Version-Release number of selected component (if applicable): Name : trafficserver Version : 9.1.2 Release : 8.fc35 Architecture: x86_64 Install Date: Sa 25 Jun 2022 10:52:11 CEST Description of problem: ATS does not start: [root ~]# systemctl start trafficserver.service [root ~]# systemctl status trafficserver.service ● trafficserver.service - Apache Traffic Server is a fast, scalable and extensible caching proxy server. Loaded: loaded (/usr/lib/systemd/system/trafficserver.service; disabled; vendor preset: disabled) Active: activating (auto-restart) (Result: exit-code) since Sat 2022-06-25 11:06:28 CEST; 1s ago Docs: man:traffic_server(8) Process: 4608 ExecStart=/usr/bin/traffic_manager $TM_DAEMON_ARGS (code=exited, status=70) Main PID: 4608 (code=exited, status=70) CPU: 16ms the service files names this cap: AmbientCapabilities=CAP_NET_BIND_SERVICE But thats all hints we have here: 2022-06-25T11:06:38.906071+02:00 traffic_manager[4633]: NOTE: --- Manager Starting --- 2022-06-25T11:06:38.906205+02:00 traffic_manager[4633]: NOTE: Manager Version: Apache Traffic Server - traffic_manager - 9.1.2 - (build # 061300 on Jun 13 2022 at 00:00:00) 2022-06-25T11:06:38.910390+02:00 traffic_manager[4633]: Fatal: failed to acquire privileged capabilities: Operation not permitted 2022-06-25T11:06:38.910519+02:00 traffic_manager[4633]: Fatal: failed to acquire privileged capabilities: Operation not permitted 2022-06-25T11:06:38.911239+02:00 systemd[1]: trafficserver.service: Main process exited, code=exited, status=70/SOFTWARE 2022-06-25T11:06:38.911485+02:00 systemd[1]: trafficserver.service: Failed with result 'exit-code'. Is this feature kernel dependend?
it collided with an old installation of ATS 5.x from Fedora. Some files in /run/trafficserver /var/log/trafficserver etc. did not have the desired owner or mods to be processed. Workaround: remove/chown old files or prefered way, because you do not forget a file: deinstall trafficserver change ID of user trafficserver to the old id in passwd/group install trafficserver again
also .. trafficserver seems to call a non-existent script: [pid 15115] execve("/usr/bin/example_alarm_bin.sh", ["example_alarm_bin.sh", "[TrafficManager] Traffic Server process was reset."], 0x55d49c30ceb0 /* 41 vars */ <unfinished ...> => this script is not configured in the configs, it's hardcoded as it looks. <=
WORKAROUND FOR DEBUGPROBLEM: In case someone stumples over this bugreport and has this problem: After configuring it to listen on port 80 and 443: 2022-06-25T11:47:39.661694+02:00 s113 traffic_manager[18736]: Fatal: [bindProxyPort] Unable to bind socket: 80 : Permission denied 2022-06-25T11:47:39.661795+02:00 s113 traffic_manager[18736]: Fatal: [bindProxyPort] Unable to bind socket: 80 : Permission denied you messed up the caps while debugging the first "Fatal: failed to acquire privileged capabilities: Operation not permitted" message. That were not cap_net* issues, it was fileaccess issues. if you played with setcap reinstall the package and use systemd too start it. It sets the needed bind_service cap on startup. manuell FIX for any none-fedora user: setcap "cap_net_bind_service+ep" /usr/bin/traffic_manager
(In reply to customercare from comment #2) > also .. > > trafficserver seems to call a non-existent script: > > [pid 15115] execve("/usr/bin/example_alarm_bin.sh", ["example_alarm_bin.sh", > "[TrafficManager] Traffic Server process was reset."], 0x55d49c30ceb0 /* 41 > vars */ <unfinished ...> > > > => this script is not configured in the configs, it's hardcoded as it looks. > <= Interesting! This is upstream and probably is not desirable, or the script should be installed as part of the install target and package. https://github.com/apache/trafficserver/blob/master/mgmt/RecordsConfig.cc#L293 https://github.com/apache/trafficserver/blob/master/proxy/example_alarm_bin.sh I'll discuss upstream what the best resolution is for this.