问题描述
backup_to_gcs.sh是使用gsutil rsync将文件复制到Google Cloud Storage的备份脚本.
backup_to_gcs.sh is a backup script that uses gsutil rsync to copy files to Google Cloud Storage.
备份脚本由用户Wolfv(安装了google-cloud-sdk的用户)调用时运行:
The backup script runs when called by user wolfv (who installed the google-cloud-sdk):
$ /home/wolfv/scripts/backup_to_gcs/backup_to_gcs.sh
backup_to_gcs.sh in progress ...
backup_to_gcs.sh pass
到目前为止,一切都很好.但是root需要运行gsutil,以便可以从Anacron调用备份脚本.因此,让root用户运行脚本.
So far so good.But root needs to run gsutil so that the backup script can be called from Anacron.So lets have root run the script.
root和wolfv共享凭据是安全的,因为它是同一个人.
It's safe for root and wolfv to share credentials because it's the same person.
如何以root身份运行gsutil?
How can root run gsutil?
我正在Linux上运行gsutil 4.27.
I am running gsutil 4.27 on Linux.
UPDATE_1
多亏了mhouglum,root现在可以调用备份脚本了.只需在root的.bashrc中设置一些参数即可.详细信息如下.
Thanks to mhouglum, root can now call the backup script.Just needed to set some parameters in root's .bashrc.Details follow.
对于Wolff和root用户,"gsutil版本-l"中的两行是不同的:
Two lines from "gsutil version -l" are different for user wolfv and root:
using cloud sdk
pass cloud sdk credentials to gsutil
备份脚本在被wolfv用户调用时运行.这是wolfv数据(BOTO_CONFIG和BOTO_PATH为空):
The backup script runs when called by user wolfv. Here is wolfv data (BOTO_CONFIG and BOTO_PATH are empty):
$ gsutil version -l
gsutil version: 4.27
checksum: 522455e2d24593ff3a2d3d237eefde57 (OK)
boto version: 2.47.0
python version: 2.7.13 (default, Jun 26 2017, 10:20:05) [GCC 7.1.1 20170622 (Red Hat 7.1.1-3)]
OS: Linux 4.11.11-300.fc26.x86_64
multiprocessing available: True
using cloud sdk: True
pass cloud sdk credentials to gsutil: True
config path(s): /home/wolfv/.boto, /home/wolfv/.config/gcloud/legacy_credentials/[email protected]/.boto
gsutil path: /home/wolfv/google-cloud-sdk/platform/gsutil/gsutil
compiled crcmod: True
installed via package manager: False
editable install: False
$ echo $BOTO_CONFIG
$ echo $BOTO_PATH
$ echo $PATH
/home/wolfv/google-cloud-sdk/bin:/home/wolfv/google-cloud-sdk/bin:/usr/lib64/qt-3.3/bin:/usr/lib64/ccache:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin
这是用户wolfv .bashrc:
This is user wolfv .bashrc:
$ cat .bashrc
# .bashrc
# after changing .bashrc, use source command to reload your .bashrc file
# $ source "$HOME/.bashrc"
# $ source ~/.bashrc
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
# User specific aliases and functions
export PATH=${PATH}:$HOME/scripts
# The next line updates PATH for the Google Cloud SDK.
if [ -f '/home/wolfv/google-cloud-sdk/path.bash.inc' ]; then source '/home/wolfv/google-cloud-sdk/path.bash.inc'; fi
# The next line enables shell command completion for gcloud.
if [ -f '/home/wolfv/google-cloud-sdk/completion.bash.inc' ]; then source '/home/wolfv/google-cloud-sdk/completion.bash.inc'; fi
备份脚本也可以在由root调用时运行.这是根数据:
The backup script also runs when called by root. Here is root data:
$ sudo -s
# gsutil version -l
gsutil version: 4.27
checksum: 522455e2d24593ff3a2d3d237eefde57 (OK)
boto version: 2.47.0
python version: 2.7.13 (default, Jun 26 2017, 10:20:05) [GCC 7.1.1 20170622 (Red Hat 7.1.1-3)]
OS: Linux 4.11.11-300.fc26.x86_64
multiprocessing available: True
using cloud sdk: False
pass cloud sdk credentials to gsutil: False
config path(s): /home/wolfv/.boto, /home/wolfv/.config/gcloud/legacy_credentials/[email protected]/.boto
gsutil path: /home/wolfv/google-cloud-sdk/platform/gsutil/gsutil
compiled crcmod: True
installed via package manager: False
editable install: False
[0 root@localhost ~]
# echo $BOTO_CONFIG
[0 root@localhost ~]
# echo $BOTO_PATH
/home/wolfv/.boto:/home/wolfv/.config/gcloud/legacy_credentials/[email protected]/.boto
[0 root@localhost ~]
# echo $PATH
/usr/lib64/ccache:/sbin:/bin:/usr/sbin:/usr/bin:/home/wolfv/google-cloud-sdk/platform/gsutil:/home/wolfv/google-cloud-sdk/bin:/home/wolfv/google-cloud-sdk/platform/gsutil:/home/wolfv/google-cloud-sdk/bin
这是根.bashrc:
This is the root .bashrc:
# cat .bashrc
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
# added by wolf so anacron can call backup script
export PATH=${PATH}:/home/wolfv/google-cloud-sdk/platform/gsutil:/home/wolfv/google-cloud-sdk/bin
export BOTO_PATH=/home/wolfv/.boto:/home/wolfv/.config/gcloud/legacy_credentials/[email protected]/.boto
# The next line updates PATH for the Google Cloud SDK.
#if [ -f '/home/wolfv/google-cloud-sdk/path.bash.inc' ]; then source '/home/wolfv/google-cloud-sdk/path.bash.inc'; fi
# The next line enables shell command completion for gcloud.
#if [ -f '/home/wolfv/google-cloud-sdk/completion.bash.inc' ]; then source '/home/wolfv/google-cloud-sdk/completion.bash.inc'; fi
UPDATE_2
终端和anacron上的root用户都可以运行备份脚本.
