Package: miniupnpd Version: 2.3.1-1 Severity: normal Dear Maintainer,
Not sure what changed, but miniupnp no longer knows how to create and update its iptables chains, rendering the service useless. Mar 16 00:26:11 yipyap systemd[1]: Starting UPnP Internet Gateway Device Daemon... Mar 16 00:26:11 yipyap miniupnpd-startstop-helper.sh[16295]: /usr/libexec/miniupnpd-startstop-helper.sh: 12: Cannot fork Mar 16 00:26:11 yipyap miniupnpd-startstop-helper.sh[16294]: Warning: no interface defined Mar 16 00:26:11 yipyap systemd[1]: miniupnpd.service: Can't open PID file /run/miniupnpd.pid (yet?) after start: Operation not permitted Mar 16 00:26:11 yipyap miniupnpd[16298]: HTTP listening on port 38765 Mar 16 00:26:11 yipyap systemd[1]: Started UPnP Internet Gateway Device Daemon. Mar 16 00:26:11 yipyap miniupnpd[16298]: no HTTP IPv6 address, disabling IPv6 Perusing miniupnpd-startstop-helper.sh makes it clear that its absence is a problem! :) It also looks like systemd is complaining that miniupnpd is forking before it has finished writing its pidfile. I also noticed in kernel log: Mar 16 00:26:11 yipyap kernel: [ 4637.252634] cgroup: fork rejected by pids controller in /system.slice/miniupnpd.service So I did `systemctl edit miniupnpd.service`, and bumped TasksMax to some unreasonable number. This only helps a little: Mar 16 00:30:48 yipyap systemd[1]: Starting UPnP Internet Gateway Device Daemon... Mar 16 00:30:48 yipyap miniupnpd-startstop-helper.sh[19317]: Warning: no interface defined Mar 16 00:30:48 yipyap systemd[1]: miniupnpd.service: Can't open PID file /run/miniupnpd.pid (yet?) after start: Operation not permitted Mar 16 00:30:48 yipyap miniupnpd[19380]: HTTP listening on port 38655 Mar 16 00:30:48 yipyap systemd[1]: Started UPnP Internet Gateway Device Daemon. Mar 16 00:30:49 yipyap miniupnpd[19380]: no HTTP IPv6 address, disabling IPv6 Next problem! /usr/libexec/miniupnpd-startstop-helper.sh seems to assume $CONFFILE is defined at some point. The only point I can see it being set is within the init.d script, which is unused because we're running systemd here. So as a workaround I add `CONFFILE=/etc/miniupnpd/miniupnpd.conf` to /etc/default/miniupnpd. This only helps a little: Mar 16 00:34:25 yipyap systemd[1]: Starting UPnP Internet Gateway Device Daemon... Mar 16 00:34:25 yipyap miniupnpd-startstop-helper.sh[20600]: /usr/libexec/miniupnpd-startstop-helper.sh: 24: read_config: not found Mar 16 00:34:25 yipyap miniupnpd-startstop-helper.sh[20601]: /usr/libexec/miniupnpd-startstop-helper.sh: 25: read_config: not found Mar 16 00:34:25 yipyap miniupnpd-startstop-helper.sh[20595]: Warning: no interface defined Mar 16 00:34:25 yipyap systemd[1]: miniupnpd.service: Can't open PID file /run/miniupnpd.pid (yet?) after start: Operation not permitted Mar 16 00:34:25 yipyap systemd[1]: Started UPnP Internet Gateway Device Daemon. Mar 16 00:34:25 yipyap miniupnpd[20603]: HTTP listening on port 32959 Mar 16 00:34:25 yipyap miniupnpd[20603]: no HTTP IPv6 address, disabling IPv6 read_config() appears to be defined only in the init.d script, which again doesn't help because we're running systemd. I am going to give up here. Am I missing something, or is this a case of "running natively under systemd has never worked"? -- System Information: Debian Release: 11.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'oldstable-updates'), (500, 'oldstable-debug'), (500, 'stable'), (500, 'oldstable'), (490, 'testing'), (460, 'unstable') Architecture: i386 (i686) Kernel: Linux 6.1.0-5-686-pae (SMP w/1 CPU thread; PREEMPT) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages miniupnpd depends on: ii debconf [debconf-2.0] 1.5.77 ii init-system-helpers 1.60 ii lsb-base 11.1.0 ii miniupnpd-iptables 2.3.1-1 ii uuid-runtime 2.36.1-8+deb11u1 miniupnpd recommends no packages. miniupnpd suggests no packages. -- debconf information: * miniupnpd/force_igd_desc_v1: false * miniupnpd/start_daemon: true * miniupnpd/iface: eth0 * miniupnpd/listen: br0 * miniupnpd/ip6script: true
