Linux exec permission denied

Docker-compose «exec: \»/usr/src/app/entrypoint.sh\»: permission denied»

This is based on https://testdriven.io/courses/microservices-with-docker-flask-and-react/ I’m running a docker file that will point to entrypoint.sh. The docker-compose-f docker-compose-dev.yml build run successfully But running docker-compose-f docker-compose-dev.yml up shows

ERROR: for users Cannot start service users: OCI runtime create failed: container_linux.go:345: starting container process caused "exec: \"/usr/src/app/entrypoint.sh\": permission denied": unknown ERROR: Encountered errors while bringing up the project. 

I did try to run on interactive mode with docker run -it –tty users_app:latest sh . Running ./entrypoint.sh did work. But it didn’t work with docker-compose. Does anybody have the same issue? This is my docker-compose-dev.yml, Dockerfile-dev, and entrypoint.sh docker-compose-dev.yml

version: '3.6' services: users: build: context: ./services/users dockerfile: Dockerfile-dev volumes: - './services/users:/usr/src/app' ports: - 5001:5000 environment: - FLASK_APP=project/__init__.py - FLASK_ENV=development - APP_SETTINGS=project.config.DevelopmentConfig - DATABASE_URL=postgres://postgres:postgres@users-db:5432/users_dev - DATABASE_TEST_URL=postgres://postgres:postgres@users-db:5432/users_test depends_on: - users-db users-db: build: context: ./services/users/project/db dockerfile: Dockerfile ports: - 5435:5432 environment: - POSTGRES_USER=postgres - POSTGRES_PASSWORD=postgres 

# base image FROM python:3.6.5-alpine # install dependencies RUN apk update && \ apk add --virtual build-deps gcc python-dev musl-dev && \ apk add postgresql-dev && \ apk add netcat-openbsd # set working directory WORKDIR /usr/src/app # add and install requirements COPY ./requirements.txt /usr/src/app/requirements.txt RUN pip install -r requirements.txt # add app COPY . /usr/src/app # add entrypoint.sh COPY ./entrypoint.sh /usr/src/app/entrypoint.sh RUN chmod +x /usr/src/app/entrypoint.sh # run server #USER root #RUN ["chmod", "+x", "/usr/src/app/entrypoint.sh"] CMD ["/usr/src/app/entrypoint.sh"] 

#!/bin/sh echo "Waiting for postgres. " while ! nc -z users-db 5432; do sleep 0.1 done echo "PostgresSQL started" python manage.py run -h 0.0.0.0 

Источник

php exec() command permission denied

I have a C++ executable file ‘skypeforwarder’. skypeforwarder works if I use command line in Terminal in Mac: henry$ /Users/henry/Desktop/skypeForwarder/skypekit-sdk_sdk-4.1.2.20_793394/examples/cpp/tutorial/step3/skypeForwarder

sh: /Users/henry/Desktop/skypeForwarder/skypekit-sdk_sdk-4.1.2.20_793394/examples/cpp/tutorial/step3/skypeForwarder: Permission denied 

I searched a lot. The problem should be the problem of the php/browser permission in web server. I also tried to change the owner of the file from:

-rwxr-xr-x 1 henry staff 1212716 19 Apr 11:23 skypeForwarder 

-rwxr-xr-x 1 _www staff 1212716 19 Apr 11:23 skypeForwarder 

It still does not work. I set the apache in my mac according to http://foundationphp.com/tutorials/php_leopard.php

2 Answers 2

Although the file itself is readable by the web server, the Desktop folder most likely is not, and the web server therefore cannot traverse into it to locate the executable file. You should move the skypeforwarder binary file into a location readable by the web server, such as a directory parallel to where you are attempting to serve this PHP script. That directory should not, however, be web-accessible. Protect it with .htaccess or place it above the web DocumentRoot, but it must be readable by the web server.

By default, Desktop on OSX is -rwxr—— and it is not advisable to change permissions on that directory.

Moreover, it is very much not advisable to change the file to be owned and writable by _www the web server user. Instead, it should be readable and executable by the web server, but not writable.

chown henry skypeforwarder chmod 755 skypeforwarder 

Standard disclaimer: As always, be extremely cautious when executing system calls from PHP scripts accessible on the web.

Источник

getting more info on «permission denied»

The script shebang line is #!/bin/sh which I can execute fine. But that is irrelevant as it is never even parsed. Setting -x on my current bash session will not show anything else happening other than trying to execute the script.

$ path/script bash: path/script: Permission denied $ _ 

edit: if i pass the script as an argument, it works fine

$ /bin/sh -x path/script . script executes. 

ok, it was a silly cause. the mount flag had noexec . but i would still like the answer to the questions «getting more info on “permission denied”»

Is the path/script on a mounted file system with noexec set on the mount? …I hit return and see that the answer is «yes»… There isn’t a way to get more information; that’s all the information the shell has, because that’s all the information the kernel tells the shell. You have to debug it by checking the access permissions. You were following most of the right steps. What you omitted to tell us was the actual path, and that it was on a file system mounted with noexec . There’s no way for anyone not on the machine to know that — it is found out by a process of elimination.

yeah. that was the ultimate cause, as i said above, of the permission denied. but i’d like to know how to actually get more information instead of checking a dozen things everytime.

1 Answer 1

Get more information by diving into the kernel calls. It helps if you have a knowledge of C, and the kernel APIs. man pages are your friends.

See if you have a program called strace try which strace . There are similar programs on various UNIXs (like truss on some Suns, dtruss on OS X) but strace is the most common. If you can’t find one, Google something like «strace for . «, whatever UNIX you are using.

strace -o strace.out -f /bin/sh path/script 

-o strace.out means trace to the file strace.out — look at it using an editor

-f means follow child processes.

/bin/sh path/script is the program you are tracing.

You will get a lot of output, sometimes it is worth going to the end and working backwards.

On Linux there is also ltrace which can trace library calls as well.

If the program you wish to trace is already running, then the -p option, followed by the pid of the process, can be very handy.

Of course, having said all that it is quite possible in this case that the shell was reporting all that the kernel was telling it. It might be that there was no further information to give.

Источник

Failed at step EXEC spawning. Permission denied

I have read alot about this but still not sure why this is not working. as far as I know all dirs have the right permission and even with everything being 777 I still get permission denied when trying to run this program as a service. the program I am trying to run as a servoce is called xTeVe. I have tried runing it under all differient dirs, users, and nothing seems to work. Heres the Unit file:

[Unit] Description=XTeVe For Plex After=network.target network-online.target [Service] ExecStart=/root/IPTV/xteve user=root Restart=on-failure RestartSec=5 StartLimitInterval=60s StartLimitBurst=3 [Install] WantedBy=multi-user.target 

I do know that this shouldnt be run as root but that was just the last user I tried And when i try to start the service i get this:

14:20 xteve.service: Failed with result 'exit-code'. 14:02 xteve.service: Main process exited, code=exited, status=203/EXEC 14:02 xteve.service: Failed at step EXEC spawning /root/IPTV/xteve: Permission denied 14:02 xteve.service: Failed to execute command: Permission denied 14:02 Started XTeVe For Plex. 

[root@skynet IPTV]# ls -la total 12084 drwxr-xr-x. 2 root root 19 Mar 6 13:58 . dr-xr-x---. 5 root root 175 Mar 6 13:58 .. -rwxr-xr-x. 1 root root 12370316 Mar 6 13:58 xteve 

[root@skynet IPTV]# file xteve xteve: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, Go BuildID=lt4S9w02Ylf_MXsFeRkj/jdmwTx5YSsQSDaa6tfuz/vCzfZlCyl5qUEBD7IuD0/AEI-OmWm1iNuziWA7R0P, with debug_info, not stripped 

type=AVC msg=audit(1551898814.098:1342): avc: denied < execute >for pid=11002 comm="(xteve)" name="xteve" dev="dm-0" ino=30958 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=file permissive=0 type=SERVICE_STOP msg=audit(1551898814.100:1343): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xteve comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'UID="root" AUID="unset" type=SERVICE_START msg=audit(1551898814.420:1344): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xteve comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1551898814.420:1345): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xteve comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1551898966.689:1385): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=xteve comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=?res=success'UID="root" AUID="unset" 

Источник

How do I fix shell script permission denied in Linux?

In Linux, you may experience a “permission denied” error while trying to list files or execute a shell script inside the directory which does not have sufficient permissions. As Linux operating system is very concerned about its security, the “root” has complete access to all directories and files for making changes. Therefore, other users may not be permitted to make such changes.

Permission denied error in shell script execution

In our system, we have a shell script named “samplescript.sh”. Now, as a normal user, we will try to execute this hell script.

The output will show you the “permission denied error” because you do not have the permission to execute this script.

Fixing permission denied error

To avoid this “permission denied error,” the only thing you have to do is to add “x” or “execution” permission to this “samplescript.sh” file and make it executable for a typical user.

Firstly, check out the file permission of the shell script.

Using chmod command

The chmod command lets a user change permission of a file using a reference file, numeric or symbolic mode.

Syntax of chmod command:

• flags: user can set these additional options
• permissions: this part of the chmod command is used to define file permissions which include: “r” for read, “w” for write, and “x” for making it executable.
• filename: specify the filename whose permissions you want to change.

Whereas “u+x” will make the script executable for the current Linux user, though the group owner or other “users” already have access to execute it.

Execution of the above-given chmod command should change the “samplescript.sh” into an executable format. Now execute the “ls” command to confirm the changes we made into the permissions of this shell script.

Utilize the cat command to view the content of this “samplescript.sh” script file.

Finally! It’s time to execute the shell script.

The output declares that we have successfully fixed the permission denied error of this “samplescript.sh” shell script.

Conclusion

Every Linux user should know the quick fix for the “permission denied” error encountered while executing any shell script. “chmod” command resolves this issue by changing the script’s file permissions and allowing it to in an executable format for the current user. This article has provided you a step-by-step procedure for fixing the shell script “permission denied” execution error.

About the author

Talha Saif Malik

Talha is a contributor at Linux Hint with a vision to bring value and do useful things for the world. He loves to read, write and speak about Linux, Data, Computers and Technology.

Источник