systemd service: permission denied
I have a new systemd service that fails to start with a "permission denied" error.
I bought a Thinkpad L480. Unfortunately, there seems to be an issue with the kernel not detecting the touchpad. This is addressed here can be solved by
sudo sh -c 'echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol'
As I do not want to do this on every single startup, I made a systemd service, which does not work as expected.
My touchpad_enabler.service is
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
The script file is simply
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
But I also tried it with the sh -c
version. I adjusted the permissions via
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
so both files are owned by root.
I then enabled it via
systemctl enable enable_touchpad.sh
When I manually start the service via systemctl start touchpad_enabler.service
, it works totally fine and the touchpad works as it should. However, on startup , the service fails and is listet as 'failed' in systemctl list-units
.
The output of journalctl -b -u touchpad_enabler.service
is:
systemd[1]: Starting Solves bug that Thinkpad L480 Touchpad is not correctly detected...
enable_touchpad.sh[516]: sh: /sys/bus/serio/devices/serio1/protocol: permission denied
systemd[1]: touchpad_enabler.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: touchpad_enabler.service: Failed with result 'exit-code'.
systemd[1]: Failed to start FooBar
It looks like the problem is the permission to write to the file itself. But manually starting the service works fine and to my understanding systemd should execute the command as root anyway, right?
From reading man systemctl.service
I got the idea to prepend '+' to the filepath so that it read
ExecStart=+/usr/local/bin/enable_touchpad.sh
With no effect.
I do not really understand where this protocol
file comes from. It looks like it gets created by the kernel on startup? So I also experimented with the After=
parameter, but systemd should start the services after the kernel is fully loaded, right? The file is also owned by root so I would not expect any problems there.
I hope someone can help me. Thanks in advance.
linux permissions services systemd
add a comment |
I have a new systemd service that fails to start with a "permission denied" error.
I bought a Thinkpad L480. Unfortunately, there seems to be an issue with the kernel not detecting the touchpad. This is addressed here can be solved by
sudo sh -c 'echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol'
As I do not want to do this on every single startup, I made a systemd service, which does not work as expected.
My touchpad_enabler.service is
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
The script file is simply
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
But I also tried it with the sh -c
version. I adjusted the permissions via
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
so both files are owned by root.
I then enabled it via
systemctl enable enable_touchpad.sh
When I manually start the service via systemctl start touchpad_enabler.service
, it works totally fine and the touchpad works as it should. However, on startup , the service fails and is listet as 'failed' in systemctl list-units
.
The output of journalctl -b -u touchpad_enabler.service
is:
systemd[1]: Starting Solves bug that Thinkpad L480 Touchpad is not correctly detected...
enable_touchpad.sh[516]: sh: /sys/bus/serio/devices/serio1/protocol: permission denied
systemd[1]: touchpad_enabler.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: touchpad_enabler.service: Failed with result 'exit-code'.
systemd[1]: Failed to start FooBar
It looks like the problem is the permission to write to the file itself. But manually starting the service works fine and to my understanding systemd should execute the command as root anyway, right?
From reading man systemctl.service
I got the idea to prepend '+' to the filepath so that it read
ExecStart=+/usr/local/bin/enable_touchpad.sh
With no effect.
I do not really understand where this protocol
file comes from. It looks like it gets created by the kernel on startup? So I also experimented with the After=
parameter, but systemd should start the services after the kernel is fully loaded, right? The file is also owned by root so I would not expect any problems there.
I hope someone can help me. Thanks in advance.
linux permissions services systemd
add a comment |
I have a new systemd service that fails to start with a "permission denied" error.
I bought a Thinkpad L480. Unfortunately, there seems to be an issue with the kernel not detecting the touchpad. This is addressed here can be solved by
sudo sh -c 'echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol'
As I do not want to do this on every single startup, I made a systemd service, which does not work as expected.
My touchpad_enabler.service is
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
The script file is simply
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
But I also tried it with the sh -c
version. I adjusted the permissions via
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
so both files are owned by root.
I then enabled it via
systemctl enable enable_touchpad.sh
When I manually start the service via systemctl start touchpad_enabler.service
, it works totally fine and the touchpad works as it should. However, on startup , the service fails and is listet as 'failed' in systemctl list-units
.
The output of journalctl -b -u touchpad_enabler.service
is:
systemd[1]: Starting Solves bug that Thinkpad L480 Touchpad is not correctly detected...
enable_touchpad.sh[516]: sh: /sys/bus/serio/devices/serio1/protocol: permission denied
systemd[1]: touchpad_enabler.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: touchpad_enabler.service: Failed with result 'exit-code'.
systemd[1]: Failed to start FooBar
It looks like the problem is the permission to write to the file itself. But manually starting the service works fine and to my understanding systemd should execute the command as root anyway, right?
From reading man systemctl.service
I got the idea to prepend '+' to the filepath so that it read
ExecStart=+/usr/local/bin/enable_touchpad.sh
With no effect.
I do not really understand where this protocol
file comes from. It looks like it gets created by the kernel on startup? So I also experimented with the After=
parameter, but systemd should start the services after the kernel is fully loaded, right? The file is also owned by root so I would not expect any problems there.
I hope someone can help me. Thanks in advance.
linux permissions services systemd
I have a new systemd service that fails to start with a "permission denied" error.
I bought a Thinkpad L480. Unfortunately, there seems to be an issue with the kernel not detecting the touchpad. This is addressed here can be solved by
sudo sh -c 'echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol'
As I do not want to do this on every single startup, I made a systemd service, which does not work as expected.
My touchpad_enabler.service is
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
The script file is simply
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
But I also tried it with the sh -c
version. I adjusted the permissions via
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
so both files are owned by root.
I then enabled it via
systemctl enable enable_touchpad.sh
When I manually start the service via systemctl start touchpad_enabler.service
, it works totally fine and the touchpad works as it should. However, on startup , the service fails and is listet as 'failed' in systemctl list-units
.
The output of journalctl -b -u touchpad_enabler.service
is:
systemd[1]: Starting Solves bug that Thinkpad L480 Touchpad is not correctly detected...
enable_touchpad.sh[516]: sh: /sys/bus/serio/devices/serio1/protocol: permission denied
systemd[1]: touchpad_enabler.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: touchpad_enabler.service: Failed with result 'exit-code'.
systemd[1]: Failed to start FooBar
It looks like the problem is the permission to write to the file itself. But manually starting the service works fine and to my understanding systemd should execute the command as root anyway, right?
From reading man systemctl.service
I got the idea to prepend '+' to the filepath so that it read
ExecStart=+/usr/local/bin/enable_touchpad.sh
With no effect.
I do not really understand where this protocol
file comes from. It looks like it gets created by the kernel on startup? So I also experimented with the After=
parameter, but systemd should start the services after the kernel is fully loaded, right? The file is also owned by root so I would not expect any problems there.
I hope someone can help me. Thanks in advance.
linux permissions services systemd
linux permissions services systemd
edited Feb 9 at 11:00
Bloch
asked Feb 8 at 17:16
BlochBloch
136
136
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
It seems like you have the service and script files a little confused. The contents of the files seem like they should work though.
Systemd needs a service file. Put this file here
/etc/systemd/system/touchpad_enabler.service
With the contents:
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
Then your script here (I changed the name to make the separation between service file and script file clearer. Also /usr/local/bin
is a better place because it's generally meant for local scripts/programs)
/usr/local/bin/enable_touchpad.sh
And it will have the contents (unchanged):
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
Make sure the permissions on the script and the service file are correct. They should be owned by root and the script should be executable.
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
Then you enable the systemd service.
sudo systemctl enable touchpad_enabler.service
This enables the service so it will run at boot. It can also be run manually with:
sudo systemctl start touchpad_enabler.service
or you can directly run the script, bypassing the systemd service:
sudo /usr/local/bin/enable_touchpad.sh
I can't really speak to the bug or when the protocol file is created, but the service should work.
EDIT:
You can add the After=
parameter to the [Unit]
section of the service to make sure it runs after a specific target, like default.target
or multi-user.target
. By default, every service has a dependency on sysinit.target
, so I'm not sure how much that would matter in your case.
If you look here, https://stackoverflow.com/questions/27511139/how-to-make-sysfs-changes-persistent-in-centos-7-systemd, there are other ways to accomplish what you want without a custom service. Maybe you can try a udev rule.
Thank you for your answer. I actually did everything you mentioned. I just had it wrong in my question (the ExecStart= part) the error message showes, that it did actually find the script, tries to execute it, but lacks permissions. I edited my question where this was yet unclear and changed the filenames according to your suggestion to make it clearer. Manually starting the service works fine. But not loading on startup.
– Bloch
Feb 9 at 11:01
What did you try with the After option? Does addingAfter=default.target
to the[Unit]
section help?
– nitram
Feb 9 at 16:31
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403601%2fsystemd-service-permission-denied%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
It seems like you have the service and script files a little confused. The contents of the files seem like they should work though.
Systemd needs a service file. Put this file here
/etc/systemd/system/touchpad_enabler.service
With the contents:
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
Then your script here (I changed the name to make the separation between service file and script file clearer. Also /usr/local/bin
is a better place because it's generally meant for local scripts/programs)
/usr/local/bin/enable_touchpad.sh
And it will have the contents (unchanged):
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
Make sure the permissions on the script and the service file are correct. They should be owned by root and the script should be executable.
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
Then you enable the systemd service.
sudo systemctl enable touchpad_enabler.service
This enables the service so it will run at boot. It can also be run manually with:
sudo systemctl start touchpad_enabler.service
or you can directly run the script, bypassing the systemd service:
sudo /usr/local/bin/enable_touchpad.sh
I can't really speak to the bug or when the protocol file is created, but the service should work.
EDIT:
You can add the After=
parameter to the [Unit]
section of the service to make sure it runs after a specific target, like default.target
or multi-user.target
. By default, every service has a dependency on sysinit.target
, so I'm not sure how much that would matter in your case.
If you look here, https://stackoverflow.com/questions/27511139/how-to-make-sysfs-changes-persistent-in-centos-7-systemd, there are other ways to accomplish what you want without a custom service. Maybe you can try a udev rule.
Thank you for your answer. I actually did everything you mentioned. I just had it wrong in my question (the ExecStart= part) the error message showes, that it did actually find the script, tries to execute it, but lacks permissions. I edited my question where this was yet unclear and changed the filenames according to your suggestion to make it clearer. Manually starting the service works fine. But not loading on startup.
– Bloch
Feb 9 at 11:01
What did you try with the After option? Does addingAfter=default.target
to the[Unit]
section help?
– nitram
Feb 9 at 16:31
add a comment |
It seems like you have the service and script files a little confused. The contents of the files seem like they should work though.
Systemd needs a service file. Put this file here
/etc/systemd/system/touchpad_enabler.service
With the contents:
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
Then your script here (I changed the name to make the separation between service file and script file clearer. Also /usr/local/bin
is a better place because it's generally meant for local scripts/programs)
/usr/local/bin/enable_touchpad.sh
And it will have the contents (unchanged):
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
Make sure the permissions on the script and the service file are correct. They should be owned by root and the script should be executable.
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
Then you enable the systemd service.
sudo systemctl enable touchpad_enabler.service
This enables the service so it will run at boot. It can also be run manually with:
sudo systemctl start touchpad_enabler.service
or you can directly run the script, bypassing the systemd service:
sudo /usr/local/bin/enable_touchpad.sh
I can't really speak to the bug or when the protocol file is created, but the service should work.
EDIT:
You can add the After=
parameter to the [Unit]
section of the service to make sure it runs after a specific target, like default.target
or multi-user.target
. By default, every service has a dependency on sysinit.target
, so I'm not sure how much that would matter in your case.
If you look here, https://stackoverflow.com/questions/27511139/how-to-make-sysfs-changes-persistent-in-centos-7-systemd, there are other ways to accomplish what you want without a custom service. Maybe you can try a udev rule.
Thank you for your answer. I actually did everything you mentioned. I just had it wrong in my question (the ExecStart= part) the error message showes, that it did actually find the script, tries to execute it, but lacks permissions. I edited my question where this was yet unclear and changed the filenames according to your suggestion to make it clearer. Manually starting the service works fine. But not loading on startup.
– Bloch
Feb 9 at 11:01
What did you try with the After option? Does addingAfter=default.target
to the[Unit]
section help?
– nitram
Feb 9 at 16:31
add a comment |
It seems like you have the service and script files a little confused. The contents of the files seem like they should work though.
Systemd needs a service file. Put this file here
/etc/systemd/system/touchpad_enabler.service
With the contents:
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
Then your script here (I changed the name to make the separation between service file and script file clearer. Also /usr/local/bin
is a better place because it's generally meant for local scripts/programs)
/usr/local/bin/enable_touchpad.sh
And it will have the contents (unchanged):
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
Make sure the permissions on the script and the service file are correct. They should be owned by root and the script should be executable.
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
Then you enable the systemd service.
sudo systemctl enable touchpad_enabler.service
This enables the service so it will run at boot. It can also be run manually with:
sudo systemctl start touchpad_enabler.service
or you can directly run the script, bypassing the systemd service:
sudo /usr/local/bin/enable_touchpad.sh
I can't really speak to the bug or when the protocol file is created, but the service should work.
EDIT:
You can add the After=
parameter to the [Unit]
section of the service to make sure it runs after a specific target, like default.target
or multi-user.target
. By default, every service has a dependency on sysinit.target
, so I'm not sure how much that would matter in your case.
If you look here, https://stackoverflow.com/questions/27511139/how-to-make-sysfs-changes-persistent-in-centos-7-systemd, there are other ways to accomplish what you want without a custom service. Maybe you can try a udev rule.
It seems like you have the service and script files a little confused. The contents of the files seem like they should work though.
Systemd needs a service file. Put this file here
/etc/systemd/system/touchpad_enabler.service
With the contents:
[Unit]
Description=FooBar
[Service]
Type=oneshot
ExecStart=/usr/local/bin/enable_touchpad.sh
[Install]
WantedBy=default.target
Then your script here (I changed the name to make the separation between service file and script file clearer. Also /usr/local/bin
is a better place because it's generally meant for local scripts/programs)
/usr/local/bin/enable_touchpad.sh
And it will have the contents (unchanged):
#!/bin/bash
echo -n "elantech" > /sys/bus/serio/devices/serio1/protocol
Make sure the permissions on the script and the service file are correct. They should be owned by root and the script should be executable.
sudo chmod 744 /usr/local/bin/enable_touchpad.sh
sudo chmod 644 /etc/systemd/system/touchpad_enabler.service
Then you enable the systemd service.
sudo systemctl enable touchpad_enabler.service
This enables the service so it will run at boot. It can also be run manually with:
sudo systemctl start touchpad_enabler.service
or you can directly run the script, bypassing the systemd service:
sudo /usr/local/bin/enable_touchpad.sh
I can't really speak to the bug or when the protocol file is created, but the service should work.
EDIT:
You can add the After=
parameter to the [Unit]
section of the service to make sure it runs after a specific target, like default.target
or multi-user.target
. By default, every service has a dependency on sysinit.target
, so I'm not sure how much that would matter in your case.
If you look here, https://stackoverflow.com/questions/27511139/how-to-make-sysfs-changes-persistent-in-centos-7-systemd, there are other ways to accomplish what you want without a custom service. Maybe you can try a udev rule.
edited Feb 9 at 18:38
answered Feb 8 at 22:47
nitramnitram
112
112
Thank you for your answer. I actually did everything you mentioned. I just had it wrong in my question (the ExecStart= part) the error message showes, that it did actually find the script, tries to execute it, but lacks permissions. I edited my question where this was yet unclear and changed the filenames according to your suggestion to make it clearer. Manually starting the service works fine. But not loading on startup.
– Bloch
Feb 9 at 11:01
What did you try with the After option? Does addingAfter=default.target
to the[Unit]
section help?
– nitram
Feb 9 at 16:31
add a comment |
Thank you for your answer. I actually did everything you mentioned. I just had it wrong in my question (the ExecStart= part) the error message showes, that it did actually find the script, tries to execute it, but lacks permissions. I edited my question where this was yet unclear and changed the filenames according to your suggestion to make it clearer. Manually starting the service works fine. But not loading on startup.
– Bloch
Feb 9 at 11:01
What did you try with the After option? Does addingAfter=default.target
to the[Unit]
section help?
– nitram
Feb 9 at 16:31
Thank you for your answer. I actually did everything you mentioned. I just had it wrong in my question (the ExecStart= part) the error message showes, that it did actually find the script, tries to execute it, but lacks permissions. I edited my question where this was yet unclear and changed the filenames according to your suggestion to make it clearer. Manually starting the service works fine. But not loading on startup.
– Bloch
Feb 9 at 11:01
Thank you for your answer. I actually did everything you mentioned. I just had it wrong in my question (the ExecStart= part) the error message showes, that it did actually find the script, tries to execute it, but lacks permissions. I edited my question where this was yet unclear and changed the filenames according to your suggestion to make it clearer. Manually starting the service works fine. But not loading on startup.
– Bloch
Feb 9 at 11:01
What did you try with the After option? Does adding
After=default.target
to the [Unit]
section help?– nitram
Feb 9 at 16:31
What did you try with the After option? Does adding
After=default.target
to the [Unit]
section help?– nitram
Feb 9 at 16:31
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403601%2fsystemd-service-permission-denied%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown