Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-52750

dir step creates a <dirname>@tmp directory at <dirname> level.

XMLWordPrintable

      In order to install some internal tools within /opt/tools through a Jenkins job, I have created a /opt/tools directory belonging to jenkins:jenkins and where user jenkins only (the user running the slave) has rwx rights.
      Trying something like :

      stages {
  steps('xyz') {
    dir('/opt/tools') {
       sh "pwd"
    }
  }
}

      Fails with an exception ending with :

      java.nio.file.AccessDeniedException: /opt/tools@tmp
	at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
	at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
	at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
	at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
	at java.nio.file.Files.createDirectory(Files.java:674)
	at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
	at java.nio.file.Files.createDirectories(Files.java:767)
	at hudson.FilePath.mkdirs(FilePath.java:3098)
	at hudson.FilePath.access$900(FilePath.java:209)
	at hudson.FilePath$Mkdirs.invoke(FilePath.java:1216)
	at hudson.FilePath$Mkdirs.invoke(FilePath.java:1212)
	at hudson.FilePath$FileCallableWrapper.call(FilePath.java:2913)
	at hudson.remoting.UserRequest.perform(UserRequest.java:212)
	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
	at hudson.remoting.Request$2.run(Request.java:369)
	at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)

      It appears that Jenkins tries to create a tools@tmp directory at the same level as tools. Yet, there is absolutely no reason for the tools root directory to be writable for any user.
      And as far as /opt is concerned here, for sure it must not be writable for anybody else than root.

      Additionnally, such @tmp directory is not removed once the build is achieved. Even though it seems that the directory is empty, I think that Jenkins should remove it to give back a clean environment.

       

            Unassigned Unassigned
            jlpinardon jlpinardon
            Votes:
            16 Vote for this issue
            Watchers:
            22 Start watching this issue

              Created:
              Updated: