Skip to content
Advertisement

How can I stop Jenkins from resetting user permissions after each build?

I have a ‘hello world’ NodeJS project I’m trying to build on a fresh install of Jenkins (running on Ubuntu 18.04.3 LTS on a Digital Ocean server). I have limited experience with Linux so please let me know anything I’m missing here.

Jenkins build “execute shell”:

whoami
npm install
./script/test

Jenkins console output:

Started by user twulz
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/node-app
No credentials specified
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/Twulz/node-app.git # timeout=10
Fetching upstream changes from https://github.com/Twulz/node-app.git
 > git --version # timeout=10
 > git fetch --tags --progress -- https://github.com/Twulz/node-app.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision 81d9f909cfd34cd5eb65a123dd9f2a1e67686512 (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 81d9f909cfd34cd5eb65a123dd9f2a1e67686512
Commit message: "Solve vulnerabilities"
 > git rev-list --no-walk 81d9f909cfd34cd5eb65a123dd9f2a1e67686512 # timeout=10
[node-app] $ /bin/sh -xe /tmp/jenkins4626689890347957662.sh
+ whoami
jenkins
+ npm install
audited 12356 packages in 4.203s
found 0 vulnerabilities

+ ./script/test
/tmp/jenkins4626689890347957662.sh: 4: /tmp/jenkins4626689890347957662.sh: ./script/test: Permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE

So I think the problem is the jenkins user does not have permission to execute the test script /var/lib/jenkins/workspace/script/test.

On the command line I ran these commands to try to change the permissions:

$cd /var/lib/jenkins/workspace/node-app/script
$ls -l test
-rw-r--r-- 1 jenkins jenkins 51 Sep 22 07:30 test
$sudo chmod -R 757 /var/lib/jenkins/workspace/node-app
$sudo systemctl restart jenkins
$ls -l test
-rwxr-xrwx 1 jenkins jenkins 51 Sep 22 07:35 test

Then selected “Build Now” on my jenkins project, immediately after I ran again:

$ls -l test
-rw-r--r-- 1 jenkins jenkins 51 Sep 22 07:50 test

I also tried giving recursive permissions to the whole jenkins folder, or just to the test file, but both still failed: sudo chmod -R 757 /var/lib/jenkins or sudo chmod -R 757 /var/lib/jenkins/workspace/node-app/script/test

I’ve re-applied and re-saved my configuration in jenkins, as suggested in another thread but there was no change.

So something in the build process is resetting the permissions – how can I ensure the jenkins user retains the right permissions to run this script?

Advertisement

Answer

So I found the answer, I hope this helps others – git saves the executable permissions in GitHub too so in my case each time Jenkins pulled the latest code, it was overwriting the permissions to what was saved in the git repo. I was initially working in Windows so I didn’t realise this would be an issue.

To fix the problem I simply had to clone the repo, change the permissions and commit again:

$git clone https://github.com/Twulz/node-app.git
$sudo chmod -R 757 node-app
$cd node-app/
$git add .
$git status
$git commit -m "Update execute permissions"
$git push
User contributions licensed under: CC BY-SA
3 People found this is helpful
Advertisement