cross-posted from: https://reddthat.com/post/21668140
I have a VPN daemon that needs to run before the client will work. Normally, this would have been set up automatically by its install script, but the system is immutable.
I’ve created the systemd service via
sysyemctl edit --force --full daemon.service
with the following parameters:
[Unit] Description=Blah After=network-online.target [Service] User=root Group=root ExecStart=/usr/bin/env /path/to/daemon [Install] WantedBy=multi-user.target
I’ve verified that the daemon is actually executable, and it runs fine when I manually call it via
sudo daemon
. When I try to run it withsudo systemctl enable --now daemon.service
, it exits with error code 126.What am I missing?
Edit: Typo, and added the relevant user and group to the Service section. Still throwing a 126.
Solution: the system wanted /usr/bin/env
in ExecStart to launch the binary. The .service file above has been edited to show the working solution.
If that is your full .service file you are missing the directive to tell the daemon what user to run under. Under service try adding
User=root
Group=root
Before the ExecStart command line.
Is that necessary for processes running as
root
? AfaIk,root
is default.Keywords should be in CamelCase format, thus the space in
Wanted By
is wrong.Honestly can’t believe I completely missed the space in Wanted By. This is likely the bigger culprit to the failed to run error. Poster above me is correct should read
WantedBy
It’s an autocorrect typo. It’s actually
WantedBy
in the file.Would have been nice if this would have been the error.
Foiled by autocorrect! There’s no space in the original file, and I’ve edited my post to reflect that.
On that, make sure it’s in the root systemd path. Something like
/etc/systemd/system/blah.service
, placing it in the user systemd service path (~/.config/systemd/user/
) will cause permission errors as it’ll try accessing the root user from the current user.Thanks, I verified that it’s in the correct place.
What’s the specific VPN service? I’ll check their docs.
Private Internet Access
I assume so, but just to be sure, have you run
sudo systemctl enable blah.service
then reboot? It’ll symbolic link to the systemd auto start service and run it at boot.
Also, make sure everything is marked as executable; especially whatever you have “/path/to/daemon” set as.sudo chmod +x /path/to/daemon
Restart the service or reboot then :
sudo systemctl status blah.service
Yep, more specifically I tried
sudo systemctl enable --now daemon.service
. Gives the same error, and maybe that’s because it’s some kind of binary.sudo /bin/bash /path/to/daemon
throws the same error, butsudo /path/to/daemon
does not. However, if I drop ,/bin/bash
from the service file, it throws a 203 error instead.Is the daemon a binary? If so drop the bash part and try
sudo chmod 755 /path/to/daemon
.
I added the relevant user and group, and it’s still throwing a 126. I checked the daemon itself, and it looks like it’s a pre-compiled binary. Manually running
/bin/bash /path/to/daemon
gives the same error, butsudo /path/to/daemon
starts the daemon.Does the command in
ExecStart
work in a root environment, e.g.sudo -i
?