Open mstarks01 opened 3 years ago
+1 for all of the information provided.
I don't see any mistake in your changes. Does the Minecraft server log file state any reason why the server is shutting down?
Looking at the man page of systemd.exec
, I found this in the section about ReadWritePaths=
Use ReadWritePaths= in order to whitelist specific paths for write access if ProtectSystem=strict is used.
It doesn't state what happens if ProtectSystem
is set to full
. Although unlikely, there is a chance that changing it to strict
could help. A side effect would be, that /tmp
gets protected, too. This needs to stay writeable for the minecraft user to allow tmux creating its socket in there.
ProtectSystem=strict
ReadWritePaths=/usr/local/bin/minecraft /tmp
On the other hand you could also try to relax the restrictions done by systemd since you're already using containerization. Although I have no experience with LXC and don't know what parts of the system are isolated by it.
If you want to leave it to LXC or don't need the extra protection, you can remove the lines from ProtectSystem
to ReadWritePaths
.
Thanks for replying. Upon further inspection, I realized that although the process didn't die when running from the script, I could not connect to the tmux session. It thought there were no sessions. So I started to simplify the command. I took out -c $MC_HOME
, and when that didn't help, -L $TMUX_SOCKET
. Taking out the socket allowed me to connect to the session. I suspect this might be due to an apparmor profile protecting the /tmp
directory, although I also don't understand the use of -c $MC_HOME
here, since it is only a directory.
I added the separate socket so that no one could accidentally close the tmux session, as it won't show up when using the default socket. This is to help preventing that the server stops without systemd knowing about it. If there was a pid file systemd could monitor the process directly, but I couldn't find one for tmux / the process running in the tmux terminal. Using the default socket should work just as fine.
The -c $MC_HOME
specifies the directory that the tmux session is started in. -c
has a different meaning when used with tmux
directly (similar to -L $TMUX_SOCKET
) than when used with the new-session
sub-comand. Basically this specifies the working directory and a cd $MC_HOME && java -jar ...
has the same effect.
I found a way to create a pid file for the minecraft process. Maybe this will help with your problem, as systemd recommends having a PIDFile set if the service type is forking
to determine the main process.
Determining the pid relies on the tmux session being the only one on the socket, so be careful with using the default socket.
I hope this helps :slightly_smiling_face:
Thanks! I have made a couple of posts trying to get to the bottom of the socket issue in an unprivileged LXC container, but have yet to receive any feedback. I suspect that it's a container issue, but don't understand why the user should not be able to access their own socket.
I'll give your change a try when I have a few spare moments.
i went for a different approach, on my ProxMox LXC RockyLinux (now 8.6) container and wanted to share it :
Assumptions:
systemd unitfile:
[[Unit]
Description=Minecraft Server
[Service]
WorkingDirectory=/opt/minecraft
User=minecraft
Type=forking
ExecStart=/usr/bin/tmux new -s minecraft -d "/usr/bin/java -Xmx3096M -Xms2048M -XX:+UseG1GC -jar server.jar --nogui"
ExecReload=/usr/bin/tmux send-keys -t minecraft:0.0 'say SERVER RELOADING.' C-m 'reload' C-m
ExecStop=/usr/bin/tmux send-keys -t minecraft:0.0 'say SERVER SHUTTING DOWN. Saving map...' C-m 'save-all' C-m 'stop' C-m
ExecStop=/bin/sleep 2
[Install]
WantedBy=multi-user.target
Additional info:
Thanks for making these scripts available. They are by far the best of the minecraft init scripts I have run across.
I'm having a bit of an issue when launching it from systemctrl. The tmux and java process start, then stop a second or two later. The shell script works correctly; it's only when launching from systemd that I have an issue.
Here's the service script. The only changes I've made are to change the location to my install.
And here's the shell script. It is executable. I changed the location here as well as a couple of minecraft arguments. Note that
$MC_HOME/minecraft/minecraft-server
is simply a link, so that is correct.This is running in an Ubuntu 20.04 LXC container. More info: