No /var/log/jenkins directory after LTS installation - macos

After installing Jenkins with https://www.jenkins.io/download/lts/macos/ and running it, when I go to http://localhost:8080/
Unlock Jenkins
To ensure Jenkins is securely set up by the administrator, a password has been written to the log (not sure where to find it?) and this file on the server:
So there it says:
Log files should be at /var/log/jenkins/jenkins.log, unless customized in org.jenkins-ci.plist.
But there is no /var/log/jenkins directory on my machine - where to find those logs? Why there is no /var/log/jenkins directory?

Typically this will be written into the JENKINS home directory. Which is located at /Users/<YOUR_USER>/.jenkins. The secret will be located here.
`/Users/<YOUR_USER>/.jenkins/secrets/initialAdminPassword`

and this file on the server:
It is best to rely on "this file" rather than the logs
The official documentation suggests:
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
Or (as in here)
cat /Users/administrator/.jenkins/secrets/initialAdminPassword
In both instances, the file mentioned in the "Unlock Jenkins" should give you the password.
(assuming this is a Homebrew installation, not a Docker one)

Related

kubectl not working on my windows 10 machine

When I try to run any kubectl command including kubectl version, I get a pop-up saying "This app can't run on your PC, To find a version for your PC, check with the software publisher" when this is closed, the terminal shows "access denied"
The weird thing is, when I run the "kubectl version" command in the directory where I have downloaded kubectl.exe, it works fine.
I have even added this path to my PATH variables.
thank you for the answer, #rally
apparently, in my machine, it was an issue of administrative rights during installation. My workplace's IT added the permission and it worked for me.
Adding this answer here so that if anyone else comes across this problem they can try this solution as well.
Not knowing what exactly you downloaded, i would suggest you to delete everying in the folder and follow the instructions for installing kubectl for Windows from here:
https://kubernetes.io/docs/tasks/tools/install-kubectl-windows/
Note: downloading the .exe is not enough. You need a kubeconfig file "config", which contains the configuration to access your cluster.
kubectl looks for this file in a hidden folder under your user profile directory. c:\users<me>.kube.
Just to let you try, i would suggest you to activate Kubernetes in your Docker-Desktop installation. I guess you have this installed. If not install it from the Dockersite. https://www.docker.com/products/docker-desktop/
Activating Kubernetes inside Docker-desktop, will install also kubectl and save the config in the .kube folder.
After the installation finished, in a new terminal:
kubectl get node
You should see the 1 node in the kubernetes-docker-desktop cluster.
Now if you want to access another cluster, you need the kubeconfig-file for that cluster. If you have it, just rename the config in the .kube folder (to not loose it) and put the other config inside.
If the new config file is correct you should be able to access that cluster.
The config file can be structured to hold more than one cluster configuration and you can switch between them using a so called context.
Here you can get the information how to do that, according to your needs:
https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/
Hope this can help you, starting with KUbernetes.

Hudson post build step security issue

Hudson jobs can be configured to have a post build step which can execute shell commands as an option, accidently or intentionally someone can wipe out the hudson home directory
just by running rm command is there a specific set of permission of home directory
which will prevent such scenario
On Linux, you will likely be running the Hudson process as the "hudson" user. Using a combination of chown and chmod, you can set the permissions on the hudson application server directory such that the hudson user only has read-access of the Hudson application server directory.
Hudson stores all of its file storage in /var/lib/jenkins by default (if you're using the .deb package).
so basically, make sure that the hudson user has recursive write access of that directory, allow hudson read-only access of the other Hudson installation files, and no access over any other file.

Grails create-app error

Anyone know why I would get this error when trying to create a grails app using terminal.
mycomputer:test-apps mailboxe$ grails create-app demo
| Configuring classpath
| Error Error executing script CreateApp: /Users/bla/.grails/ivy-cache/resolved-org.grails.internal-grails-2.0.3.xml (Permission denied) (Use --stacktrace to see the full trace)
As #Phillip Tenn mentions, this is a permissions issue. Chances are something got installed into a cache with the sudo command so the root user owns the file and your normal user can't modify it.
The easiest thing to do is probably to just whack your ~/.grails directory, by default, there isn't anything but cached information in there. So unless you've put something in there manually (like a config file), it's safe to delete and let it regenerate with the next grails command. To do that, just:
cd ~
sudo rm -r .grails
It'll prompt you for your password to ensure you want to run this command as the root user.
Alternatively, you could try to find the offending file and chown it to your user and group (by default on OSX the group is staff). So for this example:
sudo chown bla:staff /Users/bla/.grails/ivy-cache/resolved-org.grails.internal-grails-2.0.3.xml
Grails needs to be able to write to a .grails folder under your user directory.
Without knowing the details of your development environment, the error message you are getting says (Permission denied) when you try to run grails create-app demo.
I would look into your directories:
/Users/bla/.grails/
/Users/bla/.grails/ivy-cache/
and ensure that you have proper write permissions.

