01-31-2018
How to handle build user access/permissions?
All,
I am looking for some guidance on how to handle permissions/access for an application build/deployment.
We need to allow for software deployments via
Visual Studio Team Services and a build server running on Windows, deploying to RHEL 7 servers. We would like to use a service account, say 'srv_user', to handle the process. The need will be to:
- Stop tomcat service on destination server
- Push latest code to destination server
- Do an 'ant' build of the code on destination server
- Start tomcat service on destination server
Thoughts/Concerns:
- It would be great if the srv_user didn't actually need shell access on the RHEL 7 servers so developers who know the credentials can't ssh into the server. However, given the need to do a build on the destination server that may be difficult. Any thoughts?
.
- We want the tomcat service to run as a different user, say 'app_user'. Since the srv_user will need to stop and start tomcat to run the build, I'm thinking to use a custom systemd service that srv_user can run but starts the service as app_user. Does this sound like the best way to handle this need or is there a better way to handle it?
.
- The srv_user will be in the same group as app_user but we do want the written files to be owned by app_user. What is the best way to handle file permissions? Is there a good way for srv_user to write files as app_user or is the only way to write and then do a chown/chmod?
Hopefully I haven't confused the need too much, any suggestions are appreciated.
Thanks in advance,
HB
Last edited by rbatte1; 02-01-2018 at 07:24 AM..
Reason: Set formatted bulletted list and numbered list
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Currently have root access to our own boxes on site. HQ wants to take root access away from us.
What does root access provide that is unavailable for users as it is essential for us to keep local control.
We log in as users but have su for special needs.
On all other os boxes we have admin... (2 Replies)
Discussion started by: allinone
2 Replies
2. AIX
All,
I am trying to copy some data from /admin/reports/Sept/ccn/c_ivsstr01 to /home/users/myhomedir and I am getting an error I have never seen before:
The file access permissions do not allow the specified action.
The permissions on the file are -rw-r--r-- and I am the owner of the file... (3 Replies)
Discussion started by: kjbaumann
3 Replies
3. UNIX for Dummies Questions & Answers
Hi Unix Gurus,
I'm a newbie to unix and need some help from you.
I'm going to give full access (777) to a subdirectory to an FTP account.
Let's say the subdirectory is
/usr/local/dir1/dir2/dir3
There are files in dir1, say
a.txt
b.cfg
c.xml
Will this account be able to access... (3 Replies)
Discussion started by: xinu299
3 Replies
4. UNIX for Dummies Questions & Answers
Hi all,
I have user called "Z". The home directory is /home/Z. I have another directory /home/Z/OP. Within /home/Z/OP, i have 2 directories
/home/Z/OP/OP1 and /home/Z/OP2.
I want to restrict access for Z to only access
/home/Z/OP and
/home/Z/OP1 and
/home/Z/OP2.
What kind of... (4 Replies)
Discussion started by: new2ss
4 Replies
5. Shell Programming and Scripting
Hi,
I want to change the access permissions of the files whose extension is same.For example *.c but these are inside a directory and inside that other directory is there and it contains the .c files..for example--
So my aim is to search the files under src and change the access permissions... (3 Replies)
Discussion started by: smartgupta
3 Replies
6. Solaris
hi
i want to display the usernames,usergroups user permissions and user home directory's with in a single command.and possibities are their for getting this output .. (9 Replies)
Discussion started by: tv.praveenkumar
9 Replies
7. UNIX for Advanced & Expert Users
Hi everybody,
following is the scenario;
OS HP UX 11.23
two users:
# id bodi
uid=109(bodi) gid=20(users) groups=1(other),2(bin),3(sys),106(oinstall)
# id ossmed
uid=121(ossmed) gid=20(users)
umask
077
directory name /home/mydir
directory permissions drwxrwxrwx
requirement: to... (1 Reply)
Discussion started by: ajays
1 Replies
8. OS X (Apple)
I purchased a 2TB hard drive, split it into two partitions, and formatted it as NTFS. I want to use the drive on my pc and my mac. How can I change the access permissions so Mac OS 10.4.11 will let me write to the drive?
I tried this:
$ chmod +a "admin allow write" /volumes/V2_Mac
chmod:... (3 Replies)
Discussion started by: Me&MyMac
3 Replies
9. Linux
Hi
Operating system Red Hat Enterprise 5.8, Data access Mac/PC environment on various OS levels. Access via smb
I am trying to set up a data shared area where a user group can read and write to its own directory, but can only write to another groups directory.
Example:
I have set up two... (1 Reply)
Discussion started by: treds
1 Replies
10. UNIX for Dummies Questions & Answers
Hi All
I am running Ubuntu linux flavour.
I need provide multiple users belonging to the same group access to a dir where they can write files but are not supposed to remove or rename files. users outside the group should be able to read and write to the dir.
i have set the permission of... (7 Replies)
Discussion started by: Simza
7 Replies
qstop(8B) PBS qstop(8B)
NAME
qstop - stop pbs batch job processing at a destination
SYNOPSIS
qstop destination ...
DESCRIPTION
The qstop command directs that a destination should stop processing batch jobs. If the destination is a execution queue, the server will
cease scheduling jobs that reside in the queue for execution. If the destination is a routing queue, the server will cease routing jobs
from that queue.
In order to execute qstop, the user must have PBS Operation or Manager privilege.
OPERANDS
The qstop command accepts one or more destination operands. The operands are one of three forms:
queue
@server
queue@server
If queue is specified, the request is to stop that queue at the default server. If the @server form is given, the request is to stop all
the queues at that server. If a full destination identifier, queue@server, is given, the request is to stop the named queue at the named
server.
STANDARD ERROR
The qstop command will write a diagnostic message to standard error for each error occurrence.
EXIT STATUS
Upon successful processing of all the operands presented to the qstop command, the exit status will be a value of zero.
If the qstop command fails to process any operand, the command exits with a value greater than zero.
SEE ALSO
pbs_server(8B), qstart(8B), and qmgr(1B)
Local qstop(8B)