I am trying to run a docker command as part of a jenkins job using shell. I get a standard error stating
"Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/images/json: dial unix /var/run/docker.sock: connect: permission denied"
I will require some help on
1. how to find the path where docker is installed which can be added to JENKINS global configuration
2. workaround to fix this permission issue(running as a sudo user/any other specific user)
I have already experimented by adding the JENKINS users to admin group, staff group, made administrator. But, nothing has actually helped. I still get the standard error
Tried the below code on terminal too
sudo -u jenkins docker images
OUTPUT:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/images/json: dial unix /var/run/docker.sock: connect: permission denied
I am expecting to run this code without the error. Only then my jenkins pipeline will be complete.
To find the path where docker is installed, simply run a which docker. Usually, it'll be installed somewhere in the standard PATH already, so probably Jenkins will already have access. As you get the permission denied error message, it looks like Jenkins is already using the correct docker executable.
Depending on the distribution or operating system you are using, you will most likely need to add the jenkins user to a docker group, e.g. sudo usermod -aG docker jenkins. To find out which group you need, run:
$ ls -l /var/run/docker.sock
srw-rw---- 1 root docker 0 Apr 30 16:20 /var/run/docker.sock
In the second line, you see the group that docker.sock is owned by. Add the jenkins user to that group.
I am running the latest version of macOS Sierra and I installed PostgreSQL via brew. Then I ran the command:
pg_ctl -D /Users/tmo/PSQL-data -l logfile start
but received for output:
waiting for server to start..../bin/sh: logfile: Permission denied
stopped waiting
pg_ctl: could not start server
Examine the log output.
EDIT: After restarting my operating system and rerunning the command... I'm now receiving a slightly modified output... but the modification is significant.
waiting for server to start.... stopped waiting
pg_ctl: could not start server
Examine the log output.
Where is the "log output" stored?
How do I make this command work?
The problem could be one of two things, that I can see:
A typo in your database path:
/Users/tmo/PSQL-data --> /Users/tmp/PSQL-data
If the above was just a transcription error, I would guess that your postgres user doesn't have write access to the directory where you are setting the logfile. The argument following the -l switch tells PG where to save the logfile. When you don't provide the -l switch with a path, but just a filename, it will use the same dir you use to specify the database cluster (with the -D flag). So in this case, PG is trying to write to /Users/tmp/PSQL-data/logfile, and getting a permission error.
To fix this, I would try:
If the directory /Users/tmp/PSQL-data/ doesn't exist:
sudo mkdir /Users/tmp/PSQL-data
Then create the logfile manually:
sudo touch /Users/tmp/PSQL-data/logfile
Then make the postgres user own the file (I'm assuming user is postgres here)
sudo chown postgres /Users/tmp/PSQL-data/logfile
Try again, and hopefully you can launch the server.
Caveat: I'm not a macOS user, so I'm not sure how the /tmp folder behaves. If it is periodically cleared, you may want to specify a different logfile location, so that you don't need to create and chown the file each time you need to launch the cluster.
I entered ssh-host-config into the cygwin prompt (started with admin privileges), said yes to privilege separation, new local account sshd, install sshd as a service; I entered no value for CYGWIN for daemon; I entered no for using a different name; yes for creating new privilege user account.
In my services.msc I am unable to start the service:
The CYGWIN sshd service on Local Computer started and then stopped.
Some services stop automatically if they are not in use by other services
or programs.
In the cygwin prompt, net start sshd produces:
The CYGWIN sshd service could not be started.
The service did not report an error.
More help is available by typing NET HELPMSG 3534
In the cygwin prompt, cygrunsrv -S sshd produces:
cygrunsrv: Error starting a service: QueryServiceStatus: Win32 error 1062:
The service has not been started.
My /var/log/sshd.log says the following:
Unable to initialize device PRN
I've searched the questions on SO related to this issue, as well as the general Internet, and I guess what makes my question unique has to do with the sshd.log. I can't find anyone else who has received this.
I'm doing this to install Hadoop on my Windows. I cannot run a virtual machine on this slow computer as everything just bogs down.
I followed the steps in this topic and the problem was still happening, then I checked the sshd log file and it was complaining that the privilegies of the ssh private key were to open.
I executed the follow command:
chmod 400 /etc/ssh_host_ecdsa_key
Then I run the service:
net start sshd
It finally worked (BTW: I am using Windows 8)
I had the same problem and here is the solution that worked for me.
Solution 1
Restart the machine after you set the path environment variables to point to Cygwin bin directories and then start the service.
Solution 2
First add the account that runs the Cygwin sshd demon service to administrators group (this is by default)
Go to your cygwin installation folder (mine is at c:\cygwin64 and yours may differ)
add administrators group as full control. remove the property
Remove Readonly for your cygwin installation folder so anyone can write into it
Run the cygwin terminal as administrator and remove the service by typing
cygrunsrv -R sshd
Reboot your system
Run the cygwin terminal as administrator and reinstall the service again by typing
ssh-host-config -y
Run the cygwin terminal as administrator and start the service by typing
net start sshd
Your service now be running!
I tried above solutions but nothing worked for me.
I am using Windows 8 and was able to solve it.
My sshd.log file says : "Privilege separation user sshd does not exist FAILED"
So to remove this error while starting sshd as service just following below steps:
Edit the file /etc/passwd --
add " sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin ".
Edit the file /etc/group --
add " sshd:x:74: ".
Now start service as
net start sshd
It worked for me!
Followed the steps provide by Andrea Solution 1 and solution 2 , it did not work. Event viewer did not provide any info.
So took a look at the log var/log/sshd.log first it complained that it was unable to load the dll:
/usr/sbin/sshd.exe: error while loading shared libraries: cygcrypto-1.0.0.dll
Solution:
Reinstalled the package and ensured that the dll were in lib.
Started the service again still it failed but this time it complained about missing host key.
Could not load host key: /etc/ssh_host_dsa_key
Could not load host key: /etc/ssh_host_ecdsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
Solution:
go to the Cygwin Command prompt (with run as admin ) and
enter ssh-keygen -A
the missing host key were generated .
Finally I was able to start it.
I would recommend looking at the log file further if the above solution does not work.
In my case (using a Polish version of Windows 8) I had to manually modify the /etc/passwd and /etc/group files.
Some lines for Administrator, Administrators, Guest, Guests, etc. had been missing, so I merely inserted them, and copied all other fields from their non-English versions. Eg.
nano /etc/passwd
SYSTEM:*:18:544:,S-1-5-18::
LocalService:*:19:544:U-NT AUTHORITY\LocalService,S-1-5-19::
NetworkService:*:20:544:U-NT AUTHORITY\NetworkService,S-1-5-20::
Administrators:*:544:544:,S-1-5-32-544::
Administratorzy:*:544:544:,S-1-5-32-544::
TrustedInstaller:*:4294967294:4294967294:U-NT SERVICE\TrustedInstaller,S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464::
Administrator:unused:500:513:U-gordito\Administrator,S-1-5-21-580982140-4090956935-1935414389-500:/home/Administrator:/bin/bash
Guest:unused:501:513:U-gordito\Gość,S-1-5-21-580982140-4090956935-1935414389-501:/home/Gość:/bin/bash
Gość:unused:501:513:U-gordito\Gość,S-1-5-21-580982140-4090956935-1935414389-501:/home/Gość:/bin/bash
HomeGroupUser$:unused:1004:513:HomeGroupUser$,U-gordito\HomeGroupUser$,S-1-5-21-580982140-4090956935-1935414389-1004:/home/HomeGroupUser$:/bin/bash
sshd:unused:1006:513:sshd privsep,U-gordito\sshd,S-1-5-21-580982140-4090956935-1935414389-1006:/var/empty:/bin/false
cyg_server:unused:1007:513:Privileged server,U-gordito\cyg_server,S-1-5-21-580982140-4090956935-1935414389-1007:/var/empty:/bin/false
nano /etc/group
root:S-1-5-32-544:0:
SYSTEM:S-1-5-18:18:
TrustedInstaller:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464:4294967294:
Administrators:S-1-5-32-544:544:
Administratorzy:S-1-5-32-544:544:
Czytelnicy dzienników zdarzeń:S-1-5-32-573:573:
Guests:S-1-5-32-546:546:
Goście:S-1-5-32-546:546:
IIS_IUSRS:S-1-5-32-568:568:
Users:S-1-5-32-545:545:
Users DCOM:S-1-5-32-562:562:
Użytkownicy:S-1-5-32-545:545:
Użytkownicy DCOM:S-1-5-32-562:562:
Użytkownicy dzienników wydajności:S-1-5-32-559:559:
Użytkownicy monitora wydajności:S-1-5-32-558:558:
Użytkownicy zarządzania zdalnego:S-1-5-32-580:580:
HomeUsers:S-1-5-21-580982140-4090956935-1935414389-1003:1003:
TelnetClients:S-1-5-21-580982140-4090956935-1935414389-1005:1005:
WinRMRemoteWMIUsers__:S-1-5-21-580982140-4090956935-1935414389-1000:1000:
None:S-1-5-21-580982140-4090956935-1935414389-513:513:
Brak:S-1-5-21-580982140-4090956935-1935414389-513:513:
Only after this, I was finally able to chmod g-rwx all the files that offended sshd, in a way that 'ls -la' indeed confirmed the dropped permissions for group and other.
Then finally, privileged CYGWIN services installed and started (sshd, cron)
I'm using a EC2 server instance. Used the following to install Jenkins:
wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list'
sudo apt-get update
sudo apt-get install jenkins
but I need to install software on the Jenkins server so in my EC2 instance I did
sudo –s –H –u jenkins
to get into the jenkins server.
Then I tried to do
sudo cabal install quickcheck
but it prompted me for jenkins password.
I've been searching around the internet for 4hrs now and nothing is helping me get administrative privilege in the jenkins server.
So I'm building my project using the following command in shell:
sudo cabal clean
sudo cabal configure
sudo cabal build
sudo cabal install
This is the error I'm getting:
Started by timer
Building in workspace /var/lib/jenkins/jobs/Finance/workspace
Checkout:workspace / /var/lib/jenkins/jobs/Finance/workspace - hudson.remoting.LocalChannel#eea6dc
Using strategy: Default
Last Built Revision: Revision b638e2182dece0ef1a40232b1d75fa3ae5c01a5d (origin/master)
Fetching changes from 1 remote Git repository
Fetching upstream changes from origin
Commencing build of Revision b638e2182dece0ef1a40232b1d75fa3ae5c01a5d (origin/master)
Checking out Revision b638e2182dece0ef1a40232b1d75fa3ae5c01a5d (origin/master)
[workspace] $ /bin/sh -xe /tmp/hudson3500373817395137440.sh
+ sudo cabal clean
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts
Build step 'Execute shell' marked build as failure
Sending e-mails to: ***#gmail.com
ERROR: Could not connect to SMTP host: localhost, port: 25
javax.mail.MessagingException: Could not connect to SMTP host: localhost, port: 25;
nested exception is:
java.net.ConnectException: Connection refused
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1934)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:638)
at javax.mail.Service.connect(Service.java:295)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
at javax.mail.Transport.send(Transport.java:124)
at hudson.tasks.MailSender.execute(MailSender.java:116)
at hudson.tasks.Mailer.perform(Mailer.java:117)
at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:19)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:814)
at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:786)
at hudson.model.Build$BuildExecution.post2(Build.java:183)
at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:733)
at hudson.model.Run.execute(Run.java:1592)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:237)
Caused by: java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
at java.net.Socket.connect(Socket.java:579)
at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:286)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:231)
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1900)
... 17 more
Finished: FAILURE
Here is how you can fix it:
Stop Jenkins
Go go edit /var/lib/jenkins/config.xml
Change <useSecurity>true</useSecurity> to false
Restart Jenkins: sudo service jenkins restart
Navigate to the Jenkins dashboard to the "Configure Security" option you likely used before. This time, setup security the same as before, BUT set it to allow anyone to do anything, and allow user signup.
Go to www.yoursite.com/securityRealm/addUser and create a user
Then go change allow anyone to do anything to whatever you actually want users to be able to do. In my case, it is allow logged in users to do anything.
If you installed using apt-get in ubuntu 14.04, you will found the default password in /var/lib/jenkins/secrets/initialAdminPassword location.
Before installing jenkins, create a user named jenkins and set password there. Then after installing jenkins you can use the password you created.
With the default Jenkins installation using Homebrew on macOS this will output the initial password for the admin user:
sudo cat /Users/Shared/Jenkins/Home/secrets/initialAdminPassword
jenkins default administrator password is logged in log file in ubuntu
log file is situated in /var/log/jenkins/jenkins.log folder
password will be placed after this,
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:
After Jenkins is installed just run sudo cat /var/lib/jenkins/secrets/initialAdminPassword.
In the Jenkins login page:
User: admin
Password: the output from the above command
On ubuntu 19.04, the default password are stored in the home directory:
cat ~/.jenkins/secrets/initialAdminPassword
The password is present in the log generated by docker run image as shown in the example below.
Jenkins Docker run log
Additionally you can check the directory /var/jenkins_home/secrets/
Its in the file name initialAdminPassword
You can use
cat /var/jenkins_home/secrets/initialAdminPassword
In my case I was using Jenkins Docker Image and I found the initial admin password using this command:
cat ~/secrets/initialAdminPassword
You can always disable security, then go in and re-enable it with the settings you want.
By default, Jenkins account is created without password and with the login shell as /bin/false.
jenkins:x:496:493:Jenkins Continuous Integration Server:/var/lib/jenkins:/bin/false
Change the shell to /bin/bash and you should be able to login without password by sudo su - jenkins.
Command to change the shell is:
chsh -s /bin/bash jenkin
When you install jenkins on your local machine, the default username is admin and password it gets automatically filled.
I was running Jenkins executing java -jar jenkins.war.
In my case Jenkins wrote webroot in an stdout: webroot: $user.home/.jenkins. So admin secret key was placed in a ~/.jenkins/secrets/initialAdminPassword.
