search

yggdrasil-network / yggdrasil-go

An experiment in scalable routing as an encrypted IPv6 overlay network
https://yggdrasil-network.github.io
Other
3.67k stars 246 forks source link

Doesn't work out-of-the box on debian 12 (bookworm) as a systemd unit under yggdrasil user, only as root; am trying to debug why #1067

Open ghost opened 1 year ago

ghost commented 1 year ago

Hi,

Sorry in advance for the amount of text

I installed yggdrasil from system's repo onto a freshly installed Debian 12 (bookworm):

1.1. It didn't automatically create /var/run/yggdrasil/ and subsequently complained about it's socket being unachievable

2023/10/21 23:48:48 Admin socket failed to listen: listen unix /var/run/yggdrasil/yggdrasil.sock: bind: no such file or directory

The rights are set as follows

~$ sudo stat /etc/yggdrasil /etc/yggdrasil/yggdrasil.conf /var/run /var/run/yggdrasil/
  File: /etc/yggdrasil
  Size: 4096        Blocks: 8          IO Block: 4096   directory
Device: 8,5 Inode: 525304      Links: 2
Access: (0750/drwxr-x---)  Uid: (  102/yggdrasil)   Gid: (  112/yggdrasil)
Access: 2023-10-19 23:59:14.533164140 +0300
Modify: 2023-10-21 23:18:53.075568853 +0300
Change: 2023-10-21 23:18:53.075568853 +0300
 Birth: 2023-10-19 23:59:14.533164140 +0300
  File: /etc/yggdrasil/yggdrasil.conf
  Size: 3569        Blocks: 8          IO Block: 4096   regular file
Device: 8,5 Inode: 525451      Links: 1
Access: (0640/-rw-r-----)  Uid: (  102/yggdrasil)   Gid: (  112/yggdrasil)
Access: 2023-10-20 11:59:38.916565739 +0300
Modify: 2023-10-21 23:16:52.814287513 +0300
Change: 2023-10-21 23:16:52.814287513 +0300
 Birth: 2023-10-20 11:59:38.916565739 +0300
  File: /var/run -> /run
  Size: 4           Blocks: 0          IO Block: 4096   symbolic link
Device: 8,5 Inode: 5636280     Links: 1
Access: (0777/lrwxrwxrwx)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2023-10-19 22:44:15.607690570 +0300
Modify: 2023-10-19 22:44:15.607690570 +0300
Change: 2023-10-19 22:44:15.607690570 +0300
 Birth: 2023-10-19 22:44:15.607690570 +0300
  File: /var/run/yggdrasil/
  Size: 40          Blocks: 0          IO Block: 4096   directory
Device: 0,23    Inode: 1836        Links: 2
Access: (0755/drwxr-xr-x)  Uid: (  102/yggdrasil)   Gid: (  112/yggdrasil)
Access: 2023-10-21 23:54:30.957598988 +0300
Modify: 2023-10-21 23:54:30.957598988 +0300
Change: 2023-10-22 00:18:48.674015857 +0300
 Birth: 2023-10-21 23:54:30.957598988 +0300

The systemd unit config is vanilla one from deb package

1.2. Sometimes instead of the error above It gives me a permission error during interface creation (even when ran as 'yggdrasil'). It seems to be a race condition somewhere. I found it by restarting yggdrasil in a while true loop for debugging. Most errors are the same as the 1st one, and occasionally are as below.

panic: operation not permitted

goroutine 4 [running]:
github.com/yggdrasil-network/yggdrasil-go/src/tun.(*TunAdapter).setup(0xc0000bc580, {0x72b4b0?, 0xc0000e1900?}, {0xc0000a0450, 0x26}, 0x8?)
    github.com/yggdrasil-network/yggdrasil-go/src/tun/tun_linux.go:20 +0xd5
github.com/yggdrasil-network/yggdrasil-go/src/tun.(*TunAdapter)._start(0xc0000bc580)
    github.com/yggdrasil-network/yggdrasil-go/src/tun/tun.go:121 +0x20e
github.com/yggdrasil-network/yggdrasil-go/src/tun.New(0xc0000885a0, {0x7adc38?, 0xc000074060}, {0xc0000e1ce8, 0x2, 0xc0000c5d08?})
    github.com/yggdrasil-network/yggdrasil-go/src/tun/tun.go:101 +0xad
main.run({0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, {0x0, 0x0}, ...}, ...)
    github.com/yggdrasil-network/yggdrasil-go/cmd/yggdrasil/main.go:364 +0x1367
main.main.func1()
    github.com/yggdrasil-network/yggdrasil-go/cmd/yggdrasil/main.go:405 +0x85
created by main.main
    github.com/yggdrasil-network/yggdrasil-go/cmd/yggdrasil/main.go:403 +0x1ab
  1. Package manager's version doesn't give me the version number, only "unknown" instead
  2. Everything works as intended under root/sudo, but not under yggdrasil user, main user (1000), nor systemd unit (also yggdrasil user); both with -useconffile and -autoconf

Main user has the following groups:

cdrom floppy audio dip video plugdev users netdev bluetooth

I tried updating to latest release, but nothing seems to have changed

Build name: yggdrasil-develop
Build version: 0.5.0rc2

Where should I look next? I would appreciate any pointers)

Thanks

majestrate commented 1 year ago

i have hit this too when using an lxc holding debian 12. my main workstation with debian 12 has a bunch of custom setup so i forget if that is also happening there.

majestrate commented 1 year ago

(this was on the recent 0.4 debs)

jgoerzen commented 1 year ago

Hello @thomas-ives and @majestrate,

I am the maintainer of Yggdrasil packages in the Debian distribution (though not of the Yggdrasil packages that the Yggdrasil project produces). We are a bit confused about this bug report. Can you help by:

  1. Telling us whether you are using the debs from Yggdrasil or from Debian?
  2. Telling us whether you have ever used debs from a different source? (Yggdrasil or Debian)
  3. Sending the output of grep yggdrasil /var/log/dpkg.log?

Thanks,

John

jgoerzen commented 1 year ago

Possibly related to #1048

eee4 commented 1 week ago

Shame to admit, but after troubleshooting by modifying the systemd service file, I've managed to solve a similar issue (Admin socket failed to listen: listen unix /var/run/yggdrasil.sock: bind: read-only file system) by reviewing my configuration file, which I copy-pasted from a significantly older, previous installation. Simply commenting out AdminListen: unix:///var/run/yggdrasil.sock solved it for me.