To create new wiki account, please join us on #znc at freenode and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.

Difference between revisions of "Running ZNC as a system daemon"

From ZNC
Jump to: navigation, search
m (Reshuffled to make the order more apparent. Also modified the `adduser` line to be more secure and parallel the package manager.)
(Making a new home)
(20 intermediate revisions by 7 users not shown)
Line 1: Line 1:
'''Note: if you just want to run ZNC automatically, when server is turned on, look [[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]] instead.
+
__TOC__
  
To have ZNC run at boot time as a system daemon we will create a user and group to run ZNC from a configuration we created and then called at each time the system boots. All the commands are expected to run as an administrator.
+
'''Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look <u>[[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]]</u> instead.
  
* Create a new system user with accompanying group and a shell that cannot be used to login with:
+
==New User==
  adduser --system --group znc -s /sbin/nologin znc
+
 
 +
'''Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look <u>[[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]]</u> instead.
 +
 
 +
We first create a new user so that there is a separation of concerns. This separation gives us many security benefits. The new user will have a shell that cannot be logged into so there is no threat of a remote attack or someone sitting at the computer. Also the user will have reduced privileges and therefore can only access files for which it has ownership or is part of the group. We create this new user by issuing the following command (I added a comment field for later system administrators):
 +
  sudo useradd --create-home -d /var/lib/znc --system --shell /sbin/nologin --comment "Account to run ZNC daemon" --user-group znc
 +
 
 +
Though we cannot ourselves login to this user, we can have the system assign the user a process. This also helps identify who is running which processes in the "Task Manager" per se. Creating a new user is not necessary, but as you can see there are many reasons for doing so.
 +
 
 +
===Making a new home===
 +
 
 +
'''Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look <u>[[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]]</u> instead.
 +
 
 +
Now that we have a new user, we have to create the data directory that our ZNC server will store its configurations. Since our initialization scripts will be looking for the configuration in <code>/var/lib/znc</code> that's where we have to tell ZNC to make them.
 
* Make the configuration we will run at startup:
 
* Make the configuration we will run at startup:
 
  sudo -u znc /usr/bin/znc --datadir=/var/lib/znc --makeconf
 
  sudo -u znc /usr/bin/znc --datadir=/var/lib/znc --makeconf
* Install an init file:
+
 
# create a file <code>/etc/init.d/znc</code> with the following content:
+
* Ensure the config file in <code>/var/lib/znc/config/znc.conf</code> instructs ZNC to create a PID file:
 +
 
 +
echo "PidFile = /var/run/znc/znc.pid" | sudo su - znc -s /bin/bash -c "tee -a /var/lib/znc/configs/znc.conf"
 +
 
 +
==Create the <code>init.d</code> Scripts==
 +
 
 +
'''Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look <u>[[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]]</u> instead.
 +
 
 +
Once our new user and configuration files have been created, we have to create the initialization script. These scripts might have already been created for you by the package manager. There are two main platforms for Linux, Fedora and Debian. Fedora is like your CentOS and Red Hat distros, while Debian's most notable distro is Ubuntu. There is a difference between the two scripts, so only use the one you need.
 +
===Fedora-based machines===
 +
 
 +
'''Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look <u>[[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]]</u> instead.
 +
 
 +
'''Fedora has used systemd since Fedora 15 and CentOS since CentOS 7.'''
 +
 
 +
* Here is the <code>/etc/init.d/znc</code> for Fedora-based machines:
 +
#!/bin/sh
 +
#
 +
# znc - Advanced IRC Bouncer INIT script #
 +
# description: An Advanced IRC bouncer INIT script for
 +
# Source function library.
 +
. /etc/rc.d/init.d/functions
 +
 +
exec=/usr/bin/znc
 +
prog=znc
 +
config=/var/lib/znc
 +
runas=znc
 +
 +
lockfile=/var/lock/subsys/$prog
 +
 +
start() {
 +
[ -x $exec ] || exit 5
 +
echo -n $"Starting $prog: "
 +
# if not running, start it up here, usually something like "daemon $exec"
 +
daemon --user $runas "$exec -d $config >/dev/null 2>&1"
 +
# If you're reckless with your system, comment the line above and
 +
# uncomment this one below... I just don't get it why
 +
# daemon "$exec -r -d $config >/dev/null 2>&1"
 +
retval=$?
 +
echo
 +
[ $retval -eq 0 ] && touch $lockfile
 +
return $retval
 +
}
 +
 +
stop() {
 +
echo -n $"Stopping $prog: "
 +
# stop it here, often "killproc $prog"
 +
killproc $prog -TERM
 +
retval=$?
 +
echo
 +
[ $retval -eq 0 ] && rm -f $lockfile
 +
return $retval
 +
}
 +
 +
reload() {
 +
echo -n $"Reloading $prog: "
 +
# stop it here, often "killproc $prog"
 +
killproc $prog -HUP
 +
retval=$?
 +
echo
 +
}
 +
 +
restart() {
 +
stop
 +
start
 +
}
 +
 +
rh_status() {
 +
# run checks to determine if the service is running or use generic status
 +
status $prog
 +
}
 +
 +
rh_status_q() {
 +
rh_status >/dev/null 2>&1
 +
}
 +
 +
case "$1" in
 +
start)
 +
rh_status_q && exit 0
 +
$1
 +
;;
 +
stop)
 +
rh_status_q || exit 0
 +
$1
 +
;;
 +
restart)
 +
$1
 +
;;
 +
reload)
 +
rh_status_q || exit 7
 +
$1
 +
;;
 +
status)
 +
rh_status
 +
;;
 +
condrestart|try-restart)
 +
rh_status_q || exit 0
 +
restart
 +
;;
 +
*)
 +
echo $"Usage: $0 {start|stop|status|reload|restart|condrestart|try-restart}"
 +
exit 2
 +
esac
 +
exit $?
 +
 
 +
===Debian-based machines===
 +
 
 +
'''Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look <u>[[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]]</u> instead.
 +
 
 +
'''Debian has used systemd since Debian 7, Ubuntu since 15.04.'''
 +
 
 +
* Here is the <code>/etc/init.d/znc</code> for Debian-based machines:
 
  #! /bin/sh
 
  #! /bin/sh
 
  ### BEGIN INIT INFO
 
  ### BEGIN INIT INFO
Line 147: Line 270:
 
  esac
 
  esac
 
   
 
   
:
+
After you've created the script, you must give it the proper permissions to run
# Give the right permissions to this file:
+
  sudo chmod 755 /etc/init.d/znc
  chmod 755 /etc/init.d/znc
+
 
# Execute:
+
==Get the daemon up and running==
update-rc.d znc defaults
 
  
 +
'''Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look <u>[[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]]</u> instead.
  
Now that all the pieces are in place you can now start the service yourself or restart the computer for the daemon to take its place.
+
Everything is now in place! Once we insert the daemon, you can either start the service yourself (as shown below) or restart the computer for the daemon to take its place.
  
 +
* Insert the script into the boot sequence:
 +
sudo update-rc.d znc defaults    # For Debian systems
 
* Start the service:
 
* Start the service:
  service znc start
+
  sudo service znc start
 
* Verify that the service is running:
 
* Verify that the service is running:
  service znc status
+
  sudo service znc status
 +
 
 +
== systemd ==
 +
 
 +
'''Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look <u>[[FAQ#How_can_I_restart_ZNC_automatically_.28in_case_of_a_machine_reboot.2C_crash.2C_etc..29.3F|here]]</u> instead.
 +
 
 +
=== Create the systemd unit===
 +
 
 +
* Create the file <code>/etc/systemd/system/znc.service</code> (system service) or <code>~/.config/systemd/user/znc.service</code> (user service).
 +
 
 +
<pre>
 +
[Unit]
 +
Description=ZNC, an advanced IRC bouncer
 +
After=network-online.target
 +
   
 +
[Service]
 +
ExecStart=/usr/bin/znc -f --datadir=/var/lib/znc
 +
User=znc
 +
   
 +
[Install]
 +
WantedBy=multi-user.target
 +
</pre>
 +
 
 +
=== Start the systemd unit and enable it for running on boot ===
 +
 
 +
With system service run:
 +
sudo systemctl start znc.service
 +
sudo systemctl enable znc.service
 +
 
 +
With user service run:
 +
systemctl --user start znc.service
 +
systemctl --user enable znc.service
 +
 
 +
In case you edit the file, you may need to run <code>systemctl daemon-reload</code> or <code>systemctl --user daemon-reload</code>. ''start'' starts the service now and ''enable'' starts it on boot.
 +
 
 +
'''NOTE to user services:''' enabled user services are started when the user logins and killed when the last session of user quits. To start user services on boot and keep them running after the last session is closed: <code>sudo loginctl enable-linger username</code>.

