FTL not running in web interface

#1

I have updated my pihole to the FTLDNS beta, as I am suffering from long loading times quite often, hoping this would bring some relieve.

the following checks show that dnsmasq is still running and so is FTL. the admin page shows FTL is offline

pi@pihole:~ $ sudo systemctl status dnsmasq.service
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
   Loaded: loaded (/lib/systemd/system/dnsmasq.service; disabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-06-19 11:39:12 CEST; 5h 11min ago
  Process: 1051 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
  Process: 1032 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
  Process: 1020 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
 Main PID: 1050 (dnsmasq)
   CGroup: /system.slice/dnsmasq.service
           └─1050 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-ol

Jun 19 11:39:08 pihole systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Jun 19 11:39:08 pihole dnsmasq[1020]: dnsmasq: syntax check OK.
Jun 19 11:39:12 pihole systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.

pi@pihole:~ $ sudo systemctl status pihole-FTL.service
● pihole-FTL.service - LSB: pihole-FTL daemon
   Loaded: loaded (/etc/init.d/pihole-FTL; generated; vendor preset: enabled)
   Active: active (exited) since Tue 2018-06-19 16:15:07 CEST; 39min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 4643 ExecStop=/etc/init.d/pihole-FTL stop (code=exited, status=0/SUCCESS)
  Process: 4650 ExecStart=/etc/init.d/pihole-FTL start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/pihole-FTL.service

Jun 19 16:15:04 pihole systemd[1]: Starting LSB: pihole-FTL daemon...
Jun 19 16:15:04 pihole pihole-FTL[4650]: Not running
Jun 19 16:15:05 pihole pihole-FTL[4650]: Failed to set capabilities on file `/usr/bin/pihole-FTL' (Operation not supported)
Jun 19 16:15:05 pihole pihole-FTL[4650]: The value of the capability argument is not permitted for a file. Or the file is not a regular (non
Jun 19 16:15:05 pihole su[4673]: Successful su for pihole by root
Jun 19 16:15:05 pihole su[4673]: + ??? root:pihole
Jun 19 16:15:05 pihole su[4673]: pam_unix(su:session): session opened for user pihole by (uid=0)
Jun 19 16:15:06 pihole pihole-FTL[4650]: dnsmasq: failed to bind DHCP server socket: Permission denied
Jun 19 16:15:07 pihole systemd[1]: Started LSB: pihole-FTL daemon.

Debug Token: xri4nypl72

0 Likes

#2

dnsmasq is NOT supposed to run.

The reason Admin page shows lost connection to api is because FTLDNS failed to start (because dnsmasq is occupying port 53).

In the Beta version (and future stable releases) dnsmasq is no longer needed.

What you can do is stop dnsmasq manually with sudo systemctl stop dnsmasq.

then you need to restart FTLDNS with sudo systemct start pihole-FTL.service

that should bring FTLDNS up and everything should work.

You can also uninstall dnsmasq if it’s something you don’t need (should be OK to remove).

Are you running custom entries in this file ?

0 Likes

Use DNS to force youtube into restricted mode - and Pi-Hole
#3

I have now tried again what you just said, as i did before. My admin page now says:
"DNS service not running - FTL offline’

I’ve tried to upload a new debug log, but that wouldn’t work either -> DNS is really down.
changed my resolv.conf to make it work temp: Debug token: 4ee5bk50wm

I have not changed that file myself, I suppose it is as it came with pihole. (Isn’t this a binary file?)

0 Likes

#4

Is dnsmasq still active?

With dnsmasq disabled/removed and resolv.conf edited (with a working DNS), try running pihole -r and repair.

0 Likes

#5

just did so: both repair and recover mode give at the end:
[✓] Starting DNS service

[✗] DNS service is NOT running

my /etc/pihole/install.log is incomplete.

my syslog shows:

un 19 19:36:29 pihole systemd[1]: Stopping LSB: pihole-FTL daemon...
Jun 19 19:36:29 pihole pihole-FTL[18459]: Not running
Jun 19 19:36:30 pihole systemd[1]: Stopped LSB: pihole-FTL daemon.
Jun 19 19:36:30 pihole systemd[1]: Starting LSB: pihole-FTL daemon...
Jun 19 19:36:30 pihole pihole-FTL[18465]: Not running
Jun 19 19:36:30 pihole pihole-FTL[18465]: Failed to set capabilities on file `/usr/bin/pihole-FTL' (Operation not supported)
Jun 19 19:36:30 pihole pihole-FTL[18465]: The value of the capability argument is not permitted for a file. Or the file is not a regular (no
n-symlink) file
Jun 19 19:36:32 pihole pihole-FTL[18465]: dnsmasq: failed to bind DHCP server socket: Permission denied
Jun 19 19:36:32 pihole dnsmasq[18499]: failed to bind DHCP server socket: Permission denied
Jun 19 19:36:32 pihole dnsmasq[18499]: FAILED to start up
0 Likes

#6

is dnsmasq still running ?

What’s the output of sudo systemctl status dnsmasq ?

