Jenkins 1.596 script won't run with security configured

[Murthy Gandikota]

Hi All

I am trying to run a shell script in a project as root. Without security enabled it runs fine.

With security using Jenkins database -- no fancy LDAP or anything--- enabled, the script fails thus:

$ /bin/sh -xe /tmp/hudson8715135757129650687.sh
+ echo root
root
+ chmod a+x ./myscript.sh
+ ./myscript.sh
--2015-04-01 23:35:54--  http://ci.westechdev.org:8080/job//backup-jenkins-jobs/config.xml
Resolving ci.mycom.org... 192.168.100.1
Connecting to ci.westechdev.org|192.168.100.1|:8080... connected.
HTTP request sent, awaiting response... 403 Forbidden
2015-04-01 23:35:54 ERROR 403: Forbidden.

Can anyone help?

Thanks

murthy

[Eric Pyle]

See Authenticating Scripted Clients page on the wiki.

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/77fc4aec-b6ab-4828-9a83-01def2d05263%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Murthy Gandikota]

On Thursday, April 2, 2015 at 11:07:17 AM UTC-7, Eric Pyle wrote:

See Authenticating Scripted Clients page on the wiki.

On 4/2/2015 12:22 PM, Murthy Gandikota wrote:

Hi All

I am trying to run a shell script in a project as root. Without security enabled it runs fine.

With security using Jenkins database -- no fancy LDAP or anything--- enabled, the script fails thus:

$ /bin/sh -xe /tmp/hudson8715135757129650687.sh
+ echo root
root
+ chmod a+x ./myscript.sh
+ ./myscript.sh

Hi Eric

The script is run as root. There is no root user in Jenkins. Should I create one?

Otherwise, could you tell me whose API token needs to be used?

Also, the URL you gave covers wget besides perl, java, etc. but not shell scripting (bash).

We have a master-slave set up.

Thank you

[Richard Bywater]

There doesn't need to be a root user in Jenkins - just make sure the username and token you pass through in the script are valid to perform the functions you require on the Jenkins server.

I think the examples given in the URL should be enough to show what parameters need to be passed in the HTTP request with your language/HTTP-client of choice?

Richard

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/6494dd27-adcc-41f0-88df-6c4f8d0f5297%40googlegroups.com.

[Murthy Gandikota]

For more options, visit https://groups.google.com/d/optout.'

Hi Richard

Many thanks for your clarification. I still have one more question. The wget example given at the Jenkins web site is:

wget --auth-no-challenge --http-user=user --http-password=apiToken --secure-protocol=TLSv1 http://jenkins.yourcompany.com/job/your_job/build?token=TOKEN

Should we pass token=Token with every wget url?

For example we will have something like this:

wget --auth-no-challenge --http-user=someuser --http-password=APITOKEN --user-agent=agent --retry-connrefused --tries=0 -O refresh.xml http://jenkins.mycom.com/job/refresh/config.xml

Should this be changed to:

wget --auth-no-challenge --http-user=someuser --http-password=APITOKEN --user-agent=agent --retry-connrefused --tries=0 -O refresh.xml http://jenkins.mycom.com/job/refresh/config.xml?token=TOKEN

I appreciate your kind help.

Thanks