PiHole - FTL failed to start due to process is missing required capability NET_ADMIN

[BO2259]

I have tried to install PiHole on TrueNas Scale via the official app and Truechart and on both I'm getting the same error.

After I have installed PiHole it was all working well, however, because I have not upgraded my router (Standard ISP router with no proper settings) yet I have to disable my router's DHCP for then PiHole can take over.
Once I enter the correct settings under DHCP tab -> DHCP Settings and save, I get this error.
When I check the systems logs it's saying

pihole-FTL: no process found
Starting pihole-FTL (no-daemon) as pihole
Stopping pihole-FTL

I have searched for this error and the solution is to edit the settings and add the env

e DNSMASQ_USER=root

more info on that is here; https://github.com/pi-hole/docker-pi-hole/issues/1019

However, I don't seem to be able to find where to add this env. I have tried to add it here but it does not work;

Has anyone had this problem and managed to fix it?
If not I will need to wait a couple of months until I get my new router and am able to configure it how I want

 

[Blockling]

Hello,
I have the same issue and I am unable to resolve it. Anyone a fix ?
Thanks

 

[NeWizz_]

Hi,
Same issue here, just tried it out, and hacked at it for most of the day, but couldn't figure it out.
If you've got a solution, please keep us updated.

Thanks

 

[FrostyCat]

You will have to add the DHCP port definitions to the installation (as LoadBalancer) to have it work properly. Or, run it in network=host, which I wouldn't, no need for it.

And it runs, I haven't tested if it's functional as I already have a DHCP server on my network and I'm not looking to change, so please do the testing yourself.

1. Enable expert config

2. Add services

 

[NeWizz_]

You will have to add the DHCP port definitions to the installation (as LoadBalancer) to have it work properly. Or, run it in network=host, which I wouldn't, no need for it.

And it runs, I haven't tested if it's functional as I already have a DHCP server on my network and I'm not looking to change, so please do the testing yourself.

1. Enable expert config
View attachment 63539
2. Add services
View attachment 63540

Hi, thanks for trying to help.
I tested as suggested, but I'm still getting the same error, 'missing net_admin capacity'. I think the issue isn't with the pihole being unable to access the ports, but rather with some strange protection that keeps the required ftl service from starting.

Thanks again

 

[FrostyCat]

Yeah, I was just trying to tell you I didn’t run into this issue and in my case I had to add some extra config to make it work.
Which one did you test? Did you try to run it in host network mode?

Truecharts doesn't seems to require NET_ADMIN for PiHole either btw https://github.com/truecharts/charts/search?q=NET_ADMIN

Generally NET_ADMIN should not even be required by Pihole just to run.

 

[NeWizz_]

Yeah, I was just trying to tell you I didn’t run into this issue and in my case I had to add some extra config to make it work.
Which one did you test? Did you try to run it in host network mode?

Truecharts doesn't seems to require NET_ADMIN for PiHole either btw https://github.com/truecharts/charts/search?q=NET_ADMIN

Generally NET_ADMIN should not even be required by Pihole just to run.


View attachment 63554

Generally not required, but in order to use the bundled dhcp server it is. I solved it by simply moving to an old pib1 rev2 that I had laying around. Install was a pain as that antique is slow as hell, but it draws 2 watts and WORKS.

I was met with a suggestion to look for some specific hardware when asking on the TrueCharts discord, so it looks like it's not supported unless you want to run it in host network mode, which I don't want to get into.

Anyways, thanks for trying to help, but I went for an easier route.

 

[FrostyCat]

I have my DNS and DHCP running on Pi as well, for different reasons, if power goes out my NAS will turn off after one hours, while my networking equipment and the pi will chug along for another six, so it makes sense to keep them separate.