc/pkg/repos/latest.conf file, edit file, set url to latest:

latest.conf
Code:
FreeBSD: { enabled: no }

latest: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
  mirror_type: "srv",
  signature_type: "fingerprints",
  fingerprints: "/usr/share/keys/pkg",
  enabled: yes
}

After editing file run pkg upgrade.
 
Thanks for providing exact information.

Unable to drop privileges sounds like a database issue, which might be not resolved through packaging.

What's the file system?



tunefs -p /

grep dismounted /var/log/messages
Hi

I use UFS filesystem.

Code:
# tunefs -p /
tunefs: POSIX.1e ACLs: (-a)                                disabled
tunefs: NFSv4 ACLs: (-N)                                   disabled
tunefs: MAC multilabel: (-l)                               disabled
tunefs: soft updates: (-n)                                 enabled
tunefs: soft update journaling: (-j)                       enabled
tunefs: gjournal: (-J)                                     disabled
tunefs: trim: (-t)                                         disabled
tunefs: maximum blocks per file in a cylinder group: (-e)  4096
tunefs: average file size: (-f)                            16384
tunefs: average number of files in a directory: (-s)       64
tunefs: minimum percentage of free space: (-m)             8%
tunefs: space to hold for metadata blocks: (-k)            6400
tunefs: optimization preference: (-o)                      time
tunefs: volume label: (-L)

The command grep dismounted /var/log/messages did not return anything in the logs.

Is there any command or way to recreate the pkg base to see if it works?
 
Your package repository configuration (/etc/pkg/FreeBSD.conf) is set to "quarterly". Currently ports-mgmt/pkg on "quarterly" is at version 1.17.2 for FreeBSD:13:amd64.


Create /usr/local/etc/pkg/repos directory and /usr/local/etc/pkg/repos/latest.conf file, edit file, set url to latest:

latest.conf
Code:
FreeBSD: { enabled: no }

latest: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
  mirror_type: "srv",
  signature_type: "fingerprints",
  fingerprints: "/usr/share/keys/pkg",
  enabled: yes
}

After editing file run pkg upgrade.
I forced the latest version to see if the system error would change, but it didn't fix it either.

Strange that I have other FreeBSD in version 13 and I didn't have this kind of problem.
 
What are the permissions on /var/db/pkg and the files in it?
 
What are the permissions on /var/db/pkg and the files in it?
Code:
# ls -lha
total 21392
drwxr-xr-x   2 root  wheel   512B Nov  9 14:06 .
drwxr-xr-x  15 root  wheel   512B Aug 19 03:03 ..
-rw-r--r--   1 root  wheel   158B Nov  9 14:10 FreeBSD.meta
-rw-r--r--   1 root  wheel   158B Nov  9 14:05 latest.meta
-rw-r--r--   1 root  wheel    14M Nov  9 14:06 local.sqlite
-r--r--r--   1 root  wheel   6.6M Nov  8 03:36 vuln.xml

Permissions are the defaults, I didn't change them.
 
Does pkg update -f fix things? You can also try removing that FreeBSD.meta and latest.meta file. Do NOT remove that local.sqlite file, it contains the database with all your currently installed packages.
 
Does pkg update -f fix things? You can also try removing that FreeBSD.meta and latest.meta file. Do NOT remove that local.sqlite file, it contains the database with all your currently installed packages.
pkg update -f doesn't fix.

I tried to do what you mentioned and I was not successful either.
I'm on the search, thanks for the help so far.
 
Someone deleted user nobody from the system.
I tried to recreate the user with adduser but I couldn't keep it the way it was.
Is there any other way to recreate the user?
 
Someone deleted user nobody from the system.
That's an odd issue. If the user 'nobody' has been removed, double check if you still have a group called 'nobody' too.

Is there any other way to recreate the user?
It's best to use pw(8) for this, you have much better control over all the settings than the 'canned' adduser(8), which is primarily for interactively creating 'regular' user accounts.

pw groupadd nobody -g 65534 # Creates the group 'nobody' with a specific GID.
pw useradd nobody -u 65534 -g 65534 -d /nonexistent -s /usr/sbin/nologin -c 'Unprivileged user' # creates the 'nobody' user
 

As a precaution:
  1. boot in single user mode
  2. fsck -fy
  3. if any repair is performed or attempted, keep a note of the details (then again fsck -fy and note the details until runs are free from errors)
  4. exit to multi-user mode.

not successful

Are the two errors exactly as before?

Code:
pkg: Unable to drop privileges: No error: 0
pkg: No signature found

Someone deleted user nobody

How did you make this discovery?
 
Guys, after recreating user nobody on the system, things started working correctly again.

I chatted in the meantime with a guy in Brazil who is from the BSD dev base
In the source code he informed me that there was this:
Code:
void
drop_privileges(void)
{
  struct passwd *nobody;

  if (geteuid() == 0) {
   nobody = getpwnam("nobody");
   if (nobody == NULL)
    err(EXIT_FAILURE, "Unable to drop privileges");
   setgroups(1, &nobody->pw_gid);
   /* setgid also sets egid and setuid also sets euid */
   if (setgid(nobody->pw_gid) == -1)
    err(EXIT_FAILURE, "Unable to setgid");
   if (setuid(nobody->pw_uid) == -1)
    err(EXIT_FAILURE, "Unable to setuid");
  }
}

After this information from him, I went to /etc/passwd and saw that nobody had been removed, recreating the user as SirDice informed above, everything worked correctly.
Thanks for the personal help, I believe this topic is resolved.
 
If you don't know what list to use, which is understandable, there are a LOT of them, start on freebsd-questions@
 
Sorry about that, but I thought it was the most suitable list, because I didn't find the release list to post my question.
Now that I came to the forum and noticed that the interaction to help is greater, I will focus my doubts, when they exist here.
Don't underestimate the mailing lists. Your freebsd-current thread has been joined by Baptiste Daroussin, member of the "FreeBSD Port Management Team" (and also member of other teams and administations), and has updated the error message from "Unable to drop privileges" to "Unable to drop privileges: no 'nobody' user") in ports-mgmt/pkg.
 
Back
Top