So I decided to upgrade my Pi3 this morning, a task that I thought would be be pretty straightforward. It's worth noting that I haven't upgraded my Pi since I did the initial package installs when I set up the OS and pihole, so ... it was more than due for at least a cursory upgrade.
I logged into my Pi:
self@GreenScreen:~$ ssh pi Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-1009-raspi2 armv7l) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud 106 packages can be updated. 1 update is a security update. *** System restart required *** Last login: Mon Mar 6 01:11:08 2017 from 192.168.█.█ ubuntu@ubuntu:~$ sudo apt-get update && sudo apt-get upgrade Hit:1 http://ppa.launchpad.net/ubuntu-raspi2/ppa-rpi3/ubuntu xenial InRelease Hit:2 http://ports.ubuntu.com/ubuntu-ports xenial InRelease Hit:3 http://ports.ubuntu.com/ubuntu-ports xenial-updates InRelease Hit:4 http://ports.ubuntu.com/ubuntu-ports xenial-backports InRelease Hit:5 http://ports.ubuntu.com/ubuntu-ports xenial-security InRelease E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable) E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it? ubuntu@ubuntu:~$ sudo reboot now
Since it was brunch time, I got up and grabbed my peanut butter latte, and sat back down. More than enough time for a reboot.
Or so you would think.
self@GreenScreen:~$ ssh pi -v OpenSSH_7.5p1, LibreSSL 2.5.4 debug1: Reading configuration data /Users/quintessence/.ssh/config debug1: /Users/quintessence/.ssh/config line 41: Applying options for pi debug1: /Users/quintessence/.ssh/config line 138: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 52: Applying options for * debug1: Connecting to 192.168.█.█ [192.168.█.█] port 22. ^C self@GreenScreen:~$ ssh email@example.com.█.█ -v OpenSSH_7.5p1, LibreSSL 2.5.4 debug1: Reading configuration data /Users/quintessence/.ssh/config debug1: /Users/quintessence/.ssh/config line 138: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 52: Applying options for * debug1: Connecting to 192.168.█.█ [192.168.█.█] port 22. debug1: connect to address 192.168.█.█ port 22: Operation timed out ssh: connect to host 192.168.█.█ port 22: Operation timed out
Fishing out an HDMI cable, I connect the Pi to my TV and see that U-Boot is trying to PXE boot like so:
(( snip )) Waiting for Ethernet connection...done *** ERROR: `serverip' is not set missing environment variable: bootfile Retrieving file: pxelinux.cfg/default-arm Waiting for Ethernet connection...done *** ERROR: `serverip' is not set missing environment variable: bootfile Retrieving file: pxelinux.cfg/default Waiting for Ethernet connection...done *** ERROR: `serverip' is not set (( snip ))
It looped around like this until I got a prompt, but I wasn't in bash or sh, I was in U-Boot - the bootloader. That became obvious when commands like
cd did not exist and the output of the
help command looked like this:
? - alias for 'help' base - print or set address offset bdinfo - print Board Info structure boot - boot default, i.e., run 'bootcmd' bootd - boot default, i.e., run 'bootcmd' bootelf - Boot from an ELF image in memory bootm - boot application image from memory bootp - boot image via network using BOOTP/TFTP protocol bootvx - Boot vxWorks from an ELF image (( snip ))
Why was I in U-Boot? For some reason the SD card was not being recognized as a boot device and so the Pi tried the next thing it knew: PXE boot. This failed because I don't have a TFTP server config for it to find, so it's trying and failing to find PXE config files that don't exist.
As for how I ended up in this mess: I suspect that I didn't notice the
system restart required message at some earlier point and therefore not only did the current upgrade fail, something in the initial batch did as well. The combination, well...
In any event, I'm lucky in that since this Pi was really just for running the pihole software, I don't have to waste too much (more) time trying to dig around in there. So I just wiped it clean and re-wrote a new image on it.
After reading up on Ubuntu a bit, and the fact that the image for the Pi is "unofficial" and has some "upgrade issues" (no, really?) I opted for Raspbian, the official Pi distro.
From the instructions, I decided to download Etcher to write the image to disk, like so:
Since I only have one removable drive connected, it automatically found my SD card which was appreciated. The timer also lets me know that I can have another snack, which with how long this is taking why not...
Awesome. At this point the SD card is no longer mounted as there is a setting in Etcher to auto-unmount on success. After a successful boot I enable
sudo systemctl enable ssh sudo systemctl start ssh
I need to remove the
192.168.█.█ line from my
~/.ssh/known_hosts file since on my first attempt to
ssh I receive an error about a potential man in the middle attack due to the changed fingerprint. This is expected, though, since there is a new image on the Pi at the same IP address.
Moving along I add my pubkey to
~/.ssh/authorized_keys on the Pi and
sudo passwd pi to change the password from the default
pi@raspberrypi:~ $ mkdir .ssh pi@raspberrypi:~ $ vim ~/.ssh/authorized_keys -bash: vim: command not found pi@raspberrypi:~ $ vi !$ vi ~/.ssh/authorized_hosts pi@raspberrypi:~ $ sudo passwd pi Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
Ran all the package updates, installed the pihole package which basically involved a
curl and then navigating through prompts:
pi@raspberrypi:~ $ curl -sSL https://install.pi-hole.net | bash ::: system networking, it requires elevated rights. Please check the contents of the script for ::: any concerns with this requirement. Please be sure to download this script from a trusted source. ::: ::: Detecting the presence of the sudo utility for continuation of this install... ::: Utility sudo located. .;;,. .ccccc:,. :cccclll:. ..,, :ccccclll. ;ooodc 'ccll:;ll .oooodc .;cll.;;looo:. .. ','. .',,,,,,'. .',,,,,,,,,,. .',,,,,,,,,,,,.... ....''',,,,,,,'....... ......... .... ......... .......... .......... .......... .......... ......... .... ......... ........,,,,,,,'...... ....',,,,,,,,,,,,. .',,,,,,,,,'. .',,,,,,'. ..'''. ::: ::: You are root. ::: Verifying free disk space... ::: ::: Updating local cache of available packages... (( snip ))
Navigated to a few known ad-heavy sites like Forbes and took a look at my dashboard:
And now I'm off to a safer, more secure browsing experience.
After 1 hr of use.
After 24 hrs of use.
Source for header: firey background from burnt embers created by Shutterstock user Bernatskaya Oxana and the Raspberry Pi logo.