A little background: I need to invoke sqlcmd to remotely run .sql files via PHP. I am trying to use this function call: exec("sqlcmd -?", $second); There is zero output after running this command. Running this command under my current user works fine.
PHP runs under IUSR according to PHP's get_current_user(); function so it would be logical to change the permissions on sqlcmd to allow PHP to run sqlcmd (I give full permissions temporarily just for testing):
Then I retest the PHP script and again no output. I decide to restart IIS. Still no output.
What permissions are needed to run sqlcmd under IUSR?
Related
I have apache server installed on redhat linux.
I have a PHP script that needs to call a python wrapper script that calls another python script which has a function to execute some database queries.
So, my php script is in location /var/www/html: If I execute the python script from this location command line the script works fine. However, If I run the exact same command through exec inside PHP, I get "permission denied".
The whoami at /var/www/html gives my linux user id.
Inside php script
exec("whoami")
returns apache.
and
echo get_current_user();
returns my linux user id. Which is understandable since get_current_user returns the owner of the php script. How should I fix this problem? Is the problem because user "apache" does not have access to the script? User "smeeta" does have access to execute the script.
Any guidance here is highly appreciated.
Jenkins version: 1.574
I created a simple job which performs the following:
Using "Execute shell script on remote host using SSH" as one of the BUILD steps, I'm just calling a shell script. This shell script performs stop and start operations on Tomcat to restart an application on the target machine.
I have a valid username, password, port defined for the target SSH server in Jenkins Global settings.
I saw this behavior that when I run a Jenkins job and call the restart script (which gets the application name as parameter $1), it works fine, but as soon as "Execute shell script on remote host using SSH" step completes, I see the new process dies on the remote/target application server.
If I run the script from the target/remote server itself, everything works fine and the new process/PID remains live forever, but running the same script from Jenkins, though I don't see any errors and everything works as expected, the new process dies as soon as the above mentioned SSH step is complete and control comes back to the next BUILD step in Jenkins job OR the Jenkins job is complete.
I saw a few posts/blogs and tried setting: BUILD_ID=dontKillMe in the Jenkins job (in various places i.e. Prepare Environment variables and also using Inject Environment variables...). When the job's particular build# is complete, I can see Environment Variables for that build# does say BUILD_ID=dontKillMe as its value (instead of the default Timestamp tag value).
I tried putting nohup before calling the restart script, i.e.,
nohup restart_tomcat.sh "${app}"
I also tried:
BUILD_ID=dontKillMe nohup restart_tomcat.sh "${app}"
This doesn't give any error and creates a nohup.out file on the remote server (but I'm not worried about it as the restart_tomcat.sh script itself creates its own LOG file which I'm "cat"ing after the restart_tomcat.sh script is complete. cat'ing on the log file is performed using another "Execute shell script on remote host using SSH" build step, and it successfully shows the log file created by the restart script).
I don't know what I'm missing at this point, but as soon as the restart_tomcat.sh step is complete, the new PID/process on the remote/target server dies.
How can I fix this?
I've been through this myself.
On my first iteration, before I knew about Jenkins ProcessTreeKiller, I ended up just daemonizing Tomcat. The Apache Tomcat documentation includes a section on running as a daemon.
You can also try disabling the ProcessTreeKiller for your whole Jenkins instance, if it's relatively small (read the first link for information).
The BUILD_ID=dontKillMe should be passed to the shell, and therefore it should be in your command line, not in Jenkins global configuration or job parameters.
BUILD_ID=dontKillMe restart_tomcat.sh "${app}" should have worked without problems.
You can also try nohup restart_tomcat.sh "${app}" & with the & at the end.
My solution (it worked after trying everything else) in Ubuntu 14.04 (Trusty Tahr) (Amazon AWS - Amazon EC2), Jenkins 1.601:
Exec command: (setsid COMMAND < /dev/null > /dev/null 2>&1 &);
Exec in PTY: DISABLED
// Example COMMAND=socat TCP4-LISTEN:1337,fork TCP4:127.0.0.1:1338
I created this Transfer as my last one.
