plugins icon indicating copy to clipboard operation
plugins copied to clipboard

Published 20 hours ago verified publisher icon opnsense

os-crowdsec fails to start after upgrade to OPNsense 24.1.7

Open marcogiorgio opened this issue 1 year ago • 2 comments

Important notices Before you add a new report, we ask you kindly to acknowledge the following:

  • [X] I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
  • [X] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
  • [X] The title contains the plugin to which this issue belongs

Describe the bug As the title suggests, I noticed that the crowdsec plugin can't start after upgrading to OPNsense 24.1.7 (plugin version: 1.0.8) I see this in System->Log Files->General

/usr/local/etc/rc.d/crowdsec: WARNING: failed to start crowdsec

To Reproduce Steps to reproduce the behavior:

  1. Upgrade OPNsense to 24.1.7
  2. Notice that you cannot start the crowdsec plugin

Expected behavior Crowdsec plugin running

Relevant log files Let me know where I can find the relevant logs you need

Environment OPNsense 24.1 (amd64)

marcogiorgio avatar May 16 '24 22:05 marcogiorgio

Hello, I have upgraded too and don't have any errors.

First try if the template reload works: configctl template reload OPNsense/CrowdSec from the OPNsense CLI.

Afterwards you invoke: configctl crowdsec restart

Afterwards, check the logfile tail -n 200 /var/log/crowdsec/crowdsec.log, it will show the last 200 entries. You can then look for level=warn or level=err in the output or use grep.

tail -n 200 /var/log/crowdsec/crowdsec.log | grep -i -e "level=warn" -e "level=err"

Monviech avatar May 17 '24 06:05 Monviech

this is the LAPI mode...

https://github.com/freebsd/freebsd-ports/commit/0581f056998e84494c5eecbdd3336f61cfb1cd79#diff-8a5cd6963e2d7b8aa6ccc3a5bc2f54ab97a9b30f8eebfbf6aaab66bae688c9d8R35

problem introduced above ^^^ command is now daemon and flags are pushed to daemon command which fails

Also discussed here: https://www.reddit.com/r/opnsense/comments/1ctcit4/comment/l4fbeob/?context=3

CC @mmetc

fichtner avatar May 17 '24 08:05 fichtner

thanks! when I tested I didn't think the flag would be applied twice!

There is no need to use a flag, we can disable the service in a config file.

quick fix:

  1. edit /etc/rc.conf.d/crowdsec and remove crowdsec_flags
  2. in /usr/local/etc/crowdsec/config.yaml, set
api:
 ...
 server:
   enable: false
   ...

PR available at https://github.com/opnsense/plugins/pull/3986

Thanks again

mmetc avatar May 17 '24 22:05 mmetc