Sample Header Ad - 728x90

systemd service timeout when using sudo

0 votes
1 answer
634 views
systemd sudo openvpn namespace transmission
## Target ## I am trying to run a service (transmission-daemon) in a network namespace for VPN usage. The service should automatically start using systemd. ## Implementation details ## I am using [namespaced-openvpn](https://github.com/slingamn/namespaced-openvpn) to create a network namespace. For this I have created the systemd unit file /lib/systemd/system/namespaced-openvpn.service: 
[Unit]
Description=Namespaced OpenVPN
After=network.target

[Service]
User=root
Type=notify
ExecStart=/usr/local/sbin/namespaced-openvpn --config /etc/openvpn/myconfig.conf
ExecStop=/bin/kill -s STOP $MAINPID
ExecReload=/bin/kill -s HUP $MAINPID

[Install]
WantedBy=multi-user.target
This works as expected, after starting the service I can open a shell in the network namespace with the following command: 
sudo ip netns exec protected sudo -u myuser -i
Running transmission-daemon from this shell also works. Trying to automate this process I created the unit file /lib/systemd/system/transmission-daemon-vpn.service: 
[Unit]
Description=Transmission BitTorrent Daemon in VPN Tunnel
After=namespaced-openvpn.service

[Service]
User=root
Type=notify
ExecStart=ip netns exec protected /usr/bin/sudo -u myuser /usr/bin/transmission-daemon -f --log-error
#ExecStart=/usr/bin/transmission-daemon -f --log-error
ExecStop=/bin/kill -s STOP $MAINPID
ExecReload=/bin/kill -s HUP $MAINPID
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target
Using the commented line as ExecStart works, but is not using the VPN of course. Leaving out /usr/bin/sudo -u myuser also works but I need the daemon to run as a specific user. ## Problem ## Starting transmission-daemon-vpn fails with following error: 
Job for transmission-daemon-vpn.service failed because a timeout was exceeded.
See "systemctl status transmission-daemon-vpn.service" and "journalctl -xe" for details.
--- 
# systemctl status transmission-daemon-vpn.service
● transmission-daemon-vpn.service - Transmission BitTorrent Daemon in VPN Tunnel
     Loaded: loaded (/lib/systemd/system/transmission-daemon-vpn.service; disabled; vendor preset: enabled)
     Active: failed (Result: timeout) since Wed 2023-01-04 16:13:16 CET; 7min ago
    Process: 8116 ExecStart=ip netns exec protected /usr/bin/sudo -u myuser /usr/bin/transmission-daemon -f --log-error (code=exited, status=0/SUCCESS)
   Main PID: 8116 (code=exited, status=0/SUCCESS)
        CPU: 6.936s

Jan 04 16:11:42 nas systemd: Starting Transmission BitTorrent Daemon in VPN Tunnel...
Jan 04 16:11:42 nas sudo:     root : PWD=/ ; USER=myuser ; COMMAND=/usr/bin/transmission-daemon -f --log-error
Jan 04 16:11:42 nas sudo: pam_unix(sudo:session): session opened for user myuser(uid=1000) by (uid=0)
Jan 04 16:13:12 nas systemd: transmission-daemon-vpn.service: start operation timed out. Terminating.
Jan 04 16:13:16 nas ip: Closing transmission session... done.
Jan 04 16:13:16 nas sudo: pam_unix(sudo:session): session closed for user myuser
Jan 04 16:13:16 nas systemd: transmission-daemon-vpn.service: Failed with result 'timeout'.
Jan 04 16:13:16 nas systemd: Failed to start Transmission BitTorrent Daemon in VPN Tunnel.
Jan 04 16:13:16 nas systemd: transmission-daemon-vpn.service: Consumed 6.936s CPU time.
Asked by HighDraw (1 rep)
Jan 4, 2023, 03:35 PM
Last activity: Jan 11, 2023, 10:40 PM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Unix & Linux Stack Exchange

More questions tagged "systemd"
More questions tagged "sudo"
More questions tagged "openvpn"
Footer Ad - 728x90