Revision as of 20:32, 7 April 2017

Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look here instead.

New User

Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look here instead.

We first create a new user so that there is a separation of concerns. This separation gives us many security benefits. The new user will have a shell that cannot be logged into so there is no threat of a remote attack or someone sitting at the computer. Also the user will have reduced privileges and therefore can only access files for which it has ownership or is part of the group. We create this new user by issuing the following command (I added a comment field for later system administrators):

sudo useradd --create-home -d /var/lib/znc --system --shell /sbin/nologin --comment "Account to run ZNC daemon" --user-group znc

Though we cannot ourselves login to this user, we can have the system assign the user a process. This also helps identify who is running which processes in the "Task Manager" per se. Creating a new user is not necessary, but as you can see there are many reasons for doing so.

Making a new home

Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look here instead.

Now that we have a new user, we have to create the data directory that our ZNC server will store its configurations. Since our initialization scripts will be looking for the configuration in /var/lib/znc that's where we have to tell ZNC to make them.

  • Make the configuration we will run at startup:
sudo -u znc /usr/bin/znc --datadir=/var/lib/znc --makeconf
  • Ensure the config file in /var/lib/znc/config/znc.conf instructs ZNC to create a PID file:
echo "PidFile = /var/run/znc/znc.pid" | sudo su - znc -s /bin/bash -c "tee -a /var/lib/znc/configs/znc.conf"

Create the init.d Scripts

Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look here instead.

Once our new user and configuration files have been created, we have to create the initialization script. These scripts might have already been created for you by the package manager. There are two main platforms for Linux, Fedora and Debian. Fedora is like your CentOS and Red Hat distros, while Debian's most notable distro is Ubuntu. There is a difference between the two scripts, so only use the one you need.

Fedora-based machines

Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look here instead.

Fedora has used systemd since Fedora 15 and CentOS since CentOS 7.

  • Here is the /etc/init.d/znc for Fedora-based machines:
#!/bin/sh
#
# znc - Advanced IRC Bouncer INIT script #
# description: An Advanced IRC bouncer INIT script for
# Source function library.
. /etc/rc.d/init.d/functions

exec=/usr/bin/znc
prog=znc
config=/var/lib/znc
runas=znc

lockfile=/var/lock/subsys/$prog

start() {
	[ -x $exec ] || exit 5
	echo -n $"Starting $prog: "
	# if not running, start it up here, usually something like "daemon $exec"
	daemon --user $runas "$exec -d $config >/dev/null 2>&1"
	# If you're reckless with your system, comment the line above and
	# uncomment this one below... I just don't get it why
	# daemon "$exec -r -d $config >/dev/null 2>&1"
	retval=$?
	echo
	[ $retval -eq 0 ] && touch $lockfile
	return $retval
}

stop() {
	echo -n $"Stopping $prog: "
	# stop it here, often "killproc $prog"
	killproc $prog -TERM
	retval=$?
	echo
	[ $retval -eq 0 ] && rm -f $lockfile
	return $retval
}

reload() {
	echo -n $"Reloading $prog: "
	# stop it here, often "killproc $prog"
	killproc $prog -HUP
	retval=$?
	echo
}

restart() {
	stop
	start
}

rh_status() {
	# run checks to determine if the service is running or use generic status
	status $prog
}

rh_status_q() {
	rh_status >/dev/null 2>&1
}

case "$1" in
	start)
		rh_status_q && exit 0
		$1
		;;
	stop)
		rh_status_q || exit 0
		$1
		;;
	restart)
		$1
		;;
	reload)
		rh_status_q || exit 7
		$1
		;;
	status)
		rh_status
		;;
	condrestart|try-restart)
		rh_status_q || exit 0
		restart
		;;
	*)
		echo $"Usage: $0 {start|stop|status|reload|restart|condrestart|try-restart}"
		exit 2
esac
exit $?

Debian-based machines

Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look here instead.

Debian has used systemd since Debian 7, Ubuntu since 15.04.

