RushCN commented 2 months ago

Bug Description

● frps.service - frp server Loaded: loaded (/etc/systemd/system/frps.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since 四 2024-07-25 18:27:52 CST; 9s ago Process: 3193 ExecStart=/usr/games/frp/frps -c /usr/games/frp/frps.toml (code=exited, status=203/EXEC) Main PID: 3193 (code=exited, status=203/EXEC)

7月 25 18:27:52 localhost.localdomain systemd[1]: Started frp server. 7月 25 18:27:52 localhost.localdomain systemd[1]: frps.service: main process exited, code=exited, status=203/EXEC 7月 25 18:27:52 localhost.localdomain systemd[1]: Unit frps.service entered failed state. 7月 25 18:27:52 localhost.localdomain systemd[1]: frps.service failed.

frpc Version

0.59.0

frps Version

0.59.0

System Architecture

linux/amd64

Configurations

Linux localhost.localdomain 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux centos-release-7-2.1511.el7.centos.2.10.x86_64

Logs

No response

Steps to reproduce

...

Affected area

[ ] Docs
[x] Installation
[ ] Performance and Scalability
[ ] Security
[x] User Experience
[ ] Test and Release
[ ] Developer Infrastructure
[ ] Client Plugin
[ ] Server Plugin
[ ] Extensions
[ ] Others

382702065 commented 2 months ago

应该是开启了SELinux导致的，可以查看systemd日志获取更详细的错误信息，命令为：journalctl -xe 出现以下错误则可以确认是开启了SELinux导致：

SELinux is preventing /usr/lib/systemd/systemd from execute access on the file /opt/frps/frps. * Plugin catchall (100. confidence) suggests ** If you believe that systemd should be allowed execute access on the frps file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: ausearch -c '(frps)' --raw | audit2allow -M my-frps semodule -X 300 -i my-frps.pp

解决方法有如下两种第一种您可以暂时关闭SELinux（本人并不推荐），以允许systemd对frps文件的执行访问。在终端中执行以下命令： setenforce 0

第二种生成本地策略模块，您可以根据SELinux的建议生成本地策略模块，以允许systemd对frps文件的执行访问。执行以下命令：

ausearch -c '(frps)' --raw | audit2allow -M my-frps

semodule -X 300 -i my-frps.pp

此时再次启动frps脚本是否正常启动，如果不能启动则再次查看日志是否有如下错误：

* Plugin restorecon (99.5 confidence) suggests **** If you want to fix the label. /opt/frps/frps default label should be usr_t. Then you can run restorecon. The access attempt may have been stopped due to insufficient permissions to access a pa> Do /sbin/restorecon -v /opt/frps/frps

如果有以上类似错误则继续执行提示的命令：

/sbin/restorecon -v /opt/frps/frps

至此我是可以正常启动。

mvscode commented 2 months ago

SELinux 不是一定要开启的，你可以先手动把他关闭，然后安装frps 服务试试

fatedier / frp

frps无法启动 #4350