I have a process that I want to start when the host boots. I want that process to run as a non-root user. And I won't necessarily be around to enter a password on the tty when it starts. Here's my systemd service file:

[Unit]

Description=Nethermind Node

Documentation=https://docs.nethermind.io

After=network.target



[Service]

User=nethermind

Group=nethermind

EnvironmentFile=/data/nethermind/.env

WorkingDirectory=/data/nethermind

ExecStart=/usr/bin/nethermind --datadir /data/nethermind

Restart=on-failure

LimitNOFILE=1000000



[Install]

WantedBy=default.target

The nethermind user exists, is a member of the sudoers group, and has a password at present. I've also tested this when the user has no password.

What I get when I start the service (running service as root), is this:

$ sudo service nethermind start

$ journalctl -u nethermind -f

Aug 24 03:20:45 stake sudo[1725]: pam_unix(sudo:auth): conversation failed

Aug 24 03:20:45 stake nethermind[1725]: sudo: a password is required

Aug 24 03:20:45 stake sudo[1725]: pam_unix(sudo:auth): auth could not identify password for [nethermind]

Aug 24 03:20:45 stake systemd[1]: nethermind.service: Main process exited, code=exited, status=1/FAILURE

Aug 24 03:20:45 stake systemd[1]: nethermind.service: Failed with result 'exit-code'.

Aug 24 03:20:45 stake systemd[1]: nethermind.service: Scheduled restart job, restart counter is at 5.

Aug 24 03:20:45 stake systemd[1]: Stopped Nethermind Node.

Aug 24 03:20:45 stake systemd[1]: nethermind.service: Start request repeated too quickly.

Aug 24 03:20:45 stake systemd[1]: nethermind.service: Failed with result 'exit-code'.

Aug 24 03:20:45 stake systemd[1]: Failed to start Nethermind Node.

Does this mean the executable is trying to sudo itself? It makes sense to me that it I'd need to enter a password for the nethermind user in that case, but I want this to run non-interactively.

Is it even possible to do this?