I've installed Jenkins from repository for Red Hat 7.
sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
yum install jenkins
And got a very simple question - after install we have system user jenkins:
jenkins:x:956:967:Jenkins Automation Server:/var/lib/jenkins:/bin/false
What is general purpose of this user? (i know that it's running Jenkins Instance) That's all what it for?
Never thought about.. and no any search answer. :)
If I'm changing it to login user and changing password etc., What it can affect? Any future behavior/issues of the jenkins server?
Thank you.
Jenkins is basically a service/daemon i.e similar to lots of other services which doesn't actually needs a shell to run like apache sendmail etc.
Try comparing it with other services by doing cat /etc/passwd on your system.
Jenkins uses the user jenkins to manage permissions & segregation between services like other services do.
Jenkins by default uses sh shell to execute your shell commands defined in your build jobs.
In case you really want to login using jenkins user & perform operations, give it a shell by running below command -
usermod -s /bin/bash jenkins
Related
I want to Jenkins call a shell script from another docker container.
I don't know Jenkins can do this, and what is the best way to make it.
In one machine, I have this containers:
Service
IP (Docker network)
Note
ERP system
172.74.42.2
Odoo 14 ERP system what work with many plugin. If a plugin got new functions or fixes some bugs, need to restart the system after the pull, then update the plugin.(I write a shell script what run in ssh after push commits.
Jenkins
172.74.42.3
In here I want to call the shell script after the build is success
The Jenkins is work. So the connect between the github and jenkins is good.
I try to write shell commands in Jenkins file. But I think this is a dumb way...
The session logging we have in {{/etc/profile}} can interfere with services that launch sub-shells as new users - specifically, it always launches an interactive terminal, regardless of the context, which can cause certain key processes (e.g. Jenkins) from being able to perform critical tasks.
We had a Jenkins version upgrade and after hte upgrade, Jenkins seems to not be able to restart. Here’s what’s happening
```ubuntu#hoatname:~$ sudo service jenkins status
Correct java version found
Jenkins Automation Server is not running
ubuntu#hostname:~$ sudo service jenkins start
Correct java version found
Starting Jenkins Automation Server jenkins jenkins#hostname:~$
jenkins#hostname:~$
jenkins#hostname:~$ sudo service jenkins status
[sudo] password for jenkins:
jenkins#hostname:~$ exit
exit
[fail]
ubuntu#hostname:~$
```
Essentially, it seems that “service jenkins start” is somehow causing a session to be created, which dumps it into a script. I suspect this is due to how /etc/profile contains a script-based session logger, and i suspect that Jenkins is attempting to execute this script when it su’s into its own jenkins user
What should I do to alleviate this?
I created a job in jenkins and I want to build the project using ansible. I want to run my command on several host (that's why I use ansible). When I try to run the project it fails with some permission error:
/home/ubuntu/install.sh -s -U ubuntu -f 5
FATAL: command execution failed
java.io.IOException: Cannot run program "/usr/bin/ansible" (in directory "/var/lib/jenkins/jobs/Standard Demo/workspace"): error=13, Permission denied
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1047)
at hudson.Proc$LocalProc.<init>(Proc.java:244)
at hudson.Proc$LocalProc.<init>(Proc.java:216)
Do you know what the problem is? I am logged into the jenkins server as admin user.
This is not an Ansible problem, it is a configuration issue in Jenkins. As others have noted, by default Jenkins will run as a "normal user" (typically jenkins). That is the user that jobs and steps (including shell scripts like the one you're calling) will run as. In your case, this user does not have sufficient permissions to run Ansible.
I don't recommend changing this default user because a. there are good security reasons for this setup, and b. it can actually be complex to do right, because you would have to address permissions issues for all of Jenkins to match the new user. However, it's quite easy to do things like run sudo from within a Script build step. Just use that tool (and a properly configured /etc/sudoers) to gain the permissions you need during the build.
I have jenkins installed on a linux machine within tomcat behind Apache.
As a consequence jenkins runs as tomcat. The user tomcat is not configured properly to run the job.
How do I tell Jenkins to run a job as a different user on the same machine ?
Does it make sense to define a slave on the same machine but with a different user ?
You can use su or sudo to run as a different user inside a build step, but that comes with some security implications. If this is something you want to do regularly I would recommend that you define a slave on the same machine with the other user, as you have suggested. I am not aware of any plugins/extensions that would make this easier for you unfortunately.
I sometimes would ssh into the account and instead of running build.sh run ssh user#localhost build.sh
I read the part of the Jenkins wiki that covers setting up a remote job to be monitored by a Jenkins instance. However, the documentation is confusing as it doesn't tell me what to configure on the Jenkins machine or the remote machine (the one that does the job).
Further, the documentation mentions Java commands that can be fired directly and others that need a servlet container. Do I have to install a servlet container on the remote machine?
Maybe it's all there but for me it's like a mix of two documentations. Can you please clarify:
What do I need to do on the remote machine?
What do I need to do on the Jenkins machine?
Thank you.
In Jenkins, you need to create a job using the "Monitor an external job" option. Give this a name, for example "nightly-backup".
On the machine where the external job is running, you need Java installed and some basic Jenkins JAR files, so that the job results can be sent to Jenkins.
As the wiki page says, on some versions of Debian or Ubuntu you can do this with:
sudo apt-get install jenkins-external-tool-monitor
Otherwise, you have to copy a bunch of JARs manually — i.e. those listed on the wiki page — to your remote machine.
Once you have the JARs available on your remote machine, you can execute whichever command you like there, so long as you prefix it with some Jenkins information: where to find the Jenkins installation, the main Java JAR, and the job name:
JENKINS_HOME=http://my-jenkins/ java -jar jenkins-core-*.jar nightly-backup ./backup.sh --nightly /home
Where http://my-jenkins/ is the base URL to Jenkins, nightly-backup matches the name of the "Monitor an external job" you created in Jenkins, and ./backup.sh --nightly /home is the command you wish to run.
The output of this ./backup.sh command will show up in Jenkins automatically once it's complete.
It looks like this is now called "jenkins-external-job-monitor", so you'd type:
sudo apt-get install jenkins-external-job-monitor