12

I created a service. 

admin@Xroklaus:~ $ cat /etc/systemd/user/duniter.service 
[Unit]
Description=Duniter node
After=network.target
ConditionPathExists=/home/folatt/.config/duniter/duniter_default/duniter.db

[Service]
Group=folatt
User=folatt
Type=forking
ExecStart=/usr/bin/duniter webstart
ExecReload=/usr/bin/duniter webrestart
ExecStop=/usr/bin/duniter stop
Restart=on-failure

[Install]
WantedBy=multi-user.target

After rebooting, it does not load.

folatt@Xroklaus:~ $ systemctl --user status duniter.service
● duniter.service - Duniter node
   Loaded: loaded (/etc/systemd/user/duniter.service; enabled)
   Active: failed (Result: start-limit) since Sun 2018-01-07 20:31:43 UTC; 1min 3s ago
  Process: 2212 ExecStart=/usr/bin/duniter webstart (code=exited, status=216/GROUP)

Journalctl gives a bit more information of the error.

admin@Xroklaus:~ $ sudo journalctl -p 3 --no-pager
-- Logs begin at Sun 2018-01-07 20:30:33 UTC, end at Sun 2018-01-07 20:31:49 UTC. --
Jan 07 20:30:39 Xroklaus bluetoothd[876]: Sap driver initialization failed.
Jan 07 20:30:39 Xroklaus bluetoothd[876]: sap-server: Operation not permitted (1)
Jan 07 20:31:26 Xroklaus systemd[1]: Failed to start LSB: Start and stop the mysql database server daemon.
Jan 07 20:31:42 Xroklaus systemd[2203]: Failed at step GROUP spawning /usr/bin/duniter: Operation not permitted
Jan 07 20:31:42 Xroklaus systemd[2177]: Failed to start Duniter node.
Jan 07 20:31:42 Xroklaus systemd[2206]: Failed at step GROUP spawning /usr/bin/duniter: Operation not permitted
Jan 07 20:31:42 Xroklaus systemd[2177]: Failed to start Duniter node.
Jan 07 20:31:43 Xroklaus systemd[2208]: Failed at step GROUP spawning /usr/bin/duniter: Operation not permitted
Jan 07 20:31:43 Xroklaus systemd[2177]: Failed to start Duniter node.
Jan 07 20:31:43 Xroklaus systemd[2210]: Failed at step GROUP spawning /usr/bin/duniter: Operation not permitted
Jan 07 20:31:43 Xroklaus systemd[2177]: Failed to start Duniter node.
Jan 07 20:31:43 Xroklaus systemd[2212]: Failed at step GROUP spawning /usr/bin/duniter: Operation not permitted
Jan 07 20:31:43 Xroklaus systemd[2177]: Failed to start Duniter node.
Jan 07 20:31:43 Xroklaus systemd[2177]: Failed to start Duniter node.

But that's as far as I got. I don't know what the solution is to this.

Folaht
  • 962
  • 5
  • 21
  • 36

2 Answers2

13

I moved the service file and removed the user and group, while also changing the install target like this:

/usr/lib/systemd/user/duniter.service

[Unit]
Description=Duniter node
After=network.target
ConditionPathExists=/home/folatt/.config/duniter/duniter_default/duniter.db

[Service]
Type=forking
ExecStart=/usr/bin/duniter webstart
ExecReload=/usr/bin/duniter webrestart
ExecStop=/usr/bin/duniter stop
Restart=on-failure

[Install]
WantedBy=default.target
Folaht
  • 962
  • 5
  • 21
  • 36
  • 1
    for user service - we should place the service at $HOME/.config/systemd/user right ? where have you placed service file ? how will systemd know which user you want the service file to belong ? – mrtechmaker Oct 27 '18 at 16:32
  • 1
    I got it to work by removing this: User = ubuntu – mrtechmaker Oct 27 '18 at 16:42
  • 1
    I guess this is because systemd runs user units as the user, and you can't switch user or group without escalating privileges. That's why the error message says `Operation not permitted`. (I made the same mistake when turning a system unit into a user unit...) – bovender Apr 08 '19 at 09:43
  • See also `man systemd.exec`, section on "CREDENTIALS" (https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Credentials). – bovender Apr 08 '19 at 09:51
2

If you have services where the user and/or group is dependant on network services e.g. LDAP, you must add the respective services (such as nslcd) to the Wants and After lines of the [Unit] section of the service definition file.

If a user or group is defined in a network directory that is not available yet, the service will fail to start with the "Failed at step GROUP spawning" error.

flibwib
  • 121
  • 2
  • I know this answer does not directly help OP's problem, but given this answer is the first result for searches for "Failed at step GROUP spawning" I thought I should add it as a reference. – flibwib Nov 19 '19 at 05:51