When I would like to do something that requiers sudo privelegies, the build process stucks and when ps aux for that command, it hanging in the list but doing nothing.
E.g.:
in the buildscript:
# stop nginx
echo "INFO: stopping nginx. pid [$(cat /opt/nginx/logs/nginx.pid)]"
sudo kill $(cat /opt/nginx/logs/nginx.pid)
in the gitlab ci output console:
INFO: stopping nginx. pid [2741]
kill $(cat /opt/nginx/logs/nginx.pid) # with a spinning wheel
in the bash:
> ps aux | grep nginx
root 6698 0.0 0.1 37628 1264 ? Ss 19:25 0:00 nginx: master process /opt/nginx/sbin/nginx
nobody 6700 0.3 0.3 41776 3832 ? S 19:25 0:00 nginx: worker process
kai 7015 0.0 0.0 4176 580 pts/0 S+ 19:27 0:00 sh -c sudo kill $(cat /opt/nginx/logs/nginx.pid)
kai 7039 0.0 0.0 7828 844 pts/2 S+ 19:27 0:00 grep nginx
So:
not the sudo kill $(cat /opt/nginx/logs/nginx.pid) is going to execute, but sh -c sudo kill $(cat /opt/nginx/logs/nginx.pid)
it is hanging up, without response (sounds for me like it asks for a password interactively)
There are a couple of ways to resolve this.
Grant sudo permissions
You can grant sudo permissions to the gitlab-runner user as this is who is executing the build script.
$ sudo usermod -a -G sudo gitlab-runner
You now have to remove the password restriction for sudo for the gitlab-runner user.
Start the sudo editor with
$ sudo visudo
Now add the following to the bottom of the file
gitlab-runner ALL=(ALL) NOPASSWD: ALL
Do not do this for gitlab runners that can be executed by untrusted users.
SSH Runner
You can configure the gitlab-ci-runner to connect to a remote host using SSH. You configure this to use a user remotely that has sudo permissions, and perform the build using that user. The remote host can be the same machine that the gitlab runner is executing on, or it can be another host.
This build user account will still need to have sudo and passwordless permissions. Follow the instruction below, except replace gitlab-runner with the build user.
It worked for me as written by Reactgular.
But one little clarification. You must include a % sign before
gitlab-runner ALL = (ALL) NOPASSWD: ALL.
I could not understand for a long time why it doesn’t help me. Then I put the percentage icon and it worked.
Related
I see this in the Heroku docs:
The SSH session created by Heroku Exec will not have the config vars set as environment variables (i.e., env in a session will not list config vars set by heroku config:set).
I need to be able to SSH into our sidekiq container specifically and run a console session there. To do this, I need access to the ENV vars. I cannot do this in a one off bash container, because the config is different for sidekiq container, and I need to confirm that values are getting set properly (via the console).
Something like this:
heroku ps:exec -a [our-app] -d [sidekiq.1] --with-env-vars
How can I use heroku ps:exec (or a similar command) to ssh into an existing dyno WITH config vars present?
No the most ideal, but there is an option which is helpful for me.
Identify the command call
This is to identify the potential process that will contain the environment variables.
ps auxfww that will give you a result similar to:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
nobody 1 0.0 0.0 6092 3328 ? Ss 18:19 0:00 ps-run
u19585 4 0.5 0.6 553984 410984 ? Sl 18:19 0:19 puma 4.3.12 (tcp://0.0.0.0:36152) [app]
u19585 26 0.0 0.0 9836 2248 ? S 18:19 0:00 \_ bash --login -c bundle exec puma -p 36152 -C ./config/puma.rb
In this case bash --login -c bundle exec puma will be our ENV Process picker.
Load your ENV variables
Then run the source command to call the ENVS each time you get connected through ps:exec
source <(cat /proc/$(pgrep -f "bash --login -c bundle exec puma")/environ | strings)
source <(<DATA>): export your variables in a call
pgrep -f "<IDENTIFIED_COMMAND>": picks the PID
cat /proc/<PID>/environ: contains the app env variables
strings: to convert the 'binary' lines to string lines
After that, you'll have your main ENV variables available in your console.
Finally copy in a good place your source call to use it when you need it.
I have a script file as below.
#!/bin/bash
set -x
set -e
#VBoxManage startvm "cuckoo-window" --type gui
python ~/Downloads/cuckoo-modified-master/utils/api.py --host 0.0.0.0 --port 8090
#cd ~/Downloads/cuckoo-modified-master/web/
# python manage.py runserver 0.0.0.0:8008
# python ~/Downloads/cuckoo-modified-master/cuckoo.py
My service script /etc/init/miscservices.conf
start on runlevel
script
cd ~/Downloads/cuckoo-modified-master
./miscservices.sh
end script
I have also created a symlink in /etc/init.d/miscservices and added in startup
sudo update-rc.d miscservices defaults
sudo service miscservices start
miscservices stop/waiting
No script started. When I start as below, them move to root mode but still no service start. But when I exit it start 2 instances of the service.Please explain this behavior.
sudo /etc/init.d/miscservices start
start: Unknown job: on
Script started, file is typescript
root#abc:~# sudo netstat -ntlp | grep 8090
root#abc:~# ps -aux | grep misc
root 2929 0.0 0.0 81976 2260 pts/6 S+ 13:42 0:00 sudo /etc/init.d/miscservices start
root 2930 0.0 0.0 4440 652 pts/6 S+ 13:42 0:00 sh /etc/init.d/miscservices start
root 2962 0.0 0.0 16192 936 pts/15 S+ 13:43 0:00 grep --color=auto misc
root#abc:~#
root#abc:~#
root#abc:~# exit
exit
Script done, file is typescript
+ set -e
+ python /home/aserg/Downloads/cuckoo-modified-master/utils/api.py --host 0.0.0.0 --port 8090
Bottle v0.12.0 server starting up (using WSGIRefServer())...
Listening on http://0.0.0.0:8090/
Hit Ctrl-C to quit.
I think the problem may be in ~/Downloads/cuckoo-modified-master/miscservices.sh script (and btw use ~ in upstart script not best idea because it will probably execute as root and there can be some problems with determitate where is ~). By default upstart doesn't spawn processes. That mean if you have your configuration like that:
start on runlevel
script
cd ~/Downloads/cuckoo-modified-master
./miscservices.sh
end script
upstart will only start your process once and then do nothing. And if you start it once and there was some error in script it just stoped with no information to you. You can check log file. By default it must be in /etc/log/upstart/miscservices.log (for Ubuntu 14.04 LTS). If no you can check where is default upstart logs in your OS or write it manually just by echo some informtaion in certain place. For example:
env logf="/home/someuser/miscservices.log"
script
echo "Script it starting..." >> $logf
/home/someuser/Downloads/cuckoo-modified-master/miscservices.conf >> $logf
echo "Script is ended." >> $logf
end scipt
And if you want to respawn script processes you may add to the beggining of the script:
respawn
respawn limit unlimited
or just make unlimited loop in script file.
ps. You can modify your upstart script /etc/init/miscservices.conf by more clear code. From start on runlevel to:
start on filesystem
stop on shutdown
This mean that script will start after filesystem starts and will shutdown on shutdown.
pps. You dont need symlink in /etc/init.d/miscservices. If you use upstart then just use it! You dont need anything else. Just put your end scipt in /etc/init and it will start automatically. It can be something like that:
start on filesystem
stop on shutdown
env logf="/home/someuser/miscservices.log"
script
echo "Script it starting..." >> $logf
/home/someuser/Downloads/cuckoo-modified-master/miscservices.conf >> $logf
echo "Script is ended." >> $logf
end scipt
Hope i can help!
I am looking to have the Transmission bittorrent client execute a script that changes the owner and permissions of all torrents in the completed folder when a torrent completes downloading.
I am using the following relevant settings in /etc/transmission-daemon/settings.json:
"download-dir": "/data/transmission/completed",
"script-torrent-done-enabled": true,
"script-torrent-done-filename": "/home/user/script.sh",
The script does not seem to be executing after a torrent completes, I know there are other issues that could be going on aside the from the content of the script itself. The owner of the script file is debian-transmission and I have the permissions set to 777, so there shouldn't be an issues with Transmission accessing the script unless I have missed something here.
The /home/user/script.sh file is as follows:
#!/bin/bash
echo sudopassword | /usr/bin/sudo -S /bin/chmod -f -R 777 /data/transmission/completed
echo sudopassword | /usr/bin/sudo -S /bin/chown -f -R user /data/transmission/completed
I know it is poor form to use a sudo command in this fashion, but I can execute the script on it's own and it will work correctly. I am not sure why Transmission is not executing the script. Transmission supports some environment variables such as TR_TORRENT_NAME that I would like to use once the script is being triggered. Is there anything I am not setting up in the file that would prevent the script from working correctly and how would I use environment variables?
I'll probably answer a different question here, but if you're trying this simply to gain write permissions on your Transmission Daemon's downloads to your user, try a different approach.
I'm running my Transmission Daemon under my username, as set in it's systemd service file. (/etc/systemd/system/multi-user.target.wants/transmission-daemon.service in my case)
[Unit]
Description=Transmission BitTorrent Daemon
After=network.target
[Service]
User=myuser # set user here
Group=mygroup # set group here :)
UMask=0022 # 0022 gives 644 permissions on files (u+w), 0002 gives 644 (g+w), 0000 gives 666 (a+w)
Type=notify
ExecStart=/usr/bin/transmission-daemon -f --log-error
ExecStop=/bin/kill -s STOP $MAINPID
ExecReload=/bin/kill -s HUP $MAINPID
[Install]
WantedBy=multi-user.target
Notice User, Group and UMask (with capital M) directives.
See Execution environment configuration for Systemd manpage.
Then run:
sudo chown -fR user /data/transmission/completed
sudo systemctl daemon-reload
sudo service transmission-daemon restart
and you should set :)
Add the user who will execute the script to a group with default sudo access.
Fedora - add user to the wheel group
sudo usermod -aG wheel $(whoami)
Ubuntu - user group: sudo or admin (deprecated)
I just installed nginx. I am trying to stop it now using the pid file in the logs folder but it's telling me that it's illegal process id: cat /usr/local/logs/nginx.pid
The command that i run is: sudo kill 'cat /usr/local/logs/nginx.pid'
The pid is 15597 but in Activity Monitor i don't see a process with that ID either. When I type: ps ax | grep nginx i get:
15597 ?? Ss 0:00.00 nginx: master process nginx
15883 ?? S 0:00.00 nginx: worker process
15898 s000 R+ 0:00.00 grep nginx
Thanks
Try to kill the process directly:
kill 15597
or you can try the nginx start script in usr/local/etc/nginx:
nginx -s quit
You will probably have to adjust the path according to your installation.
I'm having an issue with my install of postgres in my development environment and I need some help diagnosing it. I haven't yet had any luck in tracking down a solution.
I have postgres 9.0.4 installed with homebrew
I am running on OS X 10.6.8 (Snow Leopard)
I can start and stop the server
$ pg_ctl -D /usr/local/var/postgres -l /usr/local/var/postgres/server.log start
server starting
If I try to stop though
$ pg_ctl -D /usr/local/var/postgres stop -s -m fast
pg_ctl: PID file "/usr/local/var/postgres/postmaster.pid" does not exist
Is server running?
Ok this is missing
$ ls -l /usr/local/var/postgres/ | grep postmaster
$
But it is definitely running
$ ps aux | grep postgres
pschmitz 303 0.9 0.0 2445860 1428 ?? Ss 3:12PM 0:02.46 postgres: autovacuum launcher process
pschmitz 304 0.9 0.0 2441760 428 ?? Ss 3:12PM 0:02.57 postgres: stats collector process
pschmitz 302 0.0 0.0 2445728 508 ?? Ss 3:12PM 0:00.56 postgres: wal writer process
pschmitz 301 0.0 0.0 2445728 560 ?? Ss 3:12PM 0:00.78 postgres: writer process
pschmitz 227 0.0 0.1 2445728 2432 ?? S 3:11PM 0:00.42 /usr/local/Cellar/postgresql/9.0.3/bin/postgres -D /usr/local/var/postgres -r /usr/local/var/postgres/server.log
And if I try to access or use it I get this.
$psql
psql: FATAL: could not open relation mapping file "global/pg_filenode.map": No such file or directory
But global/pg_filenode.map definitely exists in
$ls -l /usr/local/var/postgres/
...
-rw------- 1 pschmitz staff 8192 Sep 16 15:48 pg_control
-rw------- 1 pschmitz staff 512 Sep 16 15:48 pg_filenode.map
-rw------- 1 pschmitz staff 12092 Sep 16 15:48 pg_internal.init
I have attempted to uninstall and reinstall to no effect. Any ideas on how I can solve this?
It has pretty much prevented me from getting anything done today.
I am not sure what the source of my original problem was with 9.0.3 because I was getting this problem:
psql: FATAL: could not open relation mapping file "global/pg_filenode.map": No such file or directory
However as stated above it turns out that the running process was for my previous postgres install of 9.0.3
I believe I had an old version org.postgresql.postgres.plist in ~/Library/LaunchAgents/
I had to:
Remove and re-add the launch agent
Kill the processes for 9.0.3
Initialize the db initdb /usr/local/var/postgres
Restart my computer
and now I have it up and working.
Encountered this problem using mdillon/postgis:9.6 Docker image. Simple sudo docker restart <container id> solved the problem.
That may be a permission issue, check the owner and group of configuration files in /var/lib/pgsql/9.3/data/
chown -R postgres:postgres /var/lib/pgsql/9.3/data/
I just encountered this problem. Solved it by setting the owner of the postgres data directory to the unprivileged postgres user.
ps aux | grep postgres revealed I had another instance of postgres running on a temp data directory from a previous test run. Killing this process fixed the problem.
My step-by-step solution in fedora:
/bin/systemctl stop postgresql.service (Stop the service)
rm -rf /var/lib/pgsql/data (Remove the "data" direcotry)
postgresql-setup initdb (Recreate the "data" directory)
/bin/systemctl start postgresql.service (Start the service)
It is also useful to check the permissions of the "data" directory:
chown -R postgres:postgres <path_to_data_dir>
(Kudos to #LuizFernandodaSilva & #user4640867)
I had an old value of PGDATA confusing things.
This (https://gist.github.com/olivierlacan/e1bf5c34bc9f82e06bc0) solved my problem! I first had to:
Delete Postgres.app from my Applications
Delete /usr/local/var/postgres directory
initdb /usr/local/var/postgres/
Then I was able to start/stop Postgres with these 2 commands:
Start:
pg_ctl -D /usr/local/var/postgres -l /usr/local/var/postgres/server.log start
Stop:
pg_ctl -D /usr/local/var/postgres stop -s -m fast
My solution to this problem:
I am running postgresql-9.3
My plist file is in the following directory:/Library/LaunchDaemons/com.edb.launchd.postgresql-9.3.plist
Step 1 will stop postgres
1. $ sudo launchctl stop com.edb.launchd.postgresql-9.3
Start postgres using the following command (can find this location using $ brew info postgres)
2. $ postgres -D /usr/local/var/postgres
I agree about all of the above solutions. I was running Postgres on a server, and the problem was that I was using a PORT number that was used by some other OLDER version of Postgres.
I only needed to change the port.
I had the same error psql: FATAL: could not open relation mapping file "global/pg_filenode.map": No such file or directory.
Thanks for note #2 above: 'Kill the processes for 9.0.3'
I previously configured and compiled PostgreSQL. I then decided to reconfigure, gmake, gmake install with different file paths. The newly compiled program wasn't finding 'pg_filenode.map' in the expected filepath. Killing the running postgres process, emptying pgsql/data, and doing initdb again allowed creation of a new database.
Make sure to turn off you antivirus.
In my case when i turn off the antivirus(kaspersky) it worked fine
Ref : https://github.com/PostgresApp/PostgresApp/issues/610