stevegrubb
commented
7 months ago Are you using the service file distributed by the release? Seems like the process is heavily restricted by something. Normally it starts up as root since all these operation are privileged. In the configuration file, you can tell it what account to run under. After it finishes setting up, it drops privileges and switches to it's service account if you have one specified.
If you instead modify the service file to start unprivileged, it won't be able to set itself up.
I managed to get a working compile, but when I try to run with systemd I get the following errors:
an 31 22:56:17 ip-10-148-161-36.ec2.internal fagenrules[6760]: No rules in /etc/fapolicyd/rules.d Jan 31 22:56:17 ip-10-148-161-36.ec2.internal fapolicyd[6767]: Can't increase file number rlimit - Operation not permitted Jan 31 22:56:17 ip-10-148-161-36.ec2.internal systemd[1]: fapolicyd.service: control process exited, code=exited status=1 Jan 31 22:56:17 ip-10-148-161-36.ec2.internal fapolicyd[6767]: Couldn't adjust priority (Operation not permitted) Jan 31 22:56:17 ip-10-148-161-36.ec2.internal fapolicyd[6767]: Error opening rules file (No such file or directory)
the rules I can fix, but the priority and rlimit's are beyond my mere ken.
any ideas?