Shell-local required permissions

Packer
1

I work in a fairly constrained environment so troubleshooting is a bit of a pain. Our configuration:

A GitLab runner virtual machine configured with packer installed.
Building a RHEL golden image via vsphere

Currently the build is working properly - though the Waiting for IP takes what I believe to be a long time relatively speaking 8-11 minutes.

I want to test this with either ServerSpec or Testinfra using the shell-local provisioner so that I can keep my created images ‘clean’ but every time I attempt to use the shell-local via the gitlab runner I am getting the following:

vsphere-iso: /bin/sh: /tmp/packer-shellxxxxxxxxx: Permission denied

I am thinking its that the packer user (not root) does not have permissions on that /tmp directory of the gitlab runner - but could use some guidance.

2

Usually that means the script that was uploaded /tmp/packer-shellxxxxxxxxx doesn’t have execute permission set … Example: it could be owned by ‘root’ with a 774 permission but you’re trying to run it as the ‘packer’ user … which means no execute permission allowed for non-root user.

Try add a “ls -al /tmp” prior to that to see what the file’s permissions and owner/group are.

3

I apologize I should have provided the sample - I am not attempting to run a script yet I am just attempting simple echo’s or ls eg:

{
   "type": "shell-local",
   "inline": ["ls -l"]
}

This fails with the permission denied. However if I remove the packer build from the ci/cd pipline and just ls -l /tmp - I do see packer logs…

packer-logxxxxxxxxxxxx
packer-logyyyyyyyyyyyy
packer-logzzzzzzzzzzzz
4

the -l part of the output is the piece you need to read and verify

5

Sorry aram I’m not following - are you just suggesting I double check my syntax? My syntax I think looks good - it keeps giving me permission denied.

6

It was the execute permissions on the /tmp - removed noexec and shell-local started working - thank you.