I have begun a deployment on amazon ec2 I have deployed my war file and putty(d) in sucessfully to the correct instance using SSH (I generated a key pair)
I am logging in as ec2-user (the default) but the file permissions I need access to are owned by tomcat7.
Any suggestions please on how to su in as tomcat7 (or even root)
ok. I used sudo su and that did the trick!
Related
I am facing some login problem for accessing instance. While login to the server console (its a live server) it shows as Permission denied (publickey), Also am accessing with sudo also same issue persists. AWS instance, should reboot, no change while login issue persists.
As explained in AWS docs your key needs correct permissions:
If you are connecting from MacOS or Linux, run the following command to fix this error, substituting the path for your private key file.
chmod 0400 .ssh/my_private_key.pem
If you got a public key when you set up the server and you saved it (.pem file), you first need to change permissions to it. If in Linux cd to the directory holding the .pem file, then do this:
chmod 400 /path/to/your_public_key.pem for only-read permission.
Then with your EC2 instance public DNS ( get it in AWS EC2 console when you click on your instance ID) which is similar to ec2-x-xxx-xx.us-east-3.compute.amazonaws.com ,you can ssh into your server as follows. Assuming your user account name in the server is ubuntu like in most of the Linux based AMIs in AWS, do:
ssh -i your_public_key.pem ubuntu#ec2-x-xxx-xx.us-east-3.compute.amazonaws.com and if prompted for a password, provide it.
Good luck:)
I have a need to make any files that are created in the specific Linux directory to have 777 permission.
I would like to have all the users to be able to do Read, Write and Execute on all files under this folder. So what is the best way or Linux command to make it happen?
What I am doing is that I am spinning off two separate containers one for Nginx server and one for PHP:FPM app server to host Laravel 5.4 app.
Please consider the following scenario. I have a docker application container A (PHP:FPM) which is used to serve the web application files to docker container B (Nginx). Now when I access the website, I am delivering the web pages through the web container. Both the containers are within the same network and I share the volumes from my app container to my web container. But when the web container tries to read the files on the app container I get the error which is something like below:
The stream or file "/var/www/storage/logs/laravel.log" could not be
opened: failed to open stream: Permission denied
So I added RUN chmod -R 777 storage in my docker file.
However it is not solving the issue.
So I also tried using SGID to fix the issue by adding one more line in my dockerfile as RUN chmod -R ug+rwxs storage. Still it is not solving the issue of permission.
On a separate note, funny thing is that on my MAC Docker container this works without any issue ( I mean without adding chmod -R 777 to folder or using SGID for setting permission to a folder in my docker file). But when the same code is run on Linux AMI EC2 instance (Amazon AMI Linux EC2) ... the permission issue start to occur.
So how do I fix this ?
The solution is to launch both containers using the same user identified by the same uid. For instance you can choose root or any uid when running the container:
docker run --user root ...
Alternatively, you can switch to another user, before startup, inside your Dockerfile by adding the following before the CMD or ENTRYPOINT
USER root
I have solved it by figuring out user name under which cache files are created when someone access the application url . And then updating my dockerfile to include statement for SGID ownership for that user on the root of app folder where all source code resides (so all subfolder and files included later in whatever way ... at run-time sometime... are accessible from web container for that user) and then using chmod 777 permission on specific folders that needs to have chmod 777 permission.
I have scoured the Internet for answers and had little luck. All I have been trying to do is connect to my AWS EC2 Linux server via SSH.
The.pem file is on my computer, but it has not been accepted. I have tried several FTP clients, including FileZilla and the native Terminal on my Mac.
In FileZilla, my error is the following:
Error:Disconnected: No supported authentication methods available (server sent: public key)
I also have encountered a similar message in Terminal:
Warning: Identity file rejectedFile.pem not accessible: No such file or directory.
Permission denied (publickey).
I have quadruple-checked the file name corresponds to the one in the AWS console. This file was downloaded when I initialized the instance...
I'd suggest you check also these two common mistakes:
Wrong permissions of the .pem file: make sure the file exists with proper permissions (chmod 400)
Default username: use the proper username for your linux distro
Use the ssh command to connect to the instance. You'll specify the
private key (.pem) file and user_name#public_dns_name. For Amazon
Linux, the user name is ec2-user. For RHEL5, the user name is either
root or ec2-user. For Ubuntu, the user name is ubuntu. For Fedora, the
user name is either fedora or ec2-user. For SUSE Linux, the user name
is root. Otherwise, if ec2-user and root don't work, check with your
AMI provider.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html
Hi I have my tomcat7 installed in amazon cloud at location /usr/sbin/tomcat7 and my war file (xyz.war) is in downloads folder. How can I copy my war file into my webapps folder.
I'm new bee to Linux to may be this is very simple but I'm having a hard time with it. can some please come up and give me some example.
Thanks in advance.
The following is assuming you are using windows
1) Get WinSCP for transferring files to your instance
2) With WinSCP, transfer the war file (assuming the file name is sample.war) to the following location:
/home/ec2-user/sample.war
3) Using Putty, enter the following command
sudo -s (for root access)
cp /home/ec2-user/sample.war /var/lib/tomcat7/webapps
4) Start / Restart your tomcat with the following command
sudo service tomcat7 start (to start)
sudo service tomcat7 restart (to restart, if your tomcat has already started)
5) Verify that it has been uploaded at the following location
http://instanceURL:8080/sample
The easiest way to deploy your .war file to your Tomcat7 application server would be to use SCP to securely transfer the file to the Amazon server you have on AWS EC2. You can find more info on SCP over at Using scp to copy a file to Amazon EC2 instance?
I've been trying to setup access to my Amazon instance to my development team and have hit a bit of a brick wall. I've tried a bunch of different tutorials online & none seem to work. Here's my config:
I have access to the AWS Management Console & I'd rather that I be the central administrator of that account, they don't need to setup new instances.
I have a t1.micro instance setup Running 32 bit Amazon Linux AMI
My developer and I both use Macs. I am able to ssh in to the machine using my key pair that is assigned to the box
I've previously tried to ssh into the machine & add my developers key & but he keeps getting Permission Denied (Public Key)
I setup a keypair for my dev, but its obviously not tied to the account, mine is.
Do I have to setup the developer in IAM so that they login & setup the original key that I had to setup when I first created the account? Could that be what they are missing?
I did get one of them to setup a key on their machine & provide me the RSA info to insert into the ~/.ssh/authorized_keys file, however they still received the error message above. Even when their key was chmod'd correctly, they still received that error. Could that be due to chmod needed on the .ssh folder?
Just trying to get some clarity on requirements of accessing a linux-based EC2 instance that isn't the main admin of the account (i.e. my developers). FYI I trust them with full permissions on the instance.
Thanks.
.ssh directory should be chmod 700.
You don't need to created any IAM user for connection to your ec2 instance via ssh. You just need to add your developer's public key to ~/.ssh/authorized_keys in your instance. Be sure that ~/.ssh owner is ec2-user, it should be like that by default.
Then the developers have to move their private key to ~/.ssh/id_rsa and do:
chown "dev_user"."dev_user" -R ~/.ssh/
chmod 400 ~/.ssh/id_rsa
"dev_user" is the local user for your developers. Then be sure that ~/.ssh folder's owner is the same that id_rsa file and have 700 permission:
chmod 700 ~/.ssh/
The developers just have to do:
ssh ec2-user#x.x.x.x