All geek questions in one place

ElasticBeanstalk - adding ec2 user to another group

I have a cron job that should run under ec2-useron my EC2 instance and it should be able to write to standard log files for my web application. However, the log files belong webapp(as usual).

I have successfully changed the permissions on the log files so that they are available to both the owner and the group webapp:webapp. But when I run into difficulties, I try to add a group ec2-userto a group webapp.

I can do this in SSH using sudo usermod -a -G webapp ec2-user, but when I try to add this command via EB container-commands , I get an error you must have a tty to run sudo. Running a command without sudo gives me /bin/sh: usermod: command not found.

Does anyone know of any other way to add ec2-userto a group webappthrough the Elastic Beanstalk deployment configuration.

+4
source share
3 answers

You need to run this command from container_command before executing any commands with sudo:

echo Defaults:root \!requiretty >> /etc/sudoers

In context (in .ebextensions / yourconf.config)

container_commands:
  001-enableroot:
    command: echo Defaults:root \!requiretty >> /etc/sudoers #disables error related to needing a tty for sudo, allows running without cli
0
source

Not sure about the problem with the sudoers file, but as a rule, a cleaner way to add a user to a group (than to manually execute a command) is to use a usersfile section .ebextensions. For example, in .ebextensions/something.config:

users:
  ec2-user:
    groups:
      - webapp
+3
source

sudo, script root.

, , , .

commands:
  01_set_user_role:
    command: "usermod -a -G webapp ec2-user"
0
source

Source: https://habr.com/ru/post/1609248/

More articles:


All Articles