What is the problem you are having with rclone?
A command that's run manually can write into a Google Drive rclone remote just fine. But when the same command is run via a script being called by systemd, the script doesn't seem to have write permissions.
Run the command 'rclone version' and share the full output of the command.
$ rclone version
rclone v1.60.1
- os/version: centos 7.9.2009 (64 bit)
- os/kernel: 3.10.0-1160.80.1.el7.centos.plus.x86_64 (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.19.3
- go/linking: static
- go/tags: none
Which cloud storage system are you using? (eg Google Drive)
Google Drive
The command you were trying to run (eg rclone copy /tmp remote:tmp
)
I'm trying to have systemd always mount the Google Drive remote at boot. So my systemd timer looks like this:
[Unit]
Description=Backup of DaVinci Resolve PostgreSQL databases to Google Drive via rclone
[Service]
User=sgoldin
Type=oneshot
ExecStart=/bin/bash -c '/usr/bin/rclone mount resolve-backups: /home/sgoldin/resolve-backups --vfs-cache-mode full --umask 000'
[Install]
WantedBy=multi-user.target
The rclone config contents with secrets removed.
$ cat /home/sgoldin/.config/rclone/rclone.conf
[resolve-backups]
type = drive
client_id = REDACTED
client_secret = REDACTED
scope = drive
token = REDACTED
team_drive =
root_folder_id = REDACTED
A log from the command with the -vv
flag
If I stop the systemd unit, I can run the command by itself: $ rclone mount resolve-backups: /home/sgoldin/resolve-backups --vfs-cache-mode full --umask 000 -vv
$ rclone mount resolve-backups: /home/sgoldin/resolve-backups --vfs-cache-mode full --umask 000 -vv
2022/11/19 15:09:39 DEBUG : rclone: Version "v1.60.1" starting with parameters ["rclone" "mount" "resolve-backups:" "/home/sgoldin/resolve-backups" "--vfs-cache-mode" "full" "--umask" "000" "-vv"]
2022/11/19 15:09:39 DEBUG : Creating backend with remote "resolve-backups:"
2022/11/19 15:09:39 DEBUG : Using config file from "/home/sgoldin/.config/rclone/rclone.conf"
2022/11/19 15:09:39 DEBUG : vfs cache: root is "/home/sgoldin/.cache/rclone"
2022/11/19 15:09:39 DEBUG : vfs cache: data root is "/home/sgoldin/.cache/rclone/vfs/resolve-backups"
2022/11/19 15:09:39 DEBUG : vfs cache: metadata root is "/home/sgoldin/.cache/rclone/vfsMeta/resolve-backups"
2022/11/19 15:09:39 DEBUG : Creating backend with remote "/home/sgoldin/.cache/rclone/vfs/resolve-backups/"
2022/11/19 15:09:39 DEBUG : fs cache: renaming cache item "/home/sgoldin/.cache/rclone/vfs/resolve-backups/" to be canonical "/home/sgoldin/.cache/rclone/vfs/resolve-backups"
2022/11/19 15:09:39 DEBUG : Creating backend with remote "/home/sgoldin/.cache/rclone/vfsMeta/resolve-backups/"
2022/11/19 15:09:39 DEBUG : fs cache: renaming cache item "/home/sgoldin/.cache/rclone/vfsMeta/resolve-backups/" to be canonical "/home/sgoldin/.cache/rclone/vfsMeta/resolve-backups"
2022/11/19 15:09:39 DEBUG : Google drive root '': Mounting on "/home/sgoldin/resolve-backups"
2022/11/19 15:09:39 INFO : vfs cache: cleaned: objects 0 (was 0) in use 0, to upload 0, uploading 0, total size 0 (was 0)
2022/11/19 15:09:39 DEBUG : : Root:
2022/11/19 15:09:39 DEBUG : : >Root: node=/, err=<nil>
2022/11/19 15:09:39 DEBUG : /: Lookup: name=".Trash"
2022/11/19 15:09:40 DEBUG : /: >Lookup: node=<nil>, err=no such file or directory
2022/11/19 15:09:40 DEBUG : /: Lookup: name="BDMV"
2022/11/19 15:09:40 DEBUG : /: >Lookup: node=<nil>, err=no such file or directory
2022/11/19 15:09:40 DEBUG : /: Lookup: name=".xdg-volume-info"
2022/11/19 15:09:40 DEBUG : /: >Lookup: node=<nil>, err=no such file or directory
2022/11/19 15:09:40 DEBUG : /: Lookup: name="autorun.inf"
2022/11/19 15:09:40 DEBUG : /: >Lookup: node=<nil>, err=no such file or directory
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: Lookup: name=".Trash-1000"
2022/11/19 15:09:40 DEBUG : /: >Lookup: node=<nil>, err=no such file or directory
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: ReadDirAll:
2022/11/19 15:09:40 DEBUG : /: >ReadDirAll: item=58, err=<nil>
2022/11/19 15:09:40 DEBUG : /: Lookup: name="autorun.inf"
2022/11/19 15:09:40 DEBUG : /: >Lookup: node=<nil>, err=no such file or directory
The command I can run successfully when this is mounted is:
$ /usr/pgsql-9.5/bin/pg_dump --host localhost --username postgres bigthink2022h1 --blobs --file /home/sgoldin/resolve-backups/bigthink2022h1/bigthink2022h1_$(date "+%Y_%m_%d_%H_%M").backup --format=custom --verbose --no-password
And indeed, a .backup
file drops into the expected location within the mounted Google Drive rclone remote.
