I have been trying to get Forgejo running in a Truenas Core (FreeBSD jail) for over a week. When I manually start Forgejo as the git user it runs as expected, however attempting to get it to run with the included rc file provided by the ports package it errors out.
When I start forgejo manually it runs:
root@Forgejo:/home/jailuser # su git
git@Forgejo:/home/jailuser $ forgejo web -c /usr/local/etc/forgejo/conf/app.ini
2024/04/23 18:59:36 cmd/web.go:242:runWeb() [I] Starting Forgejo on PID: 4748
2024/04/23 18:59:36 cmd/web.go:111:showWebStartupMessage() [I] Forgejo version:1.21.11-1 built with GNU Make 4.4.1, go1.21.9 : bindata, pam, sqlite, sqlite_unlock_notify
However, when I attempt to start the forgejo service I get the following pid not found error:
root@Forgejo:/home/jailuser # service forgejo start
/usr/local/etc/rc.d/forgejo: DEBUG: Sourcing /etc/defaults/rc.conf
/usr/local/etc/rc.d/forgejo: DEBUG: pid file (/var/run/forgejo.pid): not readable.
/usr/local/etc/rc.d/forgejo: DEBUG: checkyesno: forgejo_enable is set to YES.
/usr/local/etc/rc.d/forgejo: DEBUG: run_rc_command: doit: forgejo_start
_
root@Forgejo:/home/jailuser # mount
Main/iocage/jails/Forgejo/root on / (zfs, local, noatime, nfsv4acls)
root@Forgejo:/home/jailuser # ll /var
total 81
drwxr-x--- 2 root wheel 2 Mar 1 18:50 account/
drwxr-xr-x 4 root wheel 4 Mar 1 18:50 at/
drwxr-x--- 4 root audit 4 Mar 1 18:50 audit/
drwxrwx--- 2 root authpf 2 Mar 1 18:50 authpf/
drwxr-x--- 2 root wheel 8 Apr 23 03:21 backups/
drwxr-xr-x 2 root wheel 2 Mar 1 18:50 cache/
drwxr-x--- 2 root wheel 3 Mar 1 19:06 crash/
drwxr-x--- 3 root wheel 3 Mar 1 18:50 cron/
drwxr-xr-x 14 root wheel 17 Apr 20 21:43 db/
dr-xr-xr-x 2 root wheel 2 Mar 1 18:50 empty/
drwxrwxr-x 2 root games 2 Mar 1 18:50 games/
drwx------ 2 root wheel 2 Mar 1 18:50 heimdal/
drwxr-xr-x 3 root wheel 23 Apr 23 00:00 log/
drwxrwxr-x 2 root mail 5 Apr 20 21:01 mail/
drwxr-xr-x 2 daemon wheel 3 Apr 20 19:28 msgs/
drwxr-xr-x 2 root wheel 2 Mar 1 18:50 preserve/
drwxr-xr-x 6 root wheel 18 Apr 23 18:56 run/
drwxrwxr-x 2 root daemon 2 Mar 1 18:50 rwho/
drwxr-xr-x 9 root wheel 9 Mar 1 18:50 spool/
drwxrwxrwt 3 root wheel 3 Mar 1 18:50 tmp/
drwxr-xr-x 3 unbound unbound 3 Mar 1 18:50 unbound/
drwxr-xr-x 2 root wheel 4 Mar 1 19:24 yp/
root@Forgejo:/home/jailuser #
Manually executing the daemon command results in an exit status of 0 with no other useful information. Tried relocating the pid file to a directory with 777 permissions and still getting the same error. My only guess right now would be that forgejo is dying almost immediately before daemon is able to create the pid file? Not sure how to get stdout from forgejo to see if there are any errors (forgejo is not logging anything to its log file directory). Any ideas?
