When launching FTL with pihole-FTL -- -u pihole
for the first time the database is created with correct ownership of pihole
user but -shm
and -wal
files are left owned by root
- this makes writes to the database fail.
Now if you kill the process and start it again the same way those files have their ownership corrected and everything is working.
From what I can tell the database is being created as root
then it's ownership is changed by chown()
call in dnsmasq_interface.c:2939, forgetting about -shm
and -wal
files.
Perhaps changing ownership of those files should also happen around mentioned code in dnsmasq_interface.c
?
On next launch those files have their ownership corrected by sqlite code (sqlite.c:42800
and sqlite.c:44453
).
I discovered this while working on a project to make v6 run directly on a router where setcap
is not supported and using --user
is the only way to switch to a different user.
To make sure it's not an 'error' specific to my router setup I re-tested in Debian virtual machine - log below.
CLICK FOR LOG
root@debian:/# bash /opt/pihole/pihole-FTL-prestart.sh && pihole-FTL -- -u pihole
FTL started!
root@debian:/# ls -al /etc/pihole/pihole-FTL.db*
-rw-r----- 1 pihole pihole 86016 May 18 10:29 pihole-FTL.db
-rw-r----- 1 root root 32768 May 18 10:29 pihole-FTL.db-shm
-rw-r----- 1 root root 8272 May 18 10:29 pihole-FTL.db-wal
root@debian:/# tail /var/log/pihole/FTL.log -n 100
2024-05-18 10:29:52.087 [14681M] INFO: ########## FTL started on debian! ##########
2024-05-18 10:29:52.087 [14681M] INFO: FTL branch: development-v6
2024-05-18 10:29:52.087 [14681M] INFO: FTL version: vDev-a078106
2024-05-18 10:29:52.087 [14681M] INFO: FTL commit: a0781069
2024-05-18 10:29:52.087 [14681M] INFO: FTL date: 2024-05-18 09:44:22 +0200
2024-05-18 10:29:52.087 [14681M] INFO: FTL user: root
2024-05-18 10:29:52.087 [14681M] INFO: Compiled for linux/amd64 (compiled on CI) using cc (Alpine 12.2.1_git20220924-r10) 12.2.1 20220924
2024-05-18 10:29:52.089 [14681M] INFO: Wrote config file:
2024-05-18 10:29:52.089 [14681M] INFO: - 135 total entries
2024-05-18 10:29:52.089 [14681M] INFO: - 130 entries are default
2024-05-18 10:29:52.089 [14681M] INFO: - 5 entries are modified
2024-05-18 10:29:52.089 [14681M] INFO: - 0 entries are forced through environment
2024-05-18 10:29:52.090 [14681M] INFO: Parsed config file /etc/pihole/pihole.toml successfully
2024-05-18 10:29:52.090 [14681M] WARNING: Starting pihole-FTL as user root is not recommended
2024-05-18 10:29:52.090 [14681M] INFO: PID of FTL process: 14681
2024-05-18 10:29:52.090 [14681M] INFO: listening on 0.0.0.0 port 53
2024-05-18 10:29:52.091 [14681M] INFO: listening on :: port 53
2024-05-18 10:29:52.091 [14683M] INFO: PID of FTL process: 14683
2024-05-18 10:29:52.092 [14683M] WARNING: No database file found, creating new (empty) database
2024-05-18 10:29:52.137 [14683M] INFO: Database version is 1
2024-05-18 10:29:52.137 [14683M] INFO: Updating long-term database to version 2
2024-05-18 10:29:52.145 [14683M] INFO: Updating long-term database to version 3
2024-05-18 10:29:52.153 [14683M] INFO: Updating long-term database to version 4
2024-05-18 10:29:52.160 [14683M] INFO: Updating long-term database to version 5
2024-05-18 10:29:52.170 [14683M] INFO: Updating long-term database to version 6
2024-05-18 10:29:52.176 [14683M] INFO: Updating long-term database to version 7
2024-05-18 10:29:52.181 [14683M] INFO: Updating long-term database to version 8
2024-05-18 10:29:52.191 [14683M] INFO: Updating long-term database to version 9
2024-05-18 10:29:52.198 [14683M] INFO: Updating long-term database to version 10
2024-05-18 10:29:52.210 [14683M] INFO: Updating long-term database to version 11
2024-05-18 10:29:52.219 [14683M] INFO: Updating long-term database to version 12
2024-05-18 10:29:52.225 [14683M] INFO: Updating long-term database to version 13
2024-05-18 10:29:52.232 [14683M] INFO: Updating long-term database to version 14
2024-05-18 10:29:52.237 [14683M] INFO: Updating long-term database to version 15
2024-05-18 10:29:52.247 [14683M] INFO: Updating long-term database to version 16
2024-05-18 10:29:52.253 [14683M] INFO: Updating long-term database to version 17
2024-05-18 10:29:52.262 [14683M] INFO: Database successfully initialized
2024-05-18 10:29:52.281 [14683M] INFO: Imported 0 queries from the on-disk database (it has 0 rows)
2024-05-18 10:29:52.281 [14683M] INFO: Parsing queries in database
2024-05-18 10:29:52.281 [14683M] INFO: Imported 0 queries from the long-term database
2024-05-18 10:29:52.281 [14683M] INFO: -> Total DNS queries: 0
2024-05-18 10:29:52.281 [14683M] INFO: -> Cached DNS queries: 0
2024-05-18 10:29:52.281 [14683M] INFO: -> Forwarded DNS queries: 0
2024-05-18 10:29:52.281 [14683M] INFO: -> Blocked DNS queries: 0
2024-05-18 10:29:52.282 [14683M] INFO: -> Unknown DNS queries: 0
2024-05-18 10:29:52.282 [14683M] INFO: -> Unique domains: 0
2024-05-18 10:29:52.282 [14683M] INFO: -> Unique clients: 0
2024-05-18 10:29:52.282 [14683M] INFO: -> DNS cache records: 0
2024-05-18 10:29:52.282 [14683M] INFO: -> Known forward destinations: 0
2024-05-18 10:29:52.282 [14683M] INFO: FTL is going to drop from root to user pihole (UID 998)
2024-05-18 10:29:52.282 [14683M] INFO: Reading certificate from /etc/pihole/tls.pem ...
2024-05-18 10:29:52.282 [14683M] INFO: Using SSL/TLS certificate file /etc/pihole/tls.pem
2024-05-18 10:29:52.283 [14683M] INFO: Restored 0 API sessions from the database
2024-05-18 10:29:52.301 [14683M] INFO: Blocking status is enabled
2024-05-18 10:29:52.403 [14683/T14685] INFO: Compiled 0 allow and 0 deny regex for 0 client in 0.1 msec
2024-05-18 10:30:00.086 [14683/T14685] ERROR: SQLite3: statement aborts at 50: [DELETE FROM query_storage WHERE id IN (SELECT id FROM query_storage WHERE timestamp <= 1708158600 LIMIT (SELECT COUNT(*)/100 FROM query_storage));] attempt to write a readonly database (8)
2024-05-18 10:30:00.086 [14683/T14685] ERROR: ERROR: SQL query "DELETE FROM query_storage WHERE id IN (SELECT id FROM query_storage WHERE timestamp <= 1708158600 LIMIT (SELECT COUNT(*)/100 FROM query_storage));" failed: attempt to write a readonly database (SQLITE_READONLY)
2024-05-18 10:30:00.086 [14683/T14685] WARNING: Database /etc/pihole/pihole-FTL.db is read-only and cannot be used.
2024-05-18 10:30:00.086 [14683/T14685] ERROR: delete_old_queries_in_DB() failed!
2024-05-18 10:30:00.086 [14683/T14685] WARNING: ERROR: Storing devices in network table ("BEGIN TRANSACTION IMMEDIATE") failed
root@debian:/# killall -9 pihole-FTL && bash /opt/pihole/pihole-FTL-poststop.sh
root@debian:/# bash /opt/pihole/pihole-FTL-prestart.sh && pihole-FTL -- -u pihole
FTL started!
root@debian:/# ls -al /etc/pihole/pihole-FTL.db*
-rw-r----- 1 pihole pihole 86016 May 18 10:44 pihole-FTL.db
-rw-r----- 1 pihole pihole 32768 May 18 10:44 pihole-FTL.db-shm
-rw-r----- 1 pihole pihole 8272 May 18 10:44 pihole-FTL.db-wal
Originally I wanted to report this directly to the FTL repo but I an not launching FTL using official method so it doesn't have to be considered a bug.