But when I call this shell script:
$ cat backup-bigthink2022h1.sh
#!/bin/bash
# Let's perform the backup and log to the monthly log file if the backup is successful.
/usr/pgsql-9.5/bin/pg_dump --host localhost --username postgres bigthink2022h1 --blobs --file /home/sgoldin/resolve-backups/bigthink2022h1/bigthink2022h1_$(date "+%Y_%m_%d_%H_%M").backup --format=custom --verbose --no-password && \
echo "bigthink2022h1 was backed up at $(date "+%Y_%m_%d_%H_%M") into \"/home/sgoldin/resolve-backups/bigthink2022h1\"." >> /usr/local/DaVinci-Resolve-PostgreSQL-Workflow-Tools/logs/logs-$(date "+%Y_%m").log
From this systemd unit:
$ cd /etc/systemd/system/
$ cat backup-bigthink2022h1.service
[Unit]
Description=Backup of bigthink2022h1 DaVinci Resolve PostgreSQL database
[Service]
Type=oneshot
ExecStart=/usr/local/DaVinci-Resolve-PostgreSQL-Workflow-Tools/backup/backup-bigthink2022h1.sh
The systemd unit fails:
$ systemctl status backup-bigthink2022h1 -l
â—Ź backup-bigthink2022h1.service - Backup of bigthink2022h1 DaVinci Resolve PostgreSQL database
Loaded: loaded (/etc/systemd/system/backup-bigthink2022h1.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Sat 2022-11-19 14:53:08 EST; 26min ago
Process: 11988 ExecStart=/usr/local/DaVinci-Resolve-PostgreSQL-Workflow-Tools/backup/backup-bigthink2022h1.sh (code=exited, status=1/FAILURE)
Main PID: 11988 (code=exited, status=1/FAILURE)
Nov 19 14:53:08 localhost.localdomain systemd[1]: Starting Backup of bigthink2022h1 DaVinci Resolve PostgreSQL database...
Nov 19 14:53:08 localhost.localdomain backup-bigthink2022h1.sh[11988]: pg_dump: [custom archiver] could not open output file "/home/sgoldin/resolve-backups/bigthink2022h1/bigthink2022h1_2022_11_19_14_53.backup": Permission denied
Nov 19 14:53:08 localhost.localdomain systemd[1]: backup-bigthink2022h1.service: main process exited, code=exited, status=1/FAILURE
Nov 19 14:53:08 localhost.localdomain systemd[1]: Failed to start Backup of bigthink2022h1 DaVinci Resolve PostgreSQL database.
Nov 19 14:53:08 localhost.localdomain systemd[1]: Unit backup-bigthink2022h1.service entered failed state.
Nov 19 14:53:08 localhost.localdomain systemd[1]: backup-bigthink2022h1.service failed.
You can also see this failure via journalctl -xe
:
$ journalctl -xe | grep backup-bigthink2022h1.service
-- Subject: Unit backup-bigthink2022h1.service has begun start-up
-- Unit backup-bigthink2022h1.service has begun starting up.
Nov 19 14:53:08 localhost.localdomain systemd[1]: backup-bigthink2022h1.service: main process exited, code=exited, status=1/FAILURE
-- Subject: Unit backup-bigthink2022h1.service has failed
-- Unit backup-bigthink2022h1.service has failed.
Nov 19 14:53:08 localhost.localdomain systemd[1]: Unit backup-bigthink2022h1.service entered failed state.
Nov 19 14:53:08 localhost.localdomain systemd[1]: backup-bigthink2022h1.service failed.
Nov 19 15:17:44 localhost.localdomain systemd[1]: Configuration file /etc/systemd/system/backup-bigthink2022h1.service is marked executable. Please remove executable permission bits. Proceeding anyway.
Nov 19 15:17:46 localhost.localdomain systemd[1]: Configuration file /etc/systemd/system/backup-bigthink2022h1.service is marked executable. Please remove executable permission bits. Proceeding anyway.
Nov 19 15:21:39 localhost.localdomain systemd[1]: Configuration file /etc/systemd/system/backup-bigthink2022h1.service is marked executable. Please remove executable permission bits. Proceeding anyway.
Why does the pg_dump
binary not have permission to open that output file?
I've tried changing the command in the systemd
unit to have the --allow-other
flag, and then the folder remains totally unmounted and empty after boot. When I tried only adding --allow-root
, in case the systemd
service was running as root, it still didn't have permission, and failed the same way.
I want to make sure I'm falling into an XY problem, so my question is: how can I get this pg_dump
binary in my shell script to actually have write access to my Google Drive remote, while also making sure that the Google Drive remote mounts automatically at boot?