edit: I have tried using mkdir /var/lib/radicale and /var/lib/radicale/collections (with and without -p), chown radicale:radicale /var/lib/radicale (and collections) with and without -R, and the same for chmod 770 and chmod g-w,o-rwx. NOTHING WORKS!!! I just want to self-host a calendar…
I’ve also tried removing the “strict” security settings from my config, but no luck.
maybe the warning that preceded the permission denied is helpful? I don’t know why is is “not existing” though, I’ve already tried using mkdir and chown…
[2025-05-01 13:34:06 +0800] [6537] [WARNING] Storage location: '/var/lib/radicale/collections' not existing, create now
[2025-05-01 13:34:06 +0800] [6537] [CRITICAL] An exception occurred during server startup: [Errno 13] Permission denied: '/var/lib/radicale/collections'
original post:
I am following the steps of the radicale documentation and have got to running it as a service. However, when I ran radicale it failed to start. When I tried to run radicale manually, I get a permission denied error
[] An exception occurred during server startup: [Errno 13] Permission denied: '/var/lib/radicale/collections'
I have tried manually using mkdir to create /var/lib/radicale/collections and setting the owner using chown -R radicale:radicale to the “radicale” user, and I have also tried using chmod -R 770.
my config (/etc/radicale/config)
[auth]
type = htpasswd
htpasswd_filename = /etc/radicale/users
htpasswd_encryption = autodetect
delay = 1
[server]
hosts = 0.0.0.0:5232, [::]:5232
max_connections = 20
max_content_length = 100000000
# 100 MB
timeout = 30
# 30 seconds
[storage]
filesystem_folder = /var/lib/radicale/collections
my radicale.service (/etc/systemd/system/radicale.service
[Unit]
Description=A simple CalDAV (calendar) and CardDAV (contact) server
After=network.target
Requires=network.target
[Service]
ExecStart=/usr/bin/env python3 -m radicale
Restart=on-failure
User=radicale
# Deny other users access to the calendar data
UMask=0027
# Optional security settings
PrivateTmp=true
ProtectSystem=strict
ProtectHome=true
PrivateDevices=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
NoNewPrivileges=true
ReadWritePaths=/var/lib/radicale/ /var/cache/radicale/
[Install]
WantedBy=multi-user.target
unfortunately could not fix my issue :(
Can you maybe give us a ls -Al of /var/lib/radicale and /var/lib/radicale/collections to double check the permissions? I just looked at the systemd documentation and the service definition looks ok.
ok, I’ll do that soon
I suspect its got something to do with the systemd service definition. You may have to tweak the parameters under “optional security settings” to make it work. Or maybe you could start radicale manually from the command line, just for testing, and see if that works