  • Here is the /etc/init.d/znc for Debian-based machines:
#! /bin/sh
### BEGIN INIT INFO
# Provides:          znc
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: ZNC IRC bouncer
# Description:       ZNC is an IRC bouncer
### END INIT INFO
 
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="ZNC daemon"
NAME=znc
DAEMON=/usr/bin/$NAME
DATADIR=/var/lib/znc
DAEMON_ARGS="--datadir=$DATADIR"
PIDDIR=/var/run/znc
PIDFILE=$PIDDIR/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
USER=znc
GROUP=znc

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
# and status_of_proc is working.
. /lib/lsb/init-functions

#
# Function that starts the daemon/service
#
do_start()
{
	# Return
	#   0 if daemon has been started
	#   1 if daemon was already running
	#   2 if daemon could not be started
	if [ ! -d $PIDDIR ]
	then
		mkdir $PIDDIR
	fi
	chown $USER:$GROUP $PIDDIR
	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test --chuid $USER > /dev/null || return 1
	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --chuid $USER -- $DAEMON_ARGS > /dev/null || return 2
}

#
# Function that stops the daemon/service
#
do_stop()
{
	# Return
	#   0 if daemon has been stopped
	#   1 if daemon was already stopped
	#   2 if daemon could not be stopped
	#   other if a failure occurred
	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME --chuid $USER
	RETVAL="$?"
	[ "$RETVAL" = 2 ] && return 2
	# Wait for children to finish too if this is a daemon that forks
	# and if the daemon is only ever run from this initscript.
	# If the above conditions are not satisfied then add some other code
	# that waits for the process to drop all resources that could be
	# needed by services started subsequently.  A last resort is to
	# sleep for some time.
	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON --chuid $USER
	[ "$?" = 2 ] && return 2
	# Many daemons don't delete their pidfiles when they exit.
	rm -f $PIDFILE
	return "$RETVAL"
}

#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
	start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME --chuid $USER
	return 0
}

case "$1" in
  start)
	[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
	do_start
	case "$?" in
		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
	esac
	;;
  stop)
	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
	do_stop
	case "$?" in
		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
	esac
	;;
  status)
	status_of_proc -p $PIDFILE "$DAEMON" "$NAME" && exit 0 || exit $?
	;;
  reload)
	log_daemon_msg "Reloading $DESC" "$NAME"
	do_reload
	log_end_msg $?
	;;
  restart)
	log_daemon_msg "Restarting $DESC" "$NAME"
	do_stop
	case "$?" in
	  0|1)
		do_start
		case "$?" in
			0) log_end_msg 0 ;;
			1) log_end_msg 1 ;; # Old process is still running
			*) log_end_msg 1 ;; # Failed to start
		esac
		;;
	  *)
		# Failed to stop
		log_end_msg 1
		;;
	esac
	;;
  *)
	echo "Usage: $SCRIPTNAME {status|start|stop|reload|restart}" >&2
	exit 3
	;;
esac

After you've created the script, you must give it the proper permissions to run

sudo chmod 755 /etc/init.d/znc

Get the daemon up and running

Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look here instead.

Everything is now in place! Once we insert the daemon, you can either start the service yourself (as shown below) or restart the computer for the daemon to take its place.

  • Insert the script into the boot sequence:
sudo update-rc.d znc defaults    # For Debian systems
  • Start the service:
sudo service znc start
  • Verify that the service is running:
sudo service znc status

systemd

Note: if you just want to run ZNC automatically, when server is turned on, don't use this page, look here instead.

Create the systemd unit

  • Create the file /etc/systemd/system/znc.service (system service) or ~/.config/systemd/user/znc.service (user service).
[Unit]
Description=ZNC, an advanced IRC bouncer
After=network-online.target
     
[Service]
ExecStart=/usr/bin/znc -f --datadir=/var/lib/znc
User=znc
     
[Install]
WantedBy=multi-user.target

Start the systemd unit and enable it for running on boot

With system service run:

sudo systemctl start znc.service
sudo systemctl enable znc.service

With user service run:

systemctl --user start znc.service
systemctl --user enable znc.service

In case you edit the file, you may need to run systemctl daemon-reload or systemctl --user daemon-reload. start starts the service now and enable starts it on boot.

NOTE to user services: enabled user services are started when the user logins and killed when the last session of user quits. To start user services on boot and keep them running after the last session is closed: sudo loginctl enable-linger username.