UPDATE:
Adding truss to the init script on the call to daemon yields the following:
53609: mmap(0x0,135168,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34376810496 (0x801048000)
53609: mprotect(0x801044000,4096,PROT_READ) = 0 (0x0)
53609: issetugid() = 0 (0x0)
53609: sigfastblock(0x1,0x801047490) = 0 (0x0)
53609: open("/etc/libmap.conf",O_RDONLY|O_CLOEXEC,0101130030) = 3 (0x3)
53609: fstat(3,{ mode=-rw-r--r-- ,inode=16052,size=35,blksize=4096 }) = 0 (0x0)
53609: read(3,"includedir /usr/local/etc/libmap.d\n",35) = 35 (0x23)
53609: close(3) = 0 (0x0)
53609: open("/usr/local/etc/libmap.d",O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC,0165) ERR#2 'No such file or directory'
53609: open("/var/run/ld-elf.so.hints",O_RDONLY|O_CLOEXEC,0100416054) = 3 (0x3)
53609: read(3,"Ehnt\^A\0\0\0\M^@\0\0\0w\0\0\0\0\0\0\0v\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0",128) = 128 (0x80)
53609: fstat(3,{ mode=-r--r--r-- ,inode=741826,size=247,blksize=4096 }) = 0 (0x0)
53609: pread(3,"/lib/casper:/lib:/usr/lib:/usr/lib/compat:/usr/local/lib:/usr/local/lib/compat/pkg:/usr/local/lib/perl5/5.36/mach/CORE\0",119,0x80) = 119 (0x77)
53609: close(3) = 0 (0x0)
53609: open("/lib/casper/libutil.so.9",O_RDONLY|O_CLOEXEC|O_VERIFY,00) ERR#2 'No such file or directory'
53609: open("/lib/libutil.so.9",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3)
53609: fstat(3,{ mode=-r--r--r-- ,inode=190,size=79952,blksize=80384 }) = 0 (0x0)
53609: mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34376945664 (0x801069000)
53609: mmap(0x0,98304,PROT_NONE,MAP_GUARD,-1,0x0) = 34376949760 (0x80106a000)
53609: mmap(0x80106a000,32768,PROT_READ,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x0) = 34376949760 (0x80106a000)
53609: mmap(0x801072000,49152,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x7000) = 34376982528 (0x801072000)
53609: mmap(0x80107e000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0x12000) = 34377031680 (0x80107e000)
53609: mmap(0x80107f000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0x12000) = 34377035776 (0x80107f000)
53609: mmap(0x801080000,8192,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_ANON,-1,0x0) = 34377039872 (0x801080000)
53609: munmap(0x801069000,4096) = 0 (0x0)
53609: close(3) = 0 (0x0)
53609: open("/lib/casper/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,012320443000) ERR#2 'No such file or directory'
53609: open("/lib/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,012320443000) = 3 (0x3)
53609: fstat(3,{ mode=-r--r--r-- ,inode=126,size=1940168,blksize=131072 }) = 0 (0x0)
53609: mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34376945664 (0x801069000)
53609: mmap(0x0,4190208,PROT_NONE,MAP_GUARD,-1,0x0) = 34377048064 (0x801082000)
53609: mmap(0x801082000,540672,PROT_READ,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x0) = 34377048064 (0x801082000)
53609: mmap(0x801106000,1343488,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x83000) = 34377588736 (0x801106000)
53609: mmap(0x80124e000,40960,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0x1ca000) = 34378932224 (0x80124e000)
53609: mmap(0x801258000,24576,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0x1d3000) = 34378973184 (0x801258000)
53609: mmap(0x80125e000,2240512,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_ANON,-1,0x0) = 34378997760 (0x80125e000)
