Project

General

Profile

Actions

Bug #8277

closed

ntopng service fails to start on 2.4.3

Added by Andrew - almost 7 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Category:
ntop
Target version:
-
Start date:
01/13/2018
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
2.4.3
Affected Plus Version:
Affected Architecture:

Description

Since the upgrade of the ports tree to ntopng-3.2.2017.12.06, the ntopng service no longer starts.

The system log shows pid [...] (ntopng), uid 0: exited on signal 11 (core dumped)

The service can be started manually from the command line (i.e. by running ntopng directly, rather than going through the pfsense UI) and then works. I would hazard a guess that something has changed on the command line syntax since the previous version.

Actions #1

Updated by Michael Kellogg almost 7 years ago

Actions #2

Updated by Andrew - almost 7 years ago

Thanks. Yes, looking at the ntopng prefs.cpp on GitHub it looks like that command line option has been removed in 3.2. So the pfSense package should also have the option removed from the GUI, hence this bug report.

Actions #3

Updated by Andrew - almost 7 years ago

By the way, I think there's an additional issue in that this warning is triggered on start up:

ntopng has not been compiled with libcap-dev
Network discovery and other privileged activities will fail

... so the new functionality in 3.2 doesn't appear to be working anyway.

Thanks.

Actions #4

Updated by Jim Thompson almost 7 years ago

  • Assignee set to Renato Botelho
Actions #5

Updated by Guido Falsi over 6 years ago

I could be wrong but libcap is a linux specific library to support capabilities as supported by the linux kernel.

There is and I don't think there cannot be a libcap for FreeBSD.

FreeBSD uses a capability framework known as capsicum, which is a different thing, with a different API and most probably different features.

Anyway adding capsicum support in ntopng would require some development activity in ntopng, which is different from simply adding a dependency.

I'll be asking the ntopng developers anyway.

UPDATE:

The functionality protected by capabilities mode is available on any OS as long as ntopng is running as root.

libcap is used to allow limited capabilities to be retained after dropping privileges as far as i understand.

Similar functionality should be possible using capsicum but that's to be investigated.

Actions #6

Updated by Jim Pingle over 6 years ago

  • Subject changed from ntopng 3.2.2017.12.06 service fails to start to ntopng service fails to start on 2.4.3
  • Status changed from New to Feedback

A new version of ntopng is available now on 2.4.4 snapshots which should address this issue. Try it there and let us know if it works.

Actions #7

Updated by Anonymous over 6 years ago

Tested on 2.4.4.a.20180412.1121, service starts and can be accessed.

Actions #8

Updated by Jim Pingle over 6 years ago

  • Status changed from Feedback to Assigned

Since it's OK on 2.4.4, we can copy back the new ntopng to 2.4.3 now

Actions #9

Updated by Renato Botelho over 6 years ago

  • Status changed from Assigned to Feedback
  • % Done changed from 0 to 100

Done on 2.4.3 and 2.3.5

Actions #10

Updated by Jim Pingle over 6 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF