Status: Resolved (View Workflow)
Amazon Linux AMI (32-bit)
The ssh library of Jenkins EC2 is trying to copy files from the root's directory to other parts. Many "secure" Linux distributions now disallow copying anything into or out of the root's directory – even if done with super user privileges.
Looking at https://github.com/jenkinsci/ec2-plugin/blob/master/src/main/java/hudson/plugins/ec2/ssh/EC2UnixLauncher.java, line 157 seems to be the offending line.
Is there a reason why we need to copy those files to the root directory (specially if we're using a non-root superuser)?
Actually I think this brings a bigger issue: why do we need to use superuser to activate root to then do the work as root? sudoers (specially those that come by default on EC2 instances) have sufficient privileges to install/remove/run just about anything in the instance. Trying to backdoor to root doesn't seem the most graceful of approaches.
I think this is taken care of with the fix to
JENKINS-5867, we don't write anything to the root directory any longer and we are able to run instances with a non-root user.