Introduction

Jenkins freestyle projects execute shell scripts as build steps. When the script file does not have execute permissions, or the Jenkins user lacks permission to read or execute the file, the build step fails with a permission denied error. This is common when scripts are checked out from version control without execute bit preservation or when scripts are placed in restricted directories.

Symptoms

  • Build console output shows Permission denied when executing the shell step
  • Build step fails with exit code 126 (command not executable) or 127 (command not found)
  • Script exists in the workspace but cannot be executed
  • Error message: /var/lib/jenkins/workspace/my-job/deploy.sh: Permission denied
  • Error message: Build step 'Execute shell' marked build as failure

Common Causes

  • Script checked out from Git without execute permission (chmod +x not set in repository)
  • Script located in a directory the Jenkins user cannot access
  • SELinux or AppArmor policy blocking script execution
  • NFS-mounted workspace with noexec mount option
  • Script shebang line pointing to an interpreter that does not exist or is not executable

Step-by-Step Fix

  1. 1.Check the script file permissions: Verify execute permission is set.
  2. 2.```bash
  3. 3.ls -la /var/lib/jenkins/workspace/my-job/deploy.sh
  4. 4.# Should show: -rwxr-xr-x
  5. 5.`
  6. 6.Add execute permission before running the script: Set permissions in the build step.
  7. 7.```bash
  8. 8.# In the Jenkins build step, add chmod before execution
  9. 9.chmod +x deploy.sh
  10. 10../deploy.sh
  11. 11.`
  12. 12.Alternatively, run the script through the interpreter directly: Bypass execute permission requirement.
  13. 13.```bash
  14. 14.# In the Jenkins build step
  15. 15.bash deploy.sh
  16. 16.# Or for Python scripts
  17. 17.python3 deploy.py
  18. 18.`
  19. 19.Fix Git to preserve execute permissions: Configure the repository to track execute bits.
  20. 20.```bash
  21. 21.# In the Git repository, set the execute bit and commit
  22. 22.chmod +x deploy.sh
  23. 23.git add deploy.sh
  24. 24.git commit -m "Add execute permission to deploy.sh"
  25. 25.git push
  26. 26.# Ensure core.fileMode is false to preserve permissions
  27. 27.git config core.fileMode false
  28. 28.`
  29. 29.Verify the Jenkins user has access to the workspace directory: Check directory permissions.
  30. 30.```bash
  31. 31.# Check Jenkins user
  32. 32.ps aux | grep jenkins | head -1
  33. 33.# Verify workspace directory permissions
  34. 34.ls -la /var/lib/jenkins/workspace/my-job/
  35. 35.`

Prevention

  • Always set execute permissions on scripts before committing to version control
  • Run scripts through the interpreter (bash script.sh) rather than directly (./script.sh)
  • Add chmod +x as the first command in Jenkins build steps for scripts from external sources
  • Verify Git repository settings preserve file permissions (core.fileMode false)
  • Use Jenkins Pipeline instead of freestyle projects for better script handling
  • Test script execution on the Jenkins agent manually before configuring as a build step