I have a wildfly server which is running on Ubuntu as a service. I've done all steps at this site: WildFly as a Service on Linux. But the running server can not reach(get permission errors) some root owned files, although I have given root authority to wildfly9_test(adding it sudo and admin group) user. After start service with sudo and then when I run command:
ps -ef |grep java
the output is:
999 27945 27859 9 07:27 pts/1 00:03:08 /usr/local/java/jre1.7.0_79/bin/java -D[Standalone] -server -XX:+UseCompressedOops -server -XX:+UseCompressedOops -Xms2048m -Xmx4096m -XX:MaxPermSize=512m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true -Dorg.jboss.boot.log.file=/opt/wildfly-9.0.0.Final_test/standalone/log/server.log -Dlogging.configuration=file:/opt/wildfly-9.0.0.Final_test/standalone/configuration/logging.properties -jar /opt/wildfly-9.0.0.Final_test/jboss-modules.jar -mp /opt/wildfly-9.0.0.Final_test/modules org.jboss.as.standalone -Djboss.home.dir=/opt/wildfly-9.0.0.Final_test -Djboss.server.base.dir=/opt/wildfly-9.0.0.Final_test/standalone -c standalone.xml
root 28736 27788 0 08:02 pts/1 00:00:00 grep --color=auto java
Here is lsb_release -a command output:
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 11.10
Release: 11.10
Codename: oneiric
Why is ps command gets 999(userid) instead of username(wildfly9_test)?
Because of the same problem, does wildfly9_test user not have sudo privileges?
ps only shows the user names up to a certain length, for longer user names it shows the numeric id instad, I guess wildfly9_test is simply too long. And adding a user to the sudo and admin groups doesn't give them automatic access to root owned files but only to files accessible by those groups (and the ability to use sudo).
– mata
Related
I'm trying to set docker up on a new system, and when running docker info I get:
docker -v
=> Docker version 18.09.5, build e8ff056
docker info
=> Got permission denied while trying to connect to the Docker daemon
socket at unix:///var/run/docker.sock: Get
http://%2Fvar%2Frun%2Fdocker.sock/v1.39/info: dial unix
/var/run/docker.sock: connect: permission denied
Following the docs, I've tried:
sudo usermod -a -G docker $USER
Which returns no output. When I then run groups:
groups
=> mark adm cdrom sudo dip plugdev lpadmin sambashare
I can see a docker group exists:
less /etc/group | grep docker
=> docker:x:131:mark
And can see that it owns a socket running where the error message states:
ls -la /var/run/ | grep docker
=>
drwx------ 5 root root 120 May 25 14:54 docker
-rw-r--r-- 1 root root 5 May 25 14:54 docker.pid
srw-rw---- 1 root docker 0 May 25 14:54 docker.sock
So why can't I add myself to that group with sudo usermod -a -G docker $USER ?
You need to reload your shell in order to make the changes take effect.
Often you need to reboot your shell process and possibly even restart your computer.
e.g
sudo usermod -aG docker $USER
sudo reboot
See #4Z4T4R answer and give a thumbs
https://stackoverflow.com/a/66297855/7961500
Load changes without quitting your shell
To avoid starting a new shell you can run. (Doesn't seem to work for all environments)
exec su -l $USER
This will create a new subshell with the loaded changes and replace your current shell with it.
If nothing else is working for you.
Another way if you just need to get it working now, is to change your primary group. This is only a temp solution as with any new shell you will need to apply it again.
export my_group=$(id -gn)
newgrp docker
newgrp $my_group
Documentation
You can also look at the offical documentation here
https://docs.docker.com/engine/install/linux-postinstall/
In my case, on Ubuntu 20.04, run sudo reboot after this command:
$ sudo usermod -aG docker $USER
I literally needed to reboot my operating system (and machine) for the change to take effect. Restarting/reloading the bash session did not apply the new setting.
Sure, newgrp docker does the trick "on the fly" without restart/reboot/re-anything... but once the session terminates, POOF you're not in the docker group any longer.
Added this as a formal answer bc it genuinely solved the OP's---and my (identical)---problem.
Credit should go to #Omari Celestine for the suggestion, but because I suck at interpretation, I (and maybe you) need the literal disambiguation that this answer provides.
Its a two step process technically. Run
sudo usermod -aG docker $USER
then,
sg docker -c "bash"
Change the permissions on the /var/run/docker.sock file and restart docker process.
sudo chown jenkins:jenkins /var/run/docker.sock
sudo 644 /var/run/docker.sock
Then,
sudo service docker restart
Before running $docker info, Please make sure that the docker service up.
If not pls start the service by running below command.
$service docker start
Now you check the $docker info
I'm trying to run my utility using systemd. The settings have the following values:
[Unit]
Description="My Service"
[Service]
WorkingDirectory=/etc/myutil
Group=user1
User=user1
ExecStart=/bin/myutil
TimeoutSec=120 Restart=always
[Install]
WantedBy=multi-user.target
So the service starts, but I need the StandardInput=tty parameter to be specified. If you can specify this parameter, the service will start by the root user, not by the specified user. I am using Ubuntu 18.04 LTS.
Check permission for /dev/tty, and user1 groups
$ ls -l /dev/tty
$ id user1
I expect something like:
$ ls -l /dev/tty
crw-rw-rw- 1 root tty 5, 0 Jul 9 13:48 /dev/tty
$ id user1
uid=1234(user1) gid=10001(user1) groups=10001(user1),some_group(10002)
If I'm right You need add user1 to tty group
$ sudo usermod -a -G tty user1
Now You should can use tty as user1.
I've added superuser sroot with the following command.
useradd -o -r -c "service root" -g 0 -u 0 -m -d /root -s /bin/bash sroot
When I try to switch to that user I get the following:
[admin#machine ~]$ su - sroot
Password:
TERM=[xterm-r6]?
basename: missing operand
Try `basename --help' for more information.
whoami shows that I'm root now but commands that requires root access still cannot be executed.
When I login under usual root everything works fine.
[admin#machine ~]$ uname -a
Linux <myhostname> 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 i686 i386 GNU/Linux
Thanks in advance!
Well, I tested with non-standard linux commands, but with scripts added with installed rpm. Those commands check $LOGNAME variable and require to be root only, not sroot.
Thanks #thatotherguy for your comment, which directed me to the right path to search.
I installed ffmpeg on centos as root user. How can update permission so that apache (httpd) can run the ffmpeg command?
-rwxr-xr-x. 1 root root 24M Mar 4 03:43 /root/bin/ffmpeg
I tried to link to /usr/bin
cd /usr/bin
ls -s /root/bin/ffmpeg
But when still not works. I guess because apache not have shell avaiable?
su apache -c whoami
This account is currently not available
As #pbu comment states, if you follow this installation guide http://trac.ffmpeg.org/wiki/CompilationGuide/Generic but replacing '$HOME' with '/usr/local', the apache (httpd) user will be able to execute it.
I have a Tomcat 7 server running on Amazon EC2 (OS - Ubuntu 12 LTS). How can I find out which user is running Tomcat on Amazon EC2?
Try this command:
ps auxwww | grep tomcat | grep -v grep
you will get output like this
$ ps auxwww | grep tomcat | grep -v grep
root 1941 0.2 1.7 419224 35208 ? Sl Aug12 0:06 /usr/lib/jvm/java-6-sun/bin/java -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/usr/local/tomcat/endorsed -classpath /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcat -Dcatalina.home=/usr/local/tomcat -Djava.io.tmpdir=/usr/local/tomcat/temp org.apache.catalina.startup.Bootstrap start
there you get the process owner name and process id..