I have access to Grid5000 and would like to use Docker containers on it. Tutorial says, that users should install the tools in the user home. And add the user home to Path environment parameter.
How can I install it without use of ap-get command? My user isn't in sudoers group also.
As far as I know there's no way to install the docker daemon without root permissions. You can have your user added to the docker group to control the docker daemon once it's installed without having to be root. https://docs.docker.com/engine/installation/linux/ubuntulinux/#create-a-docker-group
You can also have docker-machine installed in your user home to control a docker daemon on a different machine without being root.
You should download ot and add necessary permissions like above:
curl -sSL -O https://get.docker.com/builds/Linux/x86_64/docker-1.10.3 > /home/docker && chmod +x /home/docker
After that you should add your home folder to PATH variable.
Related
I am trying to set up the GitHub actions in ubuntu. I made a folder and install the runner using my root account. Now, this is how permissions look like.
When I tried to run
sudo ./config.sh --url https://github.com/user/api --token supersecret
It gives me the error
Must not run with sudo
The solution most people say is that export RUNNER_ALLOW_RUNASROOT="1" and then run the command. But this widely accepted solution is not working for me for some reason.
And some others say create a non-root user and try to run. I tried that way too. It ends up with more errors.
How do I fix this?
I did it this way to run env ❯ sudo env RUNNER_ALLOW_RUNASROOT="1" ./run.sh
for the config just keep the same pattern, put the env at the beginning.
I'm creating a react app, using command
create react-app new-app
but it's not creating a new app until i change this command to
sudo create react-app new-app.
After this if I try to install any dependency using npm then also I have to include sudo in the beginning of every command.
And also sometimes the project files are not accessible by code editor as they get locked .
please help me to get rid of this sudo ...
Sudo used to stand for "Superuser do" It simply means that your operating system thinks that you don't own the directory. You can use this command to resolve the issue: chown [username]:[username] -R. chown is short for "Change Owner".
Here's a trick you could use in the future - incase you have to execute the previous command using sudo you can punch in sudo !! and this will run the previous command as root.
So how that would work is:
some command - Doesn't run and you need sudo.
sudo !! - executes sudo some command automatically.
Best wishes :)
I am building some base Docker images for my organization to be used by applications teams when they deploy their applications in OpenShift. One of the images I have to make is an NodeJS image (we want our images to be internal rather than sourced from DockerHub). I am building on RedHat's RHEL7 Universal Base Image (ubi). However I am having trouble configuring NodeJS to work in the container. Here is my Dockerfile:
FROM myimage_rhel7_base:1.0
USER root
RUN INSTALL_PKGS="rh-nodejs10 rh-nodejs10-npm rh-nodejs10-nodejs-nodemon nss_wrapper" && \
yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
rpm -V $INSTALL_PKGS && \
yum clean all
USER myuser
However when I run the image there are no node or npm commands available unless I run scl enable rh-nodejs10 bash. This does not work in the Dockerfile as it creates a subshell that will not be usable to a user accessing the container.
I have tried installing from source, but I have run into a different issue of needing to upgrade the gcc/g++ versions despite them not being available in my configured repos from my org. I also figure that if I can get NodeJS to work from the package manager it will help get security patches and such should the package be updated.
My question is, what are the recommended steps to create an image that can be used to build applications running on NodeJS?
Possibly this is a case where the best code is code you don't write at all. Take a look at https://github.com/sclorg/s2i-nodejs-container
It is a project that creates an image that has nodejs installed. This might be a perfect solution out of the box, or it could also serve as a great example of what you're trying to build.
Also, their readme attempts to describe how they get around the scl enable command.
Normally, SCL requires manual operation to enable the collection you
want to use. This is burdensome and can be prone to error. The
OpenShift S2I approach is to set Bash environment variables that serve
to automatically enable the desired collection:
BASH_ENV: enables the collection for all non-interactive Bash sessions
ENV: enables the collection for all invocations of /bin/sh
PROMPT_COMMAND: enables the collection in interactive shell
Two examples:
* If you specify BASH_ENV, then all your #!/bin/bash scripts do not need to call scl enable.
* If you specify PROMPT_COMMAND, then on execution of the podman exec ... /bin/bash command, the collection will be automatically
enabled.
I decided in the end to install node using the binaries rather than our rpm server. Here is the implementation
FROM myimage_rhel7_base:1.0
USER root
# Get node distribution from nexus and install it
RUN wget -P /tmp http://myrepo.example.com/repository/node/node-v10.16.3-linux-x64.tar.xz && \
tar -C /usr/local --strip-components 1 -xf /tmp/node-v10.16.3-linux-x64.tar.xz && \
rm /tmp/node-v10.16.3-linux-x64.tar.xz
I have recently started using Jenkins for integration. All was well until I was running jobs on master node without shell command but I have to run jobs on master as well as slave node which contains shell commands to. I am not able to run those shell commands as root user. I have tried
Using SSH Keys.
Setting user name in shell commands.
Using sudo.
I am getting permission denied error every time I use any of the above methods.
I would suggest against running the jenkins user as root. This could expose the operating system and all of the repo's which jenkins can build.
Running any script as root is a security risk, but a slightly safer method would be to grant the jenkins user sudo access to only run the one script, without needing a password.
sudo visudo
and add the following:
jenkins ALL = NOPASSWD: /var/lib/jenkins/jobs/[job name]/workspace/script
Double check your path via the console log of a failed build script. The one shown here is the default.
Now within the jenkins task you can call sudo $WORKSPACE/your script
You need to modify the permission for jenkins user so that you can run the shell commands.
You can install the jenkins as as service (download the rpm package), You might need to change the ports because by default it runs http on 8080 and AJP on 8009 port.
Following process is for CentOS
1. Open up the this script (using VIM or other editor):
vim /etc/sysconfig/jenkins
2. Find this $JENKINS_USER and change to “root”:
$JENKINS_USER="root"
3. Then change the ownership of Jenkins home, webroot and logs:
chown -R root:root /var/lib/jenkins
chown -R root:root /var/cache/jenkins
chown -R root:root /var/log/jenkins
4) Restart Jenkins and check the user has been changed:
service jenkins restart
ps -ef | grep jenkins
Now you should be able to run the Jenkins jobs as the root user and all the shell command will be executed as root.
For Linux try to follow these steps:-
This worked for me.
Change Jenkins user: sudo vi /etc/default/jenkins
Change user root or your user that you use to access to your files:
$JENKINS_USER="root"
Execute using the user that you setup before:
sudo chown -R root:root /var/lib/jenkins
sudo chown -R root:root /var/cache/jenkins
sudo chown -R root:root /var/log/jenkins
Run as a services:
service jenkins restart
Or
systemctl jenkins restart
You can execute jenkins has a process and disable headless mode for Linux with UI.
/etc/alternatives/java -Djava.awt.headless=false -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --httpPort=8080 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
Validate Jenkins is running currently:
ps -ef | grep jenkins
Another option is to set up a jenkins "Slave" that is actually running as root on the master and restrict it to tied jobs, then point your job at that slave. Far from ideal but certainly a quick solution.
Or you can change the permission of docker.sock. Make sure your docker container is running the user as root
docker exec <jenkinsContainerID> chmod 777 /var/run/docker.sock
You just need to run the shell command on Linux machine using Root privileges from Jenkins.
Steps :
1) sudo vi /etc/sudoers
2) Add line :
jenkins ALL=NOPASSWD:/path of script/
3) From Jenkins,run the script on remote shell using sudo .
for eg : sudo ps -ef
4) Build Jenkins job now.
This job runs the script on Linux machine using root privileges.
The official installation guide (https://www.reviewboard.org/docs/manual/dev/admin/installation/linux/) requires the user login as root or is using sudo. I don't have them and want to install a local copy under my home directory. How can I do that?
I don't think you can install it without permissions. I have checked the link you posted and the packages mentioned there will need root's permission to install them.