Starting with systemd only works as root



  • Hi,

    I have a perfectly healthy installation of nodeBB at home on Debian9, works great if I start it with ./nodebb start but I'm trying to get systemd to start it.

    I've found this: https://docs.nodebb.org/configuring/running/ which was a big step in the right direction.

    My nodebb directory is here: /root/nodebb
    and I've made a user called nodebb

    This .service file works:

    [Unit]
    Description=NodeBB
    Documentation=https://docs.nodebb.org
    After=system.slice multi-user.target mongod.service
    
    [Service]
    Type=forking
    User=root
    
    StandardOutput=syslog
    StandardError=syslog
    SyslogIdentifier=nodebb
    
    WorkingDirectory=/root/nodebb
    ExecStart=/usr/bin/env node loader.js
    Restart=always
    
    [Install]
    WantedBy=multi-user.target
    

    When I change the user from root to nodebb, and do a systemctl daemon-reload (or a reboot), and then try to start the service, it fails. These are the errors that appear in the system journal:

    -- Unit nodebb.service has begun starting up.
    Feb 25 18:55:34 debian nodebb[854]: internal/modules/cjs/loader.js:583
    Feb 25 18:55:34 debian nodebb[854]:     throw err;
    Feb 25 18:55:34 debian nodebb[854]:     ^
    Feb 25 18:55:34 debian nodebb[854]: Error: Cannot find module '/root/nodebb/loader.js'
    Feb 25 18:55:34 debian nodebb[854]:     at Function.Module._resolveFilename (internal/modules/cjs/loader.js:581:15)
    Feb 25 18:55:34 debian nodebb[854]:     at Function.Module._load (internal/modules/cjs/loader.js:507:25)
    Feb 25 18:55:34 debian nodebb[854]:     at Function.Module.runMain (internal/modules/cjs/loader.js:742:12)
    Feb 25 18:55:34 debian nodebb[854]:     at startup (internal/bootstrap/node.js:283:19)
    Feb 25 18:55:34 debian nodebb[854]:     at bootstrapNodeJSCore (internal/bootstrap/node.js:743:3)
    Feb 25 18:55:34 debian systemd[1]: nodebb.service: Control process exited, code=exited status=1
    Feb 25 18:55:34 debian systemd[1]: Failed to start NodeBB.
    -- Subject: Unit nodebb.service has failed
    -- Defined-By: systemd
    -- Support: https://www.debian.org/support
    -- 
    -- Unit nodebb.service has failed.
    -- 
    -- The result is failed.
    Feb 25 18:55:34 debian systemd[1]: nodebb.service: Unit entered failed state.
    Feb 25 18:55:34 debian systemd[1]: nodebb.service: Failed with result 'exit-code'.
    Feb 25 18:55:35 debian systemd[1]: nodebb.service: Service hold-off time over, scheduling restart.
    Feb 25 18:55:35 debian systemd[1]: Stopped NodeBB.
    -- Subject: Unit nodebb.service has finished shutting down
    -- Defined-By: systemd
    -- Support: https://www.debian.org/support
    -- 
    -- Unit nodebb.service has finished shutting down.
    Feb 25 18:55:35 debian systemd[1]: nodebb.service: Start request repeated too quickly.
    Feb 25 18:55:35 debian systemd[1]: Failed to start NodeBB.
    -- Subject: Unit nodebb.service has failed
    -- Defined-By: systemd
    -- Support: https://www.debian.org/support
    -- 
    -- Unit nodebb.service has failed.
    

    I've ensured that the nodebb user owns the /root/nodebb directory with
    chown -R nodebb:nodebb /root/nodebb

    Any ideas?


  • GNU/Linux Admin

    Regular user cannot own /root... probably. Either way it's probably a bad idea to do it that way.

    Reinstall nodebb under the /home/nodebb, and run it as the nodebb user.


  • GNU/Linux Admin

    ... oh yeah, and then chown -R root:root /root to fix the incorrect permissions for that folder too.



  • Here is a working .service, but I concur with @julian, do not put your nodebb inside the /root folder. Pretty good chance it will ruin your security at some point.

    [Unit]
    Description=NodeBB
    Documentation=https://docs.nodebb.org
    After=system.slice multi-user.target mongod.service
    
    [Service]
    Type=simple
    User=nodebb
    
    StandardOutput=syslog
    StandardError=syslog
    SyslogIdentifier=nodebb
    
    WorkingDirectory=/var/www/nodebb/NodeBB/
    ExecStart=/usr/bin/env node loader.js --no-silent --no-daemon
    Restart=always
    
    [Install]
    WantedBy=multi-user.target
    

  • Community Rep

    @wayne-workman said in Starting with systemd only works as root:

    My nodebb directory is here: /root/nodebb

    This is the private home directory for the root user. It's sole purpose is to lock things down to root. Use /opt for system level software.


  • GNU/Linux Admin

    @scottalanmiller I always wondered... Is it an anti pattern to change ownership of folders in /opt to specific users? I always assumed everything in there was supposed to be owned by root too


  • Community Rep

    @julian said in Starting with systemd only works as root:

    @scottalanmiller I always wondered... Is it an anti pattern to change ownership of folders in /opt to specific users? I always assumed everything in there was supposed to be owned by root too

    /opt is definitely open to "user owned" files. We assume that it will be "service users" rather than end users. So users like apache, nodebb, etc.

    You would treat /opt exactly the same as you would treat /var/www/html which "always" uses a service user for file ownership.


  • GNU/Linux

    @scottalanmiller said in Starting with systemd only works as root:

    @wayne-workman said in Starting with systemd only works as root:

    My nodebb directory is here: /root/nodebb

    This is the private home directory for the root user. It's sole purpose is to lock things down to root. Use /opt for system level software.

    or /srv

    😛


  • GNU/Linux Admin

    ... ahh, Linux 😂

    While you're here why don't you symlink /usr/bin/nodebb to /opt/nodebb/nodebb? 😆


  • Community Rep

    @The-Worms said in Starting with systemd only works as root:

    @scottalanmiller said in Starting with systemd only works as root:

    @wayne-workman said in Starting with systemd only works as root:

    My nodebb directory is here: /root/nodebb

    This is the private home directory for the root user. It's sole purpose is to lock things down to root. Use /opt for system level software.

    or /srv

    😛

    That works, too. But is non-standard. I prefer /opt because of 50 years of where we expect the software to go.

    But I use /srv sometimes, too.



  • I did get this working.
    I moved the nodebb working directory to /home/nodebb/nodebb and changed ownership of that to nodebb:nodebb, now it starts up on boot as the nodebb user just fine.

    Thank you all very much for the help.


Log in to reply
 

Suggested Topics

| |