cp: cannot stat ?

Currently reading
cp: cannot stat ?

11
3
NAS
DS3617xs
Operating system
macOS
Mobile operating system
iOS
Hi,

I am relatively new to DSM and is in the process of setting up a test where I basically try out all of the stuff I want on my production box. I've hit a snag that I can't seem to figure out, so I hope someone can help with. I am running DSM 6.2.

I have setup domain and am using LetsEncrypt to ensure https traffic. This works well for access to the DSM etc. I have also set up a Minio docker and now I want to extend the use of the certificate to this. I have copied the certs manually to the docker config and it works as well. The snag is that the bash script I am trying to setup to make a weekly copy of the certificates from the LetsEncrypt source files to the Minio docker returns an error - whether I run it from an ssh session (as su) on the DSM or in task scheduler on DSM (as root). This is the script:

Code:
cp -f /usr/syno/etc/certificate/_archive/$(cat DEFAULT)/privkey.pem /volume1/docker/minio/config/certs/private.key && cp -f /usr/syno/etc/certificate/_archive/$(cat DEFAULT)/fullchain.pem /volume1/docker/minio/config/certs/public.crt
The result I get is this:

Code:
cp: cannot stat '/usr/syno/etc/certificate/XfnmO98/fullchain.pem': No such file or directory

"XfnmO98" is the correct subdir to _archive, picked up from the cat DEFAULT command, btw.

I think it might be a permissions issue, but I can't figure out why - and what to change :-(

If anyone has insights, I would be very thankful.

TIA,

H.
 
if you did your tests with a restricted user, then you've been right with your pemission issue assumption:

Code:
[email protected]:~$ ls -l /usr/syno/etc/certificate/
total 16
drwx------ 3 root root 4096 May 28 23:29 _archive
drwxr-xr-x 3 root root 4096 Nov 30  2019 ReverseProxy
drwxr-xr-x 3 root root 4096 Oct 21  2017 smbftpd
drwxr-xr-x 3 root root 4096 Oct 21  2017 system
 
11
3
NAS
DS3617xs
Operating system
macOS
Mobile operating system
iOS
Are you logged as root?

EDIT: sorry @one-eyed-king didn't see the post warning. We must have posted at the same time
Yep, I am logged as root. Don't mind the 'Vo2a8m' part, that's the actual path - the 'XfnmO98' in the first post was a dummy entry.

Screenshot 2020-07-28 at 16.03.04.png
 
Your script must be wrong or does not match the snippet your pasted first. The subfolder _archive is not included in your error message.

There is not problem with cp and stat - trust me, you are far away from beeing the first trying to copy files on the cli ;)
 
11
3
NAS
DS3617xs
Operating system
macOS
Mobile operating system
iOS
Your script must be wrong or does not match the snippet your pasted first. The subfolder _archive is not included in your error message.

There is not problem with cp and stat - trust me, you are far away from beeing the first trying to copy files on the cli ;)
Haha, thanks - no, I am entirely convinced that I am the one screwing something up - I am just trying to figure out where :ROFLMAO:

So, started anew with the script and decided to break it down a bit.

Code:
source=$(cat /usr/syno/etc/certificate/_archive/DEFAULT)
cp -f /usr/syno/etc/certificate/_archive/$source/privkey.pem /volume1/docker/minio/config/certs/private.key    
cp -f /usr/syno/etc/certificate/_archive/$source/fullchain.pem /volume1/docker/minio/config/certs/public.crt
It took you to make me aware of the problem - because while doing the above, I spotted that the _archive part was indeed missing - but from the second copy action. It was there, staring me in the face as the error message referred to the .pem file and not the .key file. I was simply too tired and the command string too long.

