While setting up deployment through jenkins for my django project, I got stuck where I had to restart apache2 service to reflect the new changes to the client side. I am not sure how to provide user password after running systemctl reload apache2.service command.
I tried below options but no luck.
1) systemctl reload apache2.service
Result:
Failed to reload apache2.service: Interactive authentication required.
See system logs and 'systemctl status apache2.service' for details.
Build step 'Execute shell' marked build as failure
2) sudo systemctl reload apache2.service
Result :
sudo: no tty present and no askpass program specified
Build step 'Execute shell' marked build as failure
3) Also not sure whether sshpass will help in this case
Attached screenshot taken from jenkins job.
As noted in a comment before, you have an problem with permissions here.
I assume that your Jenkins instance is running under user "jenkins", which cannot execute admin (root) commands. So you need to login via SSH into the machine and make sure that the user "jenkins" can execute this command with sudo.
You can find help for editing the sudoers file here: How To Edit the Sudoers File on Ubuntu and CentOS. I would recommend you to only to allow certain commands.
If you decide that the "jenkins" user needs to enter a password use the following command:
echo password | sudo -S systemctl reload apache2.service
Of cause you should store that password in a secure way and mask it within the build. The Jenkins Credentials Plugin can help you with this.
Related
I'm using a shell script to restart my flask app upon receiving a webhook request from github, but I'm running into an issue with no-password sudo authentication, but only when uWSGI is runs the restart function.
I have the application deployed as a systemd service and in order to restart the service, I have to run systemctl restart myapp.service as sudo. So I stuck that line into a script, and marked it as runnable as sudo without password authentication in /etc/sudoers by the user that runs the webapp.
The restart function is very simple:
import os
def on_push():
os.setuid(os.geteuid())
os.system('sudo /path/to/script.sh')
And the script itself is a one-liner:
systemctl restart myapp.service
Running the command via os.system('sudo /path/to/script.sh') in a normal python shell restarts the app as expected, without asking for the password. However, when the command is run by a uWSGI worker process, it fails to restart with the message that Interactive authentication required.
Is this an issue that can be solved by changing uWSGI launch parameters?
Turns out that I needed to set uid and gid in the .ini file used to start the uWSGI instance to the user/group used to run the application.
I am trying use Google Earth Engine's Python API on my 'Windows 10 Home' computer, for which Google recommend I set up a docker container (https://developers.google.com/earth-engine/python_install).
Following the instructions here (https://developers.google.com/earth-engine/python_install-datalab-local), I have downloaded Docker Toolbox and successfully run the docker run hello-world command.
However, when I try to run the following code:
set "GCP_PROJECT_ID=YOUR_PROJECT_ID"
set "CONTAINER_IMAGE_NAME=gcr.io/earthengine-project/datalab-ee:latest"
set "HOME=%HOMEDRIVE%%HOMEPATH%"
set "WORKSPACE=%HOME%\workspace\datalab-ee"
mkdir "%WORKSPACE%"
cd %WORKSPACE%
I get the following error on the 5th line: mkdir: cannot create directory '%WORKSPACE': Permission denied.
Does anyone know what's causing this? I have only ever use Anaconda Prompt and am not used to the syntax of this terminal.
Also, just to clarify, I entered the correct project ID into the terminal for line 1, but have not shared it here.
Problem solved. I was using the Docker Quickstart Terminal. Switched to Windows Command Prompt and everything running fine.
You may need to add yourself to the docker user group.
Run the following command in your shell or terminal window:
sudo usermod -a -G docker ${USER}
where user is the google user with which I log in to the console, after executing the command it is necessary to restart the terminal.
Is there a way to give user crontab permission to use reboot command?
I want crontab to activate a python script that uses geckodriver and then reboots the device when the script finishes. The problem currently is that geckodriver won't run as root and my non-root crontab gives the error below when the script tries to use reboot command:
Failed to set wall message, ignoring: Interactive authentication required.
Failed to reboot system via logind: Interactive authentication required.
Failed to start reboot.target:Interactive authentication required.
See system logs and 'systemctl status reboot.target' for details.
If it's not possible to give non-root cron job permission to reboot, is there some other handy way to circumvent the problem? I guess one solution could be to separate the reboot part of the script as second script and include that in root crontab to be ran after the first script.
I'm using Ubuntu 18.10
Hi there I'm trying to deploy my python app using Travis CI but I'm running into problems when I run the "travis setup heroku" command in the cmd prompt.
I'm in my project's root directory, there is an existing ".travis.yml" file in that root directory.
I've also installed ruby correctly and travis correcty because when I run:
"ruby -v" I get "ruby 2.2.2p95 (2015-04-13 revision 50295) [x64-mingw32]"
"travis -v" I get "1.7.7"
When I run "travis setup heroku" I get this message "The system cannot find the path specified" then prompts me for a "Heroku API token:"
What's the issue?
If you hadn't had Heroku Toolbelt setup to the $PATH environment variable during installation, here are some steps to check:
Check if Heroku toolbelt is set in PATH variable. If not, cd to your Heroku toolbelt installation folder, then click on the address bar and copy it.
Go to the Control Panel, then click System and Advanced System Protection.
Go to Environment Variables, then look for $PATH in the System Variables
After the last program in the variable, put a ; then paste in your Heroku CLI folder and click OK. (This requires cmd to be restarted manually)
Login to Heroku CLI
grab the token key from heroku auth:token
run travis setup heroku if the setup goes smoothly, you shouldn't get the command not found and prompt you for heroku auth key. It will ask that you want to encrypt the auth key (highly recommend) and verify the information you provided with the toolbelt and Travis CLI.
commit changes
you should be able to get your app up and running within your tests.
I would like to write a script that will tell another server to SVN export a SVN repository.
This is my python script:
import os
# svn export to crawlers
for s in ['work1.main','work2.main']:
cmd = 'ssh %s "cd /home/zes/ ; svn --force export svn+ssh://174.113.224.177/home/svn/dragon-repos"' % s
print cmd
os.system(cmd)
Very simple. It will ssh into work1.main, then cd to a correct directory. Then call SVN export command.
However, when I run this script...
$ python export_to_crawlers.py
ssh work1.main "cd /home/zes/ ; svn --force export svn+ssh://174.113.224.177/home/svn/dragon-repos"
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-with-mic,password).
svn: Connection closed unexpectedly
ssh work2.main "cd /home/zes/ ; svn --force export svn+ssh://174.113.224.177/home/svn/dragon-repos"
Host key verification failed.
svn: Connection closed unexpectedly
Why do I get this error and cannot export the directory? I can manually type the commands in the command line and it will work. Why can't it work in the script?
If I change to this...it will not work. and instead, nothing will happen.
cmd = 'ssh %s "cd /home/zes/ ;"' % s
This is a problem with SSH.
Permission denied, please try again.
This means that ssh can't login. Either your ssh agent doesn't have the correct key loaded, you're running the script as a different user or the environment isn't passed on correctly. Check that the variables SSH_AUTH_SOCK and SSH_AGENT_PID are passed to the subprocess of your python script.
Host key verification failed.
This error means that the remote host isn't known to ssh. This means that the host key is not found in the file $HOME/.ssh/known_hosts. Again, make sure that you're checking the home directory of the effective user of the script.
[EDIT] When you run the script, then python will become the "input" of ssh: ssh is no longer connected to a console and will ask python for the password to login. Since python has no idea what ssh wants, it ignores the request. ssh tries three times and dies.
To solve it, run these commands before you run the Python script:
eval $(ssh-agent)
ssh-add path-to-your-private-key
Replace path-to-your-private-key with the path to your private key (the one which you use to login). ssh-add will ask for your password and the ssh-agent will save it in a secure place. It will also modify your environment. So when SSH runs the next time, it will notice that an ssh agent is running and ask it first. Since the ssh-agent knows the password, ssh will login without bothering Python.
To solve the second issue, run the second ssh command manually once. ssh will then add the second host to its files and won't ask again.
[EDIT2] See this howto for a detailed explanation how to login on a remote server via ssh with your private key.
I guess that it is related to ssh. Are you using a public key to automatically connect. I think that your shell knows this key but it is not the case of python.
I am not sure but it's just an idea. I hope it helps
Check out the pxssh module that is part of the pyexpect project:
https://pexpect.readthedocs.org/en/latest/api/pxssh.html
It simplifies dealing with automating ssh-ing into machines.