I am trying to copy files to an AWS instance using SCP but am running into permission denied error as below,i tried to change the group name to "Users" as well which didnt work either?can anyone provide guidance on how to fix this?
drwx------+ 1 username NA+Group(513) 0 May 10 23:33 .ssh
-rwxr-xr-x 1 Administrators NA+Group(513) 1692 May 5 17:00 ngc.pem
-rwxr-xr-x 1 Administrators NA+Group(513) 1692 May 8 12:47 test.pem
-rwxr-xr-x 1 Administrators NA+Group(513) 1464 May 8 13:45 test.ppk
username#machine ~
$ scp -i test.pem index.html ec2-publicip.us-west-2.compute.amazonaws.com:~
Permission denied (publickey).
lost connection
username#machine ~
$ chown usernam1 test.pem
chown: changing ownership of 'test.pem': Permission denied
username#machine ~
$ chown :Users test.pem
chown: changing group of 'test.pem': Permission denied
Permission denied does not relate to the permissions of the .pem file in your computer, but to the permissions of the .pem file to the server it is trying to access. First - you need to specify the specific user you are trying to scp into. For example, if this is an Ubuntu server, the correct syntax for the command would be - scp -i test.pem index.html ubuntu#ec2-publicip.us-west-2.compute.amazonaws.com:., that will copy the file to the home folder of the ubuntu user.
Related
I am trying to host a shiny app on an AWS EC2 for the first time. I have been following this [tutorial] (https://www.charlesbordet.com/en/guide-shiny-aws/#3-how-to-configure-shiny-server).
I adjusted my sudo nano /etc/shiny-server/shiny-server.conf with sanitize_errors false; so the errors display at http://18.144.34.215:3838/. It seems I do not have the correct permission allocated to that folder from the shiny-server.
This is my first attempt at hosting a shiny app on EC2 and a bit lost from other posts I have found searching. What would be the correct commands to give permission to this folder?
Also, please let me know what info you need from me in order to understand this error better.
Here are my folder permission for 'RIBBiTR_DataRepository'
-rw-rwSr-- 1 ubuntu ubuntu 35149 Feb 1 21:32 LICENSE
-rw-rwSr-- 1 ubuntu ubuntu 10 Feb 1 21:32 README.md
drwxrwsrwx 5 ubuntu ubuntu 4096 Feb 1 21:38 RIBBiTR_DataRepository
-rw-rwSr-- 1 ubuntu ubuntu 205 Feb 1 21:32 db_forms.Rproj
drwxrwsr-x 2 ubuntu ubuntu 4096 Feb 1 21:32 misc
And to add, when I try to view the logs I receive a permission denied
ubuntu#ip-172-30-1-21:/var/log/shiny-server$ sudo tail RIBBiTR_DataRepository-shiny-20230201-215702-44689.log
su: ignoring --preserve-environment, it's mutually exclusive with --login
-bash: line 1: cd: /srv/shiny-server/db_forms/RIBBiTR_DataRepository: Permission denied
The issue was in my shiny-server.conf file. I updated the file with a user group, run_as ubuntu;
I am trying to use a local volume for a container running a MySql server instance. I am launching the container with the command
-v /c/Users/my_data_dir:/var/lib/mysql
But I get an error saying that the directory must be writeble. But I am not able to do 'chmod' on my windows host using docker quickstart shell because I get 'permission denied'
When I do 'ls -ld /c/Users/my_data_dir' from my windows host I get an output like:
drwxr-xr-x 1 User1 197121 0 nov 9 11:11 mysql_volume
Instead inside my docker-machine I get :
drwxrwxrwx 1 docker staff 4096 Nov 7 07:44 mysql_volume
Inside VM my directory is owned by a different user. And inside my VM if a make a command like 'mkdir' inside the shared volume i get this error:
root#default:/c/Users# mkdir prova
mkdir: can't create directory 'prova': Protocol error
I have no idea how to deal with that!
Background: I am facing this error AWS codedeploy deployment throwing "[stderr] Could not open input file" while trying to invoke a php file from the sh file at afterInstall step
In the afterInstall step, I am trying to run a php file from the afterInstall.sh file and I am getting this error - unable to open php file.
I am not sure what exactly to do. Thought of trying to manually check if I could run the file as that user.
The CodeDeploy agent default user is root.