How to install a mod_ftp module on a MAMP server

Background:
I recently installed MAMP, and am using it as a production server. The server setup did not come with an FTP server, and from what I've read, you can set up an FTP server via mod_ftp, an Apache module. I am not an expert with Apache software or server admin, although I can learn quickly. I can get to the following point and then I get stuck. Can someone please help me out?
I checked out the mod_ftp module files from the repository, here:
http://svn.apache.org/repos/asf/httpd/mod_ftp/trunk/
and I unzipped the contents into:
/Applications/MAMP/mod_ftp
I opened the README-FTP file (here):
http://svn.apache.org/repos/asf/httpd/mod_ftp/trunk/README-FTP
README-FTP:
To build and install as a DSO outside of the httpd source
build, from the ftp source root directory, simply;
./configure.apxs
make
make install
...
To build static, or as a DSO but within the same build as httpd,
copy the entire ftp source directory tree on top of your existing
httpd source tree, and from the httpd source root directory
./buildconf (to pick up ftp)
./configure --enable-ftp {your usual options}
and proceed as usual.
Some Questions:
"build and install a DSO outside of the httpd source build, from the ftp source root directory" -- is the ftp source root directory the mod_ftp folder that I created from the zipped files I checked out from the repository?
What does it mean "outside of the httpd source build"? -- is this the ServerRoot value I set in the httpd.conf as "/Applications/MAMP/Library" ?
Likewise, what does "within the same httpd build" mean -- what location is this referring to?
How do I know whether I want a static or DSO build?
What is the statement: "copy the entire ftp source directory tree on top of your existing
httpd source tree" actually asking me to do? (on top of?? As in, in the parent directory of the httpd source tree, or in the same directory?)
If you've made it this far, I'd like to commend you!
From this point, I chose the first option, and entered the commands seen in README-FTP into my Terminal.
Here's what my terminal looks like:
$ ./configure.apxs
Configuring mod_ftp for APXS in /usr/sbin/apxs
Detecting features
Finished, run 'make' to compile mod_ftp
Run 'make FTPPORT=8021 install' to install mod_ftp
(The default FTPPORT is 21 if not specified)
The manual pages ftp/index.html and mod/mod_ftp.html
will be installed to help get you started.
The conf/extra/ftpd.conf will be installed as an example
for you to work from. In your configuration file,
/private/etc/apache2/httpd.conf
uncomment the line '#Include conf/extra/ftpd.conf'
to activate this example mod_ftp configuration.
$ make
Making all in modules/ftp
$ sudo make install
Password:
Making install in modules/ftp
/usr/share/apr-1/build-1/libtool --silent --mode=install cp mod_ftp.la /usr/libexec/apache2/
Installing configuration files
for i in /private/etc/apache2/httpd.conf /private/etc/apache2/original/httpd.conf; do \
if test -f $i; then \
(awk -f /applications/mamp/library/mod_ftp/build/addloadexample.awk \
-v MODULE=ftp -v DSO=.so -v LIBPATH=libexec/apache2 \
-v EXAMPLECONF=/private/etc/apache2/extra/ftpd.conf \
< $i > $i.new && \
mv $i $i.bak && mv $i.new $i \
) || true; \
fi; \
done
Preserving existing FTP documents
Installing header files
Installing online manual
$
So what do I do from here?
I don't see mod_ftp.so anywhere, and I am particularly looking in this directory:
/Applications/MAMP/Library/modules (where all of Apache's other mod_*.so files are...)
and this directory:
/Applications/MAMP/mod_ftp/modules/ftp (where all of mod_ftp's various .c, .h and other files are)
