I'm trying to run a flask app with Nginx and Gunicorn on Fedora 37. Part of this involves creating a Systemd unit file, thus:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=pretox
Group=pretox
WorkingDirectory=/home/pretox/ptox-metadata-manager
ExecStart=/home/pretox/ptox-metadata-manager/gunicorn_start
[Install]
WantedBy=multi-user.target
Here's the script that's called:
#!/usr/bin/env bash
. /home/pretox/ptox-metadata-manager/virtualenv/bin/activate
/home/pretox/ptox-metadata-manager/virtualenv/bin/gunicorn --timeout 120 --name ptox-metdata-manager --user pretox --group pretox --log-level debug --error-logfile /home/pretox/ptox-metadata-manager/error.log --bind unix:/home/pretox/ptox-metadata-manager/ptox-metadata-manager.socket wsgi:app
Systemd is not willing to start Gunicorn:
× gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; preset: disabled)
Active: failed (Result: exit-code) since Wed 2023-01-25 09:51:22 GMT; 3s ago
Duration: 4ms
Process: 52572 ExecStart=/home/pretox/ptox-metadata-manager/gunicorn_start (code=exited, status=203/EXEC)
Main PID: 52572 (code=exited, status=203/EXEC)
CPU: 1ms
Jan 25 09:51:22 catoblepas systemd[1]: Started gunicorn.service - gunicorn daemon.
Jan 25 09:51:22 catoblepas systemd[52572]: gunicorn.service: Failed to locate executable /home/pretox/ptox-metadata-manager/gunicorn_start: Permission denied
Jan 25 09:51:22 catoblepas systemd[52572]: gunicorn.service: Failed at step EXEC spawning /home/pretox/ptox-metadata-manager/gunicorn_start: Permission denied
Jan 25 09:51:22 catoblepas systemd[1]: gunicorn.service: Main process exited, code=exited, status=203/EXEC
Jan 25 09:51:22 catoblepas systemd[1]: gunicorn.service: Failed with result 'exit-code'.
I'm not sure why permission should be denied here. Could it be SELinux interfering?
(virtualenv) [pretox@development ptox-metadata-manager]$ ls -Z gunicorn_start
unconfined_u:object_r:user_home_t:s0 gunicorn_start
If I run the command line from the gunicorn_start script then it starts up and Nginx is able to proxy to it.
CodePudding user response:
The answer turns out to be moving the bash script to /usr/local/bin, as described here; https://unix.stackexchange.com/questions/664811/systemd-service-failing-with-exit-code-status-203-exec