Hey, all. I’m having a problem running a restic backup command since I upgraded from Ubuntu 22.04 to 24.04. But the problem only manifests when I run it via systemd. Running the exact same command interactively in bash as root works fine. Also, it worked fine via systemd prior to the upgrade.
The failure mode is that it hangs for about 2.5 minutes and then reports back:
Feb 26 14:37:17 machinename myrestic[150150]: open repository
Feb 26 14:39:53 machinename myrestic[150150]: Fatal: unable to open config file: Stat: Access Denied.
Feb 26 14:39:53 machinename myrestic[150150]: Is there a repository at the following location?
Feb 26 14:39:53 machinename myrestic[150150]: s3:https://s3.wasabisys.com/my-bucket-name
Feb 26 14:39:53 machinename systemd[1]: restic-backup.service: Main process exited, code=exited, status=1/FAILURE
Unit file is:
[Unit]
Description=Restic backup service
Wants=restic-forget.service
Before=restic-forget.service
OnFailure=notify-email@%n
[Service]
Type=oneshot
ExecStart=/usr/local/sbin/myrestic backup --verbose -x --tag systemd.timer $BACKUP_EXCLUDES $BACKUP_PATHS
EnvironmentFile=/root/.config/restic-backup.conf
Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
IOSchedulingClass=best-effort
IOSchedulingPriority=7
myrestic is this:
#!/bin/bash
set -a
. /root/.config/restic-backup.conf
set +a
exec restic “$@”
And restic-backup.conf sets a bunch of env vars. The problem can’t be that this conf file isn’t getting loaded, because it’s the only way the error message could get the correct bucket name. This file includes the line AWS_PROFILE="wasabi-restic", and ~/.aws/credentials is:
[wasabi-restic]
aws_access_key_id=redacted
aws_secret_access_key=redacted
My computer clock is correct. The restic-forget service fails similarly. What am I missing? Why is this working interactively but not via the service?
Restic version is restic 0.16.4 compiled with go1.22.2 on linux/amd64.
Thanks for any help you can suggest!