Linux 是否可以允许 jenkins 访问只有 root 或某些特定程序可以访问的文件?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17096784/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Is it possible to allow jenkins to access the files that only root or some specific programs have access to?
提问by tanzeelrana
What I'm basically trying to do is allow jenkins access my android-sdk-linux folder and all the sub-directories. My boss does not want to change permissions on the folder himself. I am supposed to do it during the build process. I have seen some examples that run some commands in the execute shell during the build process. Is there some commands that can I can run in that execute shell so that jenkins can have read write and execute authority on my android-sdk-linux folder?
我基本上要做的是允许 jenkins 访问我的 android-sdk-linux 文件夹和所有子目录。我的老板不想自己更改文件夹的权限。我应该在构建过程中这样做。我看过一些示例,它们在构建过程中在执行 shell 中运行一些命令。是否有一些命令可以在该执行 shell 中运行,以便 jenkins 可以对我的 android-sdk-linux 文件夹具有读写和执行权限?
采纳答案by kthieling
As bcolfer said, you should be able to just run your shell commands with "sudo" in front of it. You will want to be sure that the user that started the Jenkins slave is a sudoer.
正如 bcolfer 所说,你应该能够在它前面加上“sudo”来运行你的 shell 命令。您需要确保启动 Jenkins slave 的用户是 sudoer。
As root, run "visudo", this will open the /etc/sudoers file. At the bottom add a line similar to this if it is not a current sudoer:
以 root 身份运行“visudo”,这将打开 /etc/sudoers 文件。如果它不是当前的 sudoer,则在底部添加与此类似的行:
jenkins ALL=(ALL) NOPASSWD: ALL
"Jenkins" being the user that started the slave.
“Jenkins”是启动奴隶的用户。
OR
或者
You could try adding the user to the group that owns that directory. IF you run "ls -l" you should be able to see the permissions and then the user, and the group that owns the directory. Once you know the group, as root run:
您可以尝试将用户添加到拥有该目录的组。如果您运行“ls -l”,您应该能够看到权限,然后是用户以及拥有该目录的组。知道该组后,以 root 身份运行:
usermod -a -G group Jenkins
"Jenkins" being the user that started the slave, and "group" being the actual group name.
“Jenkins”是启动从站的用户,“group”是实际的组名。
回答by bcolfer
One possibility is to use sudo to run commands that specifically target those files. There are a bunch of ways to manage the sudo privileges limit and log what actions happen on those files.
一种可能性是使用 sudo 运行专门针对这些文件的命令。有很多方法可以管理 sudo 权限限制并记录对这些文件发生的操作。
