vrrp_track_process works with "hidepid=2,gid=procadmins" only after a reboot? #2680
Description
Describe the bug
When hidepid=2 and gid=procadmins are enabled on /proc (see Configuring procfs), the vrrp_track_process[1] was working only at keepalived process starts, no more after. But after I rebooted the machine, it finally works well.
[1] By the way, it looks like the website version of the man page is obsolete!
To Reproduce
- Add
hidepid=2,gid=procadminsto your/procline in/etc/fstab, then reboot; - Install and configure Keepalived with a
vrrp_track_process; - Stop the process tracked: nothing happens;
- Reboot;
- Stop the process tracked: VIP switching is happening has expected;
Keepalived version
Keepalived v2.2.8 (04/04,2023), git commit v2.2.7-154-g292b299e+
Copyright(C) 2001-2023 Alexandre Cassen, <[email protected]>
Built with kernel headers for Linux 6.8.0
Running on Linux 6.8.0-90-generic #91-Ubuntu SMP PREEMPT_DYNAMIC Tue Nov 18 14:14:30 UTC 2025
Distro: Ubuntu 24.04.3 LTS
configure options: --build=x86_64-linux-gnu --prefix=/usr --includedir=${prefix}/include --mandir=${prefix}/share/man --infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-option-checking --disable-silent-rules --libdir=${prefix}/lib/x86_64-linux-gnu --runstatedir=/run --disable-maintainer-mode --disable-dependency-tracking --enable-snmp --enable-sha1 --enable-snmp-rfcv2 --enable-snmp-rfcv3 --enable-dbus --enable-json --enable-bfd --enable-regex --with-init=systemd build_alias=x86_64-linux-gnu CFLAGS=-g -O2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -fdebug-prefix-map=/build/keepalived-F53vvG/keepalived-2.2.8=/usr/src/keepalived-1:2.2.8-1build2 LDFLAGS=-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -Wl,-z,relro CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=3
Config options: NFTABLES LVS REGEX VRRP VRRP_AUTH VRRP_VMAC JSON BFD OLD_CHKSUM_COMPAT SNMP_V3_FOR_V2 SNMP_VRRP SNMP_CHECKER SNMP_RFCV2 SNMP_RFCV3 DBUS INIT=systemd SYSTEMD_NOTIFY
System options: VSYSLOG MEMFD_CREATE IPV6_MULTICAST_ALL IPV4_DEVCONF LIBNL3 RTA_ENCAP RTA_EXPIRES RTA_NEWDST RTA_PREF FRA_SUPPRESS_PREFIXLEN FRA_SUPPRESS_IFGROUP FRA_TUN_ID RTAX_CC_ALGO RTAX_QUICKACK RTEXT_FILTER_SKIP_STATS FRA_L3MDEV FRA_UID_RANGE RTAX_FASTOPEN_NO_COOKIE RTA_VIA FRA_PROTOCOL FRA_IP_PROTO FRA_SPORT_RANGE FRA_DPORT_RANGE RTA_TTL_PROPAGATE IFA_FLAGS LWTUNNEL_ENCAP_MPLS LWTUNNEL_ENCAP_ILA NET_LINUX_IF_H_COLLISION LIBIPVS_NETLINK IPVS_DEST_ATTR_ADDR_FAMILY IPVS_SYNCD_ATTRIBUTES IPVS_64BIT_STATS IPVS_TUN_TYPE IPVS_TUN_CSUM IPVS_TUN_GRE VRRP_IPVLAN IFLA_LINK_NETNSID GLOB_BRACE GLOB_ALTDIRFUNC INET6_ADDR_GEN_MODE VRF SO_MARK
Distro (please complete the following information):
- Name:Ubuntu
- Version: 24.04.3 LTS
- Architecture: x86_64
Details of any containerisation or hosted service (e.g. AWS)
Proxmox VM
Configuration file:
global_defs {
process_names
router_id rp02
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server localhost
smtp_alert
}
vrrp_track_process track_nginx {
process nginx
delay 1
}
vrrp_instance RP_VI1 {
state BACKUP
priority 90
virtual_router_id 1
interface eth0
advert_int 1
authentication {
auth_type PASS
auth_pass XX
}
virtual_ipaddress {
10.1.1.14
}
track_process {
track_nginx
}
}
vrrp_instance RP_VI2 {
state MASTER
priority 20
virtual_router_id 2
interface eth0
advert_int 1
authentication {
auth_type PASS
auth_pass XX
}
virtual_ipaddress {
10.1.1.15
}
track_process {
track_nginx
}
}
System Log entries
-- Boot 67cf02fdc4564be99d1475ffd5a94190 --
déc. 12 13:06:47 rp02 systemd[1]: Starting keepalived.service - Keepalive Daemon (LVS and VRRP)...
déc. 12 13:06:47 rp02 Keepalived[853]: Starting Keepalived v2.2.8 (04/04,2023), git commit v2.2.7-154-g292b299e+
déc. 12 13:06:47 rp02 Keepalived[853]: Running on Linux 6.8.0-90-generic #91-Ubuntu SMP PREEMPT_DYNAMIC Tue Nov 18 14:14:30 UTC 2025 (built for Linux 6.8.0)
déc. 12 13:06:47 rp02 Keepalived[853]: Command line: '/usr/sbin/keepalived' '--dont-fork'
déc. 12 13:06:47 rp02 Keepalived[853]: Configuration file /etc/keepalived/keepalived.conf
déc. 12 13:06:47 rp02 Keepalived[853]: NOTICE: setting config option max_auto_priority should result in better keepalived performance
déc. 12 13:06:47 rp02 Keepalived[853]: Starting VRRP child process, pid=858
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: (RP_VI1) entering FAULT state (tracked process track_nginx quorum not achieved)
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: (RP_VI2) entering FAULT state (tracked process track_nginx quorum not achieved)
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: (RP_VI1) entering FAULT state
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: (RP_VI2) entering FAULT state
déc. 12 13:06:47 rp02 Keepalived[853]: Startup complete
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: smtp fd 13 returned write error
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: smtp fd 14 returned write error
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: Quorum gained for tracked process track_nginx
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: (RP_VI1) Entering BACKUP STATE
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: (RP_VI2) Entering BACKUP STATE
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: smtp fd 13 returned write error
déc. 12 13:06:47 rp02 Keepalived_vrrp[858]: smtp fd 14 returned write error
déc. 12 13:06:48 rp02 systemd[1]: Started keepalived.service - Keepalive Daemon (LVS and VRRP).
déc. 12 13:06:48 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:06:48 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:06:49 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:06:49 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:06:50 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:06:50 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:06:51 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:06:51 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:06:51 rp02 Keepalived_vrrp[858]: (RP_VI2) Entering MASTER STATE
déc. 12 13:07:15 rp02 Keepalived_vrrp[858]: Quorum lost for tracked process track_nginx
déc. 12 13:07:15 rp02 Keepalived_vrrp[858]: (RP_VI1) Entering FAULT STATE
déc. 12 13:07:15 rp02 Keepalived_vrrp[858]: (RP_VI2) Entering FAULT STATE
déc. 12 13:07:35 rp02 Keepalived_vrrp[858]: Quorum gained for tracked process track_nginx
déc. 12 13:07:35 rp02 Keepalived_vrrp[858]: (RP_VI1) Entering BACKUP STATE
déc. 12 13:07:35 rp02 Keepalived_vrrp[858]: (RP_VI2) Entering BACKUP STATE
déc. 12 13:07:36 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:07:37 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:07:38 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:07:39 rp02 Keepalived_vrrp[858]: (RP_VI2) received lower priority (10) advert from 10.0.0.1 - discarding
déc. 12 13:07:39 rp02 Keepalived_vrrp[858]: (RP_VI2) Entering MASTER STATE
déc. 12 13:08:13 rp02 Keepalived_vrrp[858]: (RP_VI1) Entering MASTER STATE
déc. 12 13:08:44 rp02 Keepalived_vrrp[858]: (RP_VI1) Master received advert from 10.0.0.1 with higher priority 100, ours 90
déc. 12 13:08:44 rp02 Keepalived_vrrp[858]: (RP_VI1) Entering BACKUP STATE
déc. 12 13:09:03 rp02 Keepalived_vrrp[858]: (RP_VI1) Entering MASTER STATE
déc. 12 13:09:14 rp02 Keepalived_vrrp[858]: (RP_VI1) Master received advert from 10.0.0.1 with higher priority 100, ours 90
déc. 12 13:09:14 rp02 Keepalived_vrrp[858]: (RP_VI1) Entering BACKUP STATE