Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Couldn't fsetstat - permission denied errors with sftp-deploy Edited

I'm using the atlassian/sftp-deploy pipe in Bitbucket Pipelines, and my deployments keep showing as failed as a result of several fsetstat and setstat permission denied errors.

Note: I already added the necessary permissions recursively on the whole directory so that all of the files successfully transfer. All the files are there and everything seems to work on the server after multiple deployments, but they are still showing as failing.

Here's an example:

Couldn't setstat on "/foo/bar": Permission denied
Couldn't fsetstat: Permission denied
Couldn't fsetstat: Permission denied
Couldn't fsetstat: Permission denied

  1. What are these fsetstat and setstat commands trying to do and why?
  2. What changes are necessary on my Ubuntu server in order to prevent these errors?

 

1 answer

0 votes

Hi @Josh W. . setstat/fsetstat are basically trying to update the attributes of the remote files, such as read/write permissions etc. One possible reason you get this errors is that your sftp-server could be configured to prevent using this commands. For example, this SO answer is an example blacklisting such operations. You might need to do the opposite. I suggest inspecting your sshd_config file and check if fsetstat/setstat are blacklisted. Additionally, you might explicitly white-list them (note the lower-case "p" is used):

Subsystem sftp internal-sftp -p setstat,fsetstat

 Here are also a couple of useful links for reference:

 

Let me know if this helps

Unfortunately that didn't work. setstat and fsetstat are not blacklisted. 

I have an SFTP "jail" on a match group in the sshd_config, so the flags needed to be used with

ForceCommand internal-sftp

I tried using 

ForceCommand internal-sftp -p setstat,fsetstat

And this actually breaks the SFTP account entirely so that it no longer can connect. Looking at the docs, this is because the -p denies all other commands than the ones that are whitelisted:

All request types that are not on the whitelist will be logged and replied to with a failure message. [src]

As a test, I tried changing the flag use all commands (returned from the command /usr/lib/openssh/sftp-server -Q requests)

ForceCommand internal-sftp -p open,close,read,write,lstat,fstat,setstat,fsetstat,opendir,readdir,remove,mkdir,rmdir,realpath,stat,rename,readlink,symlink,posix-rename,statvfs,fstatvfs,hardlink,fsync

That didn't fix the issue and it was back to square one with the setstat and fsetstat errors in the pipeline log. So setstat and fsetstat appear to be enabled? Not sure what else it could be.

Hello

I had the same issue. So, I changed the directory owner on my server. The new owner is the same ssh user for bitbucket.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

New improvements to user management in Bitbucket Cloud 👥

Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...

325 views 2 10
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you