I don't believe that the Jenkins user that is installed via apt has a password. If it does, I have never seen documentation. Based on the commands you entered, I am guessing you are using a Debian distro?
Is there any particular reason you must use the jenkins user to do the install instead of the user which was set up when you created your instance?
When installing Jenkins from AWS Marketplace . . .
"A default user "admin"with the instance-id as password is created to secure the Jenkins instance."
On the AWS Console for EC2, with the instance selected, choose the "Usage Instructions" tab:
"AWS Marketplace Usage Instructions
Latest Versions: 2.19.4.2
A default user "admin"with the instance-id as password is created to secure the Jenkins instance. Once the instance is started, copy the public DNS hostname of the server in the AWS Management Console and enter it in your web browser. The welcome screen allows you to request a trial license, start and evaluation, enter a license key, or connect to your instance to Operations Center. Once the license step is done, your instance is fully functional. We recommend enabling security and backups. You can connect with SSH to the server using the "ubuntu"linux user. The JENKINS_HOME is located under "/var/lib/jenkins". Jenkins listens on the following ports: * HTTP 80: through HAProxy, can be configured to use HTTPS:443 instead * Jenkins SSH 2222: primarily for the CloudBees Git Validated Merge Plugin * Jenkins JNLP 10000: communication from Jenkins agents or Jenkins CLI configured to use JNLP protocol. Not exposed by default on security groups."
Similar to the Ubuntu answer above, the Windows admin default password is stored in {jenkins install dir}\secrets\initialAdminPassword file (default install location would it in C:\Program Files (x86)\Jenkins\secrets\initialAdminPassword )
If you don't create a new user when you installed jenkins, then:
user: admin
pass: go to C:\Program Files (x86)\Jenkins\secrets and open the file initialAdminPassword
I am a Mac OS user & following credential pair worked for me:
Username: admin
Password: admin
For me the best method of retrieving admin pass is by executing cat command inside the running container.
docker exec YOUR_JENKINS_CONTAINER cat /var/jenkins_home/secrets/initialAdminPassword
On Windows it can be found in the file "C:\Windows\System32\config\systemprofile\AppData\Local\Jenkins\.jenkins\secrets\initialAdminPassword"
(I know OP specified EC2 server, but this is now the first result on google when searching Jenkins Password)
Jenkins Default username and password
username: admin
And
password available in the root directory .jenkins\secrets\initialAdminPassword just open the file and copy text and paste into password textbox.
Well,
Even I tried to log in with the admin/password which was failed.
So I created my own user like this.
Go to Jenkins home folder (C:\User.jenkins or you can find this in Jenkins server startup logs)
Go to Config file config.xml
set disableSignup to false false
if at all you want to disable login security
4.set ser security to false. true
For mac users: Just run this command
cat ~/.jenkins/secrets/initialAdminPassword
Initial Password of Jenkins is stored in the following directory
cat /var/lib/jenkins/secrets/initialAdminPassword
There are few steps to follow:
Go to the folder: C:\Users\Manjeet\.jenkins .(here in your case, there can be your system name or your name instead of mine)
Open config.xml file using any text editor.(recommended Notepad++)
Go to Line number seven which is like <useSecurity>true</useSecurity>.
So make it change this from true to false.
Save this file and close the window.
Open Command Prompt and start your Jenkins .
(java -jar jenkins.war --httpPort=8085).
Open browser and search for your localhost at your given port number.
(localhost:8085)
You will see it doesn't ask for username and password anymore. Now you have to delete
that existed user and Add new user for setting new username and password.
Steps to make new Admin:
1.Go to people option which present at second number at left hand side below Dashboard
Click on admin option present in a row and than click on delete.
Go to Dashboard, Click on Manage Jenkins, Click on Configure Global Security.
Check the box of Enable security option.
Check the box of Jenkins own user database option and Uncheck Allow user to sign up present just below of it.
6 . Check Logged-in user can do anything option and Uncheck Allow anonymous read access present just below of it.
Make it Save and it will give you a new form for creating new first user. Fill the details correctly and click on Create First Admin User .(it will automatically made a change on that config.xml file just save it. )
I am working on Ubuntu 12.04 .Recently I downloaded Hadoop 2.0.3 and made a user named Hduser which I added and give privileged rights. Now I want to delete the user.
I used
sudo deluser hduser
But it's giving me the following error:
Warning: group hadoop' has no more members. userdel: user hduser is
currently logged in /usr/sbin/deluser:/usr/sbin/userdel hduser'
returned error code 8. Exiting
Try logging in as root or any other user before executing the above. And make sure HDFS is down.
i had these errors too on Ubuntu 12.04 but I tried it on WEBMIN and successfully deleted the user.