Problem:
silver#calypso:~/Projects/scool% hg push -v
pushing to ssh://sssilver#bitbucket.org/sssilver/scool
running ssh sssilver#bitbucket.org 'hg -R sssilver/scool serve --stdio'
remote: Permission denied (publickey).
abort: no suitable response from remote hg!
I do have my public key uploaded into my BitBucket account.
Permissions on my keys seem to be fine:
silver#calypso:~/Projects/scool% ls -al ~/.ssh
total 40
drwx------ 6 silver staff 204 Mar 10 12:10 .
drwxr-xr-x+ 59 silver staff 2006 Apr 6 03:30 ..
-rw------- 1 silver staff 1766 Feb 9 18:10 id_rsa
-rw-r--r-- 1 silver staff 400 Feb 9 18:10 id_rsa.pub
-rw-r--r-- 1 silver staff 3560 Apr 6 03:15 known_hosts
The identity appears to be properly loaded:
silver#calypso:~/Projects/scool% ssh-add -l
2048 20:3b:9b:9f:b0:72:8f:a0:cd:40:6f:44:f9:28:86:5b /Users/silver/.ssh/id_rsa (RSA)
I seem to be able to even properly log into the bitbucket.org SSH server:
silver#calypso:~/Projects/scool% ssh -T hg#bitbucket.org
logged in as sssilver.
You can use git or hg to connect to Bitbucket. Shell access is disabled.
And my ssh-agent indeed seems to be running:
silver#calypso:~/Projects/scool% ps -e |grep ssh-agent
2866 ?? 0:00.10 /usr/bin/ssh-agent -l
2919 ?? 0:00.04 ssh-agent
2962 ttys000 0:00.00 grep ssh-agent
Note that my system is OSX Maverick, however I haven't tried doing this on other systems/devices.
What could be causing this strange behavior?
Related
I want to run jenkins on docker and change the user access so could read the SSH key and access git.
Here is sample of the dockerfile
FROM jenkins/jenkins:lts
USER root
COPY --chown=jenkins:jenkins id_rsa $JENKINS_HOME/.ssh/id_rsa
COPY --chown=jenkins:jenkins id_rsa.pub $JENKINS_HOME/.ssh/id_rsa.pub
RUN /bin/bash -c 'ls -la $JENKINS_HOME/.ssh; chmod 600 -R $JENKINS_HOME/.ssh; ls -la $JENKINS_HOME/.ssh'
The output upon build is a success, access has been changed!
Step 3/3 : RUN /bin/bash -c 'ls -la $JENKINS_HOME/.ssh; chmod 600 -R $JENKINS_HOME/.ssh; ls -la $JENKINS_HOME/.ssh'
---> Running in 137d1a4f9f6d
total 16
drwxr-xr-x 2 jenkins jenkins 4096 Jan 8 04:11 .
drwxr-xr-x 3 jenkins jenkins 4096 Jan 8 04:11 ..
-rwxr-xr-x 1 jenkins jenkins 1843 Jan 2 02:33 id_rsa
-rwxr-xr-x 1 jenkins jenkins 413 Jan 2 02:33 id_rsa.pub
total 16
drw------- 2 jenkins jenkins 4096 Jan 8 04:11 .
drwxr-xr-x 3 jenkins jenkins 4096 Jan 8 04:11 ..
-rw------- 1 jenkins jenkins 1843 Jan 2 02:33 id_rsa
-rw------- 1 jenkins jenkins 413 Jan 2 02:33 id_rsa.pub
Removing intermediate container 137d1a4f9f6d
---> 7d6334d2b044
However when I go inside the /bin/bash the access is set to default, the chmod was not working
jenkins#f49048ec8c88:/$ ls -al /var/jenkins_home/.ssh/
total 16
drwxr-xr-x 2 jenkins jenkins 4096 Jan 8 04:25 .
drwxr-xr-x 16 jenkins jenkins 4096 Jan 8 04:26 ..
-rwxr-xr-x 1 jenkins jenkins 1843 Jan 2 02:33 id_rsa
-rwxr-xr-x 1 jenkins jenkins 413 Jan 2 02:33 id_rsa.pub
any idea why the behavior is this way?
This happened because $JENKINS_HOME is defined as VOLUME in jenkins:lts base image. You can workaround this in any of the 3 ways
You can fix the permissions on host machine before building and it should work.
You can use multi stage build, change the permission and copy files from first stage
FROM jenkins/jenkins:lts as base
USER root
COPY --chown=jenkins:jenkins id_rsa /tmp/ssh_keys/
COPY --chown=jenkins:jenkins id_rsa.pub /tmp/ssh_keys/
RUN chmod 600 -R /tmp/ssh_keys
FROM jenkins/jenkins:lts
USER root
COPY --chown=jenkins:jenkins --from=base /tmp/ssh_keys $JENKINS_HOME/.ssh
You can copy and change permissions of the files in a temporary directory as part of build. As part of your startup script(entrypoint), you can copy them from the temporary directory to actual directory.
Because the command /bin/bash is just for that session. If you want it to be permanent, put it inside .profile.
I've already seen this question/answer here, but the solution isn't working for a Flutter project I'm working on.
Here's my yaml file:
image: cirrusci/flutter
variables:
before_script:
- flutter channel beta
- flutter upgrade
stages:
# - build
- test
#build:
# stage: build
# script:
# - flutter build apk
unitTests:
stage: test
script:
# - ls -la /opt/application/
# - ls -la ~/
- bash -c "echo \"$APP_VARS\" > ./cfg/env.json"
- flutter test test/widget_test.dart
Which yielded a cannot access <filename/directory>: File or Directory Not Found error with both ls -la /opt/application/ and bash -c "echo \"$APP_VARS\" > ./cfg/env.json"
Her's the output from ls -la ~/:
$ ls -la ~/
total 72
drwxr-xr-x. 1 cirrus cirrus 4096 Jul 9 19:16 .
drwxr-xr-x. 1 root root 4096 Mar 7 2018 ..
drwxr-xr-x. 1 cirrus cirrus 4096 Jul 9 19:17 .android
-rw-r--r--. 1 cirrus cirrus 220 May 15 2017 .bash_logout
-rw-r--r--. 1 cirrus cirrus 3526 May 15 2017 .bashrc
-rw-r--r--. 1 cirrus cirrus 24 Jul 9 19:16 .flutter
-rw-r--r--. 1 cirrus cirrus 675 May 15 2017 .profile
drwxr-xr-x. 1 cirrus cirrus 4096 Jul 9 19:16 .pub-cache
drwxr-xr-x. 1 cirrus cirrus 4096 Jul 9 19:16 sdks
My intent is to inject environment variables via the CI for use during testing (and hopefully deployment, although I haven't gotten that far yet).
The solution is two-part:
First, the /builds/**/cfg/ directory actually didn't exist. To fix this, you have two options-- do a mkdir or commit/push a file in the repo. I added an empty .gitignore to my cfg directory.
Then, that yielded a Permission Denied error. To solve this, I first tried to sudo my commands (which let me perform the mkdir mentioned above). When that didn't work, I did a chmod -R 777 /builds/, and that fixed my issue.
Going forward, I plan to use chmod [-R] 644 or chmod [-R] 755 instead and do a chmod +x on any files I need to run via a shell script.
I also moved my environment configuration script to the before_script: section in the gitlab YAML, but I don't believe that was necessary.
See for info on chmod.
Context
I have a shell script which is called from Jenkins remotely via SSH. If I SSH to the user account manually and then run the script it works. However, when Jenkins does this (same user account but executes command as an argument to the SSH command) it fails to find an application on the path.
Environment
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenial
uname-a Linux 4.4.0-1066-aws #76-Ubuntu SMP Thu Aug 16 16:21:21 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Contents of Home Directory
ls -la
total 76
drwxr-xr-x 7 app app 4096 Sep 3 07:49 .
drwxr-xr-x 4 root root 4096 Aug 19 14:31 ..
-rw------- 1 app app 12235 Sep 3 07:52 .bash_history
drwx------ 3 app app 4096 Aug 28 17:06 .cache
drwx------ 2 app app 4096 Aug 22 16:07 .docker
-rw-rw-r-- 1 app app 6064 Sep 1 15:19 docker-compose.yml
drwx------ 4 app app 4096 Aug 22 14:37 .local
drwxrwxr-x 2 app app 4096 Aug 28 17:15 .nano
-rw-rw-r-- 1 app app 97 Aug 22 16:00 .profile
-rwxrw-r-- 1 app app 177 Aug 28 07:45 run-all-apps.sh
-rwxrw-r-- 1 app app 476 Aug 28 07:45 run-apps.sh
-rw-rw-r-- 1 app app 66 Aug 28 17:15 .selected_editor
drwx------ 2 app app 4096 Sep 3 07:49 .ssh
-rw------- 1 app app 10496 Sep 3 07:49 .viminfo
Contents of .profile:
cat .profile
# set PATH so it includes user's private bin directories
PATH="$HOME/bin:$HOME/.local/bin:$PATH"
Contents Of Failing Script
cat ./run-apps.sh
#!/bin/bash
set -euo pipefail
IFS=$'\n\t'
# Authenticate for ECR
eval $(aws ecr get-login --region eu-west-1 --no-include-email)
How The Script Is Run
In a Jenkinsfile we have this:
sshagent(credentials: ['server-ssh']) {
sh "ssh -o StrictHostKeyChecking=no -p 22 -l app ${ENVIRONMENT_HOST_NAME} './run-apps.sh'"
}
Observed Result Of Running The Script
./run-apps.sh: line 12: aws: command not found
Other Information
If I SSH to the server using the same user that Jenkins uses I can run the AWS CLI:
whoami
app
and
which aws
/home/app/.local/bin/aws
finally:
aws --version
aws-cli/1.15.83 Python/2.7.12 Linux/4.4.0-1066-aws botocore/1.10.82
Is this perhaps something to do with the use of eval and the environment not being propagated or something, e.g. the .profile isn't run and therefore the application isn't on the path.
I have installed mongodb in one of our environments & this has been done using MongoDb Operations Manager. Though i have my PATH variable set correctly i'm unable to connect mongo shell with my user account but able to connect as a sudo. could someone help me if i'm missing anything here.
Details:
[user01#west.company.com#rhel01 /]$ echo $PATH
> /var/lib/mongodb-mms-automation/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/nfs/home/user01/.local/bin:/nfs/home/user01/bin
[user01#west.company.com#rhel01 /]$ mongo
> -bash: mongo: command not found
[user01#west.company.com#rhel01 /]$ sudo -i
[sudo] password for user01#west.company.com:
[root#rhel01 ~]# echo $PATH
> /var/lib/mongodb-mms-automation/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
[root#rhel01 ~]# mongo
> MongoDB shell
> version: 3.2.10 connecting to: test
> MongoDB Enterprise MYMONGOREPLSET01:PRIMARY>
Which Mongo Output:
[user01#west.company.com#rhel01 /]$ which mongo
/usr/bin/which: no mongo in (/var/lib/mongodb-mms-automation/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/nfs/home/user01/.local/bin:/nfs/home/user01/bin)
[root#rhel01 ~]# which mongo
/var/lib/mongodb-mms-automation/bin/mongo
Observation:
i just noticed the bin location is set like this ...
[root#rhel01 mongodb-mms-automation]# pwd
/var/lib/mongodb-mms-automation
[root#rhel01 mongodb-mms-automation]# ls -la
total 32
drwxr-xr-x 3 mongod mongod 4096 Mar 30 13:58 .
drwxr-xr-x. 57 root root 4096 Apr 1 03:23 ..
lrwxrwxrwx 1 mongod mongod 67 Nov 4 13:45 bin -> /var/lib/mongodb-mms-automation/mongodb-linux-x86_64-3.2.10-ent/bin
-rw------- 1 mongod mongod 1024 Mar 27 15:07 keyfile
-rw------- 1 mongod mongod 10686 Mar 30 13:58 mms-cluster-config-backup.json
drwxr-x--- 4 mongod mongod 4096 Nov 4 13:45 mongodb-linux-x86_64-3.2.10-ent
Try this
sudo chmod -R 777 /var/lib/mongodb-mms-automation/mongodb-linux-x86_64-3.2.10-ent/bin/
add this to path /var/lib/mongodb-mms-automation/mongodb-linux-x86_64-3.2.10-ent/bin
I'm trying to run MongoDB on OSX and encountering a common problem, Error with exit code 1.
Here's my very simple mongod.conf:
systemLog:
destination: file
logAppend: true
path: ~/Documents/test/mongodb/mongodb.log
storage:
directoryPerDB: true
dbPath: ~/Documents/test/mongodb/mongodb_data
journal:
enabled: true
processManagement:
fork: true # fork and run in background
net:
port: 27017
I 777'd all the folders so there's no way it can be a permissions issue (right? :P)
mac$ ls -lah ~/Documents/test/mongodb/
total 8
drwxr-xr-x 5 mac staff 170B Dec 4 15:34 .
drwxr-xr-x 11 mac staff 374B Dec 4 15:19 ..
-rwxrwxrwx 1 mac staff 301B Dec 4 15:21 mongod.conf
-rwxrwxrwx 1 mac staff 0B Dec 4 15:21 mongodb.log
drwxrwxrwx 2 mac staff 68B Dec 4 15:18 mongodb_data
But it still gets this error code!
mac$ sudo mongod -f ~/Documents/test/mongodb/mongod.conf
about to fork child process, waiting until server is ready for connections.
forked process: 70062
ERROR: child process failed, exited with error number 1
Things I've tried from other questions:
Apparently I shouldn't have to run this as sudo (?), I've tried both sudo and no sudo, same result
Could be a permissions issue (Starting mongod fails unless run as root) - well the mongodb_data directory and the conf and log are all 777 so can that really be the case? I've tried chown on all of them too but no effect.
Remove the pid location in your mongod.conf (done, doesn't have any effect) Starting mongod fork, ERROR: child process failed, exited with error number 1
Also:
mongodb.log has nothing in it after multiple start attempts
mongodb_data/ has nothing in it either (no .lock file or whatever, just empty)
Any ideas?
This is probably error with log file. It's strange that yours is 0 bytes.
Anyway you do not need to make 777 permissions, you do not need to run mongod with sudo on OSX system.
Try to do the following:
mkdir ~/sometest
cd ~/sometest
cp ~/Documents/test/mongodb/mongod.conf .
Replace systemLog path to mongodb.log, replace dbpath to data
mkdir data
Start mongod (mongod -f mongod.conf)