Starting RadiantOne FID as a Linux System.d services (Non-Root Service Account)

This document outlines the steps and verification checks required to configure RadiantOne FID services (vds.service and control_panel.service) to run as a non-root service account (e.g., svc_radiantone) using systemd.

Run these steps on every node in the cluster.

1) Stop existing servers

cd /apps/radiantone/vds/bin/advanced

./stop_servers.sh

2) Set and persist RLI_HOME

export RLI_HOME=/apps/radiantone/vds

echo 'export RLI_HOME=/apps/radiantone/vds' | sudo tee /etc/profile.d/radiantone.sh

3) Create service account/ ownership

sudo useradd --system --home-dir /apps/radiantone --shell /sbin/nologin --comment "RadiantOne service account" svc_radiantone

sudo chown -R svc_radiantone:svc_radiantone /apps/radiantone

4) Ensure scripts are executable

sudo chmod +x /apps/radiantone/vds/bin/*.sh

sudo chmod +x $RLI_HOME/bin/*.sh

5) Install systemd unit files

# VDS

sudo cp $RLI_HOME/bin/system.d/vds.service /etc/systemd/system/

# Control Panel

sudo cp $RLI_HOME/bin/system.d/control_panel.service /etc/systemd/system/

6) Run services as svc_radiantone (overrides)

# VDS

sudo systemctl edit vds.service or sudo systemctl edit control_panel.service

Paste:

[Service]

User=svc_radiantone

Environment=RLI_HOME=/apps/radiantone/vds

WorkingDirectory=/apps/radiantone/vds/bin

7) Reload, enable on boot, and start

sudo systemctl daemon-reload

sudo systemctl enable --now vds.service

sudo systemctl enable --now control_panel.service

8) Verify (config, status, user, PIDs)

# Service status

systemctl status vds.service --no-pager

systemctl status control_panel.service --no-pager

# Configured systemd user + unit + overrides

systemctl show -p User vds.service

systemctl show -p User control_panel.service

systemctl cat vds.service

systemctl cat control_panel.service

# List all RadiantOne Java under service user

ps -u svc_radiantone -o pid,etime,cmd --forest

# or

pgrep -a -u svc_radiantone java

# Quick process glance

ps -ef | egrep 'vds_server|WebAppServer|jetty' | grep -v grep

9) Open firewall for Control Panel (if accessed externally)

sudo firewall-cmd --add-port=7070/tcp --permanent   # HTTP

sudo firewall-cmd --add-port=7171/tcp --permanent   # HTTPS

sudo firewall-cmd –reload

Confirm the above on all cluster nodes.

Systemd will automatically start both FID services at boot under the same service account — no interactive login required.

Reference Links

• RadiantOne Documentation – Starting as a Linux Daemon
• Support KB – Running FID on Ports Below 1024 Without Root