Problem

The payments-api service won't stay up on pay-host. It runs as the unprivileged user payments. There's no obvious crash in the code — it dies the instant it starts. The box is healthy (RAM and disk are fine). You're logged in as root.

Find why the service can't start and fix it properly.

Initial setup

• Host: pay-host, Alpine. You are root.
• Service: payments-api, runs as user payments, lives in

/srv/payments-api/, logs to /var/log/payments-api.log.

Acceptance

You've solved it when:

• You've read the crash log (cat /var/log/payments-api.log) and seen

PermissionError: [Errno 13] Permission denied: '/srv/payments-api/config.yml'.

• You've shown with ls -l /srv/payments-api that config.yml is

-rw------- root root while its siblings are owned payments:payments — so the payments user can't read its own config (you, root, can — that's why it's not obvious).

• You've named the least-privilege fix: `chown payments:payments

/srv/payments-api/config.yml (or chmod 640 + put payments` in the group) — NOT chmod 777. And the root cause: stop editing/creating it as root (that re-creates it root:root and breaks the next start).