Why rsync fails with jenkins

Question

When rsync is used with jenkins as Execute shell Command on CentOS 6.4, it fails:

[workspace] $ /bin/sh -xe /tmp/hudson3424899639384884888.sh
+ rsync -av /var/lib/jenkins/jobs/myjob/workspace/target/classes/ [email protected]:/home/myuser/test
rsync: Failed to exec ssh: Permission denied (13)
rsync error: error in IPC code (code 14) at pipe.c(84) [sender=3.0.6]
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in IPC code (code 14) at io.c(600) [sender=3.0.6]

However, it works from the command line:

su jenkins
rsync -av /var/lib/jenkins/jobs/myjob/workspace/target/classes/ [email protected]:/home/myuser/test
sending incremental file list

sent 17875 bytes  received 83 bytes  3990.67 bytes/sec
total size is 1981027  speedup is 110.31

What has to be done to make it work in jenkins as well?

Answer 1

The problem was with SElinux installed on CentOS, which for some reason were blocking ssh for rsync.

Here is a line from /var/log/messages which says the ssh was blocked:

Jun 12 13:45:59 myserver kernel: type=1400 audit(1434109559.911:33346): avc:  denied  { execute } for  pid=11862 comm="rsync" name="ssh" dev=dm-1 ino=11931741 scontext=unconfined_u:system_r:rsync_t:s0 tcontext=system_u:object_r:ssh_exec_t:s0 tclass=file

For now we disabled SElinux on our server, proper solution would be to create custom policy module (1)

Answer 2

Note, that when you change (add) jenkins user to some group, permission will apply after slave (agent) restart.

Answer 3

I had a similar problem.

In my case jenkins was not executing rsync with the expected user (jenkins) but with another (jboss in my case) adding 'whoami' to the script and using ssh verbose:

rsync -e "ssh -v" .......

helped to find the problem.