cp: cannot stat ?

Currently reading
cp: cannot stat ?

11
3
NAS
DS3617xs
Operating system
  1. macOS
Mobile operating system
  1. iOS
Hi,

I am relatively new to DSM and is in the process of setting up a test where I basically try out all of the stuff I want on my production box. I've hit a snag that I can't seem to figure out, so I hope someone can help with. I am running DSM 6.2.

I have setup domain and am using LetsEncrypt to ensure https traffic. This works well for access to the DSM etc. I have also set up a Minio docker and now I want to extend the use of the certificate to this. I have copied the certs manually to the docker config and it works as well. The snag is that the bash script I am trying to setup to make a weekly copy of the certificates from the LetsEncrypt source files to the Minio docker returns an error - whether I run it from an ssh session (as su) on the DSM or in task scheduler on DSM (as root). This is the script:

Code:
cp -f /usr/syno/etc/certificate/_archive/$(cat DEFAULT)/privkey.pem /volume1/docker/minio/config/certs/private.key && cp -f /usr/syno/etc/certificate/_archive/$(cat DEFAULT)/fullchain.pem /volume1/docker/minio/config/certs/public.crt

The result I get is this:

Code:
cp: cannot stat '/usr/syno/etc/certificate/XfnmO98/fullchain.pem': No such file or directory


"XfnmO98" is the correct subdir to _archive, picked up from the cat DEFAULT command, btw.

I think it might be a permissions issue, but I can't figure out why - and what to change :-(

If anyone has insights, I would be very thankful.

TIA,

H.
 
if you did your tests with a restricted user, then you've been right with your pemission issue assumption:

Code:
me@dsm:~$ ls -l /usr/syno/etc/certificate/
total 16
drwx------ 3 root root 4096 May 28 23:29 _archive
drwxr-xr-x 3 root root 4096 Nov 30  2019 ReverseProxy
drwxr-xr-x 3 root root 4096 Oct 21  2017 smbftpd
drwxr-xr-x 3 root root 4096 Oct 21  2017 system
 
Are you logged as root?

EDIT: sorry @one-eyed-king didn't see the post warning. We must have posted at the same time

Yep, I am logged as root. Don't mind the 'Vo2a8m' part, that's the actual path - the 'XfnmO98' in the first post was a dummy entry.

Screenshot 2020-07-28 at 16.03.04.png
 
Your script must be wrong or does not match the snippet your pasted first. The subfolder _archive is not included in your error message.

There is not problem with cp and stat - trust me, you are far away from beeing the first trying to copy files on the cli ;)
 
Your script must be wrong or does not match the snippet your pasted first. The subfolder _archive is not included in your error message.

There is not problem with cp and stat - trust me, you are far away from beeing the first trying to copy files on the cli ;)

Haha, thanks - no, I am entirely convinced that I am the one screwing something up - I am just trying to figure out where :ROFLMAO:

So, started anew with the script and decided to break it down a bit.

Code:
source=$(cat /usr/syno/etc/certificate/_archive/DEFAULT)
cp -f /usr/syno/etc/certificate/_archive/$source/privkey.pem /volume1/docker/minio/config/certs/private.key    
cp -f /usr/syno/etc/certificate/_archive/$source/fullchain.pem /volume1/docker/minio/config/certs/public.crt

It took you to make me aware of the problem - because while doing the above, I spotted that the _archive part was indeed missing - but from the second copy action. It was there, staring me in the face as the error message referred to the .pem file and not the .key file. I was simply too tired and the command string too long.

It now works both when manually run and from the scheduled task :)

Thank you for your patience and for setting me on the right path!
 
Last edited:
A stylistic change which is useful when using parameters... ${source} instead of $source. Not only does it make spotting parameters easier it also helps when wanting to extend the text in a parameter:

Example. Here I want to make a copy of my_movie.mp4 into a new ARCHIVE folder and also move the original file to a similar name in preparation for a new file that will re-use the filename.
Bash:
MY_MOVIE="/volume1/video/my_movie.mp4"

PATH_TO_MOVIE="${MY_MOVIE%/*}"
MOVIE_FILE="${MY_MOVIE##*/}"
MOVIE_NAME="${MOVIE_FILE%%.*}"
MOVIE_EXTN="${MOVIE_FILE##*.}"

echo "${MY_MOVIE}"        #/volume1/video/my_movie.mp4
echo "${PATH_TO_MOVIE}"   #/volume1/video
echo "${MOVIE_FILE}"      #my_movie.mp4
echo "${MOVIE_NAME}"      #my_movie
echo "${MOVIE_EXTN}"      #mp4


mkdir "${PATH_TO_MOVIE}/ARCHIVE"
cp "${MY_MOVIE}" "${PATH_TO_MOVIE}/ARCHIVE/${MOVIE_FILE}"

echo "${PATH_TO_MOVIE}/ARCHIVE/${MOVIE_FILE}"
#/volume1/video/ARCHIVE/my_movie.mp4

mv "${MY_MOVIE}" "${PATH_TO_MOVIE}/${MOVIE_NAME}SAVED.${MOVIE_EXTN}"

echo "${PATH_TO_MOVIE}/NEW_FOLDER/${MOVIE_NAME}SAVED.${MOVIE_EXTN}"
#/volume1/video/my_movieSAVED.mp4

Could've used dirname and basename to get the path to file and filename.
 
Last edited:
It is a pitty that the inotify-tools are not available for Synology. <update>actualy SynoCommunity offers a package</update>.It would allow to create a bash script that registeres a filewatch on a specific file/folder (including subfolders) and trigger an operation on file events. This would allow to trigger file copy in the moment (literally!) when the LE certificate files change in the filesystem

The inotify-tools could be cross compiled within a docker container I guess (I made the same with make and gettext, I can share the Dockerfile if someone is interessted), but honestly... I don't see that someone is voluntarily willing to go thru such a hustle :unsure:

Good luck with your endevor Heylel and welcome to the forum!

Another update:
If you install the inotify package, you can run this script as scheduled task after system start and be good...

Code:
key=$(cat /usr/syno/etc/certificate/_archive/DEFAULT)
source=/usr/syno/etc/certificate/_archive/${key}
target=/volume1/docker/minio/config/certs

while inotifywait -e modify ${source}; do
  cp -f ${source}/privkey.pem ${target}/private.key   
  cp -f ${source}/fullchain.pem ${target}/public.crt
done

warning: the snippet is untested ;)
 
It doesn't matter in this case but I'd double-quote the two paths in the cp command because then they can contain <space> characters, etc, and won't cause an error. I'm forever re-using snippets of code so never know when a problem may arise :)
Code:
while inotifywait -e modify "${source}"; do
  cp -f "${source}/privkey.pem" "${target}/private.key"  
  cp -f "${source}/fullchain.pem" "${target}/public.crt"
done
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Oopsie! I accidentally deleted the users (sc-mono, sc-ffmpeg, sc-chromaprint) of the following...
Replies
0
Views
563
I think there’s a link on the bottom that would have said sign in using another method. From there you...
Replies
4
Views
3,286
  • Solved
oh man... Ed J? I want you for president in 2024. I'm serious. You really saved me from being committed...
Replies
8
Views
8,479
  • Solved
Having old and/or unused certificates in the list shouldn't be an issue. I'd edit them with a note in...
Replies
3
Views
6,502
Ofc not, I just said that the error still reports DNS problem that is in fact related to your NAS internet...
Replies
5
Views
2,286
I needed to replace my CMS host device and was unable to disconnect a CMS client device from it first...
Replies
0
Views
2,909

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top