jenkins通过sshPut传输文件的时候，报错Permission denied的SftpException

一、背景

使用jenkins的ssh插件传输文件至远程机器的指定目录，php程序打包后，经过zip压缩为oms.zip

zip -rq oms.zip ./ -x '.git/*' -x .env

然后我们求md5值

md5sum oms.zip

最后执行传输。

09:03:02  Executing command on ssh[116.61.10.149]: mkdir -p /opt/php/oms sudo: false
[Pipeline] sshPut
[Pipeline] }
09:03:07  Sending a file/directory to ssh[116.61.10.149]: from: /home/jenkins/agent/workspace/PROD_resource_php_oms/oms.zip into: /opt/php/oms
09:03:08  Failed SFTP PUT: /home/jenkins/agent/workspace/PROD_resource_php_oms/oms.zip -> ssh:/opt/php/oms

二、报错详情

Caused: org.hidetake.groovy.ssh.operation.SftpException: Failed SFTP PUT: /home/jenkins/agent/workspace/PROD_resource_php_oms/oms.zip -> ssh:/opt/php/oms: (SSH_FX_PERMISSION_DENIED: The user does not have sufficient permissions to perform the operation): Permission denied

三、ssh pipeline

    def remote = [:]
    remote.name = 'ssh'
    remote.host = '116.61.10.149'
    remote.port = 22
    remote.allowAnyHosts = true

    def credentialsId = "285a0928-f35f-4485-a54f-48321aea7212"
    
withCredentials([sshUserPrivateKey(credentialsId: credentialsId, keyFileVariable: 'identity', passphraseVariable: '')]) {
        remote.user = 'phpuser'

        remote.identityFile = identity
        // 创建远程目录
        sshCommand remote: remote, command: "mkdir -p " + remoteFilePath

       // 上传jar或者zip包，以及md5文件
        sshPut remote: remote, from: jarFileName, into: remoteFilePath
        sshPut remote: remote, from: md5FileName, into: remoteFilePath
        // 如果是zip压缩文件，额外上传一个.version文件，内容是版本号
        if (".zip" == fileType) {
            sshPut remote: remote, from: ".version", into: remoteFilePath
        }
    }
   

四、排查过程

手动登录远程机器116.61.10.149，然后进入目标目录，查看目录所属的用户是root，而非phpuser，所以报没有权限的错误。

[root@TEST-jekines ~]# ssh phpuser@116.61.10.149
Last login: Thu Jul 28 09:52:44 2022 from 116.61.10.149

Welcome to Alibaba Cloud Elastic Compute Service !

[phpuser@awx-pre ~]$ cd /opt/php
[phpuser@awx-pre php]$ ll
total 15
drwxr-xr-x 2 root root 4096 Jul 25 09:51 oms

• 查看文件夹的详情

[phpuser@awx-pre php]$ stat oms
  File: 'oms'
  Size: 4096            Blocks: 1          IO Block: 16384  directory
Device: 56h/86d Inode: 6993897     Links: 2
Access: (0755/drwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2023-07-25 09:51:29.613946996 +0800
Modify: 2023-07-25 09:51:29.613946996 +0800
Change: 2023-07-25 09:51:29.613946996 +0800
 Birth: -

文件夹oms是在2023-07-25 09:51:29由用户root创建的，所以当phpuser用户来尝试创建目录的时候，会失败，继而传输文件也报权限非法的错误。

五、解决问题

rm -rf /opt/php

• 删除后，目录/opt/php下为空

• 重试上传文件

[phpuser@awx-pre oms]$ ll -h
total 170M
-rw-rw-r-- 1 phpuser phpuser 170M Jul 31 10:06 oms.zip
-rw-rw-r-- 1 phpuser phpuser   33 Jul 31 10:06 oms.zip.md5