Hi,
I had some difficulties getting Siremis 5.3 to run under Debian 11
Bullseye. It turned out that the problem was the creation of the Siremis
socket:
<UnixSockLocal name="unixsocklocal"
address="/run/siremis/siremis_rpc.sock" timeout="3.0"/>
There is a warning in siremisJRCommands.xml that points out that systemd
has to be reconfigured as sockets in /tmp are no longer shared
(PrivateTmp setting). By the same token, /run/siremis/siremis_rpc.sock
cannot be created as the httpd server is not allowed to write to /run,
i.e. it can neither create the socket nor the siremis directory. The
permanent creation of the siremis directory with suitable access rights
is also not possible, since /run is mounted as tmpfs in the default
configuration.
At least the directory has to be created at boot time, which can be done
with a small helper service.
This is working for me (siremis-helper.service):
[Unit]
Description=Siremis Helper Service
After=network.target
[Service]
Type=oneshot
ExecStartPre=/usr/bin/mkdir /var/run/siremis
ExecStart=/usr/bin/chown www-data:www-data /var/run/siremis
[Install]
WantedBy=multi-user.target
It is enabled the usual way with systemctl "systemctl start --now
siremis-helper".
Siremis now works with jsonrpc commands and the procedure would mean
that installing Siremis on a newer Debian system would definitely
require some attention.
Does anyone have any objections to the above procedure?