Syncthing on Linux with Systemd Service: User Account Questions?

I’m following the guide on setting up syncthing on Linux as a systemd service. I’ve created a user account (called syncthing) and as I normally do with service accounts, set the home directory to /nonexistant. When I try to start the service it fails, and when I check syslog I see this:

syncthing[518586]: WARNING: Failure on home directory: mkdir /nonexistent: permission denied

I then made “/etc/syncthing” and chowned it to syncthing, then modified the user so that’s the home directory. Upon starting, I now get this:

WARNING: Failure on home directory: mkdir /etc/syncthing/.config: read-only file system

This is not true, that’s on my / which is rw:

/dev/sda1 on / type ext4 (rw,relatime,errors=remount-ro,commit=600)

Also, the permissions on /etc/syncthing are the following:

4.0K drwxr-xr-x  2 syncthing syncthing 4.0K Mar 30 11:31 syncthing

What is going on here, is syncthing required to have a user account with a writeable home directory? Why is syncthing treating my root partition as ro and not rw?

The systemd unit has some hardening options that block write access to /etc for security purposes. It’s an odd place for a home directory. Also Syncthing will keep a large database there.

1 Like

Oh that makes sense, I just threw something together. Is there a preferred location; I could do something in /home but that seems weird as I have no other services on any of my servers/computers that put a home directory in /home other than real users. I guess /var/syncthing ?

I generally go for /var or /srv or /data or /home all depending on system and mood, yeah. :slight_smile:

Got it, /var worked. In case it matters, here’s the procedure (I used UID 2015 for reasons but you can use whatever):

useradd -u 2015 -c "Syncthing Service" -d /var/syncthing -s /usr/sbin/nologin syncthing
mkdir /var/syncthing
chown -R syncthing:syncthing /var/syncthing

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.