当root运行脚本时,文件将在GCS上更新;好.
anacron运行脚本时,它将返回错误代码127;否则,错误代码将返回127.不好.
Both root on terminal and anacron can run the backup script.
When root runs the script, files are updated on GCS; good.
When anacron runs the script, it returns error code 127; bad.
此行为通过名为ls.sh的简单脚本来再现:
The behavior is repoduced with this simple script called ls.sh:
#!/bin/bash
LOG_FILE="/home/wolfv/scripts/test/ls.log"
echo "I am $(whoami). date=$(date)" >> "$LOG_FILE"
gsutil ls >> "$LOG_FILE"
errorCode=$?
echo "errorCode=$errorCode" >> "$LOG_FILE"
从终端root调用脚本:
root calls script from terminal:
# /home/wolfv/scripts/test/ls.sh
ls.log中的结果:
Result in ls.log:
I am root. date=Mon Aug 14 05:21:23 MDT 2017
gs://wolfv/
gs://wolfv2/
gs://wolfvtest/
errorCode=0
anacron调用脚本:
anacron calls script:
# anacron -n -f ls_id
ls.log中的结果:
Result in ls.log:
I am root. date=Mon Aug 14 05:21:38 MDT 2017
errorCode=127
是什么导致错误代码127?
What is causing error code 127?
UPDATE_3
我从UPDATE_2重复了测试,但是使用cron而不是anacron.结果与cron相似,但得到相同的errorCode = 127.
I repeated tests from UPDATE_2, but using cron instead of anacron.Results are similar with cron getting the same errorCode=127.
wolfv从终端调用脚本:
wolfv calls script from terminal:
$ /home/wolfv/scripts/test/ls.sh
ls.log中的结果:
Result in ls.log:
I am wolfv. date=Fri Aug 18 20:58:57 MDT 2017
gs://wolfv/
gs://wolfv2/
gs://wolfvtest/
errorCode=0
cron调用脚本:
$ crontab -l
#test gsutil on cron
*/10 * * * * /home/wolfv/scripts/test/ls.sh
ls.log中的结果:
Result in ls.log:
I am wolfv. date=Fri Aug 18 21:20:01 MDT 2017
errorCode=127
gsutil脚本可以在终端上正常运行,但不能在cron/anacron上运行.
是什么原因导致cron和anacron返回错误代码127?
The gsutil script runs fine from terminal, but not from cron/anacron.
What could be causing cron and anacron to return error code 127?
推荐答案
运行sudo -s后,检查所有设置是否都设置为您期望的值:
Once you've run sudo -s, check that everything is set to the values you expect:
-
echo $BOTO_CONFIG是否显示正确的boto文件?如果不是,也许不是root的.bashrc? -
echo $PATH是否包括您添加的gsutil目录? - 运行
gsutil version -l时,应该看到:-
config path(s)标签,后跟/home/wolfv/.boto -
gsutil path标签,后跟/home/wolfv/google-cloud-sdk/platform/gsutil/gsutil.如果不是这种情况,则可能是在您添加的gsutil目录之前之前在您的PATH中显示了一个gsutil可执行文件,您可能想尝试 prepending gsutil目录到您的PATH,以便首先找到它,例如export PATH=/home/wolfv/google-cloud-sdk/platform/gsutil:${PATH}.
- Does
echo $BOTO_CONFIGshow the correct boto file? If not, maybe root's .bashrc isn't being sourced? - Does
echo $PATHinclude the gsutil directory you added? - When you run
gsutil version -l, you should see:- The
config path(s)label, followed by/home/wolfv/.boto - The
gsutil pathlabel, followed by/home/wolfv/google-cloud-sdk/platform/gsutil/gsutil. If this isn't the case, there's probably a gsutil executable that shows up in your PATH before the gsutil directory you appended, and you might want to try prepending the gsutil directory to your PATH so that it's found first, e.g.export PATH=/home/wolfv/google-cloud-sdk/platform/gsutil:${PATH}.
如果那里的所有内容都可以以root身份运行,则可以以您本人和root身份运行
gsutil version -l并比较输出,以查看这些环境之间的不同配置.If everything there looks fine as root, you might run
gsutil version -lboth as yourself and as root and compare the output, letting you see what's configured differently between those environments.以下注释的TL; DR是:如果您尝试加载多个boto配置文件,则应取消设置
BOTO_CONFIG(仅需要1个文件路径),而应使用BOTO_PATH环境变量,该变量允许指定多个文件路径,这些文件路径由系统上的os.pathsep计算结果确定(在Linux上为:在Windows上为;).The TL;DR of the comments below is: if you're trying to load more than 1 boto config file, you should unset
BOTO_CONFIG(which only expects 1 file path), and instead use theBOTO_PATHenvironment variable, which allows specifying multiple file paths delimited by whateveros.pathsepevaluates to on your system (:on Linux,;on Windows).这篇关于如何授权root来运行gsutil?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!
- The
-