It now works both when manually run and from the scheduled task :)

Thank you for your patience and for setting me on the right path!
 

fredbert

Moderator
NAS Support
Subscriber
1,372
577
Operating system
macOS
Mobile operating system
iOS
A stylistic change which is useful when using parameters... ${source} instead of $source. Not only does it make spotting parameters easier it also helps when wanting to extend the text in a parameter:

Example. Here I want to make a copy of my_movie.mp4 into a new ARCHIVE folder and also move the original file to a similar name in preparation for a new file that will re-use the filename.
Bash:
MY_MOVIE="/volume1/video/my_movie.mp4"

PATH_TO_MOVIE="${MY_MOVIE%/*}"
MOVIE_FILE="${MY_MOVIE##*/}"
MOVIE_NAME="${MOVIE_FILE%%.*}"
MOVIE_EXTN="${MOVIE_FILE##*.}"

echo "${MY_MOVIE}"        #/volume1/video/my_movie.mp4
echo "${PATH_TO_MOVIE}"   #/volume1/video
echo "${MOVIE_FILE}"      #my_movie.mp4
echo "${MOVIE_NAME}"      #my_movie
echo "${MOVIE_EXTN}"      #mp4


mkdir "${PATH_TO_MOVIE}/ARCHIVE"
cp "${MY_MOVIE}" "${PATH_TO_MOVIE}/ARCHIVE/${MOVIE_FILE}"

echo "${PATH_TO_MOVIE}/ARCHIVE/${MOVIE_FILE}"
#/volume1/video/ARCHIVE/my_movie.mp4

mv "${MY_MOVIE}" "${PATH_TO_MOVIE}/${MOVIE_NAME}SAVED.${MOVIE_EXTN}"

echo "${PATH_TO_MOVIE}/NEW_FOLDER/${MOVIE_NAME}SAVED.${MOVIE_EXTN}"
#/volume1/video/my_movieSAVED.mp4
Could've used dirname and basename to get the path to file and filename.
 
Last edited:
PATH_TO_MOVIE="${MY_MOVIE%/*}"
MOVIE_FILE="${MY_MOVIE##*/}"
MOVIE_NAME="${MOVIE_FILE%%.*}"
MOVIE_EXTN="${MOVIE_FILE##*.}"
Welcome to the world of wizardry :)
I am a huge fan of the bash's build-in parameter substitution .

Curly brackets and executing subshells with $() instead of backticks helps the readability a lot.
 
It is a pitty that the inotify-tools are not available for Synology. <update>actualy SynoCommunity offers a package</update>.It would allow to create a bash script that registeres a filewatch on a specific file/folder (including subfolders) and trigger an operation on file events. This would allow to trigger file copy in the moment (literally!) when the LE certificate files change in the filesystem

The inotify-tools could be cross compiled within a docker container I guess (I made the same with make and gettext, I can share the Dockerfile if someone is interessted), but honestly... I don't see that someone is voluntarily willing to go thru such a hustle :unsure:

Good luck with your endevor Heylel and welcome to the forum!

Another update:
If you install the inotify package, you can run this script as scheduled task after system start and be good...

Code:
key=$(cat /usr/syno/etc/certificate/_archive/DEFAULT)
source=/usr/syno/etc/certificate/_archive/${key}
target=/volume1/docker/minio/config/certs

while inotifywait -e modify ${source}; do
  cp -f ${source}/privkey.pem ${target}/private.key   
  cp -f ${source}/fullchain.pem ${target}/public.crt
done
warning: the snippet is untested ;)
 
Last edited:
11
3
NAS
DS3617xs
Operating system
macOS
Mobile operating system
iOS
Seems to work as expected - I have added it :)
 

fredbert

Moderator
NAS Support
Subscriber
1,372
577
Operating system
macOS
Mobile operating system
iOS
It doesn't matter in this case but I'd double-quote the two paths in the cp command because then they can contain <space> characters, etc, and won't cause an error. I'm forever re-using snippets of code so never know when a problem may arise :)
Code:
while inotifywait -e modify "${source}"; do
  cp -f "${source}/privkey.pem" "${target}/private.key"  
  cp -f "${source}/fullchain.pem" "${target}/public.crt"
done
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Similar threads

Top