• systemctl service w/ mis help...

    From paulie420@21:2/150 to All on Monday, January 18, 2021 20:13:36
    Hey guys... I'd love if someone could drop that knowledge on me. I know exactly whats happening, but... I just don't fully understand how to fix it.

    So... I created some systemctl services for running Mystic and MRC Chat at boot time, to keep them running in case mis or MRC drop for any reason, and to put the BBS back up if theres ever an unplanned reboot...

    OK.

    Problem, I have to run the script as sudo. So... Any MPL that I have calling an external shell command won't work, permissions. DoorParty scripts, BBSLink scripts - anything thats like a shell script won't work. It throws me a permissions error.

    Which I just don't understand because - if I'm running as sudo, and the owner of the file is 'pi', doesn't sudo trump that?? Anyway... I just stopped the service and loaded ./mis server the normal way, for now... because I don't want things broken until I figured it out. :/

    But... what do I need to change to get it all ironed out? I *could* just edit my MPL files and insert 'sudo' - then the commands/scripts will run, but... I was testing and I can't just add 'sudo' onto the doorparty script directly from a Mystic menu command. It doesn't work, and that would be a stupid idea anyway.

    Anyone ran into this before, or can think thru it better than I? Everything was perfect but then I created systemctl services for mis and MRC. Have to run mis as sudo... now my extrenal shell scripts/commands don't work because I don't have permissions.

    Thanks much guys... I'm back to running without any systemctl; so that was a big 'for nothing' so far. I followed the vswitchzero.com/mystic-systemd how-to... and the scripts were GREAT. But; you have to run mis as sudo. Hmph.

    Help, pls.



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A47 2021/01/16 (Raspberry Pi/32)
    * Origin: 2o fOr beeRS bbs>>>20ForBeers.com:1337 (21:2/150)
  • From Zip@21:1/202 to paulie420 on Wednesday, January 20, 2021 07:20:07
    Hello paulie420!

    On 18 Jan 2021, paulie420 said the following...
    So... I created some systemctl services for running Mystic and MRC Chat
    at boot

    What does your mis.service file look like? (systemctl cat mis)

    In general, when one runs applications as services with systemd, one shouldn't need to use sudo at all.

    If the [Service] section of the mis.service file has User=pi and Group=pi (I guess the "pi" user has a group of its own, too?) in it then everything should execute as the "pi" user and "pi" group. The question is if that is enough.

    Are you running MIS as "root" now (when you start it manually)?

    Which I just don't understand because - if I'm running as sudo, and the owner of the file is 'pi', doesn't sudo trump that?? Anyway... I just

    What do the permissions look like ('ls -l /path/to/file' or 'stat /path/to/file') of some of the scripts that fail to launch?

    If the owner is "pi" and the group is some group that "root" is *not* part of (e.g. "pi"), and there are no execution permissions for "other" (= not the owner, not the group), then execution by that other user (e.g. "root") would fail, even though "root" is "root". :-)

    Best regards
    Zip

    --- Mystic BBS v1.12 A47 2021/01/05 (Linux/64)
    * Origin: Star Collision BBS, Uppsala, Sweden (21:1/202)
  • From paulie420@21:2/150 to Zip on Wednesday, January 20, 2021 11:43:27
    In general, when one runs applications as services with systemd, one shouldn't need to use sudo at all.

    If the [Service] section of the mis.service file has User=pi and
    Group=pi (I guess the "pi" user has a group of its own, too?) in it then everything should execute as the "pi" user and "pi" group. The question
    is if that is enough.

    Are you running MIS as "root" now (when you start it manually)?


    Yea Zip... I thought it was weird that it asked for sudo, too... but the accompanying scripts that go along with mis.service are pretty fancy and allow for Mystic restarting if it hits any issues, and correct shutdown / semaphore deleting and... anyway, it looked pretty nice to me so - I'm gonna list all three files, below. First is mis.service, 2nd is mis-start.sh, 3rd is mis-stop.sh...

    -----mis.service----- #===============================================================================
    ===================
    # This systemd service file can be used to start and stop the 'Mystic Internet S
    ervice' (MIS) as #
    # a proper service module. In order for it to work correctly, it must be set to
    'Type=forking'. #
    # As a forking service, it will decide if start/stop was a failure based on the
    returned error #
    # code of the shell script. A return of 0 will be considered success, and a retu
    rn of 1 will be a #
    # failure. The script will need to be launched as root in order for MIS to bind
    to the correct #
    # ports. Once binding is done, the MIS daemon will run only as the user who owns
    the MIS binary. #
    # This file is indended to work with Debian, Ubuntu, Raspbian and other debian b
    ased #
    # distributions, but may work with others as well.
    #
    #
    #
    # Be sure to set the location of your mis-start.sh and mis-stop.sh scripts in th
    e [Service] #
    # section below.
    #
    #
    #
    # For more information visit: https://vswitchzero.com/mystic-systemd
    # #===============================================================================
    ===================

    [Unit]
    Description=Mystic BBS Internet Service
    After=network.target
    After=systemd-user-sessions.service
    After=network-online.target

    [Service]
    Type=forking
    # The mis daemon needs to start as root as discussed above, or will fail to bind
    TCP ports.
    User=root
    # Be sure to set the correct paths and script names below: ExecStart=/home/pi/mystic/mis-start.sh
    ExecStop=/home/pi/mystic/mis-stop.sh

    [Install]
    WantedBy=multi-user.target

    -----mis-start.sh-----
    #!/bin/bash #===============================================================================
    ===================
    # This shell script will start the mystic internet service (mis). It checks to s
    ee if a stale #
    # semaphore is left behind and will also error out if the process is already run
    ning and #
    # a start attempt is made. This script can ideally be called as a fork within a
    systemd .service #
    # file. The script will exit with an appropriate error code to indicate whether
    is was successful #
    # or not. It is intended to work only with Debian, Ubuntu and other debian based
    distributions. #
    #
    #
    # For more information visit: https://vswitchzero.com/mystic-systemd
    # #===============================================================================
    ===================

    # Some variables. Older versions of mystic used -d instead of daemon as an optio
    n, so change
    # accordingly. Also ensure your mystic path is set correctly. MIS_PATH=/home/pi/mystic
    MIS_OPTS=daemon
    MIS_PID=$(ps auxwww | grep "mis $MIS_OPTS" | grep -v grep | awk '{print $2}')

    echo "Attempting to start the Mystic Internet Service (mis).."

    # Make sure mis isn't already running:
    if [ ! -z "$MIS_PID" ]
    then
    echo "mis-start.sh: Error: mis daemon is already running with PID $MIS_PID.
    Stop the service before attempting to start it."
    exit 1
    fi

    # If the process isn't running there shouldn't be a mis.bsy file in the semaphor
    e directory.
    # Sometimes it's left behind if the process doesn't stop cleanly. This is not un
    common. The
    # file is removed if the proces is not running and the file exists. Otherwise th
    e service will
    # fail to start.

    if [ -f "$MIS_PATH/semaphore/mis.bsy" ] && [ -z "$MIS_PID" ]
    then
    echo "Warning: The mis.bsy semaphore exists even though the mis daemon is no
    t running."
    echo "Removing semaphore.."
    rm $MIS_PATH/semaphore/mis.bsy
    if [ -f "$MIS_PATH/semaphore/mis.bsy" ]
    then
    echo "Error: Failed to remove semaphore. Service cannot start while sema
    phore exists. Exiting."
    exit 1
    else
    echo "Semaphore successfully removed. Proceeding to start the mis daemon
    .."
    fi
    else
    echo "No stale semaphore file found. Proceeding to start the mis daemon.." fi

