Hi,
I'm having a strange issue with systemd startup.
We run our Xymon as a user called hobbit. If I Start Xymon using the runclient.sh script as hobbit (i.e. /xymon/client/runclient.sh start) then all works perfectly. If I run it using systemctl start xymon a ps -eaf command clearly shows it running as hobbit but Iget the following in my /xymon/client/logs/xymonclient.log file
2020-05-19 14:28:13 Whoops ! Failed to send message (Connection failed) 2020-05-19 14:28:13 -> connect to Xymon daemon at xymonserver:1984 failed (Permission denied) 2020-05-19 14:28:13 -> Recipient 'xymonserver', timeout 15 2020-05-19 14:28:13 -> 1st line: 'client xymonclient.linux linux'
If I test the connection all works OK
root at xymonclient:/xymon/client # ./bin/xymon --debug "xymonserver" test 25296 2020-05-19 14:32:46 Transport setup is: 25296 2020-05-19 14:32:46 xymondportnumber = 1984 25296 2020-05-19 14:32:46 xymonproxyhost = NONE 25296 2020-05-19 14:32:46 xymonproxyport = 0 25296 2020-05-19 14:32:46 Recipient listed as ?xymonserver? 25296 2020-05-19 14:32:46 Standard protocol on port 1984 25296 2020-05-19 14:32:46 Will connect to address xymonserver port 1984 25296 2020-05-19 14:32:46 Connect status is 0 25296 2020-05-19 14:32:46 Sent 4 bytes 25296 2020-05-19 14:32:46 Closing connection
My /usr/lib/sysemd/system/xymon.service file is
[Unit] Description=Xymon systems and network monitor Documentation=man:xymon(7) man:xymonlaunch(8) man:xymon(1) After=network.target
[Install]
Compatibility with "xymon" and "xymon-client"
Alias=xymon.service Alias=xymon-client.service WantedBy=multi-user.target
[Service] EnvironmentFile=/etc/sysconfig/xymonlaunch User=hobbit
We wrap in xymoncmd to eliminate the need for the bulk of the old init
script
ExecStart=/xymon/client/bin/xymonlaunch
--config=/xymon/client/etc/clientlaunch.cfg
--log=/xymon/client/logs/clientlaunch.log --pidfile=/xymon/client/
logs/clientlaunch.pid
ExecStop=kill cat /xymon/client/logs/clientlaunch.pid
PIDFile=/xymon/client/logs/clientlaunch.pid
Type=simple
User=hobbit
Kill xymonlaunch, but don't send kills to the underlying procs, since they
might be doing important things (like writing checkpoints and flushing
caches) KillMode=process SendSIGHUP=yes SendSIGKILL=yes
and my /etc/sysconfig/launch looks like this
MACHINEDOTS=xymonclient SERVEROSTYPE=linux XYMONOSSCRIPT=xymonclient-linux.sh XYMONCLIENTHOME=/xymon/client/
I don't understand how it works perfectly when I start it as the user using the normal script yet get's permission denied when running under systemd but still as the same user
On 5/19/20 7:02 AM, Neil Simmonds wrote:
Hi,
I'm having a strange issue with systemd startup.
I've found the following is necessary under [Service] if starting from systemd using a script
RemainAfterExit=yes
-- Stephen Carville Master of Turning Crappy Tools into Crappy Miracles 800.537.3821 x1326 scarville at nospam.lereta.com ?\_(?)_/?
A consilia hominis et Deus cachinnus.
It looks like this is an SELinux issue. /var/log/messsages contains a line saying "SELinux is preventing xymon from name_connect access on the tcp_socket port 1984"
On Tue, May 19, 2020 at 4:51 PM Stephen Carville (xymon list) < scarville at lereta.com> wrote:
On 5/19/20 7:02 AM, Neil Simmonds wrote:
Hi,
I'm having a strange issue with systemd startup.
I've found the following is necessary under [Service] if starting from systemd using a script
RemainAfterExit=yes
-- Stephen Carville Master of Turning Crappy Tools into Crappy Miracles 800.537.3821 x1326 scarville at nospam.lereta.com ?\_(?)_/?
A consilia hominis et Deus cachinnus.
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
participants (2)
-
neilsimmonds1808@gmail.com
-
scarville@lereta.com