Configuring Systemd Service to run with root access
Solution 1
tell systemd to run the service with
sudo
?
sudo
has nothing to with it.
Typically you instruct systemd to run a service as a specific user/group with a User=
and Group=
directive in the [Service]
section of the unit file.
Set those to root (or remove them, as running as root is the default).
Solution 2
To clear, systemd
system services run as root by default, but there is still a difference between the default behavior and running a system service with User=root
.
As documented in Environment variables in spawned processes, these variables are only set if User=
is set:
$USER, $LOGNAME, $HOME, $SHELL
I tested to confirm this finding. So if you want to run a systemd service as root that needs one of the above variables, you need to set User=root
.
Solution 3
a temporary solution, but got it to work in a pinch:
/usr/bin/sudo /bin/bash -lc 'bundle exec rails server -e demo -p 80'
Can run with a user who has sudo privileges in a systemd unit file like so:
[Unit]
Description=Rails Webserver
After=syslog.target
[Service]
Type=simple
User=ubuntu
WorkingDirectory=/var/www/webserver
ExecStart=/usr/bin/sudo /bin/bash -lc 'bundle exec rails server -e demo -p 80'
Restart=always
KillSignal=SIGQUIT
[Install]
WantedBy=multi-user.target
Solution 4
Run it as a system user in this case by default the service is running as root.
Related videos on Youtube
Luke
Updated on September 18, 2022Comments
-
Luke over 1 year
I have a service in the form of a node.js application set up with Systemd on Raspbian Jessie and it is using its own user account. However, I am finding that the service does not run correctly because it does not have the necessary permissions. One of the node modules I installed requires root access. If I run the application manually with sudo everything works fine.
Is there a way to tell systemd to run the service with sudo?
-
Thomas over 7 yearsHow does your unit file looks like, add it to your question? Normally
systemd
runs the unit files with root rights.
-
-
Luke over 7 yearsI had it set up to use a specific user as I was using a guide to configure it. However in my case this wasn't appropriate. I removed this to run as root by default and now everything works!
-
Mark Stosberg about 6 yearsRunning as root is not quite the same as running with
User=root
. See my answer. -
Michael Hampton over 5 yearsThis has multiple issues: First, the first two answers explain why using a user and then sudo is unnecessary, and show the right way to do it. Second, you shouldn't be running your webapp as root anyway. Third, your web app should be behind a normal web server such as nginx.
-
daino3 over 5 yearsI won't disagree with you on any of your points. But if someone, like myself, wanted a bare-bones, as-fast-as-you-can standup of a server, this is a viable option that works.
-
Michael Hampton over 5 yearsAlmost as fast as you can. Obviously using
sudo
will slow down startup a bit. And it's unnecessary. -
Matthew over 5 yearsWhere can this file be edited?
-
HBruijn over 5 years
-
Pedro Borges about 5 yearsThank you! That was the only thing that worked for me on an application that I have
-
Giraffe almost 5 yearsNB if you set User=root you should probably also set Group=root :) superuser.com/a/1452367/39364
-
Soutzikevich over 4 years@MichaelHampton I'm trying to write a backdoor, so I've found this answer to be helpful!
-
RichieHH about 4 years@daino no, using sudo has no defence, It is not necessary. It IS run as root by default.