#!/bin/ksh
export BUILD_ID=dontKillMe
I added the above line to the start of my script and the issue was resolved.
Take a look at Get puppet build to fail when the contained SQL script fails execution
I was attempting to run a vagrant build which installs Oracle XE in an Ubuntu Virtualbox VM and then runs a an SQL script to initialize the Oracle Schema. The vagrant build is here : https://github.com/ajorpheus/vagrant-ubuntu-oracle-xe. The setup.sql is run as a part of the oracle module's init.pp (right at the bottom or search for 'oracle-script').
When running the SQL script as a part of the vagrant build, I see the following error:
notice: /Stage[main]/Oracle::Xe/Exec[oracle-script]/returns: Error 6 initializing SQL*Plus
notice: /Stage[main]/Oracle::Xe/Exec[oracle-script]/returns: SP2-0667: Message file sp1<lang>.msb not found
notice: /Stage[main]/Oracle::Xe/Exec[oracle-script]/returns: SP2-0750: You may need to set ORACLE_HOME to your Oracle software directory
There were two things that were instrumental in me finding a workaround for the problem:
As suggested in this answer, setting the logoutput attribute to true for the exec block under question immediately showed me the error, whereas before the exec was just failing silently.
It seemed strange that I was able to run the command (sqlplus system/manager#xe < /tmp/setup.sql) after manually logging in as the 'vagrant' user. That suggested that there was something missing in the environment. Therefore, I copied all ORACLE env. vars into the exec as seen on Line 211 here
That worked, however, setting up the env vars manually seems a bit brittle. Is there a better way to setup the ORACLE environment for the vagrant user? Or, is there a way to get puppet to setup the environment for the vagrant user similar to an interactive shell?
If some profile has been set up to give the user a working interactive shell, you should be able to pass your action through such a shell
command => 'bash -i -c "<actual command>"'
As an aside about logoutput, since you mentioned that - the documentation advises that "on_failure" is a sane default, as it will only bloat your output when there are actual errors to analyze. It is the actual default in the latests versions of Puppet.
I deploy some .bteq and .sql scripts on a TERADATA database. For doing this, I use a client on my desktop called BTEQWin version 13.10.0.03.
I get the .bteq/.sql from a version control like pvcs/svn etc and all I do once the files are in my workspace folder (from Version control tool), to just drag and drop the files from Windows browser to BTEQWin client (which I connect to a database prior to drag/drop for running those scripts).
Now, I have to automate this whole process in UNIX.
I have written a SHELL KSH/BASH script which is getting all the .bteq/.sql from a TAG/LABEL in the version control tool to a given UNIX folder. Now, all I need to do is the pass these files one by one (i'll take care of the order) to Teradata client.
My ?
- what client do I need to tell Unix admin team to install on Unix server - so that I can run something like below:
someTeraDataCommand -u username -p password -h hostname -d database -f filenametoexectue | tee output_filename.log
Where, someTeraDataCommand is the client / executable - which will let me run Teradata scripts (like I was doing using BTEQWin on my desktop - GUI session). Other parameters can be username, password, which database to connect on what server and which file to run or make that file passed to the command using "<" operator at command line.
Any idea?
- What client ?
Assuming the complete Teradata Tools and Utilities package is installed on your UNIX server (which will have the connectivity tools to talk to Teradata), you should have access to bteq from the command line. Something like this:
bteq < script_file > output_file
Your script file should contain a .LOGON statement to establish the connection:
.LOGON yourTDPID/your_account,your_pw
You might also need to use other commands to set your default database or non-default session values.
Another option would be to combine the SQL and call to BTEQ in a Korn shell script:
#!/usr/bin/ksh
##############
SHELL_NAME=`basename $0`
PRG_NAME=`basename $(SHELL_NAME} .ksh`
LOG_FILE=${PRG_NAME}.log
OUT_FILE=${PRG_NAME}.out
#
bteq <<EOBTQ > ${LOG_FILE} 2>$1
.LOGON {TDPID}/{USERID},{PWD};
--.RUN file=${LOGON}
/* Add your SQL/BTEQ commands here */
.QUIT 0;
EOBTQ
Edit
The double hyphen indicates a single line comment. Typically in a UNIX script you do not leave your password in plain text of a KSH script. The .RUN command would reference a text file in a barely sufficient secure location containing the .LOGON {TPDID}/{USERID},{PWD}; command.
The .RUN command in BTEQ allows you to reference another text file containing a series of valid BTEQ commands that you want to run in the current BTEQ script.
Easiest way is to setup the Solaris TTU, is to request root sudo, and run an interactive installation into defaults as a root. That would cure all client issues.
I'm currently using CruiseControl.NET to automate my build. We have two different ways to build a solution in my build environment - one is through the Keil uVision4 IDE, the other is through Visual Studio 2008.
I've successfully gotten the Visual Studio solution to build properly using CruiseControl.NET and have created a batch file which properly uses Keil's uVision command line interface to compile my uvproj Project (compilation details here).
Problem Description
1) I can successfully execute the build script on my Windows 2008 server and build the project if I create a command prompt with administrator privileges (I'm doing this manually - start -> run -> cmd with ctrl-shift-enter to run as admin).
2) However, if I create a command prompt without administrator privileges, and attempt to execute the batch file, the batch file won't work unless I accept the prompt asking me to confirm admin rights are required to run the batch script.
How do I automatically execute a batch file as an administrator through CruiseControl?
Is this something that could be automated using the RunAs command?
Technical details
1) The batch file being executed is pretty simple - it deletes the old output and re-makes the output, creating a build log file in the location below.
set BuildLogLocation=BuildLog\BuildLog.txt
echo on
cd ../..
cd PTM
rmdir /s /q output
mkdir output
mkdir BuildLog
C:\Keil\UV4\UV4.exe -r myProj.uvproj -o %BuildLogLocation%
echo ErrorLevel of build is %ERRORLEVEL%
echo build complete, see %BuildLogLocation%
2) Currently I'm looking to use the Exec functionality to run the Keil build script above:
<Exec>
<Command>C:\myProject\Build\KeilBuild\BuildScript.bat<Command/>
<buildTimeoutSeconds>600<buildTimeoutSeconds/>
<!-- Details about error codes can be found here:
http://www.keil.com/support/man/docs/uv4/uv4_commandline.htm -->
<successExitCodes>0,1</successExitCodes>
<Exec/>
Related questions:
How can I use a build server with Keil uVision4 (MDK-ARM), script a build, use a makefile? (Electrical Engineering)
Execute a command-line command from CruiseControl.NET (Stack Overflow)
Can you run CCService, the CruiseControl.NET Windows Service, as a user who has administrative permissions? I'd try that first.
If that doesn't work, I would use runas to run your script. You'll have to embed the administrative user's password in the script calling runas.
I know this is old but, Did you get an offical way to do it Via Cruise Control?
Normally I create this and call it to call other processes "As Admin".
Make a ".VBS" script with This in the contents:
Dim strBatchPath
strBatchPath = "PATH-TO-FILE.EXE"
Set runBatch = CreateObject("shell.application")
runBatch.shellexecute strBatchPath,,,"runas",1
That could be an option to people that can't find an official way
You could try psExec from sysinternals. If you don't need to run as a nt-authority account you should be able to use this in the same way as runas.
It allows you to pass in the username/password as a switch (if memory serves)
I have Discovered that when using PSEXEC and using the -h switch, it then "runs as admin" on destination
e.g.
psexec -h \ServerToRunOn /accepteula -u DOMAIN\USER -p PASSWORD "PATH-TO-FILE"
I am Using CC.Net to call a batch file with the above in. This will run that file as Admin