Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permission denied when trying to run keymaker install #13

Closed
mrjk05 opened this issue Dec 8, 2016 · 3 comments
Closed

Permission denied when trying to run keymaker install #13

mrjk05 opened this issue Dec 8, 2016 · 3 comments

Comments

@mrjk05
Copy link

mrjk05 commented Dec 8, 2016
edited
Loading

Not sure what is happening....

Followed the instructions using a fresh AWS Ubuntu 16.04 AMI
Process:

Create a user group called "keymaker_

  • Add users to give acesss to EC2 instances into keymaker group

  • Launch EC2 instance - in this case Ubuntu

  • upgrade server
    sudo apt-get update && sudo apt-get -y upgrade

  • install AWS CLI
    sudo apt-get install awscli

  • install python
    sudo apt install python

  • install pip
    sudo apt-get install python-pip

  • Install Keymaker
    pip install keymaker

  • Run keymaker install
    keymaker install

however when run keymaker install i receive the following error:
useradd: Permission denied.
useradd: cannot lock /etc/passwd; try again later.
Traceback (most recent call last):
File "/home/ubuntu/.local/bin/keymaker", line 87, in <module>
locals()[args.command](args)
File "/home/ubuntu/.local/lib/python2.7/site-packages/keymaker/__init__.py", line 94, in install
"--shell", "/usr/sbin/nologin"])
File "/usr/lib/python2.7/subprocess.py", line 541, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '[u'useradd', u'keymaker', u'--comment', u'Keymaker SSH key daemon', u'--shell', u'/usr/sbin/nologin']' returned non-zero exit status 1
@ozmium
Copy link

ozmium commented Apr 6, 2018

To workaround the "Permission denied" problem, try running the command like this:

Install Keymaker
pip install keymaker

Check the install path of the binary
type keymaker
# Output is: keymaker is /home/ubuntu/.local/bin/keymaker

Run the keymaker installer, using the absolute path
sudo /home/ubuntu/.local/bin/keymaker install

Then check that it has added a "keymaker" user to the system accounts:

cat /etc/passwd
or
cat /etc/passwd | grep "keymaker"

@kislyuk
Copy link
Owner

kislyuk commented Apr 7, 2018

@mrjk05 please disregard the advice from @ozmium.

keymaker only supports global installation. You must run it as root, for example using sudo pip install keymaker, not as your own user. You will not be able to make keymaker work by performing a user installation (as running it without sudo will result in).

@kislyuk
Copy link
Owner

kislyuk commented Apr 7, 2018

I should clarify, for the avoidance of doubt, that because of the content of the issue, I'm talking only about installing Keymaker on a server that will provide SSH access, as opposed to on a client (where the users will log in from and upload their SSH keys to IAM from).

On a server, you must install keymaker globally.

On a client, keymaker doesn't need to interact with sshd or other system components, so can be installed as a user install.

@kislyuk kislyuk closed this as completed Apr 9, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kislyuk @ozmium @mrjk05