53609: munmap(0x801069000,4096) = 0 (0x0)
53609: close(3) = 0 (0x0)
53609: mprotect(0x80124e000,36864,PROT_READ) = 0 (0x0)
53609: mprotect(0x80124e000,36864,PROT_READ|PROT_WRITE) = 0 (0x0)
53609: mprotect(0x80124e000,36864,PROT_READ) = 0 (0x0)
53609: readlink("/etc/malloc.conf",0x7fffffffc610,1024) ERR#2 'No such file or directory'
53609: issetugid() = 0 (0x0)
53609: mmap(0x0,2097152,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(21),-1,0x0) = 34382807040 (0x801600000)
53609: mmap(0x0,2097152,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(12),-1,0x0) = 34384904192 (0x801800000)
53609: mmap(0x0,4194304,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(21),-1,0x0) = 34387001344 (0x801a00000)
53609: mprotect(0x1026000,4096,PROT_READ) = 0 (0x0)
53609: sigaction(SIGHUP,{ SIG_IGN SA_RESTART ss_t },{ SIG_DFL 0x0 ss_t }) = 0 (0x0)
53609: sigaction(SIGTERM,{ SIG_IGN SA_RESTART ss_t },{ SIG_DFL 0x0 ss_t }) = 0 (0x0)
53609: socket(PF_LOCAL,SOCK_DGRAM|SOCK_CLOEXEC,0) = 3 (0x3)
53609: getsockopt(3,SOL_SOCKET,SO_SNDBUF,0x7fffffffd85c,0x7fffffffd858) = 0 (0x0)
53609: setsockopt(3,SOL_SOCKET,SO_SNDBUF,0x7fffffffd85c,4) = 0 (0x0)
53609: connect(3,{ AF_UNIX "/var/run/logpriv" },106) = 0 (0x0)
53609: openat(AT_FDCWD,"/var/run",O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC,00) = 4 (0x4)
53609: openat(4,"forgejo.pid",O_WRONLY|O_NONBLOCK|O_CREAT|O_CLOEXEC,0600) = 5 (0x5)
53609: flock(5,LOCK_EX|LOCK_NB) = 0 (0x0)
53609: fstatat(4,"forgejo.pid",{ mode=-rw------- ,inode=742728,size=0,blksize=131072 },0x0) = 0 (0x0)
53609: fstat(5,{ mode=-rw------- ,inode=742728,size=0,blksize=131072 }) = 0 (0x0)
53609: ftruncate(5,0x0) = 0 (0x0)
53609: fstat(5,{ mode=-rw------- ,inode=742728,size=0,blksize=131072 }) = 0 (0x0)
53609: cap_rights_limit(4,{ CAP_UNLINKAT }) = 0 (0x0)
53609: cap_rights_limit(5,{ CAP_PWRITE,CAP_FTRUNCATE,CAP_FSTAT,CAP_EVENT }) = 0 (0x0)
53609: sigaction(SIGHUP,{ SIG_IGN 0x0 ss_t },{ SIG_IGN SA_RESTART ss_t }) = 0 (0x0)
53609: fork() = 53610 (0xd16a)
53610: <new process>
53610: setsid() = 53610 (0xd16a)
53609: exit(0x0)
53609: process exit, rval = 0
53610: sigaction(SIGHUP,{ SIG_IGN SA_RESTART ss_t },0x0) = 0 (0x0)
53610: madvise(0x0,0,MADV_PROTECT) ERR#1 'Operation not permitted'
53610: pipe2(0x7fffffffd9c0,0) = 0 (0x0)
53610: kqueuex() ERR#78 'Function not implemented'
53610: SIGNAL 12 (SIGSYS) code=SI_KERNEL
53610: process killed, signal = 12
UPDATE:
TrueNAS-13.0-U6.1
jailuser@Forgejo:~ $ uname -a
FreeBSD Forgejo 13.1-RELEASE-p9 FreeBSD 13.1-RELEASE-p9 n245429-296d095698e TRUENAS amd64
truss -o /var/log/forgejo.truss -s 1024 /usr/sbin/forgejo web"
instead of just starting/usr/sbin/forgejo web
? That would give you a log file in which you can look for the syscall failing to create the pidfile. The777
directory idea is a bad one; a lot of software checks especially against that.fork()
exit(0x0)
So, the error seems to be after the fork but before the exec of Forgejo. I then added the -f flag to truss and got the following:sigaction (SIGHUP, { SIG_IGN SA_RESTART ss_t },0x0) = 0 (0x0)
madvise(0x0,0,MADV_PROTECT) ERR#1 'Operation not permitted'
pipe2 (0x7fffffffd9c0,0) = 0 (0x0)
kqueuex() ERR#78 'Function not implemented'
SIGNAL 12 (SIGSYS) code=SI_KERNEL
process killed, signal = 12