-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crowdsec-firewall-bouncer binary / systemd path changed to /usr/bin vs /usr/sbin #280
Comments
Thanks for the report, we're looking into it ! |
Hey again, what distribution are you using? I just tried on my debian machine (upgrade from 0.0.25 to 0.0.26).
The service is running successfully. However, I do confirm that the path changed from |
These are all Ubuntu 22.04 instances. I'll have to look and see if my logs show the line where it tries to update the systemd config file. It's probably worth mentioning that we deploy our updates with Ansibles apt module, but i don't know how much of a difference it makes. I know no local file changes were made to that systemd file, so it shouldn't be an instance where the default option of 'no' was used when apt told us a config file that's been modified locally has changes. Pure curiosity: what's the reason for updating the binary path? |
Yes it is rather unfortunate. The change was initially done to bring consistency across the various bouncers. We are looking for a way to avoid this, I will keep you posted |
@dakota-marshall further question: Can you let me know if there are some specificities with your ansible install or some modification(s) to the systemd file? the installer should overwrite the existing file with the new one as long as it's untouched (at the end, I didn't manage to reproduce your issue on debian, no matter what I chose, the systemd file is overwritten with the new one, so the updated binary paths doesn't break anything). Thanks, |
Hey there! I am updating packages my machines today, and noticed that my package updates failed due to
crowdsec-firewall-bouncer-iptables
failing to restart:I looked and the systemd service is not happy, claiming that the binary doesn't exist at:
/usr/sbin/crowdsec-firewall-bouncer
, which is true because my PATH shows it at/usr/bin
. It looks like 1 of two 2 things might have happened:It's worth noting that these are the default service files, and I have not modified them. I did however, have to create an override at
/etc/systemd/system/crowdsec-firewall-bouncer.service.d/override.conf
to get it working:I have about 5 to 8 hosts running the bouncer, and they all had this issue.
The text was updated successfully, but these errors were encountered: