Re: Cannot start service, initgroups(gotify,365): Operation not permitted

Reply: Matthias Fechner : "Re: Cannot start service, initgroups(gotify,365): Operation not permitted"
In reply to: Matthias Fechner : "Cannot start service, initgroups(gotify,365): Operation not permitted"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Ronald Klop <ronald-lists_at_klop.ws>
Date: Sat, 12 Oct 2024 08:37:16 UTC

If you run the script with sh -x you will get output of what it is doing. This can help identifying which part of the script fails.

sh -x /usr/local/etc/rc.d/gotify_server start

Are your sure you ran 'service gotify_server start' as root?
The man pages say that iinitgroups can only return EPERM via a call to setgroups when not run as root.

Regards,
Ronald

 
Van: Matthias Fechner <idefix@fechner.net>
Datum: zaterdag, 12 oktober 2024 10:02
Aan: ports@freebsd.org
Onderwerp: Cannot start service, initgroups(gotify,365): Operation not permitted
> 
> Dear all,
> 
> I currently try to create a port for gotify.
> The port itself is more or less complete, but I have problem with the init script:
> #!/bin/sh
> # PROVIDE: gotify_server
> # REQUIRE: DAEMON NETWORKING
> # KEYWORD: shutdown
> 
> #
> # Add these lines to /etc/rc.conf.local or /etc/rc.conf
> # to enable this service:
> #
> # gotify_server_enable (bool):        Set to NO by default.
> #                                     Set it to YES to enable mailpit.
> # gotify_server_dir (str):            Set to "/var/db/gotify" by default
> #                                     Set it to directory to run gotify in
> # gotify_server_user (str):           Set to "gotify" by default.
> #                                     Set it to user to run gotify-server under
> # gotify_server_group (str):          Set to "gotify" by default.
> #                                     Set it to group to run gotify-server under
> # gotify_server_args (string):        Custom extra arguments for gotify-server
> 
> . /etc/rc.subr
> 
> name="gotify_server"
> rcvar="gotify_server_enable"
> desc="Run Gotify notification server"
> 
> load_rc_config ${name}
> 
> : ${gotify_server_enable:="NO"}
> : ${gotify_server_dir:="/var/db/gotify"}
> : ${gotify_server_user:="gotify"}
> : ${gotify_server_group:="gotify"}
> : ${gotify_server_args:=""}
> 
> export HOME=${gotify_server_dir}
> export PATH=${PATH}:%%PREFIX%%/bin
> 
> pidfile="/var/run/${name}.pid"
> command="/usr/sbin/daemon"
> command_args="-f -p ${pidfile} -u ${gotify_server_user} %%PREFIX%%/bin/gotify-server ${gotify_server_args}"
> 
> start_precmd="gotify_server_precmd"
> 
> gotify_server_precmd()
> {
>          if [ ! -e "${pidfile}" ]; then
>                  install -g ${gotify_server_group} -o ${gotify_server_user} -- /dev/null "${pidfile}";
>          fi
> }
> 
> run_rc_command $1
> 
> If I install the package, enabled it (sysrc gotify_server_enable="YES") and start it with:
> service gotify_server start
> 
> It just returns and I see in /var/log/messages:
> Oct 12 09:55:56 gitlab daemon[9157]: initgroups(gotify,365): Operation not permitted
> 
> The user is existing:
> gotify:*:365:365:Gotify User:/var/db/gotify:/bin/sh
> 
> Group is existing:
> gotify:*:365:
> 
> and If I execute the command manually it works:
> /usr/sbin/daemon -f -p /var/run/gotify_server.pid -u gotify /usr/local/bin/gotify-server
> 
> So it is related to something the init scripts are doing.
> 
> Does maybe anyone have a idea?
> 
> Thanks
> 
> Gruß
> Matthias
> 
> -- 
> 
> "Programming today is a race between software engineers striving to
> build bigger and better idiot-proof programs, and the universe trying to
> produce bigger and better idiots. So far, the universe is winning." --
> Rich Cook
> 
>  
> 
> 
>