How to run a process in daemon mode with systemd service?

Question

I've googled and read quite a bit of blogs, posts, etc. on this. I've also been trying them out manually on my EC2 instance. However, I'm still not able to properly configure the systemd service unit to have it run the process in background as I expect. The process I'm running is nessus service. Here's my service unit definition:

$ cat /etc/systemd/system/nessusagent.service
[Unit]
Description=Nessus
[Service]
ExecStart=/opt/myorg/bin/init_nessus
Type=simple
[Install]
WantedBy=multi-user.target

and here is my script /opt/myorg/bin/init_nessus:

$ cat /opt/apiq/bin/init_nessus
#!/usr/bin/env bash
set -e

NESSUS_MANAGER_HOST=...
NESSUS_MANAGER_PORT=...
NESSUS_CLIENT_GROUP=...
NESSUS_LINKING_KEY=...

#-------------------------------------------------------------------------------
# link nessus agent with manager host
#-------------------------------------------------------------------------------
/opt/nessus_agent/sbin/nessuscli agent link --key=${NESSUS_LINKING_KEY} --host=${NESSUS_MANAGER_HOST} --port=${NESSUS_MANAGER_PORT} --groups=${NESSUS_CLIENT_GROUP}
if [ $? -ne 0 ]; then
    echo "Cannot link the agent to the Nessus manager, quitting."
exit 1
fi

/opt/nessus_agent/sbin/nessus-service -q -D

When I run the service, I always get the following:

$ systemctl status nessusagent.service
● nessusagent.service - Nessus
  Loaded: loaded (/etc/systemd/system/nessusagent.service; enabled; vendor preset: enabled)
  Active: inactive (dead) since Mon 2020-08-24 06:40:40 UTC; 9min ago
Process: 27787 ExecStart=/opt/myorg/bin/init_nessus (code=exited, status=0/SUCCESS)
Main PID: 27787 (code=exited, status=0/SUCCESS)

...
Aug 24 06:40:40 ip-10-27-0-104 init_nessus[27787]: + /opt/nessus_agent/sbin/nessuscli agent link --key=... --host=... --port=8834 --groups=...
Aug 24 06:40:40 ip-10-27-0-104 init_nessus[27787]: [info] [agent] HostTag::getUnix: setting TAG value to '8596420322084e3ab97d3c39e5c92e00'
Aug 24 06:40:40 ip-10-27-0-104 init_nessus[27787]: [info] [agent] Successfully linked to <myorg.com>:8834
Aug 24 06:40:40 ip-10-27-0-104 init_nessus[27787]: + '[' 0 -ne 0 ']'
Aug 24 06:40:40 ip-10-27-0-104 init_nessus[28506]: + /opt/nessus_agent/sbin/nessus-service -q -D

However, I can't see the process that I expect to see:

$ ps faux | grep nessus
root   28565 0.0 0.0 12940  936 pts/0  S+  06:54  0:00             \_ grep --color=auto nessus

If I run the last command manually, I can see it:

$ /opt/nessus_agent/sbin/nessus-service -q -D
$ ps faux | grep nessus
root   28959 0.0 0.0 12940 1016 pts/0  S+  07:00  0:00             \_ grep --color=auto nessus
root   28952 0.0 0.0  6536  116 ?      S   07:00  0:00 /opt/nessus_agent/sbin/nessus-service -q -D
root   28953 0.2 0.0 69440 9996 pts/0  Sl  07:00  0:00    \_ nessusd -q

What is it that I'm missing here?

Does it also run when you invoke your `init_nessus` script manually? — dhanushka, Aug 27 '20 at 01:31

score 0 · Answer 1 · answered Aug 28 '20 at 16:24

Eventually figured out that this was because of the extra -D option in the last command. Removing the -D option fixed the issue. Running the process in daemon mode inside a system manager is not the way to go. We need to run it in the foreground and let the system manager handle it.

How to run a process in daemon mode with systemd service?

1 Answers1