I have a process that I want to start when the host boots. I want that process to run as a non-root user. And I won't necessarily be around to enter a password on the tty when it starts. Here's my systemd
service file:
[Unit]
Description=Nethermind Node
Documentation=https://docs.nethermind.io
After=network.target
[Service]
User=nethermind
Group=nethermind
EnvironmentFile=/data/nethermind/.env
WorkingDirectory=/data/nethermind
ExecStart=/usr/bin/nethermind --datadir /data/nethermind
Restart=on-failure
LimitNOFILE=1000000
[Install]
WantedBy=default.target
The nethermind
user exists, is a member of the sudoers group, and has a password at present. I've also tested this when the user has no password.
What I get when I start the service (running service
as root), is this:
$ sudo service nethermind start
$ journalctl -u nethermind -f
Aug 24 03:20:45 stake sudo[1725]: pam_unix(sudo:auth): conversation failed
Aug 24 03:20:45 stake nethermind[1725]: sudo: a password is required
Aug 24 03:20:45 stake sudo[1725]: pam_unix(sudo:auth): auth could not identify password for [nethermind]
Aug 24 03:20:45 stake systemd[1]: nethermind.service: Main process exited, code=exited, status=1/FAILURE
Aug 24 03:20:45 stake systemd[1]: nethermind.service: Failed with result 'exit-code'.
Aug 24 03:20:45 stake systemd[1]: nethermind.service: Scheduled restart job, restart counter is at 5.
Aug 24 03:20:45 stake systemd[1]: Stopped Nethermind Node.
Aug 24 03:20:45 stake systemd[1]: nethermind.service: Start request repeated too quickly.
Aug 24 03:20:45 stake systemd[1]: nethermind.service: Failed with result 'exit-code'.
Aug 24 03:20:45 stake systemd[1]: Failed to start Nethermind Node.
Does this mean the executable is trying to sudo itself? It makes sense to me that it I'd need to enter a password for the nethermind
user in that case, but I want this to run non-interactively.
Is it even possible to do this?