- Newest
- Most votes
- Most comments
Hi Szymon999,
Can you list the permissions on the following directories?
- /home
- /home/greengrass
- /home/greengrass/v2
Is the lambda configured to run in NoContainer mode or GreengrassContainer mode?
Greengrass manages the permissions of the directories within its installation directory. In order to run the processes as different users though, the user needs to have read + execute permission on the directory hierarchy up to the artifact that is being executed.
I suspect that /home/greengrass needs be chmod og+rx
Hi Szymon999,
Thanks for using Greengrass v2. Can you share some details about your GGC setup?
- What is the
component-default-user
in the initial setup? Did you configure the user while deploying the lambda component? - Can you enable debug logging and provide more logs?
- Can you provide the config files at
/home/greengrass/v2/config/config.tlog
and/home/greengrass/v2/config/effectiveConfig.yaml
? Make sure you mask out the sensitive information if any.
Thanks,
Hui
Hi,
This problem was indeed caused by the permission issues. I found that components are executed by ggc_user (configured at the installation) and I had to grant /home/greengrass dir correct permissions.
Thanks.
Hi,
can you provide the command to do that?
I have got the same issue, what is weird it is working on another core ....
Hope it's the same issue ..
Thanks
I am also new to this greengrass v2. So I may be wrong.
I beileve that permissions are given to ggc_user and ggc_group as component-default-user if you don't explicitly specify other user name and group name when you create component. So you have to add ggc_user as user and ggc_group as group as system like below. I think that you have to do it every device manually.
Log into your device by SSH and do the next both two lines sudo adduser and sudo addgroup as shown in
https://docs.amazonaws.cn/en_us/greengrass/v1/developerguide/setup-filter.rpi.html
sudo adduser --system ggc_user
sudo addgroup --system ggc_group
For the first core device, you might have done this but for the second one, you might have forgotten to do this again.
Hope this helps you.
Relevant content
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago