Server Script Error – why?

[gczychi]

Hi all,

trying to schedule my first system server script and I am getting an error: 

Dec 2, 2016 9:35:00 AM
Server Events
Error
692
Schedule "fms backup to net vol" aborted; system script "fms_BackupScript.sh" returned non-zero status 12.

Running mac OS Sierra

FMS is running with its default user account (fmserver [I guess])

The shell script file works fine when I double click it and has all execute privileges:

 

-rwxr-xr-x@  2 admin     staff     149 Dec  2 09:12 fms_BackupScript.sh

Interesting, when I schedule this script with the admin username and password option, then I get an «Invalid account» error:

Dec 2, 2016 9:54:00 AM
Server Events
Error
732
Schedule "fms backup to net vol" aborted; invalid account name or password.

 

I'm puzzled. Where's the problem?

Thanks for any help!

Gary

 

 

[Wim Decorte]

From the name of the schedule: are you trying to back up to a remote volume on the network?  Make sure it is mounted and that the default user fmserver/fmsadmin has the right privs to that volume.

[gczychi]

Thanks, Wim,

the network shares are always mounted and I am adressing it locally: 

/Volumes/Backup/fmserver/Backups/

So, that's not the problem. The shell script works just fine when I double click it.

 

[Wim Decorte]

Your 'double-click' test is not a valid test because that runs as you, not as the FMS user.

Mounting the remote volume is not enough, the FMS account needs to have the proper rights on that volume.

[gczychi]

Thanks for the hint, but this is not the problem.

I replaced the sync command with something else and it still doesn't work. It returns the same error:

Here's my script:

#!/bin/bash
# See Info file in /Application/FM Server/…

whoami > /Users/admin/Desktop/user.txt

# rsync -r --delete-after /Library/FileMaker\ Server/Data/Backups /Volumes/Backup/fmserver

and it produces the following error in FM Server:
In «Log Viewer»

Dec 4, 2016 9:30:00 AM
Error
Schedule "fms backup to net vol" aborted; system script "fms_BackupScript.sh" returned non-zero status 12.

In «Schedules»

fms backup to net vol
System Script
Aborted by user

The last message «Aborted by user» might be interesting, but I cannot make anything out of it. 

And, keep in mind, when I set a specific OS X user in FM Server to run the script, I get an «invalid account name or password» error.

 

Edited December 4, 2016 by gczychi
typo

[Wim Decorte]

I am not getting through to you it seems.  It does not matter whether you use a remote volume or an internal folder.  The FMS account by default only has read and write privileges to its own folders.

It does not have access to the folder and fileyou are targeting.  That's just the nature of OSX's security.  You'll need to give the FMS account the proper rights to wherever you want it to interact with.

/Users/admin/Desktop/user.txt

[gczychi]

You're right. I didn't get it.

So, what I did: I edited the sudoers file again, added the admin user and then within FM Server console, added the user admin to run the script. Now, it looks like this:

##
## User privilege specification
##
root ALL=(ALL) ALL
%admin  ALL=(ALL) ALL
# «admin» for FM Server script usage
admin ALL=(ALL) ALL

…

## FM Server additions
## see: https://localhost:16000/help/en/index.html#page/fms/sched_select_os_script.html
Host_Alias FMSHOST = path.to.router
Defaults:fmserver targetpw, timestamp_timeout=0, passwd_tries=1
fmserver FMSHOST = (ALL) /Library/FileMaker\ Server/Data/Scripts/*, /bin/kill

However, this is a potential security risk, because now, the admin user has sudo privileges.

Better would have been to add my backup directory (/Volumes/Backup/fmserver/) to the allowed directories of fmserver, but I couldn't figure out how to do that.

Thanks again for your help!

Gary

 

[Wim Decorte]

why not just chmod / chown the target folders to the FMS account?  Much safer than messing with sudoers...