Locked yourself out of Jenkins?
Posted: February 13, 2012 Filed under: Development | Tags: Jenkins, Tips 29 CommentsRemoved all permissions from your account did you? Save it did you? Feeling a bit stupid?
Yeah, me too!
First steps
SSH to your server and stop Jenkins
/etc/init.d/jenkins stop
Now modify the config XML
sudo vi /var/lib/jenkins/config.xml
You now have two options to regain access
Yeehaw way
Turn security off and remove the <authorizationStrategy> node
<useSecurity>false</useSecurity>
Now restart Jenkins and head over to your admin UI to resecure it quick before the trolls get in.
/etc/init.d/jenkins start
Like a boss way
If you want to be safe and not open up a security hole at all, you can add the security permissions into the config XML manually. Just replace USERNAME with own
<authorizationStrategy class=”hudson.security.ProjectMatrixAuthorizationStrategy”>
<permission>hudson.model.Computer.Configure:USERNAME</permission>
<permission>hudson.model.Computer.Connect:USERNAME</permission>
<permission>hudson.model.Computer.Create:USERNAME</permission>
<permission>hudson.model.Computer.Delete:USERNAME</permission>
<permission>hudson.model.Computer.Disconnect:USERNAME</permission>
<permission>hudson.model.Hudson.Administer:USERNAME</permission>
<permission>hudson.model.Hudson.Read:USERNAME</permission>
<permission>hudson.model.Hudson.RunScripts:USERNAME</permission>
<permission>hudson.model.Item.Build:USERNAME</permission>
<permission>hudson.model.Item.Configure:USERNAME</permission>
<permission>hudson.model.Item.Create:USERNAME</permission>
<permission>hudson.model.Item.Delete:USERNAME</permission>
<permission>hudson.model.Item.Read:USERNAME</permission>
<permission>hudson.model.Item.Workspace:USERNAME</permission>
<permission>hudson.model.Run.Delete:USERNAME</permission>
<permission>hudson.model.Run.Update:USERNAME</permission>
<permission>hudson.model.View.Configure:USERNAME</permission>
<permission>hudson.model.View.Create:USERNAME</permission>
<permission>hudson.model.View.Delete:USERNAME</permission>
<permission>hudson.scm.SCM.Tag:USERNAME</permission>
</authorizationStrategy>
Now restart Jenkins and sit back with a smug grin.
/etc/init.d/jenkins start
Smug Croissant Guy
Mark, my words 
Very nice. I like being a boss!
Thanks! Saved my day 🙂
Thanks for sharing! Saved my day too!
Thanks! Really helped 🙂
This happened to a friend of mine and he was helped out by this post.
Hello, I stumbled upon your blog while searching google for problem about security TRUE and jenkins-cli safe-restart. Thing is described here http://serverfault.com/questions/570748/jenkins-cli-cannot-safe-restart-if-security-is-true
[…] would allow you to use the UI to set the security. In some cases this post can […]
Thanks ,,it fixed all issues..!!
Appreciated. Thanks, man!
thanks
STILL a boss in 2014 – for me this was because i’d somehow managed to get Jenkins to insert my name with a space in it rather than my actual username, don’t ask me how! I simply added these permissions to the existing ones and voila!
Charmant, monsieur
Thx a lot, you are the boss !!
Yeehaw ! 🙂
Like a boss :). Thanks for the post.
thanks
Nice :). It was easier that I thought it would be!
Saved my day too 🙂 Thank you
like a bauss
thanks man
Thank you so much!
This saved my afternoon, Thank you for posting this !
Thanks for this post! It really, really helped! Especially when I was on the verge of breaking down into tears on seeing the login screen 😥 😛
Thanks, good job!
I’ve followed the steps to unlock in 2nd method, What about the password ?
Saved my day too!
Thanks a lot. It worked.
Thanks a lot !!!!!!! you are god !!
[…] to reset Jenkins security settings from the command line? Locked yourself out of Jenkins? […]
[…] https://markunsworth.com/2012/02/13/locked-yourself-out-of-jenkins/ […]