Ultimately, I think the problem I am running into is that I don't understand how the file structures between my mod_ftp source folder and the httpd source folders need to be integrated in order to get the module running properly. Also, I don't know what I don't know, so there is probably one simple question to ask, but unfortunately I can't figure out how to ask it. Thank you for your help and patience!
Cheers!
P.S., yes, I have scoured the internet for hours.
I ended up scrapping MAMP and using the Mac's built in server. Through the System Preferences > Sharing menu, you can enable file sharing, which has an Options pane that allows you to "Share files and folders using FTP." I was able to obtain a static IP address through Comcast Business, and configured port forwarding on port 21 in my router to accept traffic. Then, I could use my FTP client to connect to my router with something like "123.456.789:21" as my host. Wasn't the best or most secure solution, but it worked, so take it with a grain of salt.
Right, I finally managed to install this on Ubuntu LTS 16.04.
First of all, you should install svn and the apxs functionality by running
sudo apt-get install subversion apache2-dev.
Then, cd to a convenient folder, and run svn co http://svn.apache.org/repos/asf/httpd/mod_ftp/trunk/. This downloads everything in the folder named /trunk. Then, cd into the /trunk folder of the downloaded repo.
Then, run the stated instructions
./configure.apxs --> does something in the subfolder to enable makefile to work
make --> this compiles the contents of the repo and changes things around.
make install --> you may want to run with the suggested flag. Essentially copies things to where it needs to be copied, and creates the necessary modules.
The suggested ./buildconf and ./configure should only be done if you are compiling apache2 with ftp at the same time. Since you should already have apache2 installed, this is not the option that you should be doing. Just stick with the first set of instructions, which are used to compile mod_ftp independently of apache2 and patch things in as needed.
At this point, the installation should technically work. However, you are not fully out of the woods yet. If you restart apache2 at this point, it should fail to start. If you run systemctl -xe, you will see that it is due to syntax errors in various places of the config files where someone forgot to prepend a forward slash, so rather than being given relative to root, the directories being specified end up being relative to /etc/apache2 instead. Fix those, using the line numbers as a guide. The omissions may be found in the apache2.conf file that specify the location of the mod_ftp module, and in the ftpd.conf file that specify the location of the error log.
You now need to mess around with apache2.conf and ftpd.conf (found in the /extra subfolder of the /etc/apache2 folder). Make sure that the lines
include /etc/apache2/extra/ftpd.conf
LoadModule ftp_module /usr/lib/apache2/modules/mod_ftp.so are present and uncommented.
The first basically tells the main apache2.conf file to include the configuration files for mod_ftp to help with partitioning your http and ftp configuration settings. The second just makes sure that the ftp module is loaded so that it can interpret the directives in the ftpd.conf file. Thus, you won't need to add the line "FTP on" or specify ports, as those are handled in ftpd.conf perfectly well.
You should now be good to go. Just note that for some weird reason if you set the document root in ftpd.conf to be the same as that in apache2.conf, apache2 will still run normally. The ftp server will work normally but the http server will not work. No idea why, but if you want to do that a simple workaround is to just do a symlink to the http document root and set that as the ftp document root.

