admin.macaroon missing

[Stadicus]

I am opening this issue on behalf of several users that followed my RaspiBolt guide and had the issue that the admin.macaroon was not created.

• Guide: https://github.com/Stadicus/guides/tree/master/raspibolt
• Issue: https://github.com/Stadicus/guides/issues/8

Would you mind glancing over the installation part in my guide to check if I missed something? Personally, I never had this issue and everything went as expected...

• Install LND:
  https://github.com/Stadicus/guides/blob/master/raspibolt/raspibolt_40_lnd.md#install-lnd

Thanks!

[Roasbeef]

If they had a partial installation, then their data directory might have been messed up from a prior installation. If they delete the macaroons, then they'll be regenerated.

[GeorgeSpark-Stahl]

I'm also seeing this issue, although I didn't follow that guide to get setup. I had an existing lnd installation which I deleted when I upgraded. But now only macaroons.db is getting recreated. I've searched around to see if the files were created elsewhere, but I haven't been able to find them. This is on macOS High Sierra.

[Roasbeef]

Are you starting lnd with --no-macaroons? In that case macaroons won't be generated at all if you do it upon initial set up.

[GeorgeSpark-Stahl]

I was not originally running with --no-macaroons, although I had added it as a workaround. I went to go recreate the issue by removing --no-macaroons and it recreated the correct macaroons, so everything is great now. 🤷‍♂️

[aakselrod]

@Stadicus, do people notice the macaroon issue after switching from testnet to mainnet, or is it present when they first start in testnet mode? The macaroon DB is encrypted with the same password as the wallet, so if you're moving to a new wallet, you need to delete the macaroon DB and any macaroons generated from that DB, which is missing from the instructions for moving to mainnet.

ETA: If the user happens to use the same password for the mainnet wallet that they had for the testnet wallet, this bypasses that problem.

[Stadicus]

I guess that could be the issue. I'll adjust the guide asap to clean up before the switch. Best to delete everything, or only specific files?

[aakselrod]

Delete the admin.macaroon, readonly.macaroon, and macaroons.db files. Do this any time you switch your wallet to a new one.

[cootpursuits]

I had this issue when I first started in testnet mode. macaroons.db was generated, but admin.macaroon and readonly.macaroon were not.

[aakselrod]

@cootpursuits Are you running both lnd and lncli as the bitcoin user? Under what directory is the macaroons.db being generated?

[aakselrod]

@Stadicus It's created right after the wallet password is input:

https://github.com/lightningnetwork/lnd/blob/master/lnd.go#L222

Based on that, there's another interesting possible way to make it fail:

• Start lnd, create wallet with password with lncli create
• Stop lnd, delete macaroons.db and *.macaroon
• Start lnd, enter the wrong password using lncli unlock

This will create a new macaroons.db, which will be encrypted with the wrong password. After that, the wallet decryption will fail. If you start lnd again, it will only be able to open one of macaroons.db or wallet.db.

[Stadicus]

Thanks a lot for the clarification. I removed my question as not to bother you with trivial stuff and tested myself (as described in https://github.com/Stadicus/guides/issues/8#issuecomment-374753401).

[aakselrod]

Happy to help, just can't seem to reproduce it myself without a mismatched wallet/macaroon DB password.

[Stadicus]

I just thought that I was able to recreate the issue, but it was my own error. For testing purposes, I quickly entered the password "12345" and got the following response:

bitcoin@RaspiBolt:/mnt/hdd $ lncli create
Input wallet password:
Confirm wallet password:

Do you have an existing cipher seed mnemonic you want to use? (Enter y/n): n

Your cipher seed can optionally be encrypted.
Input your passphrase you wish to encrypt it (or press enter to proceed without a cipher seed passphrase):

Generating fresh cipher seed...

!!!YOU MUST WRITE DOWN THIS SEED TO BE ABLE TO RESTORE THE WALLET!!!

---------------BEGIN LND CIPHER SEED---------------
...
...
...
---------------END LND CIPHER SEED-----------------

!!!YOU MUST WRITE DOWN THIS SEED TO BE ABLE TO RESTORE THE WALLET!!!
[lncli] rpc error: code = Unknown desc = password must have at least 8 characters
bitcoin@RaspiBolt:/mnt/hdd $

No *.macaroon files and no macaroons db is created.

IMHO it's very easy to miss the error output on the last line. I think it would be a good idea to cancel the create command right after the password entry, and not ask for for additional information and even generate a mnemonicon.

Just my 5 satoshis. :-)

[Stadicus]

Another question (I am in the process of retracing all steps, but it takes time until the blockchain is synced again). When I set up my initial configuration, I created the wallet for testnet. AFAIK I could switch very easily to mainnet, without deleting any macaroons or wallet.

I am not sure now, but I don't think I had to create a new seed for mainnet. At least I did not note anything about creating in my guide, which I tested step by step.

Is this possible? Then it shouldn't be necessary to delete anything or create a new wallet, right?

[Roasbeef]

For testing purposes, I quickly entered the password "12345" and got the following response:

The error in the command shows that the password was invalid.

[Stadicus]

IMHO it's very easy to miss the error output on the last line.

Yes, I got that later on. It just not what one expects to get the error three steps after entering the password. But certainly not a high priority issue, more something in regards to UX.

[Stadicus]

Issue seems RAM related as stated by @aakselrod in this issue. Creating an additional swap file seems to solve it. Closing this issue for now.

[marshabl]

FWIW, I commented out the CONF_SWAPSIZE=1000 @Stadicus 's guide, then deleted everything in the downloads folder and restarted bitcoind and lnd. This worked for me, so hopefully it works for others. I am no expert here, but do we need to have CONF_SWAPSIZE=1000?? Perhaps delete from guide?

This guide: https://brettmorrison.com/running-a-bitcoin-lightning-full-node-on-raspberry-pi has some helpful pointers, particularly in the comments section.

[rek79]

Resolved the issue (I think). Please reference my post here: https://github.com/Stadicus/guides/issues/8#issuecomment-423858292

[ddolgov]

What is the "official" solution to this issue?

I've closely followed the Thundroid giude on a fresh odroid system. The only difference was that I've installed lnd-0.5.2 and it requires different ports for the two ZMQ interfaces in bitcoin.conf.

As @rek79 pointed out, my .macaroon files were created in /mnt/hdd/lnd/data/chain/bitcoin/testnet/ directory. Can one simply copy them to /mnt/hdd/lnd/data/chain/bitcoin/mainnet and everything else should work?

I've actually tried it and lncli newaddress np2wkh successfully generated a testnet address, not sure if the rest of the guide will be fine.

[halseth]

@ddolgov If it works, you're fine 👍

[guggero]

another question. wanted to upgrade lnd. for this i have to delete *.macaroon. but i always get this alert: rm: cannot remove '/home/bitcoin/.lnd/data/chain/bitcoin/mainnet/readonly.macaroon': Read-only file system no matter as admin-, bitcoin- or root-user where and how can i change rights for admin-user. probably you can write in here the right commands. thx

This sounds like a question for the RaspiBolt or RaspiBlitz folks. Not sure how exactly your setup looks like, but if you can't delete files that's very likely not caused by lnd.