ntopng service fails to start on 2.4.3
Since the upgrade of the ports tree to ntopng-3.2.2017.12.06, the ntopng service no longer starts.
The system log shows pid [...] (ntopng), uid 0: exited on signal 11 (core dumped)
The service can be started manually from the command line (i.e. by running ntopng directly, rather than going through the pfsense UI) and then works. I would hazard a guess that something has changed on the command line syntax since the previous version.
#1 Updated by Michael Kellogg over 2 years ago
maybe find some help in forums? https://forum.pfsense.org/index.php?topic=142576.0
#3 Updated by Andrew - over 2 years ago
By the way, I think there's an additional issue in that this warning is triggered on start up:
ntopng has not been compiled with libcap-dev
Network discovery and other privileged activities will fail
... so the new functionality in 3.2 doesn't appear to be working anyway.
#5 Updated by Guido Falsi over 2 years ago
I could be wrong but libcap is a linux specific library to support capabilities as supported by the linux kernel.
There is and I don't think there cannot be a libcap for FreeBSD.
FreeBSD uses a capability framework known as capsicum, which is a different thing, with a different API and most probably different features.
Anyway adding capsicum support in ntopng would require some development activity in ntopng, which is different from simply adding a dependency.
I'll be asking the ntopng developers anyway.
The functionality protected by capabilities mode is available on any OS as long as ntopng is running as root.
libcap is used to allow limited capabilities to be retained after dropping privileges as far as i understand.
Similar functionality should be possible using capsicum but that's to be investigated.
#6 Updated by Jim Pingle about 2 years ago
- Subject changed from ntopng 3.2.2017.12.06 service fails to start to ntopng service fails to start on 2.4.3
- Status changed from New to Feedback
A new version of ntopng is available now on 2.4.4 snapshots which should address this issue. Try it there and let us know if it works.