How to run jenkins as a different user

I have been trying to follow tutorials and this one: Deploy as Jenkins User or Allow Jenkins To Run As Different User?
but I still can't for the love of the computing gods, run as a different user. Here are the steps of what I did:
download the macosx pkg for jenkins(LTS)
setup plugins etc and git
try to build it
I keep getting a can't clone error because jenkins keeps starting as anonymous:
Started by user anonymous
How do I set it up so that jenkins runs as me? I was using the jenkins web UI so it was in localhost:8080
I tried logging in also using /login but I can't even login using my name or as root.
The people tab doesn't even have a create user link, so yeah I've been stuck. Help please?
The "Issue 2" answer given by #Sagar works for the majority of git servers such as gitorious.
However, there will be a name clash in a system like gitolite where the public ssh keys are checked in as files named with the username, ie keydir/jenkins.pub. What if there are multiple jenkins servers that need to access the same gitolite server?
(Note: this is about running the Jenkins daemon not running a build job as a user (addressed by #Sagar's "Issue 1").)
So in this case you do need to run the Jenkins daemon as a different user.
There are two steps:
Step 1
The main thing is to update the JENKINS_USER environment variable. Here's a patch showing how to change the user to ptran.
BEGIN PATCH
--- etc/default/jenkins.old 2011-10-28 17:46:54.410305099 -0700
+++ etc/default/jenkins 2011-10-28 17:47:01.670369300 -0700
## -13,7 +13,7 ##
PIDFILE=/var/run/jenkins/jenkins.pid
# user id to be invoked as (otherwise will run as root; not wise!)
-JENKINS_USER=jenkins
+JENKINS_USER=ptran
# location of the jenkins war file
JENKINS_WAR=/usr/share/jenkins/jenkins.war
--- etc/init.d/jenkins.old 2011-10-28 17:47:20.878539172 -0700
+++ etc/init.d/jenkins 2011-10-28 17:47:47.510774714 -0700
## -23,7 +23,7 ##
#DAEMON=$JENKINS_SH
DAEMON=/usr/bin/daemon
-DAEMON_ARGS="--name=$NAME --inherit --env=JENKINS_HOME=$JENKINS_HOME --output=$JENKINS_LOG - -pidfile=$PIDFILE"
+DAEMON_ARGS="--name=$JENKINS_USER --inherit --env=JENKINS_HOME=$JENKINS_HOME --output=$JENKINS_LOG --pidfile=$PIDFILE"
SU=/bin/su
END PATCH
Step 2
Update ownership of jenkins directories:
chown -R ptran /var/log/jenkins
chown -R ptran /var/lib/jenkins
chown -R ptran /var/run/jenkins
chown -R ptran /var/cache/jenkins
Step 3
Restart jenkins
sudo service jenkins restart
ISSUE 1:
Started by user anonymous
That does not mean that Jenkins started as an anonymous user.
It just means that the person who started the build was not logged in. If you enable Jenkins security, you can create usernames for people and when they log in, the
"Started by anonymous"
will change to
"Started by < username >".
Note: You do not have to enable security in order to run jenkins or to clone correctly.
If you want to enable security and create users, you should see the options at Manage Jenkins > Configure System.
ISSUE 2:
The "can't clone" error is a different issue altogether. It has nothing to do with you logging in to jenkins or enabling security. It just means that Jenkins does not have the credentials to clone from your git SCM.
Check out the Jenkins Git Plugin to see how to set up Jenkins to work with your git repository.
Hope that helps.
On Mac OS X, the way I enabled Jenkins to pull from my (private) Github repo is:
First, ensure that your user owns the Jenkins directory
sudo chown -R me:me /Users/Shared/Jenkins
Then edit the LaunchDaemon plist for Jenkins (at /Library/LaunchDaemons/org.jenkins-ci.plist) so that your user is the GroupName and the UserName:
<key>GroupName</key>
<string>me</string>
...
<key>UserName</key>
<string>me</string>
Then reload Jenkins:
sudo launchctl unload -w /Library/LaunchDaemons/org.jenkins-ci.plist
sudo launchctl load -w /Library/LaunchDaemons/org.jenkins-ci.plist
Then Jenkins, since it's running as you, has access to your ~/.ssh directory which has your keys.
If you really want to run Jenkins as you, I suggest you check out my Jenkins.app. An alternative, easy way to run Jenkins on Mac.
See https://github.com/stisti/jenkins-app/
Download it from https://github.com/stisti/jenkins-app/downloads
To run jenkins as different user on ubuntu os you need to change below things.
Update below two lines in /etc/default/jenkins file
JENKINS_USER=$USERNAME
JENKINS_GROUP=$NAME
In our case we set user as ubuntu.
#JENKINS_USER=$NAME
#JENKINS_GROUP=$NAME
JENKINS_USER="ubuntu"
JENKINS_GROUP="ubuntu"
Update below two lines in /lib/systemd/system/jenkins.service file
User=jenkins
Group=jenkins
In our case we set user as ubuntu.
#User=jenkins
#Group=jenkins
User=ubuntu
Group=ubuntu
Change file ownership of jenkins owned folders.
sudo chown -R ubuntu:ubuntu /var/lib/jenkins
sudo chown -R ubuntu:ubuntu /var/cache/jenkins
sudo chown -R ubuntu:ubuntu /var/log/jenkins
After above changes run below command to reload systemctl
sudo systemctl daemon-reload
Now you can restart jenkins
sudo systemctl restart jenkins.service
you can integrate to LDAP or AD as well. It works well.

Resources