I am currently trying to install and run Phabricator on a Raspberry Pi for personal use (even though It's not recommended by Phacility, I thought I still give it a try). So far, I was able to setup everything except the phd user as daemon.
/etc/passwd
phd:x:1001:1001:,,,:/home/phd:/bin/bash
/etc/shadow
phd:NP:17107:0:99999:7:::
I created the user phd and gave im NP in shadow, but that still makes Phabricator unable to switch to phd when starting the daemon.
sudo ./bin/phd restart
Interrupting process 19517...
Process 19517 exited.
Freeing active task leases...
Freed 0 task lease(s).
Starting daemons as phd
Launching daemons:
(Logs will appear in "/var/tmp/phd/log/daemons.log".)
PhabricatorRepositoryPullLocalDaemon (Static)
PhabricatorTriggerDaemon (Static)
PhabricatorTaskmasterDaemon (Autoscaling: group=task, pool=4, reserve=0)
Usage Exception: Daemons are configured to run as user "phd" in
configuration option `phd.user`, but the current user is "root" and
`phd` was unable to switch to the correct user with `sudo`. Command output:
Command failed with error #255!
COMMAND
exec sudo -En -u 'phd' -- ./phd-daemon '--verbose'
STDOUT
(empty)
STDERR
[2016-11-04 08:54:54] EXCEPTION: (Exception) Specified daemon PID directory
('/var/tmp/phd/pid') does not exist or is not writable by the daemon user!
at [<phutil>/src/daemon/PhutilDaemonOverseer.php:115]
arcanist(head=master, ref.master=fad85844314b), phabricator(head=master,
ref.master=6982bded7124), phutil(head=master, ref.master=2b7b1007bf87)
#0 PhutilDaemonOverseer::__construct(array) called at
[<phabricator>/scripts/daemon/launch_daemon.php:13]
What I tried is starting the phd user via su phd -c "/home/phd/phabricator/bin/phd restart" but that queries a password from me.
I kept close to this guide https://secure.phabricator.com/book/phabricator/article/diffusion_hosting/ as well as this https://gist.github.com/sparrc/b4eff48a3e7af8411fc1
Any help is really, really appreciated!
Thanks to #JSON who just made me aware of a line that I apparently always missed, the solution was:
sudo chmod go+w /var/tmp/phd/pid
This will make the directoy writeable and free for all and let me start the error
We usually run
sudo -u phd ./bin/phd restart
Related
I know it sounds weird, but I have a case where Deno would need to shutdown its own host (and kill its own process therefore). Is this possible?
I am specifically needing this for linux (lubuntu), if that's relevant. I guess this requires sudo rights, which sucks but would be an option.
For those interested in details: I'm coding a minecraft server software and if the server has no player for 30 minutes, it will shut itself down to save some power. A raspberry PI that runs 24/7 anyways, has a wake on lan feature, so that it can boot again. After boot, the server manager software would automatically start as a linux service.
You can create a subprocess to do this:
await Deno.run({ cmd: ["shutdown", "-h", "now"] }).status();
Concepts
Deno is capable of spawning a subprocess via Deno.run.
--allow-run permission is required to spawn a subprocess.
Spawned subprocesses do not run in a security sandbox.
Communicate with the subprocess via the stdin, stdout and stderr streams.
Use a specific shell by providing its path/name and its string input switch, e.g. Deno.run({cmd: ["bash", "-c", "ls -la"]});
See also command line - Shutdown from terminal without entering password? - Ask Ubuntu for ideas on how to avoid needing sudo to call shutdown or alternative commands that you can invoke from Deno instead.
To extend on what #mfulton2 wrote, here is how I made it work, so that I did not need to start the program with sudo rights, but still was able to shut down the computer without the use of sudo outside or within the app.
Open or create the following file: sudo nano /etc/sudoer
Add the line username ALL = NOPASSWD: /sbin/shutdown
Add this line %admin ALL = NOPASSWD: /sbin/shutdown
In your deno script, write Deno.run({ cmd: ["shutdown", "-h", "now"]}).status();
Execute script!
Keep in mind that any experienced linux user would potentially tell you that this is very dangerous (it probably is) and that it might not be the very best way. But IMHO, the damage this can cause is minor enough, as it only affects the shutdown command.
As I understand it, one restriction of the Ravenscar profile is that tasks should not terminate.
This certainly makes sense on bare metal, however when testing on a native system (as a executable program) it has the side effect that doing a Control-C to exit the main task leaves the program running in the background.
I plan to move my program to bare metal eventually and would like to be able to use the Ravenscar profile -- how can one allow the program to exit correctly when doing something like this? Abort statements are forbidden. If the Ravenscar profile was not applied, I could easily make this work by allowing tasks to terminate. Right now I am doing a killall -9, which works, but doesn't seem very elegant.
As it turns out, the issue had to do with how I was executing the program. In my case I was doing it over a remote ssh command, eg:
ssh myhost "sudo su -c mycommand"
Adding a -t to allocate a tty fixes the issue, that is:
ssh -t myhost "sudo su -c mycommand"
I am attempting to mount an Azure Storage container on a RHEL server that can be written to by a regular user account. I am not the most familiar with Linux, but the command seems simple:
mount -t cifs <account name> /mnt/disk -o umask=<umask>,uid=<uid>,username=<Containers master username>,password="<password>",vers=3.0
But this is throwing errors, and I'm assuming a syntax error. I have been searching all over, but I haven't seemed to find a good resource for this.
Ok, so I read the error and noticed that it was pointing me to a manual page... Found that the gid and umask are not required to specify the uid.
I'm wondering what the -T option in the following command does, cannot see this option in the manual somehow:
$ ssh -T git#gitlab.com
Welcome to GitLab, Simeon !
Could somebody explain?
I explained before what TTY was: a text terminal is needed when you open an interactive session to a remote server.
But: in the context of a remote Git repository hosting server (GitHub, Gitlab, BitBucket, ...), no remote server will ever allow you to open an interactive session (for security reason)
Then only reason why you would still do an ssh -T git#github.com would be to test if you are correctly authenticated, and the session would immediately end with:
Hi username! You've successfully authenticated,
but GitHub does not provide shell access.
Since no tty is needed for that test, you should use the -T option when making this test.
I recently upgraded the openssl version on AIXX 6.1 server.
The install went fine.
But now I'm unable to start new ssh sessions from puty to the server and I'm getting the error "Connection Refused".
But I have one putty terminal open which is active.
I tried the command startsrc -s sshd and it returns a new pid but I'm not able to start new sessions.
I tried the following command too and it gives the foll error:
root:stud -> $ /usr/sbin/sshd -de
exec(): 0509-036 Cannot load program /usr/sbin/sshd because of the following errors:
0509-150 Dependent module /opt/freeware/lib/libcrypto.a(libcrypto.so.0) could not be loaded.
0509-152 Member libcrypto.so.0 is not found in archive
And sshd is inoperative.
root:stud -> $ lssrc -s sshd
Subsystem Group PID Status
sshd ssh inoperative
How can I resolve this issue.
I'm not sure how it worked the first time. That is odd. The error says you need the lib crypto library. Is it installed? i.e. what does
ls /opt/freeware/lib/libcrypto.a
return? If it exists, you want to try:
ar t /opt/freeware/lib/libcrypto.a
and you should see libcrypto.so.0 inside. My guess is one of those two will not be true and you need to install it. But it might be that libcrypto.so.0 will not load for its own reasons.
Is this the official ssh package for AIX or is it something you got somewhere else? (I just compile mine from the source from scratch but that's not easy sometimes).