Search code examples
linuxbashservicesystemd

How to execute the command zenity in a script executed by a service (systemd) (file .service)

I have a little problem. I am doing a service (daemon) with systemd. The script is the follow:

if [ $intento = 5 ];then
      iptables -I INPUT -s ${sublista[0]} -j DROP -m comment --comment "IP bloqueada por sshield"
      date=$(date)
      echo "${sublista[0]} $date" >> /var/cache/sshield.deny
      zenity --notification --text "IP address ${sublista[0]} denied at $date - sshield"
      email ivanherediaplanas@hotmail.com "Nueva regla iptables | ${sublista[0]} denied" "The ${sublista[0]} ip address is denied by brute force's attack ssh.<br><br>Date: $date"
      declare -a ips=(${ips[@]/${sublista[0]}=>$intento/})
fi

The idea is the follow:

If the attempts is more than five, it give the ip address and lock it. Sending a mail and showing a zenity's popup

The problem is that, the popup doesn't show.

zenity --notification --text "IP address ${sublista[0]} denied at $date - sshield"

I believe that it is because, the scrpt is exeuted by a service's file in /lib/systemd/system/sshield.service

[Unit]
Description=Service for protect attacks of brute force ssh's

[Service]
Type=simple
ExecStart=/etc/sshield/sshield.sh
ExecStop=/etc/sshield/sshield.sh stop
RemainAfterExit=yes
Restart=always

[Install]
WantedBy=multi-user.target

I believe that the problem is in: Type=simple

Also, I try with this:

  echo "${sublista[0]} $date" >> /var/cache/sshield.deny
  sshield --bell "IP address ${sublista[0]} denied at $date - sshield"
  email ivanherediaplanas@hotmail.com "Nueva regla iptables | ${sublista[0]} denied" "The ${sublista[0]} ip address is denied by brute force's attack ssh.<br><br>Date: $date"

sshield --bell "IP address ${sublista[0]} denied at $date - sshield"

the command sshield, is a script in the path /bin/sshield and I get follow it:

elif [[ $argumento == "--bell" ]];then
    if [[ $# -gt 3 ]];then
            echo -e "\033[1;31m[-]\033[0m Only one value"
            echo "You use '--help' or '-h' for more information"
    elif [[ $# = 1 ]];then
            echo -e "\033[1;31m[-]\033[0m It needs one value"
            echo "You use '--help' or '-h' for more information"
    else
            zenity --notification --text "$2"
    fi
else
  [...]

mark: zenity --notification --text "$2"

But, it doesn't work. How to can I solve it?

The error is in zenity: image: journalctl -u sshield

Solution

  • For execute GUI (Graphics User Interface), in a service (systemd). First, you must add this:

    [Service]
Environment="DISPLAY=:0"
Environment="XAUTHORITY=/home/ivan/.Xauthority"

    Result:

    [Unit]
Description=Service for protect attacks of brute force ssh's

[Service]
Type=simple
Environment="DISPLAY=:0"
Environment="XAUTHORITY=/home/ivan/.Xauthority"
ExecStart=/etc/sshield/sshield.sh
ExecStop=/etc/sshield/sshield.sh stop
RemainAfterExit=yes
Restart=always

[Install]
WantedBy=multi-user.target

    And in the script, add:

    export DISPLAY=":0"