Jenkins write permission on linux

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












I'm having trouble getting Jenkins to write to a directory, however I believe I have set the correct permissions. Jenkins is being run by a user named "jenkins", who belongs to a group called "jenkins-group". The directory in question looks something like this when I ll:



drwxrwxr-x 2 jenkins-group jenkins-group 68 Sep 3 13:01 test_save_data_jenkins_R


I followed the recommended approach as seen in the link below, by creating a group having "rwx" permissions and adding the user running Jenkins to this group. How do I properly allow user jenkins to write to a specific directory under user minecraft home directory?.



So I have given the group "jenkins-group" rwx permissions, which in turn should give the user "jenkins" those permissions as well, since it has this group as a secondary. When I log in to the user "jenkins" from a terminal I'm able to create a new file in this folder using touch test.txt. However when I run a build from Jenkins with the following commands in execute shell:



cd /apps/models/test_save_data_jenkins_R && whoami && touch test.txt


I get the following error:



+ cd /apps/models/test_save_data_jenkins_R
+ whoami
jenkins
+ touch test.txt
touch: cannot touch ‘test.txt’: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE


Notice that the group "jenkins-group" also has rwx permissions to the folders "apps" and "models". I have tried giving the user "jenkins" direct permission using the following command:



$ setfacl -Rm user:jenkins:rwx /apps/models/test_save_data_jenkins_R/


which would result in the script running successfully. However this is really a workaround, and I would like to understand what I'm doing wrong in the previous approach.



Update #1



Running groups jenkins:



jenkins : jenkins jenkins-group


And running getfacl returns:



# file: test_save_data_jenkins_R/
# owner: jenkins-group
# group: jenkins-group
user::rwx
group::rwx
other::r-x


Update #2



Running /usr/bin/id in jenkins script gives:



+ /usr/bin/id 
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins)


Running /usr/bin/id from terminal gives:



uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)


Notice this happens as well after running safeRestart of jenkins service.










share|improve this question























  • Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
    – Alex Baranowski
    Sep 3 at 13:15










  • Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
    – Michal
    Sep 3 at 13:22










  • Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
    – Philip
    Sep 3 at 13:26










  • Can you add an /usr/bin/id to your script? There is any difference between the id outputs when run interactively or in the script?
    – andcoz
    Sep 3 at 13:53










  • @andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
    – Philip
    Sep 3 at 13:56















up vote
0
down vote

favorite












I'm having trouble getting Jenkins to write to a directory, however I believe I have set the correct permissions. Jenkins is being run by a user named "jenkins", who belongs to a group called "jenkins-group". The directory in question looks something like this when I ll:



drwxrwxr-x 2 jenkins-group jenkins-group 68 Sep 3 13:01 test_save_data_jenkins_R


I followed the recommended approach as seen in the link below, by creating a group having "rwx" permissions and adding the user running Jenkins to this group. How do I properly allow user jenkins to write to a specific directory under user minecraft home directory?.



So I have given the group "jenkins-group" rwx permissions, which in turn should give the user "jenkins" those permissions as well, since it has this group as a secondary. When I log in to the user "jenkins" from a terminal I'm able to create a new file in this folder using touch test.txt. However when I run a build from Jenkins with the following commands in execute shell:



cd /apps/models/test_save_data_jenkins_R && whoami && touch test.txt


I get the following error:



+ cd /apps/models/test_save_data_jenkins_R
+ whoami
jenkins
+ touch test.txt
touch: cannot touch ‘test.txt’: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE


Notice that the group "jenkins-group" also has rwx permissions to the folders "apps" and "models". I have tried giving the user "jenkins" direct permission using the following command:



$ setfacl -Rm user:jenkins:rwx /apps/models/test_save_data_jenkins_R/


which would result in the script running successfully. However this is really a workaround, and I would like to understand what I'm doing wrong in the previous approach.



Update #1



Running groups jenkins:



jenkins : jenkins jenkins-group


And running getfacl returns:



# file: test_save_data_jenkins_R/
# owner: jenkins-group
# group: jenkins-group
user::rwx
group::rwx
other::r-x


Update #2



Running /usr/bin/id in jenkins script gives:



+ /usr/bin/id 
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins)


Running /usr/bin/id from terminal gives:



uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)


Notice this happens as well after running safeRestart of jenkins service.










share|improve this question























  • Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
    – Alex Baranowski
    Sep 3 at 13:15










  • Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
    – Michal
    Sep 3 at 13:22










  • Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
    – Philip
    Sep 3 at 13:26










  • Can you add an /usr/bin/id to your script? There is any difference between the id outputs when run interactively or in the script?
    – andcoz
    Sep 3 at 13:53










  • @andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
    – Philip
    Sep 3 at 13:56













up vote
0
down vote

favorite









up vote
0
down vote

favorite











I'm having trouble getting Jenkins to write to a directory, however I believe I have set the correct permissions. Jenkins is being run by a user named "jenkins", who belongs to a group called "jenkins-group". The directory in question looks something like this when I ll:



drwxrwxr-x 2 jenkins-group jenkins-group 68 Sep 3 13:01 test_save_data_jenkins_R


I followed the recommended approach as seen in the link below, by creating a group having "rwx" permissions and adding the user running Jenkins to this group. How do I properly allow user jenkins to write to a specific directory under user minecraft home directory?.



So I have given the group "jenkins-group" rwx permissions, which in turn should give the user "jenkins" those permissions as well, since it has this group as a secondary. When I log in to the user "jenkins" from a terminal I'm able to create a new file in this folder using touch test.txt. However when I run a build from Jenkins with the following commands in execute shell:



cd /apps/models/test_save_data_jenkins_R && whoami && touch test.txt


I get the following error:



+ cd /apps/models/test_save_data_jenkins_R
+ whoami
jenkins
+ touch test.txt
touch: cannot touch ‘test.txt’: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE


Notice that the group "jenkins-group" also has rwx permissions to the folders "apps" and "models". I have tried giving the user "jenkins" direct permission using the following command:



$ setfacl -Rm user:jenkins:rwx /apps/models/test_save_data_jenkins_R/


which would result in the script running successfully. However this is really a workaround, and I would like to understand what I'm doing wrong in the previous approach.



Update #1



Running groups jenkins:



jenkins : jenkins jenkins-group


And running getfacl returns:



# file: test_save_data_jenkins_R/
# owner: jenkins-group
# group: jenkins-group
user::rwx
group::rwx
other::r-x


Update #2



Running /usr/bin/id in jenkins script gives:



+ /usr/bin/id 
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins)


Running /usr/bin/id from terminal gives:



uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)


Notice this happens as well after running safeRestart of jenkins service.










share|improve this question















I'm having trouble getting Jenkins to write to a directory, however I believe I have set the correct permissions. Jenkins is being run by a user named "jenkins", who belongs to a group called "jenkins-group". The directory in question looks something like this when I ll:



drwxrwxr-x 2 jenkins-group jenkins-group 68 Sep 3 13:01 test_save_data_jenkins_R


I followed the recommended approach as seen in the link below, by creating a group having "rwx" permissions and adding the user running Jenkins to this group. How do I properly allow user jenkins to write to a specific directory under user minecraft home directory?.



So I have given the group "jenkins-group" rwx permissions, which in turn should give the user "jenkins" those permissions as well, since it has this group as a secondary. When I log in to the user "jenkins" from a terminal I'm able to create a new file in this folder using touch test.txt. However when I run a build from Jenkins with the following commands in execute shell:



cd /apps/models/test_save_data_jenkins_R && whoami && touch test.txt


I get the following error:



+ cd /apps/models/test_save_data_jenkins_R
+ whoami
jenkins
+ touch test.txt
touch: cannot touch ‘test.txt’: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE


Notice that the group "jenkins-group" also has rwx permissions to the folders "apps" and "models". I have tried giving the user "jenkins" direct permission using the following command:



$ setfacl -Rm user:jenkins:rwx /apps/models/test_save_data_jenkins_R/


which would result in the script running successfully. However this is really a workaround, and I would like to understand what I'm doing wrong in the previous approach.



