Login/Register
Could not create directory /var/teamsserver
Asked Answered
Solved macoscontinuous-integrationxcode5botsosx-server
F

4

10

I've installed os x server (Mavericks) on my mac and would like to add bot. For some reasons my remote repo is located on other external server and I have access to it by username and password on specified port. I've added remote repo to os x server like this:

ssh://1.2.3.4:PORT/path/to/repo.git

...filled username and password.

Then I've added bot in Xcode but when I hit integrate it fails with logs:

Cloning into 'ssh_myusername_1_2_3_4_PORT_path_to_repo_git'...

OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 debug1: Reading

configuration data /etc/ssh_config debug1: /etc/ssh_config line 20:

Applying options for * debug1: Connecting to 1.2.3.4 [1.2.3.4] port PORT.

debug1: Connection established.

Could not create directory '/var/teamsserver/.ssh'.

debug1: identity file /var/teamsserver/.ssh/id_rsa type -1

debug1: identity file /var/teamsserver/.ssh/id_rsa-cert type -1

debug1: identity file /var/teamsserver/.ssh/id_dsa type -1

debug1: identity file /var/teamsserver/.ssh/id_dsa-cert type -1

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_6.2

debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-3ubuntu1

debug1: match: OpenSSH_6.0p1 Debian-3ubuntu1 pat OpenSSH*

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: server->client aes128-ctr hmac-md5 none

debug1: kex: client->server aes128-ctr hmac-md5 none

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

debug1: Server host key: RSA b6:b8:0e:e4:25:63:6d:64:a3:d6:6d:7f:46:85:72:0d

debug1: checking without port identifier No RSA host key is known for [1.2.3.4]:PORT and you have requested strict checking. Host key verification failed.

fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists.

SSH Known Hosts file path is located at /Library/Server/Xcode/Config/ssh_known_hosts

SSH strict host checking is enabled (you can disable this by editing the

SSHStrictHostKeyChecking key in /Library/Server/Xcode/Config/xcsbuildd.plist

Untrusted HTTPS certificates is disabled (you can enable this by editing the

TrustSelfSignedSSLCertificates key in /Library/Server/Xcode/Config/xcsbuildd.plist

I assume that there is a problem with permissions but in my /var there are some directories with different permissions and of course there is no teams server folder...

So I don't know how to setup proper permissions (without changing permissions of other subdirectories of /var...). I can try manually make directory "teams server" but don't know with what permissions... ? Do you have any ideas?

EDIT: For test purpose I've created teamsserver directory with 777 but that doesn't solve my problem. Logs looks the same as previous butjust WITHOUT line:

Could not create directory '/var/teamsserver/.ssh'.

Any ideas?

Thanks

Fango answered 28/10, 2013 at 0:40 Comment(0)
F
7

Ok, I took some time but I've a solution... Two solutions actually. Ashamed to admit but read and understand logs is enough to solve the problem (again :P).

FIRST ANSWER:

My server host key was added to .ssh/known_hosts BEFORE installing os x server. Server does't use that path of known hosts. As log says server uses:

SSH Known Hosts file path is located at /Library/Server/Xcode/Config/ssh_known_hosts

and that file was empty in my case. So to solve the problem it is enough to copy known_hosts to ssh_known_hosts:

sudo cp ~/.ssh/known_hosts /Library/Server/Xcode/Config/ssh_known_hosts

It's that simple.

SECOND ANSWER:

Acording to log again

SSH strict host checking is enabled (you can disable this by editing the SSHStrictHostKeyChecking key in /Library/Server/Xcode/Config/xcsbuildd.plist

Change SSHStrictHostKeyChecking to false.

It's done again.

Fango answered 31/10, 2013 at 14:46 Comment(6)
Both this answer and the answer above by user1132570 fixed this issue for me. So make sure to check that /var/teamsserver exists if this answer doesn't fix the issue for you.Stasiastasis
This didn't work for me. Did both, still complaining about not being able to create directories off of /var/teamsserver.Nich
Have you tried ctreate it manually? The way suggested by user1132570 is good enough to create it with proper privileges.Fango
I've tried all 3 answers and still no luck. debug1: Offering RSA public key: /Library/Server/Xcode/Data/BotRuns/BotRun-a28db5fc-1932-47a0-a528-f52c75e421e2.bundle/credentials/65885363-194e-454b-a3ce-56dcaaf5d3c9/id_rsa debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey). fatal: Could not read from remote repository.Peep
Can you access to the server via ssh using your key(so that you don't need to type a password)? Maybe you've not added a key to the list of known keys?Fango
Same as Rob and atreat. I have tried all of the above. I have created the folders, even the files and put all of the proper keys in them to help out. I can connect via SSH without needing a password. I set the folders to have 777 permissions. Turned off SSHStrict as above, even allowed self signed SSL. Even though I MADE teamserver folder and ssh file and 777 permissions it still says it can not make it. Made it locally and on server just to be safe.Simard
H
8

I experienced a similar issue with scheme action build scripts when attempting to run git commands against a github repo protected by ssh key pairs.

Bots run builds using a _teamsserver system account. As you've discovered, these accounts don't have home directories by default. To setup builds to access and modify their home directory, I had success with the following (your mileage may vary):

sudo mkdir /var/teamsserver
sudo chown -R _teamsserver:_teamsserver /var/teamsserver/
sudo chmod -R 770 /var/teamsserver/

HTH

Hungnam answered 29/10, 2013 at 0:46 Comment(2)
Thank you for your suggestion, but as I wrote it didn't help :/. There is still problem with these lines: debug1: identity file /var/teamsserver/.ssh/id_rsa type -1 debug1: identity file /var/teamsserver/.ssh/id_rsa-cert type -1 debug1: identity file /var/teamsserver/.ssh/id_dsa type -1 debug1: identity file /var/teamsserver/.ssh/id_dsa-cert type -1 Moreover, I;ve added id_rsa into /var/teamsserver/.ssh but it helped only in: debug1: identity file /var/teamsserver/.ssh/id_rsa type 1 (not -1 as before) ...still looking for solution...Fango
Thanks @user1132570. The above scripts did take care of the dir problem.Gymnosophist
F
7

Ok, I took some time but I've a solution... Two solutions actually. Ashamed to admit but read and understand logs is enough to solve the problem (again :P).

FIRST ANSWER:

My server host key was added to .ssh/known_hosts BEFORE installing os x server. Server does't use that path of known hosts. As log says server uses:

SSH Known Hosts file path is located at /Library/Server/Xcode/Config/ssh_known_hosts

and that file was empty in my case. So to solve the problem it is enough to copy known_hosts to ssh_known_hosts:

sudo cp ~/.ssh/known_hosts /Library/Server/Xcode/Config/ssh_known_hosts

It's that simple.

SECOND ANSWER:

Acording to log again

SSH strict host checking is enabled (you can disable this by editing the SSHStrictHostKeyChecking key in /Library/Server/Xcode/Config/xcsbuildd.plist

Change SSHStrictHostKeyChecking to false.

It's done again.

Fango answered 31/10, 2013 at 14:46 Comment(6)
Both this answer and the answer above by user1132570 fixed this issue for me. So make sure to check that /var/teamsserver exists if this answer doesn't fix the issue for you.Stasiastasis
This didn't work for me. Did both, still complaining about not being able to create directories off of /var/teamsserver.Nich
Have you tried ctreate it manually? The way suggested by user1132570 is good enough to create it with proper privileges.Fango
I've tried all 3 answers and still no luck. debug1: Offering RSA public key: /Library/Server/Xcode/Data/BotRuns/BotRun-a28db5fc-1932-47a0-a528-f52c75e421e2.bundle/credentials/65885363-194e-454b-a3ce-56dcaaf5d3c9/id_rsa debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey). fatal: Could not read from remote repository.Peep
Can you access to the server via ssh using your key(so that you don't need to type a password)? Maybe you've not added a key to the list of known keys?Fango
Same as Rob and atreat. I have tried all of the above. I have created the folders, even the files and put all of the proper keys in them to help out. I can connect via SSH without needing a password. I set the folders to have 777 permissions. Turned off SSHStrict as above, even allowed self signed SSL. Even though I MADE teamserver folder and ssh file and 777 permissions it still says it can not make it. Made it locally and on server just to be safe.Simard
G
0

If you've tried the above and still are getting a permission denied error, you probably don't have the right permissions to that file/directory.

  • Who are you running as? $id
  • $ls -al the directory that the server is trying to read the id_rsa from (Probably similar to this path: Library/Server/Xcode/Data/BotRuns/BotRun-a28db5fc-1932-47a0-a528-f52c75e421e2.b‌​undle/credentials/65885363-194e-454b-a3ce-56dcaaf5d3c9/id_rsa)
  • change ownership of that file ^^ ($sudo chown {#id} {#path})
Gymnosophist answered 9/1, 2014 at 20:49 Comment(0)
C
0

I did 3 things to allow me to get past this, although I'm not sure which of them solved the problem:

  1. Change all git repositories in my project to use the HTTPS rather than SSH (git) version of the url
  2. Disabled SSHStrictHostKeyChecking as per the instructions from the source control log from the bot.
  3. Enabled TrustSelfSignedSSLCertificates as per the same instructions from the log.

Also check out https://discussions.apple.com/thread/5586872 in case this is a problem for you.

I will back some of these items off and test when I have more time.

Collaborative answered 21/1, 2014 at 12:9 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.