systemd: launch user (with no password) specific service that keepalive after logout

0

I am trying to run a user specific service with systemd. I am not an admin by profession but more a developer.

I am currently testing my solution on an Ubuntu 16.04 but plan to deploy the solution on Centos 7. I hope nothing will change really.

However until now I manage to do the following by script:

  1. check that my service is effectively running when launching by command line
  2. create the user john with a /home/john directory (I need this home) but no password. I have read that it would be more secure (and hope I don't err...).
  3. create the directory /home/john/.config/systemd/user to store my service files.
  4. Enable lingering according to this doc

So now I would like to test openning a session with john and start the services but is doesn't work. I am trying to do it the following:

sam$ sudo su - john
john$ systemctl --user status my-service.service

and gather this unpleasant:

Failed to connect to bus: No such file or directory

and no matter status/start/stop/list-units command I put in place of the status above it is always the same message.

The command that connect me to the session of john are logged by this line:

$journalctl -e

Jun 15 18:16:23 sam-dell sudo[5681]:      sam : TTY=pts/2 ; PWD=/home/sam/IdeaProjects ; USER=root ; COMMAND=/bin/su - john
Jun 15 18:15:02 sam-dell su[5491]: Successful su for john by root
Jun 15 18:15:02 sam-dell su[5491]: + /dev/pts/2 root:john
Jun 15 18:15:02 sam-dell su[5491]: pam_unix(su:session): session opened for user john by (uid=0)
Jun 15 18:15:02 sam-dell su[5491]: pam_systemd(su:session): Cannot create session: Already running in a session

...and nothing occurs when I am trying the systemctl commands.

Note: I added a password to my user and it still not working from the terminal opened in my gnome session of my sam user. But as my user has now a password, Ubuntu lets me connect to it with gnome and I could run the systemctl --user status/start/stop without any problem by logging to the john gnome session.

Does anybody has an idea ? I am maybe taking the problem the wrong way, I simply want to run systemd service as another user on my remote server, so I suppose I was doing right but maybe not.

Many thanks for helping

sam

Posted 2017-06-15T15:30:24.900

Reputation: 101

Answers

0

Note that su does not create a nested login session. All processes started within Sam's session still belong to it.

You would have to log in via console, gdm, ssh, or machinectl login .host (I think there are shorter aliases for that one), as they all start from a clean slate. (Although... I'm not sure why enabling linger on its own didn't start the systemd instance. It ought to.)

systemctl itself doesn't need to be in the right session (you can sudo -u it), but it relies on the $XDG_RUNTIME_DIR environment variable in order to find the systemd instance. It should generally be set to /run/user/<UID>, and that directory should have either a bus socket or a systemd/private one.

user1686

Posted 2017-06-15T15:30:24.900

Reputation: 283 655

I tried on the server (centos 7 ). I created the user and enabled lingering. Put some .ssh/ids so that I could open an ssh session. – sam – 2017-06-16T06:34:01.207

Ah, yeah, CentOS doesn't have this feature at all. They surgically remove it. – user1686 – 2017-06-16T06:48:27.797

I tried on the server (centos 7 ). I created the user and enabled lingering. Put some .ssh/ids so that I could open an ssh session. I created a simple service and checked that it runs ok by root when symlinked under /etc/systemd/system. Then erase the symlink and put the service in /home/john/.config/systemd/system/my-service.service but gather always systemctl --user start my-service Failed to get D-Bus connection: No such file or directory – sam – 2017-06-16T06:58:05.750

really they removed ???!!! What feature lingering or --user ? – sam – 2017-06-16T06:59:08.890

Asked: 2017-06-15T15:30:24.900

Viewed: 927 times

Active: 2017-06-15T16:04:09.280