EPICS Re: IOC Shell Persist history: ERROR Permission denied (13) writing '.iocsh

1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 <2024> 2025	Index	1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 <2024> 2025
<== Date ==>		<== Thread ==>

1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 <2024> 2025

Index

1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 <2024> 2025

<== Date ==>

<== Thread ==>

At APS our production IOCs are started from a script with the CWD set to the IOC‘s boot directory. The accounts they run under deliberately have no ability to write to their own application or configuration files, in an attempt to make it harder for anyone who successfully breaks into one to persistently change those files.

Brad didn’t say so, but I assume SNS also use read-only IOC boot directories. I guess he could give procServ the command

/bin/env EPICS_IOCSH_HISTFILE=/path… ./st.cmd

to start the IOC without having to wrap it in a script, although that feels a bit unwieldy to me.

I already added setting that environment variable to our IOC launch script, even though we aren’t running 7.0.8.1 yet.

- Andrew

Complexity comes for free, Simplicity you have to work for.

On 11/1/24, 1:26 PM, "Tech-talk" <tech-talk-bounces at aps.anl.gov> wrote:

On 11/1/24 06:09, Webb, Brad via Tech-talk wrote:
> After upgrading to EPICS 7.0.8.1 I see the errors below in the IOC start-up console output.
> ERROR Permission denied (13) writing '.iocsh_history'
> ERROR Permission denied (13) writing '.iocsh_history'
>
> From the release notes:
> https://urldefense.us/v3/__https://github.com/epics-base/epics-base/blob/7.0/documentation/RELEASE_NOTES.md*persist-history__;Iw!!G_uCfscf7eWS!fxC6WWyvShbxHs8jPNfGxcc-Yd3gb7wGySPtGjoGKon5HqQERrpNd3FD4NrQvKubT7JRig5xbohNUi8W3jbS$
>
> I find this section about setting the environment variable:
> Persist history
> Attempt to read and write command to a file (./.iocsh_history by default). Name may be overwritten
> with by setting $EPICS_IOCSH_HISTFILE to an alternate path, or disabled by setting to an empty
> string.
>
> So, my question is how can this variable be set on a per IOC basis so that each IOC can have its own
> unique path for the history file?

Whatever mechanism you are using to launch IOC processes would
need to compute and set $EPICS_IOCSH_HISTFILE .

Since you did RtM, I appreciate that this is not by itself a
useful reply :)

Can you say more about how your IOCs are being launched?
Do multiple IOC processes share the same $PWD and/or does
an IOC not have permission to create files in $PWD ?

Subject:	Re: IOC Shell Persist history: ERROR Permission denied (13) writing '.iocsh_history'
From:	"Johnson, Andrew N. via Tech-talk" <tech-talk at aps.anl.gov>
To:	Michael Davidsaver <mdavidsaver at gmail.com>, "Webb, Brad" <webbsb at ornl.gov>
Cc:	"tech-talk at aps.anl.gov" <tech-talk at aps.anl.gov>
Date:	Fri, 1 Nov 2024 19:51:11 +0000

Experimental Physics and Industrial Control System