stackoom
  简体   繁体   中英

Limit shell commands in Jenkins

 原文  2014-07-16 13:16:54       shell/ security/ jenkins/ continuous-integration

Question

I've been wondering if it's possible to limit shell commands a user can run in a Jenkins job?

Example: We store an universal password to access our Subversion repositories in Jenkins, and we don't want people to just cat the file, echo it out and display it in the buildlog for the job.

Exactly how can you limit the number of shell commands and directories users can utilize?

1 answers

solution1
 0  2017-06-27 11:45:49

This is outside the scope of Jenkins, that's purely your responsibility for addressing this, main reason being that's impossible to do it correct from Jenkins.

There are two solutions * Start using docker containers as build slaves * Try to use OS level limitations

Regarding keeping secrets secret the final answer is you cannot really secure it from those writing scripted jobs.

And yes, keep the master isolated for special jobs.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Jenkins - Execute shell commands with wildcards Running nested commands in Jenkins pipeline shell Jenkins adding special characters to shell commands Running shell script commands sequentially in Jenkins What directory shell commands in Jenkins execute in? Jenkins Groovy script to execute shell commands Jenkins execute shell not able to find gradle commands Jenkins - can the “Execute Shell” execute SSH commands Using the execute shell command in Jenkins to run git commands on a Windows machine Jenkins Pipeline: Any strategy to schedule each stage with shell commands
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM