Page MenuHomeVyOS Platform
Create Task
Maniphest T4438

vyos-http-api doesn't start after router reboot if vrf is defined
Resolved (N/A)PublicBUG
Actions

Description

vyos-http-api[3309]: Failed to load BPF prog: 'Operation not permitted'
systemd[1]: vyos-http-api.service: Main process exited, code=exited, status=255/EXCEPTION
systemd[1]: vyos-http-api.service: Failed with result 'exit-code'.
systemd[1]: vyos-http-api.service: Scheduled restart job, restart counter is at 1.

Fix:

--- /usr/share/vyos/templates/https/vyos-http-api.service.j2.orig	2022-05-23 12:25:34.912000000 +0000
+++ /usr/share/vyos/templates/https/vyos-http-api.service.j2	2022-05-23 12:26:08.703000000 +0000
@@ -1,5 +1,6 @@
 {% set vrf_command = 'ip vrf exec ' ~ vrf ~ ' ' if vrf is vyos_defined else '' %}
 [Unit]
+StartLimitIntervalSec=0
 Description=VyOS HTTP API service
 After=vyos-router.service
 Requires=vyos-router.service

Details

Difficulty level
Easy (less than an hour)
Version
1.4-rolling-202205230217
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

daniil created this task.May 23 2022, 12:27 PM
jestabro claimed this task.May 23 2022, 1:30 PM
pasik added a subscriber: pasik.May 23 2022, 1:41 PM
dmbaturin triaged this task as High priority.Jan 9 2024, 5:32 PM
jestabro closed this task as Resolved N/A.Jan 10 2024, 9:53 PM

I am not able to reproduce this, and conjecturally it was fixed in kernel version updates subsequent to the report. Compare the fix for Equuleus in:
https://vyos.dev/T5684
and the kernel commit mentioned therein:
https://github.com/torvalds/linux/commit/9dcc38e2813e0cd3b195940c98b181ce6ede8f20

Reopen if the problem recurs.