    # If the script gets to this point, it should be safe to start the mis daemon. T
    he script first changes
    # directory to the mystic path specified just in case the "mysticbbs" environmen
    t variable is not set.
    cd $MIS_PATH > /dev/null
    $MIS_PATH/mis $MIS_OPTS
    cd - > /dev/null

    #Keep checking to make sure the service starts:
    MIS_COUNTER=0
    echo "Checking to ensure the process starts.."

    while [ $MIS_COUNTER -lt 6 ]
    do
    MIS_PID=$(ps auxwww | grep "mis $MIS_OPTS" | grep -v grep | awk '{print $2}'
    )
    if [ -z "$MIS_PID" ]
    then
    echo "Process has not yet started. Waiting 5 seconds.."
    sleep 5
    else
    echo "Finished! Mis daemon has been started successfully at PID $MIS_PID
    ."
    exit 0
    fi
    let MIS_COUNTER=MIS_COUNTER+1
    done

    # If it's still not up after 30 seconds we consider this a failure.
    if [ "$MIS_COUNTER" -eq 6 ] && [ -z "$MIS_PID" ]
    then
    echo "Error: Process failed to start after 30 seconds."
    exit 1
    fi

    -----mis-stop.sh-----
    #!/bin/bash #===============================================================================
    ===================
    # This shell script will stop the mystic internet service (mis). It will fail ou
    t if the process #
    # is not running and a stop attempt is made. It will also continually poll to ma
    ke sure it stops #
    # successfully, and if it is still running after 60 seconds, will be forcefully
    terminated. This #
    # script can ideally be called as a fork within a systemd .service file. The scr
    ipt will exit #
    # with an appropriate error code to indicate whether is was successful or not. I
    t is intended to #
    # work only with Debian, Ubuntu and other debian based distributions.
    #
    #
    #
    # For more information visit: https://vswitchzero.com/mystic-systemd
    # #===============================================================================
    ===================

    # Some variables. The MIS_OPTS should contain the daemon option (-d in older ver
    sions). The
    # MIS_SHUT_OPTS should be the shutdown option ('shutdown' in newer versions). En
    sure your mystic
    # path is set correctly.

    MIS_PATH=/home/pi/mystic
    MIS_OPTS=daemon
    MIS_SHUT_OPTS=shutdown
    MIS_PID=$(ps auxwww | grep "mis $MIS_OPTS" | grep -v grep | awk '{print $2}')

    echo "Attempting to stop the Mystic Internet Service daemon.."

    # Make sure mis is running, otherwise exit:
    if [ -z "$MIS_PID" ]
    then
    echo "Error: Can't stop the MIS daemon as it is not running."
    exit 1
    else
    echo "MIS daemon is currently running with PID $MIS_PID. Stopping.."
    fi

    # If the script gets to this point, it should be safe to stop the mis daemon. Th
    e script first changes
    # directory to the mystic path specified just in case the "mysticbbs" environmen
    t variable is not set.
    cd $MIS_PATH > /dev/null
    $MIS_PATH/mis $MIS_SHUT_OPTS
    cd - > /dev/null

    MIS_COUNTER=0
    echo "Checking to ensure the process stops.."

    while [ $MIS_COUNTER -lt 12 ]; do
    MIS_PID=$(ps auxwww | grep "mis $MIS_OPTS" | grep -v grep | awk '{print $2}'
    )
    if [ ! -z "$MIS_PID" ]
    then
    echo "MIS process still running. Waiting 5 seconds.."
    sleep 5
    else
    echo "Finished! MIS daemon has been stopped successfully."
    exit 0
    fi
    let MIS_COUNTER=MIS_COUNTER+1
    done

    # If it's still running after 60 seconds (12 intervals) then an error is display
    ed.
    if [ "$MIS_COUNTER" -eq 12 ] && [ ! -z "$MIS_PID" ]
    then
    echo "Error: Process failed to stop gracefully after 60 seconds."
    fi

    # Uncomment the code between the dashes if you want the script to forcefully kil
    l the process if it
    # doesn't go down gracefully. Please note that this is potentially risky, and wi
    ll only be done if
    # the mis.bsy semaphore has already been removed. Use this section at your own r
    isk, but it can
    # help to address common process termination issues.
    # #-------------------------------------------------------------------------------
    -------------------
    MIS_PID=$(ps auxwww | grep "mis $MIS_OPTS" | grep -v grep | awk '{print $2}')
    if [ ! -z "$MIS_PID" ] && [ ! -f "$MIS_PATH/semaphore/mis.bsy" ]
    then
    echo "Stopping process forcefully using kill -9 because the mis.bsy semaphor
    e was already removed"
    kill -9 $MIS_PID
    sleep 5
    MIS_PID=$(ps auxwww | grep "mis $MIS_OPTS" | grep -v grep | awk '{print $2}'
    )
    if [ ! -z "$MIS_PID" ]
    then
    echo "Error: MIS daemon forceful stop failed."
    exit 1
    else
    echo "Success. MIS daemon was forcefully stopped."
    exit 0
    fi
    fi #-------------------------------------------------------------------------------
    -------------------

    exit 1

    -----

    So... see, it uses sudo. Wonder if I can just take that out of there... I thought this was a fancy service & .sh's but... maybe I don't need all that footloose stuff.



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A47 2021/01/16 (Raspberry Pi/32)
    * Origin: 2o fOr beeRS bbs>>>20ForBeers.com:1337 (21:2/150)
  • From Zip@21:1/202 to paulie420 on Thursday, January 21, 2021 13:41:57
    Hello paulie420!

    Yea Zip... I thought it was weird that it asked for sudo, too... but the accompanying scripts that go along with mis.service are pretty fancy and allow for Mystic restarting if it hits any issues, and correct shutdown
    / semaphore deleting and... anyway, it looked pretty nice to me so - I'm gonna list all three files, below. First is mis.service, 2nd is mis-start.sh, 3rd is mis-stop.sh...

    Hmm, I couldn't locate the sudo part in there, instead it appears to run everything as root?

    What error message do you get when using the systemd service? (journalctl -u mis)

    And does anything appear in the MIS logs?

    You might want to try adding -x to the first line in the scripts to get "all" output from them:

    #!/bin/bash -x

    ...and then perhaps it makes it easier to locate the point where you get some permission error message (e.g. using journalctl -u mis)?

    Best regards
    Zip

    --- Mystic BBS v1.12 A47 2021/01/05 (Linux/64)
    * Origin: Star Collision BBS, Uppsala, Sweden (21:1/202)
  • From paulie420@21:2/150 to Zip on Thursday, January 21, 2021 17:09:47
    Hmm, I couldn't locate the sudo part in there, instead it appears to run everything as root?

    What error message do you get when using the systemd service?
    (journalctl -u mis)

    And does anything appear in the MIS logs?

    You might want to try adding -x to the first line in the scripts to get "all" output from them:

    #!/bin/bash -x

    ...and then perhaps it makes it easier to locate the point where you get some permission error message (e.g. using journalctl -u mis)?

    Best regards
    Zip

    The permission errors are within Mystic; when I run any MPL that does anything that calls out to the Linux system... like DoorParty, BBSLink and a couple unique mods that do a 'cat filename.ext' from within an MPL.

    I turned the mis.service off temporarily, maybe I just need to go into it and see if I can get IT to run as the 'pi' user. I don't understand why ITS running as root.

    There was text in the how-to, saying why it needed to run as root... at: vswitchzero.com/mystic-systemd/ ...

    Hmmmm, thanks much for the suggestions... I'll dig in a little more.



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A47 2021/01/16 (Raspberry Pi/32)
    * Origin: 2o fOr beeRS bbs>>>20ForBeers.com:1337 (21:2/150)