Description
After a successful upgrade on RHEL/Fedora (SELinux enforcing) systems, Gitea fails to start with systemd exit code 203/EXEC:
gitea.service: Failed with result 'exit-code'.
Process: ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini (code=exited, status=203/EXEC)
Root cause
The script moves the new binary from $giteahome (e.g. /var/lib/gitea/) to /usr/local/bin/gitea:
mv -f "$binname" "$giteabin"
mv preserves the SELinux security context from the source directory, so the binary ends up with the wrong label for an executable under /usr/local/bin/. Systemd then refuses to execute it.
Running sudo restorecon -v /usr/local/bin/gitea immediately fixes it.
Proposed fix
Add a restorecon call after the mv, guarded so it is a no-op on non-SELinux systems:
cp -f "$giteabin" "$giteabin.bak" && mv -f "$binname" "$giteabin"
# Restore SELinux context if applicable (e.g. RHEL/Fedora)
command -v restorecon &>/dev/null && restorecon -v "$giteabin" || true
Environment
- Gitea version: 1.24.3 → 1.25.5
- OS: Fedora with SELinux enforcing
- systemd exit code:
203/EXEC
Description
After a successful upgrade on RHEL/Fedora (SELinux enforcing) systems, Gitea fails to start with systemd exit code
203/EXEC:Root cause
The script moves the new binary from
$giteahome(e.g./var/lib/gitea/) to/usr/local/bin/gitea:mvpreserves the SELinux security context from the source directory, so the binary ends up with the wrong label for an executable under/usr/local/bin/. Systemd then refuses to execute it.Running
sudo restorecon -v /usr/local/bin/giteaimmediately fixes it.Proposed fix
Add a
restoreconcall after themv, guarded so it is a no-op on non-SELinux systems:Environment
203/EXEC