Checklist : <li class="task-list-i

Hi <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="

Hey <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url=

Does it work if you start the core manually with <code class="notranslate

error loading indexes: open /var/lib/portmaster/updates/stable.json: no such file or directory,about safing/portmaster

Comments (12)

markusressel commented on May 16, 2024 2

Just as an FYI:
When starting the notifier I got the following error, which I was able to fix by installing libappindicator-gtk3. By default my manjaro installation had installed libappindicator-gtk2, but not the gtk3 version. So you might want to add this to the list of required dependencies for running.

This is the error:

[control] 2020/06/20 22:39:35 starting /var/lib/portmaster/updates/linux_amd64/notifier/portmaster-notifier_v0-1-8 --data /var/lib/portmaster
/var/lib/portmaster/updates/linux_amd64/notifier/portmaster-notifier_v0-1-8: error while loading shared libraries: libappindicator3.so.1: cannot open shared object file: No such file or directory
[control] 2020/06/20 22:39:35 execution of notifier/portmaster-notifier failed: unexpected error during execution: exit status 127

from portmaster.

dhaavi commented on May 16, 2024 1

Thank you for digging deeper into this. I think it's best we wait on input from my colleague.

from portmaster.

ppacher commented on May 16, 2024 1

Hi @markusressel,

as @dhaavi already mentioned I'm on vacation so I cannot try to reproduce this right now. Until then, it would be great if you could post the output of the following commands:

uname -a
pacman -Qs netfilter
ls -lah $(which iptables)

It may also be helpful to see the kernel log messages at the time the nfqueue should be created. Try running dmesg -wH and then (re-) staring portmaster using systemctl restart portmaster. Maybe the kernel output in dmesg contains some useful information about what's going on.

When the portmaster service is running, the output of the following commands may be useful too:

cat /proc/net/netfilter/nfnetlink_queue

I'll come back to you as soon as possible.

from portmaster.

markusressel commented on May 16, 2024 1

No worries, vacation always comes first 🍹 😄

Just an FYI I experience the same issue on another, pure Arch Linux based system, so this doesn't seem to be something caused by Manjaro.

I will try to provide some info in the coming days.

from portmaster.

dhaavi commented on May 16, 2024 1

This is definitely growing into something bigger, so please continue in this new issue here: #82

This will also help us to better the find relevant information in the future.

from portmaster.

dhaavi commented on May 16, 2024

Hey @markusressel, thanks for checking out the Portmaster and reporting this issue!

I was able to reproduce and fix the issue in #80.

We improved the update registry at some point and in the process broke the initial downloading of assets. Note that the .deb installer packages an earlier version that is not affected by this bug.

Please go through the installation instructions again to download the newest portmaster-control binary and report back if the problem is also resolved on your end.

from portmaster.

markusressel commented on May 16, 2024

Thx, I re-downloaded the latest portmaster-control binary and the issue is fixed.

However, when starting the app, I get the following error:

Logs:

Jun 21 00:01:29 Thin systemd[1]: Started Portmaster Privacy App.
Jun 21 00:01:29 Thin portmaster-control[24309]: [control] 2020/06/20 22:01:29 starting /var/lib/portmaster/updates/linux_amd64/core/portmaster-core_v0-4-9 --data=/var/lib/portmaster/
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.051 ▶ BOF
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.051 ules/start:089 ▶ INFO 001 modules: initiating...
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.051 e/asm_amd6:1373 ▶ ERRO 002 modules: tasks should only be started when the module is online or starting
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.054 ules/start:186 ▶ INFO 003 modules: started database
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.055 ules/start:186 ▶ INFO 004 modules: started config
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.059 ules/start:186 ▶ INFO 005 modules: started rng
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.060 ules/start:186 ▶ INFO 006 modules: started base
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.060 ules/start:186 ▶ INFO 007 modules: started subsystems
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.060 ules/start:098 ▶ INFO 008 modules: initiated subsystems manager
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.160 dules/mgmt:070 ▶ INFO 009 modules: managing changes
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.161 ules/start:186 ▶ INFO 010 modules: started netenv
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.162 ules/start:186 ▶ INFO 011 modules: started notifications
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.162 ules/start:186 ▶ INFO 012 modules: started api
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.162 api/router:062 ▶ INFO 013 api: starting to listen on 127.0.0.1:817
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.167 ules/start:186 ▶ INFO 014 modules: started status
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.192 /resolvers:262 ▶ INFO 015 resolver: no local resolvers loaded
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.192 ules/start:186 ▶ INFO 016 modules: started resolver
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.474 r/updating:069 ▶ INFO 017 updates: updated index all/intel/intel.json
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.475 ules/start:186 ▶ INFO 018 modules: started updates
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.475 ules/start:186 ▶ INFO 019 modules: started geoip
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.476 ules/start:186 ▶ INFO 020 modules: started ui
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.479 ules/start:186 ▶ INFO 021 modules: started filterlists
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.479 ules/start:186 ▶ INFO 022 modules: started intel
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.488 ules/start:186 ▶ INFO 023 modules: started profiles
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.488 ules/start:186 ▶ INFO 024 modules: started processes
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.488 ules/start:186 ▶ INFO 025 modules: started network
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.783 dules/mgmt:084 ▶ WARN 026 modules: could not start module interception: interception: failed to create nfqueue(IPv4, in): could not create queue: operation not permitted
