Looking at the Jenkins user through Groovy

Groovy scripts run as the user jenkins. This recipe highlights the power of, and danger to, the Jenkins application.

Getting ready

Log in to your sacrificial Jenkins instance as an administrator.

How to do it...

  1. Run the following script from the Script Console (http://localhost:8080/script):
    def printFile(location) {
    pub = new File(location)
    if (pub.exists()){
    println "Location ${location}"
    pub.eachLine{line-> println line}
    }
    else{
    println "${location} does not exist"
    }
    printFile("/etc/passwd")
    printFile("/var/lib/jenkins/.ssh/id_rsa")
    printFile("C:/Windows/System32/drivers/etc/hosts")
    
  2. Review the output.
  3. For a typical *NIX system, it will be similar to this:
    PRIVATE KEY - Jenkins -----BEGIN RSA PRIVATE KEY----- ...

Get Jenkins Continuous Integration Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.