I can execute my batch from an administrative command window using my own id but trying to run it using a local admin account or another network account that's in the administrators group of the server and psfile hangs.
So I'm wondering if there is a local or group policy I could set that would allow me to use the other accounts.
The files I'm closing are local to the server I'm running the batch file from so I'm hoping to be able to use the local admin account.
If you are interested, here is my code:
echo Starting CloseFiles %date% %time%
FOR /L %%i IN (1,1,60) DO (
echo Iteration %%i
echo Closing all files in pub_LocatorsAGOL
C:\SysInternalsSuite\psfile E:\ArcGISServer\Site\pub_LocatorsAGOL -c <NUL >> PSFileAGOL.log 2>&1
echo Closing all files in pub_LocatorsLL
C:\SysInternalsSuite\psfile E:\ArcGISServer\Site\pub_LocatorsLL -c <NUL >> PSFilesLL.log 2>&1
echo Waiting a minute before repeating again
timeout /T 5
)
echo Close Files has finished at %time%
Related
I have 2 RHEL machines setup in a Master/Slave configuration using Jenkins ver. 1.609.2
The slave is being launched via SSH Slaves Plugin 1.10.
I'm trying to use the Slave Setup Plugin v 1.9 to install the tools that will be necessary for my slave machine to run builds. In particular I am installing sqlplus.
Here is the script that I am running in order to try installing sqlplus:
if command -v sqlplus >/dev/null; then
echo "sqlplus already setup. Nothing to do."
else
#Create directory for sqlplus and unzip it there.
mkdir /jenkins/tools/sqlplus
tar -xvf sqlplussetup/instantclient-basiclite-linux.x64-12.1.0.2.0.tar.gz -C /jenkins/tools/sqlplus || { echo 'unzip failed' ; exit 1; }
tar -xvf sqlplussetup/instantclient-sqlplus-linux.x64-12.1.0.2.0.tar.gz -C /jenkins/tools/sqlplus || { echo 'unzip failed' ; exit 1; }
cd /jenkins/tools/sqlplus/instantclient_12_1
#Create links for the Oracle libs
ln -s libclntsh.so.12.1 libclntsh.so || { echo 'Could not create link' ; exit 1; }
ln -s libocci.so.12.1 libocci.so || { echo 'Could not create link' ; exit 1; }
#Add two lines to .bashrc only if they don't already exist. Export LD_LIBRARY_PATH and add sqlplus to PATH.
grep -q -F 'export LD_LIBRARY_PATH=/jenkins/tools/sqlplus/instantclient_12_1:$LD_LIBRARY_PATH' /home/jenkins/.bashrc || echo 'export LD_LIBRARY_PATH=/jenkins/tools/sqlplus/instantclient_12_1:$LD_LIBRARY_PATH' >> /home/jenkins/.bashrc
grep -q -F 'export PATH=$PATH:/jenkins/tools/sqlplus/instantclient_12_1' /home/jenkins/.bashrc || echo 'export PATH=$PATH:/jenkins/tools/sqlplus/instantclient_12_1' >> /home/jenkins/.bashrc
#Export variables so they can be used right away
export LD_LIBRARY_PATH=/jenkins/tools/sqlplus/instantclient_12_1:$LD_LIBRARY_PATH
export PATH=$PATH:/jenkins/tools/sqlplus/instantclient_12_1
echo "sqlplus has been setup."
fi
This script runs successfully and everything appears to work until I try to run a build and execute the sqlplus command. The build fails because sqlplus is not a recognized command.
My main question is this:
What is the proper way to automatically add an environment variable when launching a slave?
Please note I am looking for an automated way of doing this. I don't want to go into the configuration screen for my slave, tick a checkbox and specify an environment variable. That is counter-productive to what I am trying to achieve which is a slave that is immediately usable for builds once connected.
I pretty much understand why my script doesn't work. When Jenkins is launching the slave it first makes an SSH connection and then it runs my setup script using the command
/bin/sh -xe /jenkins/tmp/hudson8035138410767957141.sh
Where the contents of hudson8035138410767957141.sh is my script from above. So obviously, the export isn't going to work. I was hoping adding the exports to the .bashrc file would get around this but it does not work. I think this is because this script is executed after the ssh connection is established and therefore the .bashrc has already been read.
Problem is I can't figure out any way to work around this limitation.
Bash does not read any of its startup files (.bashrc, .profile etc) for non-interative shells that don't have the --login option set explicitly -- that's why the exports don't work.
So, solution "A" is to keep the bashrc magic that you suggest above, and to add the --login option by changing the first line in your build step to
#!/bin/bash --login
<your script here>
The explicit shebang at on the first line will also prevent excessive debug output that you get from the default's -x option (see your console snippet above).
Alternative solution "B" uses the fact that bash will source any script whose name is given in $BASH_ENV (if that variable is defined and the file exists). Define that variable globally in your slave properties (e.g., set to /jenkins/tools/setup.sh) and add exports as needed during slave setup. Every bash shell build step will read the settings then.
With solution "B" you don't need to use the --login option and you don't have to mess up the .bashrc. However, the "BASH_ENV" feature is only active when bash runs in "bash mode". As Jenkins starts the shell via sh, bash tries to emulate historic sh, which does not have that feature. So, also for B, you need a shebang:
#!/bin/bash
<your script here>
But that you'd need anyway to get rid of the tracing output that's usually too much in production setups.
The first thing I should mention is that I can't use ssh.
With that out of the way, if anyone can help I'll be eternally grateful.
I need to run a post-build script on my bot which creates a tag and pushes it to the remote upon build success. I've tried running it as a "post" script defined on the bot, as a "build stage" within the project build settings, and as a post-build script in the custom shared scheme I'm using for CI. The script looks like this:
if [ -z "$PROJECT_DIR" ]; then
echo "No project dir variable"
else
cd $PROJECT_DIR;
echo "PROJECT_DIR is $PROJECT_DIR";
echo "Directory is $(pwd)";
git config user.email "myself#mycompany.com"
git config user.name "myself"
CURRENTTAG=$(git describe --abbrev=0 --tags);
echo "CURRENTTAG is $CURRENTTAG";
CURRENTTAG_PRE=`echo $CURRENTTAG | awk -F "_" '{print $1}'`;
echo "CURRENTTAG_PRE is $CURRENTTAG_PRE";
CURRENTTAG_POST=`echo $CURRENTTAG | awk -F "_" '{print $2}'`;
echo "CURRENTTAG_POST is $CURRENTTAG_POST";
if [ -z "$CURRENTTAG_POST" ]; then
echo "catastrophic failure"
exit 0
else
CURRENTTAG_POST=$(($CURRENTTAG_POST + 1));
SPACE="_";
NEW_TAG=$CURRENTTAG_PRE$SPACE$CURRENTTAG_POST;
echo "NEW_TAG is $NEW_TAG";
git tag -a $NEW_TAG -m "$NEW_TAG";
git push origin "$NEW_TAG"
echo "New tag $(git describe --abbrev=0 --tags) created"
fi
fi
So, the hack with the git config commands is there to stop git from asking the bot "Please tell me who you are". Once the bot gets past that, though, the git push fails with the following:
fatal: could not read Password for 'https://myself#mygitremote.com': Device not configured
Can anyone offer any HTTPS-based suggestions as to how I can get past this?
Incidentally, I'm on Xcode 6.4 and Server 4.1.2.
Thanks.
EDIT: I've seen a lot of solutions out there which start out by sudoing into _xcsbuildd's shell. In Xcode Server 4.1 there is most certainly not a home directory for _xcsbuildd, so you can't "git config --global" anything.
I had the similar problem. I was trying to push changes to git remote repository from bot's pre-trigger script and each time I received:
fatal: could not read Username for 'http://...': Device not configured
My final solution was to store credentials in the keychain for the _xcsbuildd user:
# login as a _xcsbuildd user
sudo -u _xcsbuildd /bin/bash
# store credentials in the default osx keychain
git credential-osxkeychain store https://github.com
# copy added credentials from `login` keychain to `System` keychain
whenever I switch directory in my terminal, I have to run the command "/bin/bash --login" before I can run rails/rake related commands. If I don't, I get an error saying "the program "rails" can be found in the following packages: ..."
Any advice?
By default some servers do not allow this due to permissions reason. You can place this in
~/.bashrc and it will automatically work when you open a new terminal
As per bash man page.
When an interactive shell that is not a login shell is started, bash
reads and executes commands from ~/.bashrc, if that file exists. This
may be inhibited by using the --norc option. The --rcfile file option
will force bash to read and execute commands from file instead of
~/.bashrc.
When bash is started non-interactively, to run a shell script, for
example, it looks for the variable BASH_ENV in the environment,
expands its value if it appears there, and uses the expanded value as
the name of a file to read and execute. Bash behaves as if the
following command were executed:
if [ -n "$BASH_ENV" ]; then . "$BASH_ENV"; fi but the value of the
PATH variable is not used to search for the file name.
The file is just shell commands. It is typically used to change prompts, set environment variables, and define shell procedures. Traditionally, the file .profile is used for this purpose, but bash has so many extensions that it needs its own startup file for users that want to put bashisms in startup files.
Easy solution:
Just open terminal. GO to Edit menu from terminal navigation bar, Select "Profile Preferences", It will open "edit profile pop-up". Select "Title and Command" button and "check Run Command as login shell"
ctrl + alt + t -> Edit -> Profile Preferences -> Title and Command -> Check Run command as login shell
Close the terminal and open again. Next time you don't need to "/bin/bash --login"
I use to use this script for Windows XP but since we're doing the switchover to 7 I tried to use it on the new images. It seems like it tries but it doesn't work. I have created a 64bit print server and these machines are 64bit which is the only difference. I read up on this and saw there was a GPO that needed to be set to allow this to work. Which was - Computer Configuration > Administrative Templates > Printers > Allow Print Spooler to accept client connections.
I have tried everything and can't get this to work, it doesn't give me an error or anything. It gives me the prompts for PC name and Printer name, then says 'Adding printer' from the echo command, and just sits there. I can run the command by itself and it doesn't work either....... Please help!
The main thing is that the printer needs to be added from a print server and to the computer for all users as their default.
#echo off
echo PC Name
set /p PC=
echo Printer Name
set /p PRINTER=
ECHO Adding Printer...
\\ghostserver\installs\pstools\psexec \\%PC% -n 3 cmd /c rundll32
printui.dll,PrintUIEntry /y /ga /c\\%PC% /n\\PRINTSERVER\%PRINTER%
ECHO Restarting Print Spooler...
start /wait sc \\%PC% stop spooler
start /wait sc \\%PC% start spooler
Do you want to install or map the printer from the network ?
First thing to try : map the printer manually on a 7 x64 client. If it fails, your problem is not the batch.
Also try the simple rundll32 printui.dll PrintUIEntry /in n\\PRINTSERVER\%PRINTER% with a non-admin non-elevated account on the client to validate the print server configuration.
Is the "Disallow installation of printer using kernel-mode drivers" GPO disabled ? (Have to be)
Check the firewall settings, UAC/elevation configuration, admin access. Run a gpupdate /force and restart the client.
Check the event log on both the client and print server for any errors.
With an admin account (both print server and client), try to push the installation from the print server.
Have you tried to force adding the provider ? /j "LanMan Print Services"
If you have 2008 servers or DCs, you can use Print Management or Group Policy Preferences to deploy printers (easier than bat+psexec+printui.dll).
If you really want to do it via login script, there are also a bunch of tools in Vista/7/8 for print management in %WINDIR%\System32\Printing_Admin_Scripts, like this one.
Side note : start /wait is inefficient since sc.exe doesn't wait any response of the service. So, if you stop and start without a pause, chances are the service will not be stopped before the restart and skip the second order. You have to simulate a pause (ping 127.0.0.1 -n 5 >nul 2>&1) between stop & start or use a safer script to check the state of the service.
Thank you so much! That fixed it.
Here's my add script:
#echo off
echo PC Name
set /p PC=
echo Printer Name
set /p PRINTER=
echo Adding Printer...
\\servername\installs\pstools\psexec -s -i -accepteula \\%pc% rundll32 printui.dll PrintUIEntry /in /y /ga /n\\PRINTSERVER\%PRINTER%
echo Restarting Print Spooler...
start sc \\%pc% stop spooler
pause
start sc \\%pc% start spooler
pause
Here's my remove script:
#echo off
echo PC Name
set /p PC=
echo Printer Name
set /p PRINTER=
echo Adding Printer...
\\servername\installs\pstools\psexec -s -i -accepteula \\%pc% rundll32 printui.dll PrintUIEntry /gd /n\\PRINTSERVER\%PRINTER%
echo Restarting Print Spooler...
start sc \\%pc% stop spooler
pause
start sc \\%pc% start spooler
pause
I have created a password file for the account with Administration privileges with the following script:
$passwd = Read-Host "Enter password" -AsSecureString
$encpwd = ConvertFrom-SecureString $passwd
$encpwd > "C:\Users\b_steya\Documents\password_b_steya.bin"
Then, in another powershell script I try to run an elevated PowerShell cmd
$encpwd = Get-Content "C:\Users\b_steya\Documents\password_b_steya.bin"
$passwd = ConvertTo-SecureString $encpwd
$cred = new-object System.Management.Automation.PSCredential 'main\b_steya',$passwd
Start-Process PowerShell -Cred $cred -ArgumentList '-noexit','-File','C:\Users\b_steya\Documents\TestAddIISAppPool.ps1'
When executing the second script, I get the following error message:
Import-Module : Process should have elevated status to access IIS
configuration data.
What am I doing wrong? The user "main\b_steya" is added to the local Administrators group of the machine, on wich the script is executed.
Best regards
Yannik
When your second script is executed is it done so from an administrator (runas administrator) powershell session? Even though the user is part of the local admin group you still often need to have the initial process elevated.