Issue
I have an app running as service. This app is bind to TCP port.
I want to run an update (sh script), which I want to run detached from the app service (to be able to do e.g. restart of the service from the script).
I was finally able to do this using systemd-run scope, but I found, that the detached scope is keeping the origin binded TCP port occupied (even it doesn't use it for anything), so when I restart the app service, it's not able to bind again.
I tried to run the update script even as: systemd-run --scope --unit=appupgrade nohup $script_path -d & disown
Is there any way to make the systemd scope without occupying the port of origin service?
Solution
With --scope
mode, the process is not actually detached at all: it is launched directly as a child process, and therefore inherits all of your file descriptors (including the TCP socket).
One solution would be to mark the socket as non-inheritable (SOCK_CLOEXEC
aka close-on-exec), or to explicitly close it before exec'ing systemd-run (I believe posix_spawn has an option to close FDs?).
However, if you actually want the process to be detached, then do not use --scope
. Use the default "service" mode and let systemd spawn the process – then you will not need the nohup
, you will not need the & disown
, and of course the process will no longer inherit unwanted file descriptors.
Answered By - user1686 Answer Checked By - Katrina (WPSolving Volunteer)