rails: rails secrets:edit => secrets.yml.enc: Permission denied

Steps to reproduce

$ uname -a
Darwin starkair.local 15.6.0 Darwin Kernel Version 15.6.0: Mon Jan  9 23:07:29 PST 2017; root:xnu-3248.60.11.2.1~1/RELEASE_X86_64 x86_64
$ ruby -v
ruby 2.3.3p222 (2016-11-21 revision 56859) [x86_64-darwin15]
$ rvm @rails51beta --create
$ gem install rails -v 5.1.0.beta1
$ rails new testsekrets
$ cd testsekrets
$ bin/rails secrets:setup
$ bin/rails secrets:edit

Expected behavior

I think I’m supposed to now edit my secrets? Not sure. But output below looks bad; and I’m still not sure how to edit secrets 😃

Actual behavior

$ bin/rails secrets:edit
Waiting for secrets file to be saved. Abort with Ctrl-C.
sh: /var/folders/wd/xnncwqp96rj0v1y2nms64mq80000gn/T/secrets.yml.enc: Permission denied
New secrets encrypted and saved.

Update: trying some $EDITOR values:

vim worked - the vim editor showed up and I could see the yaml file:

% EDITOR=vim bin/rails secrets:edit
Waiting for secrets file to be saved. Abort with Ctrl-C.
New secrets encrypted and saved.

Atom failed differently than above. The atom editor window opened but it was a blank page:

screen shot 2017-02-24 at 10 38 28 am

To reproduce:

% EDITOR=atom bin/rails secrets:edit
Waiting for secrets file to be saved. Abort with Ctrl-C.
New secrets encrypted and saved.

If EDITOR is unset I get the permissions error in this ticket above:

% EDITOR= bin/rails secrets:edit
Waiting for secrets file to be saved. Abort with Ctrl-C.
sh: /var/folders/wd/xnncwqp96rj0v1y2nms64mq80000gn/T/secrets.yml.enc: Permission denied
New secrets encrypted and saved.

System configuration

Rails version: 5.1.0.beta1

Ruby version: 2.3.3p222

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 16 (11 by maintainers)

Most upvoted comments

For those who use MacVim, mvim -f solves the problem:

EDITOR='mvim -f' rails credentials:edit
+2
lucascaton on Apr 22, 2018

@kaspth Maybe need add note about $EDITOR variable as example https://www.sublimetext.com/docs/2/osx_command_line.html https://gist.github.com/martinbuberl/5823ed247d279d1a2d06

After merge EDITOR='subl -w' rails secrets:edit works perfect

+2
Fudoshiki on Mar 1, 2017

I also have an issue in Windows (have tried with cmd, Git Bash and Cygwin, and the same occurs):

$ bin/rails secrets:edit
No $EDITOR to open decrypted secrets in. Assign one like this:

EDITOR="mate --wait" bin/rails secrets:edit

For editors that fork and exit immediately, it's important to pass a wait flag,
otherwise the secrets will be saved immediately with no chance to edit.

$ EDITOR="atom -w" bin/rails secrets:edit
Waiting for secrets file to be saved. Abort with Ctrl-C.
New secrets encrypted and saved.

After setting editor (have tried with atom, atom -w, vim, and others), it says it is waiting for the file to be saved, but no editor ever opens.

Update (possible solution): I ran the following in rails c and this made it work:

Rails::Secrets.read_for_editing do |tmp_path|
  system("#{ENV['EDITOR']} #{tmp_path}")
end
+1
danielolivaresd on Jun 10, 2017
Read more comments on GitHub
← rails: "rails runner" can't be used in shebang lines
rails: Rails server doesn't start Puma on the correct port →