Update #1



Running groups jenkins:



jenkins : jenkins jenkins-group


And running getfacl returns:



# file: test_save_data_jenkins_R/
# owner: jenkins-group
# group: jenkins-group
user::rwx
group::rwx
other::r-x


Update #2



Running /usr/bin/id in jenkins script gives:



+ /usr/bin/id 
uid=775(jenkins) gid=895(jenkins) groups=895(jenkins)


Running /usr/bin/id from terminal gives:



uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)


Notice this happens as well after running safeRestart of jenkins service.







linux jenkins






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Sep 4 at 6:49

























asked Sep 3 at 12:40









Philip

12




12











  • Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
    – Alex Baranowski
    Sep 3 at 13:15










  • Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
    – Michal
    Sep 3 at 13:22










  • Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
    – Philip
    Sep 3 at 13:26










  • Can you add an /usr/bin/id to your script? There is any difference between the id outputs when run interactively or in the script?
    – andcoz
    Sep 3 at 13:53










  • @andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
    – Philip
    Sep 3 at 13:56

















  • Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
    – Alex Baranowski
    Sep 3 at 13:15










  • Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
    – Michal
    Sep 3 at 13:22










  • Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
    – Philip
    Sep 3 at 13:26










  • Can you add an /usr/bin/id to your script? There is any difference between the id outputs when run interactively or in the script?
    – andcoz
    Sep 3 at 13:53










  • @andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
    – Philip
    Sep 3 at 13:56
















Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
– Alex Baranowski
Sep 3 at 13:15




Isn't test_save_data_jenkins_R owned by jenkins-group jenkins-group instead of jenkins jenkins-group?
– Alex Baranowski
Sep 3 at 13:15












Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
– Michal
Sep 3 at 13:22




Ok - therefore huge question can you manually go into a path and create file whilst being that user? either you all set rules for folder - but without -R so rights only did stay on folder - not on files/subfolders, or script is running as someone else.
– Michal
Sep 3 at 13:22












Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
– Philip
Sep 3 at 13:26




Yes i can manually add files and remove them as user "jenkins" in the directory. I am perplexed since when I run the script and ask "whoami" it says jenkins.
– Philip
Sep 3 at 13:26












Can you add an /usr/bin/id to your script? There is any difference between the id outputs when run interactively or in the script?
– andcoz
Sep 3 at 13:53




Can you add an /usr/bin/id to your script? There is any difference between the id outputs when run interactively or in the script?
– andcoz
Sep 3 at 13:53












@andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
– Philip
Sep 3 at 13:56





@andcoz I get the following output: + /usr/bin/id uid=775(jenkins) gid=895(jenkins) groups=895(jenkins) --- However running this from the jenkins user gives: uid=775(jenkins) gid=895(jenkins) groups=895(jenkins),1012(jenkins-group)
– Philip
Sep 3 at 13:56











1 Answer
1






active

oldest

votes

















up vote
0
down vote



accepted










The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:



sudo service jenkins restart





share|improve this answer




















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f466568%2fjenkins-write-permission-on-linux%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    0
    down vote



    accepted










    The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:



    sudo service jenkins restart





    share|improve this answer
























      up vote
      0
      down vote



      accepted










      The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:



      sudo service jenkins restart





      share|improve this answer






















        up vote
        0
        down vote



        accepted







        up vote
        0
        down vote



        accepted






        The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:



        sudo service jenkins restart





        share|improve this answer












        The problem was that the user permissions were not reflected until i restarted the jenkins service. I did this on the red hat linux machine by typing:



        sudo service jenkins restart






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Sep 4 at 6:59









        Philip

        12




        12



























             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f466568%2fjenkins-write-permission-on-linux%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?