0 Likes

#7

I removed it:

pi@pihole:~ $ sudo systemctl status dnsmasq
● dnsmasq.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)

Jun 19 18:59:43 pihole systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Jun 19 18:59:43 pihole dnsmasq[12339]: dnsmasq: syntax check OK.
Jun 19 18:59:47 pihole systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Jun 19 19:00:05 pihole systemd[1]: Stopping dnsmasq - A lightweight DHCP and caching DNS server...
Jun 19 19:00:24 pihole systemd[1]: Stopped dnsmasq - A lightweight DHCP and caching DNS server.
Jun 19 19:00:24 pihole systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Jun 19 19:00:24 pihole dnsmasq[12473]: dnsmasq: syntax check OK.
Jun 19 19:00:28 pihole systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Jun 19 19:00:28 pihole systemd[1]: Stopping dnsmasq - A lightweight DHCP and caching DNS server...
Jun 19 19:01:00 pihole systemd[1]: Stopped dnsmasq - A lightweight DHCP and caching DNS server.
0 Likes

#8

If you try restarting FTL, does it show an error ?

sudo systemct start pihole-FTL.service

0 Likes

#9

Same result:
pi@pihole:~ $ sudo systemctl start pihole-FTL.service`
pi@pihole:~ $ sudo systemctl status pihole-FTL.service
● pihole-FTL.service - LSB: pihole-FTL daemon
Loaded: loaded (/etc/init.d/pihole-FTL; generated; vendor preset: enabled)
Active: active (exited) since Tue 2018-06-19 19:49:42 CEST; 19min ago
Docs: man:systemd-sysv-generator(8)

Jun 19 19:49:39 pihole systemd[1]: Starting LSB: pihole-FTL daemon...
Jun 19 19:49:39 pihole pihole-FTL[19439]: Not running
Jun 19 19:49:39 pihole pihole-FTL[19439]: Failed to set capabilities on file `/usr/bin/pihole-FTL' (Operation not supported)
Jun 19 19:49:39 pihole pihole-FTL[19439]: The value of the capability argument is not permitted for a file. Or the file is not a regular (no
Jun 19 19:49:40 pihole su[19462]: Successful su for pihole by root
Jun 19 19:49:40 pihole su[19462]: + ??? root:pihole
Jun 19 19:49:40 pihole su[19462]: pam_unix(su:session): session opened for user pihole by (uid=0)
Jun 19 19:49:42 pihole pihole-FTL[19439]: dnsmasq: failed to bind DHCP server socket: Permission denied
Jun 19 19:49:42 pihole systemd[1]: Started LSB: pihole-FTL daemon.
0 Likes

#10

Are you using Docker on the raspberry ?

0 Likes

#11

I don’t think so. This is in the -d report:

*** [ DIAGNOSING ]: Pi-hole processes
[✓] dnsmasq daemon is active
[✗] lighttpd daemon is failed
[✓] pihole-FTL daemon is active

0 Likes

#12

Here’s the debug token wa08p0aw18

0 Likes

#13

I found the problem! Apache had installed. Removed it, ran the reconfigure and we’re good to go! Thanks so much for the help!

0 Likes

#14

No, the raspbian is a standard raspbian Jessie, upgraded to Stretch.

0 Likes

#15

I think posts got a little tangled here. @jrmckinn Did you want to post these replies here? (They kind of look out of context).

@poolcactus There seems to be something related to permissions there.

See if uninstalling Pi-hole and re-installing from scratch fixes it.

You don’t need to run it from root or with sudo.

The install scrips has internal checks for the sudo utility and it uses that when needed.

0 Likes

#16

tried the uninstall, and reinstall.
pihole installed as expected. Then ran:

echo "FTLDNS" | sudo tee /etc/pihole/ftlbranch
pihole checkout core FTLDNS 

with the result:

[i] Restarting services...
  [✓] Starting lighttpd service
  [✓] Enabling lighttpd service to start on reboot
  [✓] Starting pihole-FTL service
  [✓] Enabling pihole-FTL service to start on reboot
  [✓] Deleting existing list cache
  [✗] DNS service is not running
  [✓] Starting DNS service
  [✗] DNS resolution is not available
   Error: Unable to complete update, please contact support

now reverted back to master:

sudo rm /etc/pihole/ftlbranch
pihole checkout master

resulting in: (working again)

[✓] Force-reloading DNS service
  [✓] DNS service is running
  [✓] Pi-hole blocking is Enabled

  [i] The install log is located at: /etc/pihole/install.log
  Update Complete!
0 Likes

#17

Since you are on master right now, that means that dnsmasq is installed and running.

The upgrade to FTLDNS beta is failing because obviously DNS resolution does not work (during upgrade).

What you can do is remove (again) dnsmasq, edit the resolv.conf file and add a public DNS instead of the 127.0.0.1 and THEN checkout the FTLDNS.

Once completed, remember to pihole checkout web FTLDNS also.

0 Likes

#18

Tried your last comment, but it resulted in the same: DNS not working.

I think it is an permission issue for pihole-FTL. My syslog shows:

pihole pihole-FTL[6476]: dnsmasq: failed to create listening socket for port 53: Permission denied
Jun 19 22:17:18 pihole dnsmasq[6534]: failed to create listening socket for port 53: Permission denied
Jun 19 22:17:18 pihole dnsmasq[6534]: FAILED to start up

does the user that makes the changes have permissions to open sockets on ports <1000?
I’ve read in another topic, that pihole-FTL is ran by the user ‘pihole’, not root.?

0 Likes

#19

try running

sudo setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip /usr/bin/pihole-FTL

and then restart FTLDNS.

That is correct. If commands requiring elevated privileges are needed, they are invoked with sudo.

0 Likes

#20
pi@pihole:~ $ sudo setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip /usr/bin/pihole-FTL
Failed to set capabilities on file `/usr/bin/pihole-FTL' (Operation not supported)
The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file
0 Likes