Jun 21 00:01:30 Thin portmaster-control[24309]: 200621 00:01:30.783 dules/mgmt:088 ▶ INFO 027 modules: finished managing
Jun 21 00:01:40 Thin portmaster-control[24309]: 200621 00:01:40.501 r/updating:069 ▶ INFO 028 updates: updated index stable.json
Jun 21 00:01:40 Thin portmaster-control[24309]: 200621 00:01:40.527 r/updating:069 ▶ INFO 029 updates: updated index beta.json
Jun 21 00:01:40 Thin portmaster-control[24309]: 200621 00:01:40.550 r/updating:069 ▶ INFO 030 updates: updated index all/intel/intel.json
Jun 21 00:01:40 Thin portmaster-control[24309]: 200621 00:01:40.551 r/updating:111 ▶ INFO 031 updates: starting to download 3 updates
Jun 21 00:01:41 Thin portmaster-control[24309]: 200621 00:01:41.755 ater/fetch:080 ▶ INFO 032 updates: fetched https://updates.safing.io/linux_amd64/control/portmaster-control_v0-3-5 (stored to /var/lib/portmaster/updates/linux_amd64/control/portmaster-control_v0-3-5)
Jun 21 00:01:42 Thin portmaster-control[24309]: 200621 00:01:42.653 ater/fetch:080 ▶ INFO 033 updates: fetched https://updates.safing.io/linux_amd64/app/portmaster-app_v0-1-10 (stored to /var/lib/portmaster/updates/linux_amd64/app/portmaster-app_v0-1-10)
Jun 21 00:01:43 Thin portmaster-control[24309]: 200621 00:01:43.581 ater/fetch:080 ▶ INFO 034 updates: fetched https://updates.safing.io/linux_amd64/notifier/portmaster-notifier_v0-1-8 (stored to /var/lib/portmaster/updates/linux_amd64/notifier/portmaster-notifier_v0-1-8)
Jun 21 00:01:43 Thin portmaster-control[24309]: 200621 00:01:43.581 r/updating:124 ▶ INFO 035 updates: finished downloading updates
Jun 21 00:01:43 Thin portmaster-control[24309]: 200621 00:01:43.741 s/upgrader:122 ▶ INFO 036 updates: upgraded /var/lib/portmaster/portmaster-control
Jun 21 00:01:43 Thin portmaster-control[24309]: 200621 00:01:43.753 s/upgrader:145 ▶ INFO 037 updates: upgraded /usr/local/bin/portmaster-control
Jun 21 00:01:44 Thin portmaster-control[24309]: 200621 00:01:44.011 ater/fetch:080 ▶ INFO 038 updates: fetched https://updates.safing.io/all/intel/lists/base_v20200620-20-10.dsdl (stored to /var/lib/portmaster/updates/all/intel/lists/base_v20200620-20-10.dsdl)
Jun 21 00:01:44 Thin portmaster-control[24309]: 200621 00:01:44.044 ater/fetch:080 ▶ INFO 039 updates: fetched https://updates.safing.io/all/intel/lists/intermediate_v20200613-22-0.dsdl (stored to /var/lib/portmaster/updates/all/intel/lists/intermediate_v20200613-22-0.dsdl)
Jun 21 00:01:44 Thin portmaster-control[24309]: 200621 00:01:44.074 ater/fetch:080 ▶ INFO 040 updates: fetched https://updates.safing.io/all/intel/lists/urgent_v20200620-10-0.dsdl (stored to /var/lib/portmaster/updates/all/intel/lists/urgent_v20200620-10-0.dsdl)
Jun 21 00:02:04 Thin portmaster-control[24309]: 200621 00:02:04.361 ts/updater:126 ▶ INFO 041 intel/filterlists: successfully migrated cache database to 20200620.20.10
Jun 21 00:02:48 Thin portmaster-control[24309]: 200621 00:02:48.779 d-response:051 ▶ INFO 042 api request: 127.0.0.1:50966 HIJ /api/database/v1
Jun 21 00:02:48 Thin portmaster-control[24309]: 200621 00:02:48.780 i/database:084 ▶ INFO 043 api request: init websocket 127.0.0.1:50966 /api/database/v1
Jun 21 00:02:50 Thin portmaster-control[24309]: 200621 00:02:50.087 d-response:065 ▶ INFO 044 api request: 127.0.0.1:50970 307 /
Jun 21 00:02:50 Thin portmaster-control[24309]: 200621 00:02:50.394 ater/fetch:080 ▶ INFO 045 updates: fetched https://updates.safing.io/all/ui/modules/base_v0-2-7.zip (stored to /var/lib/portmaster/updates/all/ui/modules/base_v0-2-7.zip)
