Systemd service not starting — ‘Failed at step EXEC spawning… Permission denied’
I’ve read other answers for similar issues (Failed at step EXEC spawning. Permission denied) and none seem to apply. After I upgraded my bitcoin node to v0.20.0 it is no longer starting on boot nor manually with systemctl start bitcoind.service . Journalctl output:-
$ journalctl -xe . Jul 12 15:58:22 $HOSTNAME systemd[572]: bitcoind.service: Failed to execute command: Permission denied Jul 12 15:58:22 $HOSTNAME systemd[572]: bitcoind.service: Failed at step EXEC spawning /usr/bin/bitcoind: Permission denied -- Subject: Process /usr/bin/bitcoind could not be executed -- Defined-By: systemd -- Support: https://www.debian.org/support -- -- The process /usr/bin/bitcoind could not be executed and failed. I’m using the default init script (https://github.com/bitcoin/bitcoin/blob/master/contrib/init/bitcoind.service) softlinked from my home directory to /etc/systemd/system/ . The executable is softlinked from my home directory into /usr/local/bin, so previous answer I’ve linked above suggesting an SELinux issue could apply but I don’t believe it is enabled: ( -bash: getenforce: command not found ). I am running Debian 10.4 and believe it is disabled by default.
$ ls -al /usr/bin/bitcoind lrwxrwxrwx 1 root root 34 May 5 2019 /usr/bin/bitcoind -> /home/$MY_NAME/src/bitcoin/src/bitcoind $ ls -al /home/$MY_NAME/src/bitcoin/src/bitcoind -rwxr-xr-x 1 bitcoin bitcoin 175058584 Jul 7 20:40 /home/$MY_NAME/src/bitcoin/src/bitcoind $ id bitcoin uid=999(bitcoin) gid=999(bitcoin) groups=999(bitcoin) $ cat /etc/passwd . bitcoin:x:999:999::/home/bitcoin:/bin/false . $ ls -al /etc/bitcoin total 12 drwx--x--- 2 bitcoin bitcoin 4096 Jul 11 22:30 . drwxr-xr-x 87 root root 4096 Jul 12 15:58 .. -rw-rw---- 1 bitcoin bitcoin 601 Jul 11 22:30 bitcoin.conf $ ls -al /var/lib/bitcoind total 21896 drwx--x--- 5 bitcoin bitcoin 4096 Jul 9 11:55 . drwxr-xr-x 32 root root 4096 Dec 5 2019 .. . $ ls -al /run total 24 drwxr-xr-x 18 root root 560 Jul 12 15:59 . drwxr-xr-x 22 root root 4096 Jun 2 17:46 .. . $ ls -al /home/$MY_NAME total 160 drwxr-xr-x 11 XXX XXX 4096 Jul 12 15:58 . drwxr-xr-x 3 root root 4096 May 4 2019 .. . drwxr-xr-x 6 XXX XXX 4096 Oct 25 2019 src . $ ls -al /home/$MY_NAME/src total 24 drwxr-xr-x 6 XXX XXX 4096 Oct 25 2019 . drwxr-xr-x 11 XXX XXX 4096 Jul 12 15:58 .. drwxr-xr-x 15 XXX XXX 4096 Jul 7 20:26 bitcoin . $ ls -al /home/$MY_NAME/src/bitcoin total 1976 drwxr-xr-x 15 XXX XXX 4096 Jul 7 20:26 . drwxr-xr-x 6 XXX XXX 4096 Oct 25 2019 .. . drwxr-xr-x 28 XXX XXX 12288 Jul 7 21:01 src . $ ls -al /home/$MY_NAME/src/bitcoin/src total 936796 drwxr-xr-x 28 XXX XXX 12288 Jul 7 21:01 . drwxr-xr-x 15 XXX XXX 4096 Jul 7 20:26 .. . -rwxr-xr-x 1 bitcoin bitcoin 175058584 Jul 7 20:40 bitcoind . systemd service: permission denied
I have a new systemd service that fails to start with a «permission denied» error. I bought a Thinkpad L480. Unfortunately, there seems to be an issue with the kernel not detecting the touchpad. This is addressed here can be solved by
sudo sh -c 'echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol' As I do not want to do this on every single startup, I made a systemd service, which does not work as expected. My touchpad_enabler.service is
[Unit] Description=FooBar [Service] Type=oneshot ExecStart=/usr/local/bin/enable_touchpad.sh [Install] WantedBy=default.target #!/bin/bash echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol sudo chmod 744 /usr/local/bin/enable_touchpad.sh sudo chmod 644 /etc/systemd/system/touchpad_enabler.service systemctl enable enable_touchpad.sh When I manually start the service via systemctl start touchpad_enabler.service , it works totally fine and the touchpad works as it should. However, on startup , the service fails and is listet as ‘failed’ in systemctl list-units . The output of journalctl -b -u touchpad_enabler.service is:
systemd[1]: Starting Solves bug that Thinkpad L480 Touchpad is not correctly detected. enable_touchpad.sh[516]: sh: /sys/bus/serio/devices/serio1/protocol: permission denied systemd[1]: touchpad_enabler.service: Main process exited, code=exited, status=1/FAILURE systemd[1]: touchpad_enabler.service: Failed with result 'exit-code'. systemd[1]: Failed to start FooBar It looks like the problem is the permission to write to the file itself. But manually starting the service works fine and to my understanding systemd should execute the command as root anyway, right? From reading man systemctl.service I got the idea to prepend ‘+’ to the filepath so that it read
ExecStart=+/usr/local/bin/enable_touchpad.sh With no effect. I do not really understand where this protocol file comes from. It looks like it gets created by the kernel on startup? So I also experimented with the After= parameter, but systemd should start the services after the kernel is fully loaded, right? The file is also owned by root so I would not expect any problems there. I hope someone can help me. Thanks in advance.
systemd service file Failed to execute command: Permission denied
I am creating the systemd service file on a DigitalOcean Server which has has ubuntu 18 and NGINX as a web server. The script at systemd service file is:
[Unit] Description=gunicorn daemon After=network.target [Service] Type=oneshot User=root Group=www-data WorkingDirectory=/var/www/computationalMarketing ExecStart=/var/www/computationalMarketing/bin/activate ExecStart=/var/www/computationalMarketing/computationalMarketing/code/computationalMarketing/gunicorn --access-logfile --bind unix:/tmp/gunicorn.sock computationalMarketing.wsgi:application [Install] WantedBy=multi-user.target Warning: The unit file, source configuration file or drop-ins of gunicorn.service changed on disk. Run 'systemctl daemon-reload' to reload units. ● gunicorn.service - gunicorn daemon Loaded: loaded (/etc/systemd/system/gunicorn.service; disabled; vendor preset: enabled) Active: failed (Result: exit-code) since Tue 2018-07-03 11:57:19 UTC; 10s ago Process: 8446 ExecStart=/var/www/computationalMarketing/bin/activate (code=exited, status=217/USER) Main PID: 8446 (code=exited, status=217/USER) Jul 03 11:57:19 tfm-rius systemd[1]: Starting gunicorn daemon. Jul 03 11:57:19 tfm-rius systemd[8446]: gunicorn.service: Failed to determine user credentials: No such process Jul 03 11:57:19 tfm-rius systemd[8446]: gunicorn.service: Failed at step USER spawning /var/www/computationalMarketing/bin/activate: No such process Jul 03 11:57:19 tfm-rius systemd[1]: gunicorn.service: Main process exited, code=exited, status=217/USER Jul 03 11:57:19 tfm-rius systemd[1]: gunicorn.service: Failed with result 'exit-code'. Jul 03 11:57:19 tfm-rius systemd[1]: Failed to start gunicorn daemon. root@tfm-rius:/var/www/computationalMarketing/computationalMarketing/code/computationalMarketing# Is this error related with the user used at service body, or maybe with one of the execStart command? Edit: I changed the user at service body to: www-data Now, the log error is: gunicorn.service: Failed to execute command: Permission denied Which user should be used? How can I correct this error? Edit2 As Oliver says in the comments I exec:
ls -la /var/www/computationalMarketing/bin/activate -rw-r--r-- 1 root root 2243 Jun 28 10:11 /var/www/computationalMarketing/bin/activate I have two ExecStart due I have to activate the virtualenv first and then activate gunicorn to allow app to work. Log after execute: chmod 755 /var/www/computationalMarketing/bin/activate
gunicorn.service - gunicorn daemon Loaded: loaded (/etc/systemd/system/gunicorn.service; disabled; vendor preset: enabled) Active: failed (Result: exit-code) since Fri 2018-07-06 20:39:45 UTC; 9s ago Process: 3472 ExecStart=/var/www/computationalMarketing/bin/activate (code=exited, status=203/EXEC) Main PID: 3472 (code=exited, status=203/EXEC) Jul 06 20:39:45 tfm-rius systemd[1]: Starting gunicorn daemon. Jul 06 20:39:45 tfm-rius systemd[3472]: gunicorn.service: Failed to execute command: Exec format error Jul 06 20:39:45 tfm-rius systemd[3472]: gunicorn.service: Failed at step EXEC spawning /var/www/computationalMarketing/bin/activate: Exec format error Jul 06 20:39:45 tfm-rius systemd[1]: gunicorn.service: Main process exited, code=exited, status=203/EXEC Jul 06 20:39:45 tfm-rius systemd[1]: gunicorn.service: Failed with result 'exit-code'. Jul 06 20:39:45 tfm-rius systemd[1]: Failed to start gunicorn daemon. systemd service does not start (permission denied)
So today I decided to move my ts3 server from my old windows box to a new centos8 server. Everything works fine but now I am trying to create a systemd service file so the server can start automatically on boot. I can run everything nicely when I try to start things as the service user, but I cannot start it as root (using systemctl). A little more info: The user I want things to run with
[root@lnxsrv01 opt]# id teamspeak uid=1000(teamspeak) gid=1000(teamspeak) groups=1000(teamspeak) [root@lnxsrv01 teamspeak]# ll total 16380 drwxr-xr-x. 9 teamspeak teamspeak 4096 Nov 2 17:28 . drwxr-xr-x. 3 root root 23 Nov 2 16:11 .. -rw-------. 1 teamspeak teamspeak 629 Nov 2 17:30 .bash_history -rw-rw-rw-. 1 teamspeak teamspeak 66724 Jul 2 11:21 CHANGELOG drwxr-xr-x. 3 teamspeak teamspeak 192 Jun 17 18:27 doc drwx------. 4 teamspeak teamspeak 45 Nov 2 16:59 files -rwxr-xr-x. 1 teamspeak teamspeak 947368 Jul 2 15:24 libts3db_mariadb.so -rwxr-xr-x. 1 teamspeak teamspeak 2174344 Jul 2 15:24 libts3db_sqlite3.so -rwxr-xr-x. 1 teamspeak teamspeak 1096144 Jul 2 15:24 libts3_ssh.so -rw-r--r--. 1 teamspeak teamspeak 68141 Jun 17 18:27 LICENSE drwx------. 2 teamspeak teamspeak 270 Nov 2 17:10 logs -rw-rw-rw-. 1 teamspeak teamspeak 0 Nov 2 16:59 query_ip_blacklist.txt -rw-rw-rw-. 1 teamspeak teamspeak 14 Nov 2 16:59 query_ip_whitelist.txt drwxr-xr-x. 2 teamspeak teamspeak 29 Jul 2 15:24 redist drwxrwxrwx. 2 teamspeak teamspeak 8192 Jun 24 11:28 serverquerydocs drwxrwxrwx. 5 teamspeak teamspeak 8192 Jun 17 18:26 sql -rw-rw-rw-. 1 teamspeak teamspeak 3243 Nov 2 16:59 ssh_host_rsa_key -rwxr-xr-x. 1 teamspeak teamspeak 12033888 Jul 2 15:24 ts3server -rw-rw-r--. 1 teamspeak teamspeak 0 Nov 2 16:59 .ts3server_license_accepted -rwxrwxrwx. 1 teamspeak teamspeak 117 Jun 17 18:26 ts3server_minimal_runscript.sh -rw-rw-r--. 1 teamspeak teamspeak 6 Nov 2 17:10 ts3server.pid -rw-r--r--. 1 teamspeak teamspeak 282624 Nov 2 16:58 ts3server.sqlitedb -rw-r--r--. 1 teamspeak teamspeak 32768 Nov 2 17:22 ts3server.sqlitedb-shm -rw-r--r--. 1 teamspeak teamspeak 6320 Nov 2 17:21 ts3server.sqlitedb-wal -rwxrwxrwx. 1 teamspeak teamspeak 2654 Jun 18 11:51 ts3server_startscript.sh drwxr-xr-x. 2 teamspeak teamspeak 85 Jul 2 15:24 tsdns [root@lnxsrv01 teamspeak]# pwd /opt/teamspeak [root@lnxsrv01 teamspeak]# cat /lib/systemd/system/teamspeak3.service [Unit] Description=TeamSpeak Server Service After=network.target [Service] Type=forking WorkingDirectory=/opt/teamspeak/ ExecStart=/opt/teamspeak/ts3server_startscript.sh start ExecStop=/opt/teamspeak/ts3server_startscript.sh stop User=teamspeak Group=teamspeak PIDFile=/opt/teamspeak/ts3server.pid Restart=always RestartSec=9 StandardOutput=syslog StandardError=syslog SyslogIdentifier=teamspeak3 [Install] WantedBy=multi-user.target Nov 2 17:26:36 lnxsrv01 systemd[17585]: teamspeak3.service: Failed to execute command: Permission denied Nov 2 17:26:36 lnxsrv01 systemd[17585]: teamspeak3.service: Failed at step EXEC spawning /opt/teamspeak/ts3server_startscript.sh: Permission denied Nov 2 17:26:36 lnxsrv01 systemd[1]: teamspeak3.service: Control process exited, code=exited status=203 Nov 2 17:26:36 lnxsrv01 systemd[1]: teamspeak3.service: Failed with result 'exit-code'. Nov 2 17:26:36 lnxsrv01 systemd[1]: Failed to start TeamSpeak Server Service. Nov 2 17:26:43 lnxsrv01 systemd[1]: Stopped TeamSpeak Server Service. When I su to the ‘teamspeak’ user and run the startscript from there, everything works fine. But I can’t seem to get things working with systemd. Any ideas what I am missing here?