Jenkins write permission on linux
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
I'm having trouble getting Jenkins to write to a directory, however I believe I have set the correct permissions. Jenkins is being run by a user named "jenkins", who belongs to a group called "jenkins-group". The directory in question looks something like this when I ll
:
drwxrwxr-x 2 jenkins-group jenkins-group 68 Sep 3 13:01 test_save_data_jenkins_R
I followed the recommended approach as seen in the link below, by creating a group having "rwx" permissions and adding the user running Jenkins to this group. How do I properly allow user jenkins to write to a specific directory under user minecraft home directory?.
So I have given the group "jenkins-group" rwx permissions, which in turn should give the user "jenkins" those permissions as well, since it has this group as a secondary. When I log in to the user "jenkins" from a terminal I'm able to create a new file in this folder using touch test.txt
. However when I run a build from Jenkins with the following commands in execute shell:
cd /apps/models/test_save_data_jenkins_R && whoami && touch test.txt
I get the following error:
+ cd /apps/models/test_save_data_jenkins_R
+ whoami
jenkins
+ touch test.txt
touch: cannot touch âÂÂtest.txtâÂÂ: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE
Notice that the group "jenkins-group" also has rwx permissions to the folders "apps" and "models". I have tried giving the user "jenkins" direct permission using the following command:
$ setfacl -Rm user:jenkins:rwx /apps/models/test_save_data_jenkins_R/
which would result in the script running successfully. However this is really a workaround, and I would like to understand what I'm doing wrong in the previous approach.
Update #1
Running groups jenkins
:
jenkins : jenkins jenkins-group
And running getfacl
returns:
# file: test_save_data_jenkins_R/
# owner: jenkins-group
# group: jenkins-group
user::rwx
group::rwx
other::r-x
Update #2
Running /usr/bin/id in jenkins script gives:
+ /usr/bin/id
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins)
Running /usr/bin/id from terminal gives:
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
Notice this happens as well after running safeRestart of jenkins service.
linux jenkins
 |Â
show 6 more comments
up vote
0
down vote
favorite
I'm having trouble getting Jenkins to write to a directory, however I believe I have set the correct permissions. Jenkins is being run by a user named "jenkins", who belongs to a group called "jenkins-group". The directory in question looks something like this when I ll
:
drwxrwxr-x 2 jenkins-group jenkins-group 68 Sep 3 13:01 test_save_data_jenkins_R
I followed the recommended approach as seen in the link below, by creating a group having "rwx" permissions and adding the user running Jenkins to this group. How do I properly allow user jenkins to write to a specific directory under user minecraft home directory?.
So I have given the group "jenkins-group" rwx permissions, which in turn should give the user "jenkins" those permissions as well, since it has this group as a secondary. When I log in to the user "jenkins" from a terminal I'm able to create a new file in this folder using touch test.txt
. However when I run a build from Jenkins with the following commands in execute shell:
cd /apps/models/test_save_data_jenkins_R && whoami && touch test.txt
I get the following error:
+ cd /apps/models/test_save_data_jenkins_R
+ whoami
jenkins
+ touch test.txt
touch: cannot touch âÂÂtest.txtâÂÂ: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE
Notice that the group "jenkins-group" also has rwx permissions to the folders "apps" and "models". I have tried giving the user "jenkins" direct permission using the following command:
$ setfacl -Rm user:jenkins:rwx /apps/models/test_save_data_jenkins_R/
which would result in the script running successfully. However this is really a workaround, and I would like to understand what I'm doing wrong in the previous approach.
Update #1
Running groups jenkins
:
jenkins : jenkins jenkins-group
And running getfacl
returns:
# file: test_save_data_jenkins_R/
# owner: jenkins-group
# group: jenkins-group
user::rwx
group::rwx
other::r-x
Update #2
Running /usr/bin/id in jenkins script gives:
+ /usr/bin/id
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins)
Running /usr/bin/id from terminal gives:
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
Notice this happens as well after running safeRestart of jenkins service.
linux jenkins
Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
â Alex Baranowski
Sep 3 at 13:15
Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
â Michal
Sep 3 at 13:22
Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
â Philip
Sep 3 at 13:26
Can you add an/usr/bin/id
to your script? There is any difference between theid
outputs when run interactively or in the script?
â andcoz
Sep 3 at 13:53
@andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
â Philip
Sep 3 at 13:56
 |Â
show 6 more comments
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I'm having trouble getting Jenkins to write to a directory, however I believe I have set the correct permissions. Jenkins is being run by a user named "jenkins", who belongs to a group called "jenkins-group". The directory in question looks something like this when I ll
:
drwxrwxr-x 2 jenkins-group jenkins-group 68 Sep 3 13:01 test_save_data_jenkins_R
I followed the recommended approach as seen in the link below, by creating a group having "rwx" permissions and adding the user running Jenkins to this group. How do I properly allow user jenkins to write to a specific directory under user minecraft home directory?.
