edit: I have tried using mkdir /var/lib/radicale and /var/lib/radicale/collections (with and without -p), chown radicale:radicale /var/lib/radicale (and collections) with and without -R, and the same for chmod 770 and chmod g-w,o-rwx. NOTHING WORKS!!! I just want to self-host a calendar…
I’ve also tried removing the “strict” security settings from my config, but no luck.
maybe the warning that preceded the permission denied is helpful? I don’t know why is is “not existing” though, I’ve already tried using mkdir and chown…
[2025-05-01 13:34:06 +0800] [6537] [WARNING] Storage location: '/var/lib/radicale/collections' not existing, create now
[2025-05-01 13:34:06 +0800] [6537] [CRITICAL] An exception occurred during server startup: [Errno 13] Permission denied: '/var/lib/radicale/collections'
original post:
I am following the steps of the radicale documentation and have got to running it as a service. However, when I ran radicale it failed to start. When I tried to run radicale manually, I get a permission denied error
[] An exception occurred during server startup: [Errno 13] Permission denied: '/var/lib/radicale/collections'
I have tried manually using mkdir to create /var/lib/radicale/collections and setting the owner using chown -R radicale:radicale to the “radicale” user, and I have also tried using chmod -R 770.
my config (/etc/radicale/config)
[auth]
type = htpasswd
htpasswd_filename = /etc/radicale/users
htpasswd_encryption = autodetect
delay = 1
[server]
hosts = 0.0.0.0:5232, [::]:5232
max_connections = 20
max_content_length = 100000000
# 100 MB
timeout = 30
# 30 seconds
[storage]
filesystem_folder = /var/lib/radicale/collections
my radicale.service (/etc/systemd/system/radicale.service
[Unit]
Description=A simple CalDAV (calendar) and CardDAV (contact) server
After=network.target
Requires=network.target
[Service]
ExecStart=/usr/bin/env python3 -m radicale
Restart=on-failure
User=radicale
# Deny other users access to the calendar data
UMask=0027
# Optional security settings
PrivateTmp=true
ProtectSystem=strict
ProtectHome=true
PrivateDevices=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
NoNewPrivileges=true
ReadWritePaths=/var/lib/radicale/ /var/cache/radicale/
[Install]
WantedBy=multi-user.target


My bad.