Linux: service does not start with a custom base-path #759
Comments
I mean the node is telling you exactly what the problem is. The path needs to be writable. What kind of documentation would you have expected? |
|
The thing is the systemd configuration is shipped with the deb/rpm package. The hardening of the systemd (ProtectSystem=strict) configuration makes it impossible to run polkadot outside of default base-path without modifying the systemd configuration file. I am trying to use a documented option of the program that is incompatible with the service configuration so I figured this a bug ? |
|
Maybe something that should be documented in the polkadot wiki? |
|
I think the wiki does not have a doc about installing polkadot from the parity debian repository, only manually running the binary. |
Maybe could still be added? Could you maybe create some pr to the polkadot wiki? Or some docs to the polkadot Readme. |
|
I'm also struggling with this issue on RockyLinux 8.5. I tried to add
to polkadot.service, but it doesn't fix the problem. I'm not fluent enough with systemd to fix this issue; helpful wiki entry highly appreciated. |
Did you issue a |
yes, but still not working. here's the service file: ` [Service] ExecStart=/home/polkadot/bin/polkadot --base-path /mnt/blockchain/polkadot/ --ws-external --rpc-external --rpc-cors all Restart=always [Install] result:
I just downloaded the polkadot binary from here, not installed as RPM package. |
What are the permissions on /mnt/ /mnt/blockchain and /mnt/blockchain/polkadot/ ? can you provide the output of an |
|
[polkadot@host mnt]$ ls -lh works perfectly when started as user polkadot in its $HOME directory. |
Do you have selinux enabled ? ( Actually you dont need to add |
I have created a PR on the wiki w3f/polkadot-wiki#4012 |
|
ooops! disabling selinux after an installation is pretty much the first thing I usually do, but in this case I forgot ... now it works, thanks! I tried to install from the rpm package, but dnf/rpm did not accept the PGP key. |
* Remove apps & incentivized channel from parachain (paritytech#753) * Remove apps & incentivized channel from parachain * Fix formatting * Remove incentivized channel & channel ID from relayer (paritytech#756) * Remove incentivized channel from relayer Will regenerate the bindings in contracts/ in the Solidity PR. Still TODO: - Remove mapping in: - relayer/cmd/fetch_messages.go - relayer/relays/ethereum/ethereum-listener.go - Remove redundant imports of github.com/ethereum/go-ethereum/core/types - Remove channel ID in relayer/relays/parachain/query_events.go - Remove other occurrences of channelId: rg -i channelid | sed -r 's/([^:]*):.*/\1/' | uniq | rg -v ^contracts/ - Replace Events with BasicChannelEvent in relayer/relays/parachain/query_events.go - Remove unused relays/parachain/storage_key.go * Remove address-method mapping for basic channel * Remove redundant import * Remove unused module storage_key * Remove channelID * Replace Events struct with BasicChannelEvent * Remove incentivized channel, apps, channel ID & sundry from contracts (paritytech#757) * Remove incentivized channel * Remove deprecated prettier option Deprecated in prettier-plugin-solidity 1.0.0: NomicFoundation/hardhat-vscode#367 (comment) The comment above indicates that solhint might have a rule for this, but it doesn't look like there is one yet: https://protofire.github.io/solhint/ * Remove apps * Remove channel id * Remove unused OpaqueProof * Regenerate contract bindings * Replace necessary contracts * Fix generated contract bindings Remove incentivized channel bindings & keep generating OpaqueProof. * Move log & mining settings to Hardhat config * Remove other references to apps & custom token * Remove incentivized channel and apps from test & cleanup (paritytech#759) * Remove app and incentivized channel from tests This also removes all existing tests, since they all depend on the apps. * Remove channelID * Remove some remaining references Still need to decide on the docs/ and core/packages/api/ directories. * Remove asset-registry pallet Not removing the assets pallet yet, as it's still used by the XCM pallet. * Reorder params to match other runtimes Makes diffs between the runtimes cleaner. * Remove detect-fork script * Remove helper code in src/ * Keep src/ directory * Convert MessageId to struct
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.137 to 1.0.138. - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](serde-rs/serde@v1.0.137...v1.0.138) --- updated-dependencies: - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Hello !
When running with a different base-path than
/home/polkadotthe service does not start because of theProtectSystem=strict.To fix this I had to add the flag
ReadWritePaths=/mypathon the systemd configuration file. Maybe a new variable can be created on the/etc/default/polkadotfile for this case or maybe a bit of documentation to avoid the head scratching as to why the service does not start, here are the logs when I had the issue:The text was updated successfully, but these errors were encountered: