I am using an rShiny app in RCloud. When I use write.csv the file is saved as nobody nobody and then I am unable to read it back in using read.csv. Is the solution to specify user and file permissions as options in the write.csv function or is there a different way?
I plan to run construct multiple results, append each to a file and then let the user email that file to themselves.
write.csv(lob_comp,'Rcopy.csv')
lob_comp<-read.csv('Rcopy.csv')
-rw-r----- 1 nobody nobody 399 Aug 25 00:51 Rcopy.csv
$ cat Rcopy.csv
cat: Rcopy.csv: Permission denied
an rShiny app user that doesn't have an account is actually logged in as 'nobody' if that is how you have configured RCloud. Since 'nobody' wrote the file then 'nobody' can chmod it. Put this line in your Shiny code.
system("chmod 644 Rcopy.csv")
Once you've chmod'd the file you should be able to read it.
Related
Question 1:
Thru buildroot usertable.txt I created a user called deviceuser which belongs to group operator and nogroup:
$cat usertable.txt
deviceuser -1 deviceuser -1 =SERIAL_NO /mnt /bin/sh operator Device user for non-trivial maintanence work
After image is loaded into target what I get in /etc/group is :
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
kmem:x:9:
wheel:x:10:root
cdrom:x:11:
dialout:x:18:
floppy:x:19:
video:x:28:
audio:x:29:
tape:x:32:
www-data:x:33:
utmp:x:43:
plugdev:x:46:
staff:x:50:
lock:x:54:
netdev:x:82:
users:x:100:
admin:x:1002:deviceuser <====== not sure where its coming from
nogroup:x:65534:deviceuser
deviceuser:x:1000:
sshd:x:1001:
operator:x:37:deviceuser
$ cat /etc/shadow
root:$1$blahblahblah.:10933:0:99999:7:::
daemon:*:10933:0:99999:7:::
bin:*:10933:0:99999:7:::
sys:*:10933:0:99999:7:::
sync:*:10933:0:99999:7:::
mail:*:10933:0:99999:7:::
www-data:*:10933:0:99999:7:::
operator:*:10933:0:99999:7:::
nobody:*:10933:0:99999:7:::
deviceuser:$1$blahblahblah:::::::
sshd:*:::::::
As noted above, deviceuser gets admin priviledge and I need to eliminate that and make deviceuser part of operator and nogroup only.
Question 2:
I want to take the access rights (read/right/execute) away from this deviceuser or operator group for /etc/ folder, while keeping everybody else's permissions intact, there are a number of users and groups in the system including www-data. What's the simplest way to do this without affecting any kind of permission issue for www-data and others?
If I do "chmod -R o-wrx /etc " then I believe www-data will have issues running some init scripts.
Thanks
Ratin
I have a project that will require reading a local repo and collecting the diff from the most recent commit and the one before it. I then need to do additional work with those diffs (add to an existing log file, make available for tech writers to edit existing API docs with the changes - might Slack them or API into Jira and build a ticket (like that option as it leaves a trail).
I can do the yeoman level work in an AppleScript, calling shell scripts when needed then parsing the data, and passing the cleaned data to the various applications/sites I need to. But other, less technical people will also be using this app and it would be nice to give them a simple UI to work with.
Anyway, after much digging through the Google, SO and other sources I was able to get a MacOS app working that can call an AppleScript and now I've run into a wall...
I can run this AppleScript from Script Editor and it works fine:
set strGitLog to do shell script "cd ~/Desktop/xxxxxx/Projects/UnifiedSDK/Repo/xxxxxx && git log -p -- file1.html"
"commit c39c6bb004d2e104b3f8e15a6125e3d68a5323ef
Author: Steve <xxxxxx#xxxxxx.com>
Date: Tue Oct 22 15:42:13 2019 -0400
Added deprecation warning to file1
diff --git a/file1.html b/file1.html
index b7af22b..9fdc781 100644
--- a/file1.html
+++ b/file1.html
## -51,6 +51,8 ##
<h2>Class Description</h2>
<p style=\"margin-bottom:10px;\">This is the description of the class</p>
+ <p style=\"margin-bottom:10px;\">Warning: This class is scheduled to be deprecated.</p>
+
<h3>Arguments:</h3>
<p style=\"margin-bottom:10px;\">These are the arguments that the class accepts</p>
...
