On 05/08/2011 03:05 PM, Otto Moerbeek wrote:
On Sun, May 08, 2011 at 02:54:21PM -0400, Chris Smith wrote:
After an update to -current yesterday Internet access was lost as
pf.conf could not be loaded. The error message was:
pfctl: DIOCADDRULE: Operation not supported by device
This error occurred after upgrading the kernel and then rebooting.
After userland was brought up to date as well and the system rebooted
everything was fine. The system in question was local so outside of
being offline for the amount of time it took to build userland there
wasn't a lot to worry about. What I'm concerned with is this being an
issue on a remote system where not being able to get back in after
rebooting with just an updated kernel would (if it happened) be a
serious issue.
Is there a good way to avoid this? Is it safe to skip rebooting
between the kernel build and userland build? Or would it work to
manually build and install pfctl before the reboot after the kernel
build? Or something else that hasn't occurred to me yet?
Thanks,
Chris
NO, it's not always safe to skip rebooting, not is it always safe to
reboot, as you have exerrienced.
The advise in http://www.openbsd.org/faq/faq5.html 5.2, last paragraph
is there for a reason.
-Otto
as is the rest of FAQ 5.2, questioning why you are building the system
from source, and 5.3.2, which is "install the closest snapshot".
So yes, there are good ways to avoid this problem -- follow the
instructions.
Nick.
