this post was submitted on 05 Feb 2025

10 points (100.0% liked)

Linux Questions

1374 readers

1 users here now

Linux questions Rules (in addition of the Lemmy.zip rules)

stay on topic
be nice (no name calling)
do not post long blocks of text such as logs
do not delete your posts
only post questions (no information posts)

Tips for giving and receiving help

be as clear and specific
say thank you if a solution works
verify your solutions before posting them as facts.

Any rule violations will result in disciplinary actions

founded 2 years ago

MODERATORS

possiblylinux127@lemmy.zip

Execute script located in $HOME from system systemd service (lemmy.blackeco.com)

submitted 2 weeks ago by BlackEco@lemmy.blackeco.com to c/linuxquestions@lemmy.zip

21 comments fedilink hide all child comments

Hello,

I have been trying to create a system service that would run a script on shutdown (hence why I went for a system service over a user service) and landed on something like this

[Unit]
Description=Run backup script on shutdown
DefaultDependencies=no
Before=poweroff.target halt.target
Requires=network.target

[Service]
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true
ExecStop=/var/home/blackeco/scripts/backup.sh
User=blackeco
Group=blackeco

[Install]
WantedBy=poweroff.target halt.target

Unfortunately, when the shutdown occurs, systemd fails to execute the script:

backup-on-shutdown.service: Unable to locate executable '/var/home/blackeco/scripts/backup.sh': Permission denied
backup-on-shutdown.service: Failed at step EXEC spawning /var/home/blackeco/scripts/backup.sh: Permission denied

This script is correctly owned by user blackeco and permissions look fine

$ ls -la /var/home/blackeco/scripts
drwxr-xr-x. 1 blackeco blackeco 154  5 Feb. 13:50 ./
drwxr-xr-x. 1 blackeco blackeco 116  3 Feb. 13:07 ../
-rwxr-xr-x. 1 blackeco blackeco 794  4 Feb. 15:44 backup.sh*

I'm very puzzled as to why. I'm running Bluefin 41 (itself based on Fedora Silverblue 41).

top 21 comments

sorted by: hot top controversial new old

[–] BlackEco@lemmy.blackeco.com 5 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

From what I gathered from the comments, system services cannot access the home directory by design: user services should be used instead.

But since it is nearly impossible to execute a user service on shutdown, I changed my approach and went for a user service and a timer that initiates a backup every 15 minutes. Since the backups are incremental, it shouldn't take too much time nor space.

[–] ryannathans@aussie.zone 1 points 2 weeks ago* (last edited 2 weeks ago)

How long does it take to run? Can you run it on login and then execute what you need when you receive the sigkill signal?

[–] bjoern_tantau@swg-empire.de 2 points 2 weeks ago (1 children)

Can you put the script somewhere else in var? /usr/local or /opt are usually for distro-external stuff.

[–] BlackEco@lemmy.blackeco.com 1 points 2 weeks ago* (last edited 2 weeks ago)

I could, but I need the script to access my home in order to do the backup, and from what I gathered from Leaflet system services can't access it.

[–] that_leaflet@lemmy.world 2 points 2 weeks ago (1 children)

Is this a systemd user service?

[–] BlackEco@lemmy.blackeco.com 2 points 2 weeks ago (1 children)

As I said, this is a system service

[–] that_leaflet@lemmy.world 4 points 2 weeks ago (1 children)

This seems to be a systemd feature, system services can't touch home directories by default.

https://unix.stackexchange.com/a/684074

I think a user script would still work. Or you could set the flag that would let system services access your home.

[–] BlackEco@lemmy.blackeco.com 3 points 2 weeks ago

I would try ProtectHome=read-only but then restic wouldn't be able to write its local cache to ~/.restic.

I went for a user service first to make my life easier, but unfortunately you can't use targets poweroff.target and halt.target

Unit /etc/systemd/user/backup-on-shutdown.service is added as a dependency to a non-existent unit poweroff.target
Unit /etc/systemd/user/backup-on-shutdown.service is added as a dependency to a non-existent unit halt.target.