Jun 21 00:02:50 Thin portmaster-control[24309]: 200621 00:02:50.418 d-response:065 ▶ INFO 046 api request: 127.0.0.1:50970 200 /ui/modules/base/
Jun 21 00:02:50 Thin portmaster-control[24309]: 200621 00:02:50.451 d-response:065 ▶ INFO 047 api request: 127.0.0.1:50970 200 /ui/modules/base/css/app.7dcda7ad.css
Jun 21 00:02:50 Thin portmaster-control[24309]: 200621 00:02:50.453 d-response:065 ▶ INFO 048 api request: 127.0.0.1:50972 200 /ui/modules/base/js/app.0314ac2c.js
Jun 21 00:02:50 Thin portmaster-control[24309]: 200621 00:02:50.464 d-response:065 ▶ INFO 049 api request: 127.0.0.1:50974 200 /ui/modules/base/js/chunk-vendors.d0291ca6.js
Jun 21 00:02:50 Thin portmaster-control[24309]: 200621 00:02:50.790 ater/fetch:080 ▶ INFO 050 updates: fetched https://updates.safing.io/all/ui/modules/assets_v0-1-5.zip (stored to /var/lib/portmaster/updates/all/ui/modules/assets_v0-1-5.zip)
Jun 21 00:02:50 Thin portmaster-control[24309]: 200621 00:02:50.791 d-response:065 ▶ INFO 051 api request: 127.0.0.1:50974 200 /assets/vendor/fonts/roboto.css
Jun 21 00:02:51 Thin portmaster-control[24309]: 200621 00:02:51.119 d-response:051 ▶ INFO 052 api request: 127.0.0.1:50976 HIJ /api/database/v1
Jun 21 00:02:51 Thin portmaster-control[24309]: 200621 00:02:51.119 i/database:084 ▶ INFO 053 api request: init websocket 127.0.0.1:50976 /api/database/v1
Jun 21 00:02:51 Thin portmaster-control[24309]: 200621 00:02:51.182 d-response:065 ▶ INFO 054 api request: 127.0.0.1:50974 200 /assets/icons/level_normal.svg
Jun 21 00:02:51 Thin portmaster-control[24309]: 200621 00:02:51.185 d-response:065 ▶ INFO 055 api request: 127.0.0.1:50972 200 /assets/icons/level_high.svg
Jun 21 00:02:51 Thin portmaster-control[24309]: 200621 00:02:51.187 d-response:065 ▶ INFO 056 api request: 127.0.0.1:50970 200 /assets/icons/level_extreme.svg
Jun 21 00:02:51 Thin portmaster-control[24309]: 200621 00:02:51.267 d-response:065 ▶ INFO 057 api request: 127.0.0.1:50974 200 /assets/img/plants1-br.png
Jun 21 00:02:52 Thin portmaster-control[24309]: 200621 00:02:52.007 d-response:065 ▶ INFO 058 api request: 127.0.0.1:50974 200 /assets/vendor/fonts/Roboto-300/Roboto-300.woff2
Jun 21 00:02:52 Thin portmaster-control[24309]: 200621 00:02:52.010 d-response:065 ▶ INFO 059 api request: 127.0.0.1:50974 200 /assets/vendor/fonts/Roboto-500/Roboto-500.woff2
Jun 21 00:02:52 Thin portmaster-control[24309]: 200621 00:02:52.011 d-response:065 ▶ INFO 060 api request: 127.0.0.1:50972 200 /ui/modules/base/fonts/icons.b5cf8ae2.woff2
Jun 21 00:02:52 Thin portmaster-control[24309]: 200621 00:02:52.012 d-response:065 ▶ INFO 061 api request: 127.0.0.1:50978 200 /assets/vendor/fonts/Roboto-700/Roboto-700.woff2
Jun 21 00:02:52 Thin portmaster-control[24309]: 200621 00:02:52.012 d-response:065 ▶ INFO 062 api request: 127.0.0.1:50970 200 /ui/modules/base/fonts/outline-icons.e07d9e40.woff2
Jun 21 00:02:52 Thin portmaster-control[24309]: 200621 00:02:52.231 d-response:065 ▶ INFO 063 api request: 127.0.0.1:50978 200 /assets/icons/level_normal.svg
Jun 21 00:02:52 Thin portmaster-control[24309]: 200621 00:02:52.281 d-response:065 ▶ INFO 064 api request: 127.0.0.1:50978 200 /assets/icons/level_high.svg
Jun 21 00:02:52 Thin portmaster-control[24309]: 200621 00:02:52.283 d-response:065 ▶ INFO 065 api request: 127.0.0.1:50974 200 /assets/icons/level_extreme.svg

As stated in the installation instructions, I did not run the app using sudo. For the core I used the systemd service provided by the instructions.

If I should open a new issue for this error please let me know.

from portmaster.

dhaavi commented on May 16, 2024

Somehow the service does not seem to be permitted to access iptables to set up integration.

Does it work if you start the core manually with sudo portmaster-control run core --data /var/lib/portmaster?

Regarding the service:

Have you installed it as a system service (and not as a user service)?
Is there anything you have configured or is in force that would limit permissions of said service? Do you have any advanced permission systems enabled? Maybe AppArmor / SELinux?

We can turn this into its own issue, if this becomes bigger thing.

Unfortunately, my colleague who wrote the Installation Guideline and is also much more experienced in this, is currently unavailable, but will be in 2-3 weeks.

I have explicitly added libappindicator-gtk3 as a dependency in the Wiki - Thanks! 👌

from portmaster.

markusressel commented on May 16, 2024

Does it work if you start the core manually with sudo portmaster-control run core --data /var/lib/portmaster?

No, I get the same error (and an additional one right after initializing...):

[control] 2020/06/21 21:14:16 starting /var/lib/portmaster/updates/linux_amd64/core/portmaster-core_v0-4-9 --data /var/lib/portmaster
200621 23:14:16.541 ▶ BOF
200621 23:14:16.541 ules/start:089 ▶ INFO 001 modules: initiating...
200621 23:14:16.541 e/asm_amd6:1373 ▶ ERRO 002 modules: tasks should only be started when the module is online or starting
200621 23:14:16.542 ules/start:186 ▶ INFO 003 modules: started database
200621 23:14:16.542 ules/start:186 ▶ INFO 004 modules: started config
200621 23:14:16.544 ules/start:186 ▶ INFO 005 modules: started rng
200621 23:14:16.544 ules/start:186 ▶ INFO 006 modules: started base
200621 23:14:16.545 ules/start:186 ▶ INFO 007 modules: started subsystems
200621 23:14:16.545 ules/start:098 ▶ INFO 008 modules: initiated subsystems manager
200621 23:14:16.645 dules/mgmt:070 ▶ INFO 009 modules: managing changes
200621 23:14:16.645 ules/start:186 ▶ INFO 010 modules: started notifications
200621 23:14:16.646 ules/start:186 ▶ INFO 011 modules: started api
200621 23:14:16.646 api/router:062 ▶ INFO 012 api: starting to listen on 127.0.0.1:817
200621 23:14:16.646 ules/start:186 ▶ INFO 013 modules: started netenv
200621 23:14:16.652 ules/start:186 ▶ INFO 014 modules: started status
200621 23:14:16.660 ules/start:186 ▶ INFO 015 modules: started updates
200621 23:14:16.660 ules/start:186 ▶ INFO 016 modules: started geoip
200621 23:14:16.661 ules/start:186 ▶ INFO 017 modules: started ui
200621 23:14:16.672 /resolvers:262 ▶ INFO 018 resolver: no local resolvers loaded
200621 23:14:16.672 ules/start:186 ▶ INFO 019 modules: started resolver
200621 23:14:16.684 ules/start:186 ▶ INFO 020 modules: started profiles
200621 23:14:16.684 ules/start:186 ▶ INFO 021 modules: started processes
200621 23:14:16.684 ules/start:186 ▶ INFO 022 modules: started network
200621 23:14:16.745 ules/start:186 ▶ INFO 023 modules: started filterlists
200621 23:14:16.745 ules/start:186 ▶ INFO 024 modules: started intel
200621 23:14:16.975 dules/mgmt:084 ▶ WARN 025 modules: could not start module interception: interception: failed to create nfqueue(IPv4, in): could not create queue: operation not permitted
200621 23:14:16.975 dules/mgmt:088 ▶ INFO 026 modules: finished managing
200621 23:14:27.044 r/updating:069 ▶ INFO 027 updates: updated index stable.json
200621 23:14:27.070 r/updating:069 ▶ INFO 028 updates: updated index beta.json
200621 23:14:27.099 r/updating:069 ▶ INFO 029 updates: updated index all/intel/intel.json
200621 23:14:27.099 r/updating:100 ▶ INFO 030 updates: everything up to date
200621 23:14:27.173 s/upgrader:122 ▶ INFO 031 updates: upgraded /var/lib/portmaster/portmaster-control
200621 23:14:27.181 s/upgrader:145 ▶ INFO 032 updates: upgraded /usr/local/bin/portmaster-control

Regarding the service:

1. Have you installed it as a system service (and not as a user service)?

2. Is there anything you have configured or is in force that would limit permissions of said service? Do you have any advanced permission systems enabled? Maybe AppArmor / SELinux?

As I mentioned, I followed the guide, which puts the service file in /etc/systemd/system/portmaster.service, so I would assume it is a system service.

I have not installed AppArmor oder SELinux myself, and afaik Manjaro uses neither of them by default.

Unfortunately, my colleague who wrote the Installation Guideline and is also much more experienced in this, is currently unavailable, but will be in 2-3 weeks.

Thx for the info. If we don't find an appropriate solution ourselfs I am fine with waiting.

from portmaster.

markusressel commented on May 16, 2024

I took a quick look at nfqueue-go and it suggests two solutions for permissions, and although portmaster-control already runs as root, I gave it a shot and executed

sudo setcap 'cap_net_admin=+ep' /usr/local/bin/portmaster-control

and then

sudo setcap 'cap_net_admin=+ep' /var/lib/portmaster/updates/linux_amd64/core/portmaster-core_v0-4-9

which sadly did not change the behavior 😞

from portmaster.

markusressel commented on May 16, 2024

I read here that the nfnetlink_queue kernel module is required, so I checked if thats running and indeed it is:

> lsmod | grep nfnetlink_queue
nfnetlink_queue        24576  2
nfnetlink              16384  3 nfnetlink_queue

as well as xt_NFQUEUE and x_tables:

> lsmod | grep xt_NFQUEUE
xt_NFQUEUE             16384  0
x_tables               53248  12 ip6table_filter,iptable_filter,xt_nat,ip6_tables,ipt_REJECT,xt_connmark,ip_tables,ip6table_mangle,ip6t_REJECT,xt_NFQUEUE,iptable_mangle,xt_mark

from portmaster.

ppacher commented on May 16, 2024

Thanks!

Interesting because I'm also running pure arch on all of my systems and I've portmaster running on at least two of them. We'll figure it out :)

from portmaster.

error loading indexes: open /var/lib/portmaster/updates/stable.json: no such file or directory about portmaster HOT 12 CLOSED

Comments (12)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent