Ubuntu – How to automatically create a runtime folder with a systemd service or tmpfiles.d

pythonsocketsystemdUbuntu

I'm trying to create a runtime folder at /run/gunicorn for some Gunicorn socket / PID files, which are for a Django application. I can get everything working if I manually create directories. However, I'm trying to make this a robust setup, and eventually use Ansible to automate everything.

I think I have 2 options, based on this question.

Option 1 – RuntimeDirectory

I think the first option is to use RuntimeDirectory= within my systemd service file, but I can't get it to create the folder. The service files contains:

#/etc/systemd/system/gunicorn_django_test.service
[Unit]
Description=gunicorn_django daemon
After=network.target

[Service]
User=gunicorn
Group=www-data
RuntimeDirectory=gunicorn #This line is supposed to create a directory
RuntimeDirectoryMode=755
PIDFile=/run/gunicorn/django_test_pid
WorkingDirectory=/vagrant/webapps/django_venv/django_test
ExecStart=/vagrant/webapps/django_venv/bin/gunicorn --pid /run/gunicorn/django_test_pid --workers 3 --bind unix:/run/gunicorn/django_test_socket django_test.wsgi --error-logfile /var/log/gunicorn/django_test_error.log
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target

When I run systemctl start gunicorn_django_test.service, the service fails to start. When I snip out the exec line, and run it manually, I get Error: /run/gunicorn doesn't exist. Can't create pidfile. If I create the /run/gunicorn folder manually, I can get things to work.

Option 2 – tmpfiles.d

The second option is to use tmpfiles.d to have a folder created on boot, ready for the pid / socket files. I've tried this file:

#/etc/tmpfiles.d/gunicorn.conf
d /run/gunicorn 0755 gunicorn www-data -

This creates a directory, but it is quickly deleted somehow, and by the time I start the service, the folder isn't available.

I can manually add some PreExec mkdir commands into the service file, but I'd like to get to the bottom of why RuntimeDirectory / tmpfiles.d aren't working. Thanks.

Versions / Info:
Ubuntu 16.04 Server / systemd 229 / Gunicorn 19.7.1 / runtime dir = /run

Best Answer

I added in PermissionsStartOnly=True and set a runtime folder per service, as suggested. I also added 0 to the start of the folder mode.

[Unit]
Description=gunicorn_django daemon
After=network.target

[Service]
PermissionsStartOnly=True
User=gunicorn
Group=www-data
RuntimeDirectory=gunicorn_django
RuntimeDirectoryMode=0775
PIDFile=/run/gunicorn_django/django_test_pid
WorkingDirectory=/vagrant/webapps/django_venv/django_test
ExecStart=/vagrant/webapps/django_venv/bin/gunicorn --pid /run/gunicorn_django/django_test_pid --workers 3 --bind unix:/run/gunicorn_django/django_test_socket django_test.wsgi --error-logfile /var/log/gunicorn/django_test_error.log
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID

[Install]
WantedBy=multi-user.target

It's now creating a folder with the correct permissions.

drwxrwxrw-  2 gunicorn www-data   40 Mar 30 07:11 gunicorn_django/

Thanks @quixotic and @mark-stosberg

Related Solutions

Why is systemd stopping service immediately after it is started

Environment="USER=ubuntu" "Path=/home/ubuntu/console/bin" 
WorkingDirectory=/home/ubuntu/console/bin
ExecStart=/bin/sh -ec "exec /sbin/start-stop-daemon -S -c ${USER} -d ${Path} --pidfile=/var/run/console.pid --oknodo  --exec consoleExecutable " #2>/dev/null
ExecStop=/bin/sh -ec "exec /sbin/start-stop-daemon -K --quiet -c ${USER} -d ${Path} --pidfile=/var/run/console.pid  --retry=TERM/30/KILL/5 --oknodo --exec consoleExecutable" #2>/dev/null

This is almost worthy of the systemd House of Horror. Were it not the case that there's a horror story already in there that does this.

Do not use start-stop-daemon in a service unit to do all of the things that a service unit already does. With unnecessary PID files and the wrongheaded assumption that ExecStart accepts shell syntax comments, no less.

And do not do what the other answer says and try to bodge it with Type=forking. That makes things worse, not better.

The nonsense with start-stop-daemon is why things are going wrong. Because the process running start-stop-daemon does not become the service, but in fact exits pretty much imediately, systemd is thinking that your service is terminating. In your first systemctl status output, you can see that systemd is in the middle of sending SIGTERM to clean up all left-over running processes after running the ExecStop action, which is what it does when it thinks that a service has terminated.

Just do things simply:

Type=simple
WorkingDirectory=/home/ubuntu/console/bin
User=ubuntu
ExecStart=/home/ubuntu/console/bin/consoleExecutable

No ExecStop nor Environment is actually required.

Jonathan de Boyne Pollard (2015). You really don't need to daemonize. Really.. The systemd House of Horror.
Jonathan de Boyne Pollard (2016). If you have two services, define two services.. The systemd House of Horror.
Jonathan de Boyne Pollard (2015). Readiness protocol problems with Unix dæmons. Frequently Given Answers.
Systemd kills service immediately after start

Stopping systemd unit together with another. Starting works

What you are seeing here is the expected systemd behavior. The Requires= dependency will make sure mysql.service is started whenever tomcat.service starts, but once started the two units are independent and one won't be stopped when the other is.

If you really want mysql.service to be stopped when tomcat.service is, you can use the PartOf= directive which links units on stop and restart.

For the example you described (having mysql.service stop whenever tomcat.service is stopped), what you need is to add PartOf=tomcat.service to the definition of mysql.service. Usually, the best way to do so is to use an override file, which you can do with systemctl edit mysql.service which will open a text editor with an empty file, then you can add this snippet to it:

[Unit]
PartOf=tomcat.service

This will get saved in a file /etc/systemd/system/mysql.service.d/override.conf which becomes part of mysql.service, you can check that with systemctl cat mysql.service.

After those changes and a systemctl daemon-reload, this should work as you expect...

Regarding ordering, everything should work as you expect with the single After=mysql.service you have in tomcat.service, since the dependencies are respected in the reverse order when stopping services. (Which means, in this case, tomcat.service will be stopped first, followed by mysql.service.)

Stopping units this way might not be always a good idea... Perhaps a slightly better approach is to create a separate .target unit to group all services you want to control together. Perhaps something like webservices.target.

You would create that unit with contents such as:

[Unit]
Description=Web Services
Requires=tomcat.service mysql.service
After=tomcat.target mysql.service

[Install]
WantedBy=multi-user.target

And then have both tomcat.service and mysql.service set a PartOf=webservices.target, using the override mechanism described above.

Enable the target unit with systemctl enable webservices.target, and then you can start and stop both services together with systemctl start webservices.target or systemctl stop webservices.target.

Best Answer

Related Solutions

Why is systemd stopping service immediately after it is started

Further reading

Stopping systemd unit together with another. Starting works

Related Question