The problem is that Jenkins is not root. In the past the work Jenkins is doing would be done by root invoked from cron.
Our scenario is to build and deploy to Tomcat7 and then invoke the deployed web service from Jenkins. The web service downloads a lot of files to a cache. Once a week we want to clear the cache, from Jenkins, but the files in the cache are owned by Tomcat7.
The solution is to put Jenkins and Tomcat7 into the same group.
Edit the tomcat startup script /etc/init.d/tomcat7 and change the umask value to 002.
start) if [ -z "$JAVA_HOME" ]; then log_failure_msg "no JDK found - please set JAVA_HOME" exit 1 fi if [ ! -d "$CATALINA_BASE/conf" ]; then log_failure_msg "invalid CATALINA_BASE: $CATALINA_BASE" exit 1 fi log_daemon_msg "Starting $DESC" "$NAME" if start-stop-daemon --test --start --pidfile "$CATALINA_PID" \ --user $TOMCAT6_USER --exec "$JAVA_HOME/bin/java" > /dev/null; then # Regenerate POLICY_CACHE file umask 002 echo "// AUTO-GENERATED FILE from /etc/tomcat6/policy.d/" > "$POLICY_CACHE" echo "" >> "$POLICY_CACHE" cat $CATALINA_BASE/conf/policy.d/*.policy >> "$POLICY_CACHE"
Make Jenkins a member of the tomcat7 group.
usermod -G tomcat7 jenkins
Restart tomcat7 and Jenkins
/etc/init.d/tomcat7 restart
/etc/init.d/jenkins restart
change premisions on existing cache
chmod -R g+w .
Run Jenkins manually:
The job should succeed next weekend.
No comments:
Post a Comment