The directory listing below shows the ownership of the deployed files in their destination folder, /tmp, after a successful deployment.
ubuntu#ip-10-0-xx-xx:~$ ls -l /tmp
total 36
-rw-r--r-- 1 root root 85 Aug 2 05:04 afterInstall.php
-rw-r--r-- 1 root root 78 Aug 2 05:04 afterInstall.sh
-rw-r--r-- 1 root root 1397 Aug 2 05:04 appspec.yml
-rw------- 1 root root 3189 Aug 2 05:07 codedeploy-agent.update.log
drwx------ 2 root root 16384 Aug 2 03:01 lost+found
-rw-r--r-- 1 root root 63 Aug 2 05:04 out.log
runas is an optional filed in the AppSpec file. The user to impersonate when running the script. By default, this is the AWS CodeDeploy agent running on the instance(If you don't specify a non-root user, it will be root).
To run host agent as a non-root user, the environment variable CODEDEPLOY_USER needs to be set, as the link to the host agent source code show. The env variable can be set to whatever user you want the host agent to run as.
I've set up SSH to my AWS Elastic Beanstalk instance using
eb ssh --setup
and can successfully SSH to my environment. But I can't see my Web application. When I am connected I find myself in an empty directory (ec2-user) and when I
cd /home
I just see
drwx------ 3 ec2-user ec2-user 4096 Jan 15 21:37 ec2-user
dr-xr-xr-x 23 root root 4096 Jan 15 21:03 ..
drwxr-xr-x 3 root root 4096 Oct 22 23:29 .
Where is my Web application located?
Do $ sudo find / -name <insert main file name here> to find out.
For example:
$ sudo find / -name \*.php
/var/lib/tomcat8/webapps/ROOT/info.php
/var/lib/tomcat8/webapps/ROOT/index.php
/tmp/deployment/application/ROOT/info.php
/tmp/deployment/application/ROOT/index.php
Or, as you can see, in /var/lib/tomcat8/webapps/ROOT/
You will notice, it depends on the platform. Python for example:
$ sudo find / -name application.py
/opt/python/bundle/2/app/application.py
For anyone who doesn't want to wait for find /, I found my rails app at /var/app/ondeck before it successfully deployed and at /var/app/current after it succeeded.
When you ssh into your instance, you are in the ~ directory. Type in cd .. to go to the parent directory, which is home. Then cd .. again to get to the root directory. There you can find the var folder, which will contain your files, as the others on here have pointed out.
the content of your WAR is in /var/lib/tomcat8/webapps/ROOT resp. /usr/share/tomcat8/webapps/ROOT
I'm using ubuntu 13.04. I'm running uwsgi using sudo service uwsgi start
I've configured log file in django as /home/shwetanka/logs/mysite/mysite.log
But I'm getting this error -
ValueError: Unable to configure handler 'file': [Errno 13] Permission denied: '/home/shwetanka/logs/mysite/mysite.log'
How do I fix it? This should not happen when I run uwsgi as sudo.
You need to fix permissions with the chmod command, like this: chmod 775 /home/shwetanka/logs/mysite/mysite.log.
Take a look at the owner of the file with ls -l /home/shwetanka/logs/mysite/mysite.log and make it writable to uwsgi. If the file isn't owned by uwsgi, you'll have to use the chown command.
Take a look at the username under which your service is running with ps aux | grep 'uwsgi'.
If the security isn't so important to you at the moment, use chmod 777 /home/shwetanka/logs/mysite/mysite.log and that's it. But that's not the way how this is done.
The safest way to do this would be to check the owner and the group of the file and then change them if necessary and adjust the permissions accordingly.
Let's give an example.
If I have a file in /home/shwetanka/logs/mysite/mysite.log and the command ls -l /home/shwetanka/logs/mysite/mysite.log gives the following output:
-rw-rw-r-- 1 shwetanka shwetanka 1089 Aug 26 18:15 /home/shwetanka/logs/mysite/mysite.log
it means that the owner of the file is shwetanka and the group is also shwetanka. Now let's read the rwx bits. First group is related to the file owner, so rw- means that the file is readable and writable by the owner, readable and writeable by the group and readable by the others. You must make sure that the owner of the file is the service that's trying to write something to it or that the file belongs to group of the service or you'll get a permission denied error.
Now if I have a username uwsgi that's used by the USWGI service and want the above file to be writable by that service, I have to change the owner of the file, like this:
chown uwsgi /home/shwetanka/logs/mysite/mysite.log. Since the write bit for the owner (the first rwx group) is already set to 1, that file will now be writable by the UWSGI service. For any further questions, please leave a comment.
Alternatively you can set umask option for uwsgi (http://uwsgi-docs.readthedocs.org/en/latest/Options.html#umask).
I had the same situation, I was running uwsgi via www-data and I used buildout. So this fix in my case looked like this:
[uwsgi]
recipe = buildout.recipe.uwsgi
xml-socket = /tmp/uwsgi.sock
xml-master = True
xml-chmod-socket = 666
xml-umask = 0002
xml-workers = 3
xml-env = ...
xml-wsgi-file = ...
After this log file permissions became 664, so group members of www-data group can also write into it.