Arch Linux

coolguy21

Member

Registered: 2016-07-05

Posts: 87

opensnitch systemd.service

trying to get this to run @ boot with systemd service  but unsuccessful. Is there some way to do it?

From terminal it runs as:

sudo -HE opensnitchd
[sudo] password for user: 
WARNING: No route found for IPv6 destination :: (no default route?). This affects only IPv6
[2018-03-18 04:15:02,586] (INFO) Using rules database from /home/user/opensnitch.db
[2018-03-18 04:15:02,698] (INFO) OpenSnitch v0.0.2 running with pid 14415.
[2018-03-18 04:15:02,707] (INFO) Enabling ProcMon ...
[2018-03-18 04:15:02,720] (INFO) ProcMon running ...

Description=GNU/Linux port of the Little Snitch application firewall

[Service]
Type=simple
ExecStartPre= ????
ExecStart=/usr/bin/opensnitchd -i %I -Q


[Install]
WantedBy=multi-user.target

Trilby

Inspector Parrot

Registered: 2011-11-29

Posts: 29,524

Website

Re: opensnitch systemd.service

What does "unsuccessful" mean?  What have you tried, what was the result, what errors do you get?

Is that what you actually use for a service file?  That clearly will not work, where did you get that?

Last edited by Trilby (2018-03-18 01:47:38)

---

"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

coolguy21

Member

Registered: 2016-07-05

Posts: 87

Re: opensnitch systemd.service

yes apologies i should have put more info.  So when i try to run the service i get the following error.

[user@jack system]$ systemctl status opensnitch.service
● opensnitch.service - GNU/Linux port of the Little Snitch application firewall
   Loaded: loaded (/etc/systemd/system/opensnitch.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sun 2018-03-18 15:50:13 +03; 7s ago
  Process: 20695 ExecStart=/usr/bin/opensnitchd (code=exited, status=1/FAILURE)
 Main PID: 20695 (code=exited, status=1/FAILURE)

Mar 18 15:50:13 jack systemd[1]: Started GNU/Linux port of the Little Snitch application firewall.
Mar 18 15:50:13 jack opensnitchd[20695]: WARNING: No route found for IPv6 destination :: (no default route?). This affects only IPv6
Mar 18 15:50:13 jack opensnitchd[20695]: Traceback (most recent call last):
Mar 18 15:50:13 jack opensnitchd[20695]:   File "/usr/bin/opensnitchd", line 77, in <module>
Mar 18 15:50:13 jack opensnitchd[20695]:     raise RuntimeError('DBUS_SESSION_BUS_ADDRESS not set')
Mar 18 15:50:13 jack opensnitchd[20695]: RuntimeError: DBUS_SESSION_BUS_ADDRESS not set
Mar 18 15:50:13 jack systemd[1]: opensnitch.service: Main process exited, code=exited, status=1/FAILURE
Mar 18 15:50:13 jack systemd[1]: opensnitch.service: Failed with result 'exit-code'.

a DBUS error. This is what happens if you run the deamon directly.
On terminal if I issue command sudo -HE and then the deamon as per my previous post it runs correctly.
So I wanted to know if I could append the "sudo -HE" before opensnitchd into a systemd .service file or if there is any other way to do it.

Last edited by coolguy21 (2018-03-18 13:00:18)

coolguy21

Member

Registered: 2016-07-05

Posts: 87

Re: opensnitch systemd.service

That clearly will not work, where did you get that?

I found it here: https://bbs.archlinux.org/viewtopic.php?id=227294
Actually  you have also posted in that thread.

Trilby

Inspector Parrot

Registered: 2011-11-29

Posts: 29,524

Website

Re: opensnitch systemd.service

Figure out what in your environment needs to be passed (that's sudo's -E' flag) then add that to the service file.

Yes, I did post in that other thread, and there is a service file there, but it doesn't even slightly resemble what you put in your first post.

---

"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

coolguy21

Member

Registered: 2016-07-05

Posts: 87

Re: opensnitch systemd.service

Ummm,, yeah... thats kinds what I need help with.. figuring how it's done and I'm lost.

Last edited by coolguy21 (2018-03-18 15:49:02)

Trilby

Inspector Parrot

Registered: 2011-11-29

Posts: 29,524

Website

Re: opensnitch systemd.service

Then perhaps you should start with the service file in the other thread - I don't know if it will work perfectly, but it is actually a service file: what you have in your first post is garbled nonsense.  First, it needs a [Unit] section.  Next "ExecStartPre= ????" will not work.  The obvious solution is to delete that line, but why is it there in the first place, what is your thinking, where did it come from (again)?  Third, why do you include the %I in the ExecStart command line, does this service file accept instances, is it named with a '@' at the end of the name, do you start it with an instance parameter?

---

"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

coolguy21

Member

Registered: 2016-07-05

Posts: 87

Re: opensnitch systemd.service

ok I've got it to start up now with the following ($ARG4 just passes "--debug" to it): The Problem now is it's quitting as soon as it starts. See .service log below.

[Unit]
Description=GNU/Linux port of the Little Snitch application firewall

[Service]
EnvironmentFile=/etc/environment
ExecStart=/usr/bin/opensnitchd $ARG4


[Install]
WantedBy=multi-user.target

● opensnitch.service - GNU/Linux port of the Little Snitch application firewall
   Loaded: loaded (/etc/systemd/system/opensnitch.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2018-03-19 23:36:24 +03; 1s ago
 Main PID: 3415 (opensnitchd)
    Tasks: 3 (limit: 4915)
   Memory: 43.2M
   CGroup: /system.slice/opensnitch.service
           └─3415 /usr/bin/python /usr/bin/opensnitchd --debug

Mar 19 23:36:24  systemd[1]: Started GNU/Linux port of the Little Snitch application firewall.
Mar 19 23:36:24  opensnitchd[3415]: WARNING: No route found for IPv6 destination :: (no default route?). This affects only IPv6
Mar 19 23:36:24  opensnitchd[3415]: [2018-03-19 23:36:24,565] (INFO) Using rules database from /root/opensnitch.db
Mar 19 23:36:24  opensnitchd[3415]: [2018-03-19 23:36:24,566] (INFO) OpenSnitch v0.0.2 running with pid 3415.
Mar 19 23:36:24  opensnitchd[3415]: [2018-03-19 23:36:24,566] (INFO) Enabling ProcMon ...
Mar 19 23:36:24  opensnitchd[3415]: [2018-03-19 23:36:24,581] (INFO) ProcMon running ...
Mar 19 23:36:24  opensnitchd[3415]: [2018-03-19 23:36:24,585] (INFO) Quitting ...
Mar 19 23:36:24  opensnitchd[3415]: [2018-03-19 23:36:24,585] (INFO) Disabling ProcMon ...

Trilby

Inspector Parrot

Registered: 2011-11-29

Posts: 29,524

Website

Re: opensnitch systemd.service

So the working version uses `/home/user/opensnitch.db` while the failing version uses `/root/opensnitch.db`.  Did you copy the db over to the root folder?

---

"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman