[JENKINS-51583] Permission error on first launch after installation with a custom JENKINS_HOME directory

[timja]

Hi Jenkins team

I installed Jenkins on an environment supplying a couple of custom environment variables, one of which is a custom home folder. For reference:

 

JENKINS_HOME="/tmp/jenkins"
JENKINS_JAVA_CMD=""
JENKINS_USER="jenkins"
JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true"
JENKINS_PORT="8080"
JENKINS_LISTEN_ADDRESS=""
JENKINS_HTTPS_PORT=""
JENKINS_HTTPS_KEYSTORE=""
JENKINS_HTTPS_KEYSTORE_PASSWORD=""
JENKINS_HTTPS_LISTEN_ADDRESS=""
JENKINS_DEBUG_LEVEL="5"
JENKINS_ENABLE_ACCESS_LOG="no"
JENKINS_HANDLER_MAX="100"
JENKINS_HANDLER_IDLE="20"

Jenkins installs without any problem, but when I navigate to the endpoint in the browser I receive the following error instead of the "unlock" step of a Jenkins initialization: 

java.io.IOException: Permission denied
  at java.io.UnixFileSystem.createFileExclusively(Native Method)
  at java.io.File.createTempFile(File.java:2024)
  at hudson.util.AtomicFileWriter.(AtomicFileWriter.java:142)
Caused: java.io.IOException: Failed to create a temporary file in /tmp/jenkins
  at hudson.util.AtomicFileWriter.(AtomicFileWriter.java:144)
  at hudson.util.AtomicFileWriter.(AtomicFileWriter.java:109)
  at hudson.util.AtomicFileWriter.(AtomicFileWriter.java:84)
  at hudson.util.AtomicFileWriter.(AtomicFileWriter.java:74)
  at hudson.util.TextFile.write(TextFile.java:116)
  at jenkins.model.Jenkins.(Jenkins.java:880)
  at hudson.model.Hudson.(Hudson.java:85)
  at hudson.model.Hudson.(Hudson.java:81)
  at hudson.WebAppMain$3.run(WebAppMain.java:233)
Caused: hudson.util.HudsonFailedToLoad
  at hudson.WebAppMain$3.run(WebAppMain.java:250)

It appears that there is a certain file (or more) that need to be created which the process / jenkins user has no access to.

I have checked the file permissions of the directory and also assumed the jenkins user but I was able to create files and directories in the supplied path. However, it seems that the initialization of Jenkins isn't for some reason.

In an attempt to analyze, I reset the JENKINS_HOME setting to /var/lib/jenkins and relaunched the instance, after which I was able to unlock and initialize Jenkins. 

Jenkins still continues working after I copy the /var/lib/jenkins directory to my own /tmp/jenkins directory and set the JENKINS_HOME variable back, which makes it seem the problem lies somewhere within the initialization. 

For now this workaround is fine, since the creation of those files is a one-time procedure, but I have no guarantee that this problem won't happen again with any other files since it is not at all clear to me why it can't write to /tmp/jenkins for that specific case.

Some other points:

• The jenkins.log file makes no mention of this error.
• After initializing in /var/lib/jenkins and copying everything to /tmp/jenkins, I am able to create new jobs etc which are nicely saved/written to the /tmp/jenkins/jobs directory.

---

Originally reported by kge, imported from: Permission error on first launch after installation with a custom JENKINS_HOME directory

• status: Open
• priority: Minor
• resolution: Unresolved
• imported: 2022/01/10

[timja]

danielbeck:

Needs more specific steps to reproduce.

Needs to clarify permissions in tmp, perhaps a volume that doesn't allow certain operations? If so, should be done on the same volume as another directory works.

Needs to try with the specified directory already created, but empty.

Also, unclear how this is launched, ideally you can provide a java -jar jenkins.war command line that exhibits the problem.