Menu
For security reasons we thought it would be better if the Jenkins windows service would run as user without admin rights. However, this leads to an error on Jenkins server startup:
java.io.IOException: Access is denied at
java.io.WinNTFileSystem.createFileExclusively(Native Method) at
java.io.File.createTempFile(Unknown Source) at
hudson.util.AtomicFileWriter.<init>(AtomicFileWriter.java:142)
Caused:
java.io.IOException: Failed to create a temporary file in C:\Program Files (x86)\Jenkins
The user (Windows 7, Active Directory user) has all rights on the Jenkins folder (excluding 'Special rights', which cannot be chosen).
Is it possible/reasonable to run the Jenkins windows service (server as well as slaves on other computers) as non-admin user?
516
I would suggest installing Jenkins in a secondary partition, like G:\Jenkins.
Even if you don't have a secondary partition C:\Jenkins is better than C:\Program Files\Jenkins or C:\Program Files(x86)\Jenkins to avoid the operating system unnecessarily getting in the way.
With that in place I always set the Jenkins service to run as a user (preferable a service account with a non-expiring password) that is a member of the Administrators group on the box.
Doing this usually avoids many of the unnecessary annoying permissions issues that only get in the way and slow your progress.
It should be noted that when it comes to Windows Batch Steps Jenkins will not Run As Administrator (at least it hasn't in the years since 2007 I have been using Jenkins).
60
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
