You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by GitBox <gi...@apache.org> on 2020/06/24 09:51:27 UTC
[GitHub] [trafficserver] ema opened a new issue #6944: Fatal error when starting traffic_manager as non-root if storage is configured: " failed to acquire privileged capabilities: Operation not permitted"
ema opened a new issue #6944:
URL: https://github.com/apache/trafficserver/issues/6944
With an empty `storage.config`, `traffic_manager` can be started as non-root without issues.
However, trying to configure storage makes `traffic_manager` fail with a FATAL error:
```
[Jun 24 11:44:14.165] traffic_manager FATAL: failed to acquire privileged capabilities: Operation not permitted
```
The following script reproduces the bug:
```bash
#!/bin/bash
cat <<EOF > /tmp/layout.yaml
prefix: /tmp/test
exec_prefix: /tmp/test
bindir: /tmp/test/bin
sbindir: /tmp/test/sbin
sysconfdir: /tmp/test/etc
datadir: /tmp/test/var/cache
includedir: /tmp/test/include
libdir: /usr/lib/trafficserver
libexecdir: /usr/lib/trafficserver/modules
localstatedir: /tmp/test/var
runtimedir: /tmp/test/var/run
logdir: /tmp/test/var/log
cachedir: /tmp/test/var/cache
EOF
traffic_layout init -f -p /tmp/test -l /tmp/layout.yaml --copy-style=soft
echo CONFIG proxy.config.admin.user_id STRING $(whoami) > /tmp/test/etc/records.config
# No FATAL commetning the following line
echo /tmp/test/var/cache/ 1M > /tmp/test/etc/storage.config
traffic_manager --nosyslog --run-root=/tmp/test/runroot.yaml
```
Here's `manager.log`:
```
[Jun 24 11:50:08.896] traffic_manager STATUS: opened /tmp/test/var/log/manager.log
[Jun 24 11:50:08.896] traffic_manager NOTE: updated diags config
[Jun 24 11:50:08.896] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: logging.yaml
[Jun 24 11:50:08.896] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file logging.yaml
[Jun 24 11:50:08.914] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: socks.config
[Jun 24 11:50:08.914] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file socks.config
[Jun 24 11:50:08.934] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: cache.config
[Jun 24 11:50:08.934] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file cache.config
[Jun 24 11:50:08.942] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: ip_allow.config
[Jun 24 11:50:08.942] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file ip_allow.config
[Jun 24 11:50:08.946] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: parent.config
[Jun 24 11:50:08.947] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file parent.config
[Jun 24 11:50:08.955] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: remap.config
[Jun 24 11:50:08.955] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file remap.config
[Jun 24 11:50:08.962] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: volume.config
[Jun 24 11:50:08.962] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file volume.config
[Jun 24 11:50:08.965] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: hosting.config
[Jun 24 11:50:08.965] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file hosting.config
[Jun 24 11:50:08.971] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: plugin.config
[Jun 24 11:50:08.971] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file plugin.config
[Jun 24 11:50:08.980] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: splitdns.config
[Jun 24 11:50:08.980] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file splitdns.config
[Jun 24 11:50:08.985] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: ssl_multicert.config
[Jun 24 11:50:08.985] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file ssl_multicert.config
[Jun 24 11:50:08.991] traffic_manager NOTE: [RollBack::Rollback] Missing Configuration File: ssl_server_name.yaml
[Jun 24 11:50:08.991] traffic_manager NOTE: [RollBack::Rollback] Created zero length place holder for config file ssl_server_name.yaml
[Jun 24 11:50:08.997] traffic_manager NOTE: [LocalManager::listenForProxy] Listening on port: 8080 (ipv4)
[Jun 24 11:50:08.997] traffic_manager NOTE: [LocalManager::listenForProxy] Listening on port: 8080 (ipv6)
[Jun 24 11:50:08.998] traffic_manager NOTE: [TrafficManager] Setup complete
[Jun 24 11:50:09.999] traffic_manager NOTE: [ProxyStateSet] Traffic Server Args: ' -M'
[Jun 24 11:50:09.999] traffic_manager NOTE: [LocalManager::listenForProxy] Listening on port: 8080 (ipv4)
[Jun 24 11:50:09.999] traffic_manager NOTE: [LocalManager::listenForProxy] Listening on port: 8080 (ipv6)
[Jun 24 11:50:09.999] traffic_manager NOTE: [LocalManager::startProxy] Launching ts process
[Jun 24 11:50:10.033] traffic_manager NOTE: [LocalManager::pollMgmtProcessServer] New process connecting fd '12'
[Jun 24 11:50:10.033] traffic_manager NOTE: [Alarms::signalAlarm] Server Process born
[Jun 24 11:50:12.116] traffic_manager FATAL: failed to acquire privileged capabilities: Operation not permitted
[Jun 24 11:50:12.116] traffic_manager NOTE: [LocalManager::mgmtShutdown] Executing shutdown request.
[Jun 24 11:50:12.116] traffic_manager NOTE: [LocalManager::processShutdown] Executing process shutdown request.
```
And `diags.log`:
```
[Jun 24 11:50:12.046] traffic_server STATUS: opened /tmp/test/var/log/diags.log
[Jun 24 11:50:12.046] traffic_server NOTE: updated diags config
[Jun 24 11:50:12.055] traffic_server NOTE: ip_allow.config updated, reloading
[Jun 24 11:50:12.055] traffic_server WARNING: IpAllow No entries in /tmp/test/etc/ip_allow.config. All IP Addresses will be blocked
[Jun 24 11:50:12.055] traffic_server WARNING: Unable to open file /tmp/test/var/run/host.db; [Error]: No such file or directory
[Jun 24 11:50:12.055] traffic_server WARNING: Error loading cache from /tmp/test/var/run/host.db: -1
[Jun 24 11:50:12.056] traffic_server NOTE: loading logging.yaml
[Jun 24 11:50:12.056] traffic_server WARNING: logging.yaml is empty
[Jun 24 11:50:12.056] traffic_server NOTE: failed to reload logging.yaml
[Jun 24 11:50:12.057] traffic_server NOTE: logging initialized[3], logging_mode = 3
[Jun 24 11:50:12.058] traffic_server NOTE: loading /tmp/test/etc/ssl_server_name.yaml
[Jun 24 11:50:12.058] traffic_server WARNING: /tmp/test/etc/ssl_server_name.yaml is empty
[Jun 24 11:50:12.058] traffic_server NOTE: ssl_server_name.yaml done reloading!
[Jun 24 11:50:12.058] traffic_server NOTE: loading SSL certificate configuration from /tmp/test/etc/ssl_multicert.config
[Jun 24 11:50:12.059] traffic_server NOTE: ssl_multicert.config done reloading!
[Jun 24 11:50:12.063] traffic_server WARNING: Unable to access() directory '/tmp/test/etc/body_factory': 2, No such file or directory
[Jun 24 11:50:12.063] traffic_server WARNING: Please set 'proxy.config.body_factory.template_sets_dir'
[Jun 24 11:50:12.063] traffic_server WARNING: can't open response template directory '/tmp/test/etc/body_factory' (No such file or directory)
[Jun 24 11:50:12.063] traffic_server WARNING: no response templates --- using default error pages
[Jun 24 11:50:12.063] [ET_NET 5] WARNING: disk header different for disk /tmp/test/var/cache/cache.db: clearing the disk
[Jun 24 11:50:12.065] [TS_MAIN] NOTE: traffic server running
[Jun 24 11:50:12.097] [ET_NET 0] NOTE: Clearing Disk: /tmp/test/var/cache/cache.db
[Jun 24 11:50:12.102] [ET_NET 0] NOTE: clearing cache directory '/tmp/test/var/cache/cache.db 16384:126'
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [trafficserver] github-actions[bot] commented on issue #6944: Fatal error when starting traffic_manager as non-root if storage is configured: " failed to acquire privileged capabilities: Operation not permitted"
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on issue #6944:
URL: https://github.com/apache/trafficserver/issues/6944#issuecomment-868134624
This issue has been automatically marked as stale because it has not had recent activity. Marking it stale to flag it for further consideration by the community.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org