but, if I place this script within a MacOS application:
script gitMessenger
property parent : class "NSObject"
to readMessage()
set strGitLog to do shell script "cd ~/Desktop/xxxxxx/Projects/UnifiedSDK/Repo/xxxxxx && git log -p -- file1.html"
log strGitLog
end readMessage
end script
I get this error message in the log:
fatal: Unable to read current working directory: Operation not permitted (error 128)
Which after checking seems to be a Git permissions error. If I pwd I am pointing to the right directory:
/Users/xxxxxx/Library/Containers/xxxxxx.GitMessenger/Data/Desktop/xxxxxx/Projects/UnifiedSDK/Repo/xxxxxx
and that directory has git initiated on it:
and it has permission for read/write to everyone. So I am a little at a loss right now how to get this to work. Any help or suggestions would be appreciated.
I have a user with the ROLE_USER role (assigned via LDAP group) and I have a folder structure like this:
/root
/Completed Reports
Users with the ROLE_ADMINISTRATOR can write to Completed Reports (specifically, requesting that a report be scheduled/run-in-background with output to a file in that folder), but users with ROLE_USER cannot.
I have set the permissions like this:
/root
ROLE_ADMIMISTRATOR (Administer)
ROLE_ANONYMOUS (No Access*) <-- * means "inherited"
ROLE_USER (Read Only)
/Completed Reports
ROLE_ADMIMISTRATOR (Administer)
ROLE_ANONYMOUS (No Access*)
ROLE_USER (Read + Write)
I also took a specific user and added permissions for that user specifically:
/Completed Reports
ttest (Read + Write)
Yet, when I attempt to run a report in the background and write a PDF file to /root/Completed Reports, I get an error attempting to save the job, saying:
You do not have permission to save the job output to the /Completed_Reports folder. Select another location to save the job.
I checked, and the user ttest can create new folders within /Completed Reports. Why can't I save a completed report to this folder?
It seems this was confusion on my part about what "write" means. Evidently, "write" really means "modify" or something like that. In order to be able to save the output of a report-execution, you need to have the "delete" privilege.
Surprise! (look for "output of a scheduled report")
I have followed instructions to create an .ipk file, the Packages.gz and host them on a web server as a repo. I have set the opkg.conf in my other VM to point to this repo. The other VM is able to update and list the contents of repositories successfully.
But, when I try to install, I get this message. Can you please describe why I am getting this and what needs to be changed?
Collected errors:
* wfopen: /etc/repo/d1/something.py: No such file or directory
* wfopen: /etc/repo/d1/something-else.py: No such file or directory
While creating the .ipk, I had created a folder named data that had a file structure as /etc/repo/d1/ with the file something.py stored at d1 location. I zipped that folder to data.tar.gz. And, then together with control.tar.gz and 'debian-binary`, I created the .ipk.
I followed instructions from here:
http://bitsum.com/creating_ipk_packages.htm
http://www.jumpnowtek.com/yocto/Managing-a-private-opkg-repository.html
http://www.jumpnowtek.com/yocto/Using-your-build-workstation-as-a-remote-package-repository.html
It is very likely that the directory called /etc/repo/d1/ does not exist on the target system. If you create the folder manually, and try installing again, it probably will not fail. I'm not sure how to force opkg to create the empty directory by itself :/
Update:
You can solve this problem using a preinst script. Just create the missing directories on it, like this:
#!/bin/sh
mkdir -p /etc/repo/d1/
# always return 0 if success
exit 0
Is this a bug with the default configuration of Play 2.0? I have just installed Play 2.0 and when I create an application for the first time, I get this:
Error during sbt execution: java.io.IOException: Cannot write parent directory: Path(/home/hanxue/play/myFirstApp/app) of /home/hanxue/play/myFirstApp/app/views
The app subdirectory does not have write permissions:
hanxue#ubuntu-dev:~/play$ ls -l myFirstApp/
total 16
dr-xr-xr-x 2 hanxue hanxue 4096 2012-03-13 11:22 app
It also seems that the $PLAY/framework/sbt/boot/ directory need to be world-writable or otherwise play will throw an IOException about not being able to create /opt/play-2.0/framework/sbt/boot/sbt.boot.lock . Is this by design?
I solved it by giving it world-writable permission
chmod -R o+w /opt/play-2.0/framework/sbt/boot/
This is not a bug, it is just how sbt works(and play-2.0 uses sbt). Sbt downloads all necessary parts first time when its started, and default behavior of play is that all dependency go to same directory and this is place where you extracted play-2.0, so this directory needs write permissions. You will probably need write permissions on /opt/play-2.0/repository too.