Configuring Systemd Service to run with root access

linux service systemd daemon
139,774

Solution 1

tell systemd to run the service with sudo?

sudo has nothing to with it.

Typically you instruct systemd to run a service as a specific user/group with a User= and Group= directive in the [Service] section of the unit file.

Set those to root (or remove them, as running as root is the default).

Solution 2

To clear, systemd system services run as root by default, but there is still a difference between the default behavior and running a system service with User=root.

As documented in Environment variables in spawned processes, these variables are only set if User= is set:

$USER, $LOGNAME, $HOME, $SHELL

I tested to confirm this finding. So if you want to run a systemd service as root that needs one of the above variables, you need to set User=root.

Solution 3

a temporary solution, but got it to work in a pinch:

/usr/bin/sudo /bin/bash -lc 'bundle exec rails server -e demo -p 80'

Can run with a user who has sudo privileges in a systemd unit file like so:

[Unit]
Description=Rails Webserver
After=syslog.target

[Service]
Type=simple
User=ubuntu
WorkingDirectory=/var/www/webserver
ExecStart=/usr/bin/sudo /bin/bash -lc 'bundle exec rails server -e demo -p 80'
Restart=always
KillSignal=SIGQUIT

[Install]
WantedBy=multi-user.target

Solution 4

Run it as a system user in this case by default the service is running as root.

Share:
139,774

Related videos on Youtube

Luke
Author by

Luke

Updated on September 18, 2022

Comments

  • Luke
    Luke over 1 year

    I have a service in the form of a node.js application set up with Systemd on Raspbian Jessie and it is using its own user account. However, I am finding that the service does not run correctly because it does not have the necessary permissions. One of the node modules I installed requires root access. If I run the application manually with sudo everything works fine.

    Is there a way to tell systemd to run the service with sudo?

    • Thomas
      Thomas over 7 years
      How does your unit file looks like, add it to your question? Normally systemd runs the unit files with root rights.
  • Luke
    Luke over 7 years
    I had it set up to use a specific user as I was using a guide to configure it. However in my case this wasn't appropriate. I removed this to run as root by default and now everything works!
  • Mark Stosberg
    Mark Stosberg about 6 years
    Running as root is not quite the same as running with User=root. See my answer.
  • Michael Hampton
    Michael Hampton over 5 years
    This has multiple issues: First, the first two answers explain why using a user and then sudo is unnecessary, and show the right way to do it. Second, you shouldn't be running your webapp as root anyway. Third, your web app should be behind a normal web server such as nginx.
  • daino3
    daino3 over 5 years
    I won't disagree with you on any of your points. But if someone, like myself, wanted a bare-bones, as-fast-as-you-can standup of a server, this is a viable option that works.
  • Michael Hampton
    Michael Hampton over 5 years
    Almost as fast as you can. Obviously using sudo will slow down startup a bit. And it's unnecessary.
  • Matthew
    Matthew over 5 years
    Where can this file be edited?
  • HBruijn
    HBruijn over 5 years
  • Pedro Borges
    Pedro Borges about 5 years
    Thank you! That was the only thing that worked for me on an application that I have
  • Giraffe
    Giraffe almost 5 years
    NB if you set User=root you should probably also set Group=root :) superuser.com/a/1452367/39364
  • Soutzikevich
    Soutzikevich over 4 years
    @MichaelHampton I'm trying to write a backdoor, so I've found this answer to be helpful!
  • RichieHH
    RichieHH about 4 years
    @daino no, using sudo has no defence, It is not necessary. It IS run as root by default.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to efficiently read and save video from an IP camera?
start ddclient as daemon with systemd
How to set system environment variables for Linux services?
Why does NTP daemon keep listening on UDP6?
proc-sys-fs-binfmt_misc.automount failed service
systemd service with multiple After
Create a directory under /var/run at boot
Configure buggy systemd service to terminate via SIGKILL
Disable all services, except ssh
get notification when systemd-monitored service enters failed state