So I have given the group "jenkins-group" rwx permissions, which in turn should give the user "jenkins" those permissions as well, since it has this group as a secondary. When I log in to the user "jenkins" from a terminal I'm able to create a new file in this folder using touch test.txt
. However when I run a build from Jenkins with the following commands in execute shell:
cd /apps/models/test_save_data_jenkins_R && whoami && touch test.txt
I get the following error:
+ cd /apps/models/test_save_data_jenkins_R
+ whoami
jenkins
+ touch test.txt
touch: cannot touch âÂÂtest.txtâÂÂ: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE
Notice that the group "jenkins-group" also has rwx permissions to the folders "apps" and "models". I have tried giving the user "jenkins" direct permission using the following command:
$ setfacl -Rm user:jenkins:rwx /apps/models/test_save_data_jenkins_R/
which would result in the script running successfully. However this is really a workaround, and I would like to understand what I'm doing wrong in the previous approach.
Update #1
Running groups jenkins
:
jenkins : jenkins jenkins-group
And running getfacl
returns:
# file: test_save_data_jenkins_R/
# owner: jenkins-group
# group: jenkins-group
user::rwx
group::rwx
other::r-x
Update #2
Running /usr/bin/id in jenkins script gives:
+ /usr/bin/id
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins)
Running /usr/bin/id from terminal gives:
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
Notice this happens as well after running safeRestart of jenkins service.
linux jenkins
I'm having trouble getting Jenkins to write to a directory, however I believe I have set the correct permissions. Jenkins is being run by a user named "jenkins", who belongs to a group called "jenkins-group". The directory in question looks something like this when I ll
:
drwxrwxr-x 2 jenkins-group jenkins-group 68 Sep 3 13:01 test_save_data_jenkins_R
I followed the recommended approach as seen in the link below, by creating a group having "rwx" permissions and adding the user running Jenkins to this group. How do I properly allow user jenkins to write to a specific directory under user minecraft home directory?.
So I have given the group "jenkins-group" rwx permissions, which in turn should give the user "jenkins" those permissions as well, since it has this group as a secondary. When I log in to the user "jenkins" from a terminal I'm able to create a new file in this folder using touch test.txt
. However when I run a build from Jenkins with the following commands in execute shell:
cd /apps/models/test_save_data_jenkins_R && whoami && touch test.txt
I get the following error:
+ cd /apps/models/test_save_data_jenkins_R
+ whoami
jenkins
+ touch test.txt
touch: cannot touch âÂÂtest.txtâÂÂ: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE
Notice that the group "jenkins-group" also has rwx permissions to the folders "apps" and "models". I have tried giving the user "jenkins" direct permission using the following command:
$ setfacl -Rm user:jenkins:rwx /apps/models/test_save_data_jenkins_R/
which would result in the script running successfully. However this is really a workaround, and I would like to understand what I'm doing wrong in the previous approach.
Update #1
Running groups jenkins
:
jenkins : jenkins jenkins-group
And running getfacl
returns:
# file: test_save_data_jenkins_R/
# owner: jenkins-group
# group: jenkins-group
user::rwx
group::rwx
other::r-x
Update #2
Running /usr/bin/id in jenkins script gives:
+ /usr/bin/id
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins)
Running /usr/bin/id from terminal gives:
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
Notice this happens as well after running safeRestart of jenkins service.
linux jenkins
linux jenkins
edited Sep 4 at 6:49
asked Sep 3 at 12:40
Philip
12
12
Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
â Alex Baranowski
Sep 3 at 13:15
Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
â Michal
Sep 3 at 13:22
Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
â Philip
Sep 3 at 13:26
Can you add an/usr/bin/id
to your script? There is any difference between theid
outputs when run interactively or in the script?
â andcoz
Sep 3 at 13:53
@andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
â Philip
Sep 3 at 13:56
 |Â
show 6 more comments
Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
â Alex Baranowski
Sep 3 at 13:15
Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
â Michal
Sep 3 at 13:22
Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
â Philip
Sep 3 at 13:26
Can you add an/usr/bin/id
to your script? There is any difference between theid
outputs when run interactively or in the script?
â andcoz
Sep 3 at 13:53
@andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
â Philip
Sep 3 at 13:56
Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
â Alex Baranowski
Sep 3 at 13:15
Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
â Alex Baranowski
Sep 3 at 13:15
Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
â Michal
Sep 3 at 13:22
Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
â Michal
Sep 3 at 13:22
Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
â Philip
Sep 3 at 13:26
Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
â Philip
Sep 3 at 13:26
Can you add an
/usr/bin/id
to your script? There is any difference between the id
outputs when run interactively or in the script?â andcoz
Sep 3 at 13:53
Can you add an
/usr/bin/id
to your script? There is any difference between the id
outputs when run interactively or in the script?â andcoz
Sep 3 at 13:53
@andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
â Philip
Sep 3 at 13:56
@andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
â Philip
Sep 3 at 13:56
 |Â
show 6 more comments
1 Answer
1
active
oldest
votes
up vote
0
down vote
accepted
The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:
sudo service jenkins restart
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
accepted
The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:
sudo service jenkins restart
add a comment |Â
up vote
0
down vote
accepted
The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:
sudo service jenkins restart
add a comment |Â
up vote
0
down vote
accepted
up vote
0
down vote
accepted
The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:
sudo service jenkins restart
The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:
sudo service jenkins restart
answered Sep 4 at 6:59
Philip
12
12
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f466568%2fjenkins-write-permission-on-linux%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
â Alex Baranowski
Sep 3 at 13:15
Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
â Michal
Sep 3 at 13:22
Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
â Philip
Sep 3 at 13:26
Can you add an
/usr/bin/id
to your script? There is any difference between theid
outputs when run interactively or in the script?â andcoz
Sep 3 at 13:53
@andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
â Philip
Sep 3 at 13:56