:: krowemoh

Thursday | 26 DEC 2024
Posts Links Other About Now
previous
next

systemd Core Dump

2024-12-07
sysadmin

I wrote a systemd unit file for NetExtender so that I can manage my vpn connection using systemctl. I ended up running into a strange issue where the unit file would result in a core dump.

This was unusual because the unit file was simple and I already knew the vpn was capable of running from the foreground.

[Unit]
Description=NetExtender VPN Client
After=network-online.target
Wants=network-online.target

[Service]
ExecStart=/sbin/netExtender -u username -p password -d domain -s ip.addr.ess:port --auto-reconnect --always-trust
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

I would then try to start the process:

systemctl restart netextender.service

This would result in a core dump immediately.

I tried copy pasting the command in ExecStart and running it but that would work fine.

I realized that systemd must be running things in a different environment that a logged in user. This is the same issue with crontab entries where they get run in a slightly different context.

I could check if this was the case by having my command run in an empty environment.

env -i /sbin/netExtender -u username -p password -d domain -s ip.addr.ess:port

This immediately return with:

sh: -c: line 1: mkdir -p (null)/.netExtenderCerts/PUB_CERT'
Segmentation fault (core dumped)

Netextender was trying to use a folder called .netExtenderCerts, however it was trying to create it under null. The HOME environment variable wasn't set and so netExtender didn't have anywhere to create that folder.

Really it should have checked to see that the HOME env was set as currently the command is trying to create a directory under null.

The solution was to add HOME to the environment in the unit file:

[Unit]
Description=NetExtender VPN Client
After=network-online.target
Wants=network-online.target

[Service]
Environment="HOME=/root"
ExecStart=/sbin/netExtender -u username -p password -d domain -s ip.addr.ess:port --auto-reconnect --always-trust
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

After this, I could then start up the vpn using systemctl.