I have an Informatica workflow that is supposed to generate a .dat file.
The issues is that the wroflow creates a 0 byte file, but then can not write to the file it JUST created. It's baffling.
The target directory is a linux server, and there is a developer on our team that is able to run the workflow just fine, without this file-writing issue.
However, I have checked with our linux admins and several of them have confiremd that there is no major difference in access/permissions between her linux ID and my own. She is in two more user groups than I am, but I have been told that they would not have anything to do with this issue.
The ID used by the connection object is also in the same user group as my id on the linux server, enduser. Therefore it should be able to write to my home directory.
The workaround we have devised is to remove the files using my id, touch the files and then chmod them. This allows the id used by the Informatica connection object to write to the files, but it is not a permanent (or correct) fix.
My best guess is that this is most likely some sort of (very obscure) Linux environment issue.
I am also not able to make any changes to the Informatica workflow or mapping, since it is built correctly and this issue appears to be completely local to certain linux user ID's.
Does the etluser have write permissions? have you tried running a post session command script for chmod and giving full permissions and then writing into the file?
Related
What exactly is --user-data-dir specifiying?
From --help parameter:
--user-data-dir <dir> Specifies the directory that user data is kept in. Can be used to open multiple distinct instances of Code.
Is it storing some temporary files there?
Is it about the access path to config files?
I am asking as I want to run VSCode (or Codium to be more exact) with sudo (I want to edit system config file that is read restricted) which requires this parameter for reasons unclear to me.
Since sudo-ing VS Code at command-line launch is only a thing on Linux, this question assumes you're on Linux, and restricts its context to Linux.
TL;DR
To answer your question directly: the user-data-dir parameter points to a folder where all personalisation except extensions resides — unique to each user.
Why does sudo-ing Code need --user-data-dir?
In typical installations of either OS and VS Code, this folder owned by the regular user cannot be accessed by the superuser.
Hence a VS Code session running with effective UID=0 tries but fails to write to the invoking user's (not the superuser's) config folder. This is what the error message prevents from happening, by forcing the user to provide an explicit root-accessible folder.
Detailed Explanation
There are two main folders that VS Code uses to store configuration data:
An extensions folder (self explanatory) — contained in ~/.vscode[1]
user-data-dir; a folder for all other personalisable things (settings, keybindings, GitHub/MS account credential caches, themes, tasks.json, you name it)[2]
On Linux the latter is located in ~/.config/Code, and has file permissions mode 0700 (unreadable and unwritable by anybody other than the owner).
This causes issues, as VS Code tries and fails to access said directory. The logical solution is to either modify the permissions (recursively) of ~/.config/Code to allow root access, or — arguably saner and objectively more privacy-respecting — to use a separate directory altogether for the sudo'ed VS Code to access.
The latter strategy is what the community decided to adopt at large; this commit from 2016 started making it compulsory to pass an explicit --user-data-dir when sudo-ing VS Code on Linux.
Should You be Doing This in the First Place?
Probably not! If your goal is to modify system config files, then you could stick to an un-elevated instance of Code, which would prompt you to Save as Admin... when you try to save. See this answer on Ask Ubuntu on why you probably want to avoid elevating VS Code without reason (unless you understand the risks and/or have to), and this one on the same thread on what you could do instead.
However, if the concerned file is read-restricted to root as well, as in the O.P’s case, then you hardly have a choice 😕; sudo away! 😀
[1] & [2]: If you want to know more about the above two folder paths on different OSes, see [1] and [2]
Hope this was helpful!
It might be helpful to easily find the default location of the user-data-dir on any OS. It can be found with this command:
Developer: Open User Data Folder
workbench.action.openUserDataFolder
which is in the Insiders Build v1.75 now, Stable soon. Opens your OS file explorer app to the location.
Good day!
There are PHP scripts, classes, configs. All this stuff is interconnected, I need to give a person access to the server so that he works (started under the root) with these scripts, while changing only the config files, and in order to not be able to view the source code.
I've researched various free obsfukators which converting code into something:
<?php include(base64_decode('Li4vY29uZmlnLnBocA=='));include(base64_decode('cHJpdmF0ZS92ZW5kb3IvYXV0b2xvYWQucGhw'));$krc_5bf7f45b=[];foreach($bhi_6f9322e1as $xol_e8b7be43){$xol_e8b7be43=explode(base64_decode('Og=='),$xol_e8b7be43);try{$uic_c59361f8=new \xee_d9cb1642\cko_659fc60();$uic_c59361f8->ldc_aa08cb10($xol_e8b7be43[0],$xol_e8b7be43[1]);$krc_5bf7f45b[]=$uic_c59361f8;}catch(Exception $wky_efda7a5a)
What if the files of configs have variable names and it turns out that when obfuscating the main working code, the variables have different names? Not to force the user to run through the obsfukation corrected config every time? So far, this option seems the only one.
Is it possible inside the server under Ubuntu to somehow limit the ability to copy or view or download certain files or make some other methods of protection-hiding, but at the same time with the ability to run this code. It was thought to hide the code somewhere in the depths of the file system folders, calling them random names, and run them somehow through the symlinks by the file name or something like that. Is it possible to?
Option not to provide root access to the server, but to launch via the browser, to give access only to FTP to upload the config to a separate folder. But there are a number of points - all scripts run up to a week, and must be executed as root. How to solve it?
Dear community members,
We have three of same hardware Windows 7 Professional computers. No one of them is connected to a domain or directory service etc.
We run same executable image on all three computers. In one of them, I had to rename it. Because, with my application's original filename, it has no write access to it's working directory.
I setup full access permisions to USER group in working directory manually but this did not solve.
I suspect some kind of deny mechanism in Windows based on executable's name.
I searched the registry for executable's name but I did not find something relevant or meaningfull.
This situation occured after lot of crashes and updates of my program on that computer (I am a developer). One day, it suddenly started not to open files. I did not touch registry or did not change something other on OS.
My executable's name is karbon_tart.exe
When it start, it calls CreateFile (open mode if exist or create mode if not exist) to open karbon_tart.log file and karbon_tart.ini file.
With the files are exist and without the file exists, I tried two times and none of them, the program can open the files.
But if I just rename the name to karbon_tart_a.exe, program can open files no matter if they are exist or not.
Thank you for your interest
Regards
Ömür Ölmez.
I figured out at the end.
It is because of an old copy of my application in Virtual Store.
Hi have an application running separateley (1 instance for customer) in different folders, 1 per each customer.
Each customer is a separate user on my machine.
At the moment I have the source code in each of these folders where I rebuild the code per each instance. Would it be better if I do something like the following?
create a shared folder where I build the code
deploy the binary in each user folder.
allow permission for each user to access the source code in READ ONLY mode.
when it is time to debug, by using gdb in each user folder will allow to read the source code and debug will happen.
Do you think that this could be a better approach or there are better practice?
My only concern is that each user has the chance to read the source code, but since the user will not access directly his folder (it is in my control) this should not trouble me.
I am using CENTOS 6.4, SVN and G++/GDB.
in different folders
There are no "folders" on UNIX, they are called directories.
I rebuild the code per each instance
Why would you do that?
Is the code identical (it sounds like it is)? If so, build the application once. There is no reason at all to have multiple copies of the resulting binary, or the sources.
If you make the directory with sources and binaries world-readable, then every user will be able to debug it independently.
Is there any way to say to GIT to stop copying file group and owner settings? My situation is as followed:
I am developing on home server where I need to use my users permissions (not root) in order to develop in Eclipse IDE (Eclipse crying if files are in root owner and group as it cannot work with them).
Once I am done, I am using GIT to synchronize with remote server which is running on Red Hat and file/folders groups and owners are server specific. However when I will synchronize it will copy my home servers permissions as well and apache on remote server throwing errors as it cannot read files so I need to reset it myself after every commit on new/changed files.
Any thoughts how to change my workflow?
P.S: I am using Linux/Debian on home server
Check the answer here: How do you deal with file ownership in git?
You're not doing anything wrong, this is just basic git behavior. You can change the permissions locally to what they need to be on the server and do a new commit. Or you can create a script to fix all of the ownerships/permissions on the server when you do your sync.
If you are using a git push to push the changes to your server via a git repository on the server, you can create a post-receive hook to call this script.
http://git-scm.com/book/en/Customizing-Git-Git-Hooks
One other thing did occur to me. A lot of Linux distros set the default umask as 0077 or 0007. Since I'm the only one using my laptop, I changed mine to 0002 since it just makes many things easier (plus my home directory is still 700). So all files I create will be rwxrwxr-x. Changing your umask would keep you from needing to think about setting the permissions later.
I found my answer to my question after a while and though I will answer just for the record.
User/group ownership is not shared (and therefore stored) through the repository. Only numeric file permissions are transferred (e.g. 644).
The file which is updated/created will adapt user and group ownership from the current user that is running Git commands.