How to Set Folder Permissions for a Particular Container on Elastic Beanstalk

  • Home
  • Languages
  • Linux
  • How to Set Folder Permissions for a Particular Container on Elastic Beanstalk

How to set folder permissions for a particular container on Elastic Beanstalk

AWS EB Deployment starts your app in /var/app/ondeck

  1. When deploying elastic beanstalk, your app is first unzipped into /var/app/ondeck/
    • Most likely, your local folder being deployed does not have the permissions you want on them.
  2. If you need to make adjustments to your app, or the shell, during deployment, .ebextensions/*.config is the right place to do it.

Container commands should be run to that path

But keep in mind, that these commands will run EVERY time you deploy, whether needed or not, unless you use some method to test for pre-config.

container_commands:
  08user_config:
    test: test ! -f  /opt/elasticbeanstalk/.preconfig-complete
    command: |
      echo "jail-me" > /home/ec2-user/.userfile
  09writable_dirs:
    command: |
       chmod -R 770 /var/app/ondeck/backend/web/assets
       chmod -R 770 /var/app/ondeck/[path]
  99complete:
    command: |
      touch /opt/elasticbeanstalk/.preconfig-complete

files:
  "/etc/profile.d/myalias.sh":
    mode: "000644"
    owner: root
    group: root
    content: |
      alias webroot='cd /var/www/html/backend/web; ls -al --color;'
      echo " ========== "
      echo " The whole point of Elastic Beanstalk is that you shouldn't need to SSH into the server. "
      echo " ========== "

How can I set permissions to a specific folder with Elastic Beanstalk using a C# ASP.NET Core app?

Container commands are run from the staging directory, where your source code is extracted prior to being deployed to the application server. Any changes you make to your source code in the staging directory with a container command will be included when the source is deployed to its final location.

When these config commands are run, the only folder present is C:/inetpub/AspNetCoreWebApps, that is why your command does not work, detailed information is here

The correct command will be

{
  "container_commands": {
    "01": {
      "command": "icacls \"C:/inetpub/AspNetCoreWebApps\" /grant DefaultAppPool:(OI)(CI)F"
    }
  }
}

Elastic Beanstalk: what's the best way to create folders & set permissions after deploy?

you should probably use files tag and not command:

commands:
  create_post_dir:
    command: "mkdir /opt/elasticbeanstalk/hooks/appdeploy/post"
    ignoreErrors: true
files:
    "/opt/elasticbeanstalk/hooks/appdeploy/post/99_make_changes.sh":
    mode: "000777"
    content: |
      #!/bin/bash
      mkdir -p /var/app/current/tmp/uploads/
      chmod 755 /var/app/current/tmp/uploads/

it will be triggered after app deploy finished

How do I change file permissions on ElasticBeanstalk before docker image gets built?

Whenever wordpress docker image is built and run, the docker ENTRYPOINT of the wordpress image is executed first. Hence your command to change the directory permissions is not getting executed.

This ENTRYPOINT is a bash script located in /usr/local/bin/docker-entrypoint.sh

If you want your command to be executed, you could add your command to this script and it will be called every time your container starts.

You could do it the following way -

  • Start your container and copy the contents of the existing
    docker-entrypoint.sh

  • Create a new docker-entrypoint.sh outside the container and edit

    that script to add your chmod command at appropriate location.

  • In your Dockerfile add a line to copy this new entrypoint to the

    location /usr/local/bin/docker-entrypoint.sh

Where do I create .ebextensions for it to work in AWS Elastic Beanstalk

Based on the commands.

The issue was that the folders were created in the root / of the linux file system, instead of in the deployment folder.

The solution was to fix the paths of folders created.

Elastic Beanstalk file permissions inside the config file

Maybe try it as a hook, and test different owner/groups?

files:
  "/opt/elasticbeanstalk/hooks/appdeploy/post/99_change_permissions.sh":
    mode: "000755"
    owner: ec2-user
    group: ec2-user
    content: |
      #!/bin/sh
      cd /var/app/ondeck
      find . -type d -exec chmod 755 {} \;
      find . -type f -exec chmod 644 {} \;
      chmod -R g+w app/cache/
      chmod -R g+w app/logs/
      chmod -R g+w app/config/
      chmod -R g+w media/files/
      chmod -R g+w media/images/
      chmod -R g+w translations/
      chown -R webapp:webapp .
      chmod -R 777 app/cache/
      php app/console cache:clear --no-warmup -e prod

Ref: serverfault question


Related Topics

Linux X86 Nasm - Subroutine: Print a Dword from Eax

Grep and Sed with Spaces in Filenames

Best Approach of Image Versioning in Yocto

Udp Receive Queue Full

Video Capture on Linux

What Do Getresuid() and Setresuid() Do

Socket Getting Created with Same Ip and Port on Local Host

How to Suspend Another Thread (Not The Current One)

How to Set CPU Load on a Red Hat Linux Box

Kill The Previous Command in a Pipeline

Top -H Option in Macosx

Ssl: Nancyfx Selfhost Mono Linux (Pi)

Question About Zombie Processess and Threads

How Does This Perl One Liner in The Bash Works

Save Multiple Password Accounts for Git

Using Mutexes/Semaphores with Processes

How to Manipulate Array in Shell Script

Zip File and Print to Stdout


Leave a reply



Submit