I may be in a bind then...

[–] bjoern_tantau@swg-empire.de 2 points 2 weeks ago (3 children)

I'm not familiar with Silverblue but home being in /var is sus. Usually it's in /home. But maybe it's mounted in a weird Silverblue way and gets unmounted before it runs.

But running scripts on shutdown is hard to impossible. I always wanted to run automatic updates on shutdown but they don't have networking even if the unit file requires networking. I haven't seen anyone properly manage to do that yet, so good luck. And please make a post if it does end up working. Then I will revisit my own efforts again.

[–] Telorand@reddthat.com 4 points 2 weeks ago

It's not sus at all. The reason /home is in /var is because /var and /etc are the only writeable directories on the system. There is a /home, but it's actually just a symlink to /var/home.

This is how all of the Fedora atomic systems are set up, and it's been the case for a lot of the other immutable distros I've tried. It's just a different way of doing things.

[–] whatsgoingdom@rollenspiel.forum 2 points 2 weeks ago (1 children)

If that's the reason maybe OP can add the shutdown as the last step on the script and execute the script instead of the shut down button as a work around.

[–] BlackEco@lemmy.blackeco.com 1 points 2 weeks ago (1 children)

No, I really don't want to hijack the UI for this, as it could break with a DE update. And that wouldn't work when shutting down from the console.

[–] whatsgoingdom@rollenspiel.forum 1 points 2 weeks ago* (last edited 2 weeks ago)

Doesn't have to be, e.g. I have a stream deck and mapped a script to one of the buttons. Or put it as an executable file on your desktop or wherever and use it instead of the normal shutdown button.

[–] BlackEco@lemmy.blackeco.com 2 points 2 weeks ago

I haven’t seen anyone properly manage to do that yet, so good luck.

Yes, that's the whole problem, Internet is littered with posts on running a script on shutdown but none of my attempts so far has been successful.

[–] BestBouclettes@jlai.lu 1 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

What are the permissions all the way to the script ? Can blackeco reach the script ?

[–] BlackEco@lemmy.blackeco.com 1 points 2 weeks ago (1 children)

drwxr-xr-x. 1 root root   26 28 Jan. 13:03 /var
drwxr-xr-x. 1 root root  228  3 Feb. 09:55 /var/home
drwx------. 1 blackeco blackeco 1544  5 Feb. 17:52 /var/home/blackeco
drwxr-xr-x. 1 blackeco blackeco 116  3 Feb. 13:07 /var/home/blackeco/scripts
-rwxr-xr-x. 1 blackeco blackeco 794  4 Feb. 15:44 /var/home/blackeco/scripts/backup.sh*

And yes, blackeco can reach it

[–] BestBouclettes@jlai.lu 1 points 2 weeks ago

Can you manually run the script ?

[–] Telorand@reddthat.com 1 points 2 weeks ago

This might be a weird thing with how the environment variables get passed around. I'll see if I can find my own service I wrote, but I remember having to do something with env in the ExecStart part to get my daemon to run.

Maybe you'll find a clue about that in the meantime!

[–] Kerb@discuss.tchncs.de 1 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

is your home folder actually under /var/home/... not under /home/... ?

does the scripr run correctly when you paste the full path in the comandline?

[–] that_leaflet@lemmy.world 4 points 2 weeks ago

Fedora Atomic, and by extension Universal Blue, does put the home in /var. It's to denote that the directory is mutable.

[–] BlackEco@lemmy.blackeco.com 4 points 2 weeks ago

is your home folder actually under /var/home/… not under /home/… ?

Yep, it's how Silverblue is set up

$ ls -l /home
lrwxrwxrwx. 4 root root 8 28 janv. 13:51 /home -> var/home/

does the scripr run correctly when you paste the full path in the comandline?

Yes