I'm usin ISPConfig to have multiple domains for my clients. Now, I have Jenkins to deploy an specific project.
Jenkins has assigned the working directory on /var/www/myproject/web which it is the VirtualHost on ISPConfig.
Manually I have to:
chown -R jenkins:nogroup /var/www/myproject/web
> Build Jenkins project
chown -R web38:client17 /var/www/myproject/web
Questions:
Is ok if I grant sudo permissions to Jenkins?
Instead of that, should I create a bash script with sudo permissions?
Is any permission role that I didn't notice to do this properly?
Thx
This is the solution I've found.
Install "Batch tasks" module on Jenkins.
Create an script as follows with root:root permissions on /var/www/your_domain.com/jenkins-post-build.sh
#!/bin/bash
SOURCE=$1
TARGET=$2
echo Moving $SOURCE to $TARGET
rm -rf $TARGET
cp -R $SOURCE $TARGET
ln -s $TARGET/build $TARGET/public/build
chown -R web39:client11 $TARGET
Add a Post Build action using the "Invoke batch tastsk"
sudo /var/www/your_domain.com/jenkins-post-build.sh ${WORKSPACE} /var/www/your_domain.com/web
Add this script right sudo permissions
Cmnd_Alias HIPER_DEV = /var/www/your_domain.com/jenkins-post-build.sh
jenkins ALL=(ALL) NOPASSWD:HIPER_DEV
Related
I create a .deb package for my app and postinst script is not running after installing .
this is my postinst script under the the path of DEBIAN/myapp.postinst
#!/bin/sh
set -e
echo "start postinst packing"
#fix app process permission
sudo chown root:root /opt/MyApp/myapp
sudo chmod 4755 /opt/MyApp/myapp
echo "finish set permissions"
exit 0
in the DEBIAN/ directory create a file named postinst and copy your script into it, or change the name of myapp.postinst to postinst and you're ready to go
I am new to linux. I have a build.sh file which consists of a lot of mkdir commands and some rm commands. But as I have installed this new in my VB, each time I run the .sh file, it says "Permission Denied for creating directory" and fails.
So is there any way that I grant directory privileges to all users.
Can anyone help me with this
Add "sudo" in the beginning of the directory creation command i.e
sudo mkdir dir_name
The issue might be with the directory in which the mkdir command is being run.
Use the command ll or ls -l to check the directory permissions.
If your directory doesn't have write privilege for the current user, you can run
chmod -R u+w /path/to/directory
This might require you to use sudo if permission is denied.
If you want to enable it for all users, run
chmod -R ugo+w /path/to/directory
Alternatively, a quick fix would be to run the build.sh file as root
sudo /path/to/build.sh
However, this approach is not advised unless you always run it as root
In my .bashrc I'm using .sh script for easily configuring newly installed Debian. But while trying to
rm -f ~/.bash_aliases
wget https://raw.githubusercontent.com/.../.bash_aliases
rm -f ~/.bashrc
wget https://raw.githubusercontent.com/.../.bashrc
it's just omitting those line?
File is with permission chmod +x ./script.sh and run by sudo ./script.sh
What could possibly be wrong?
(In final code there is full link, files are being downloaded as .bashrc.1 and .bash_aliases.1)
Don't use sudo unless you have a good reason.
When you run sudo ./script.sh it runs as root, so ~ refers to root's home directory /root instead of your user's home directory.
Just run ./script.sh instead, so that it runs as you and modifies your own home directory.
I'm trying to get terraform to create users for me other than the specified admin and also add them to sudoers to allow my ansible scripts to then run without requiring a sudo login. Optionally, if I could just allow my admin to login and not require sudo passowrd that would work as well since I can add the users I need via ansible.
I have attempted the only option I could find with my feeble googling skills. The option is to add a provisioner to my azurerm_virtual_machine resource that runs the following via remote-exec:
provisioner "remote-exec" {
inline = [
"useradd myuser && echo myuser:password123 | /usr/sbin/chpasswd",
"chmod +w /etc/sudoers && echo \"myuser ALL=(ALL) NOPASSWD: ALL\" >> /etc/sudoers && chmod -w /etc/sudoers",
]
connection {
user = "myadmin"
agent = false
}
on_failure = "continue"
}
It says that it has successfully run however when I ssh to one of the boxes I provisioned these changes have not taken place. What am I doing wrong?
you can try this script.
#!/bin/bash
set -euo pipefail
USERNAME=$1 # sudo non-root username here
# Create user and immediately expire password to force a change on login
useradd --create-home --shell "/bin/bash" --groups sudo "${USERNAME}"
passwd --delete "${USERNAME}"
chage --lastday 0 "${USERNAME}"
# Create SSH directory for sudo user and move keys over
home_directory="$(eval echo ~${USERNAME})"
mkdir --parents "${home_directory}/.ssh"
cp /root/.ssh/authorized_keys "${home_directory}/.ssh"
chmod 0700 "${home_directory}/.ssh"
chmod 0600 "${home_directory}/.ssh/authorized_keys"
chown --recursive "${USERNAME}":"${USERNAME}" "${home_directory}/.ssh"
# Disable root SSH login with password
sed --in-place 's/^PermitRootLogin.*/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
# if sshd -t -q; then systemctl restart sshd fi
Can I set permissions when I create a file/directory using a single command or do I have to create the file/directory first and then use chmod to set its permissions?
For instance to do something like this
// for directories
mkdir 755 test
// for files
touch 644 test/my_file.php
For files, try using install command:
$ install -m 644 /test/path/ myfile.php
For folders, mkdir with -m param:
$ mkdir -m 755 test
You might have to execute that as sudo.
Man pages are your friend. This is possible with GNU mkdir but not with GNU touch.
mkdir -m 755 test
you can use following command to create directory and give permissions at the same time
mkdir -m755 test