Skip to content

Commit 1094175

Browse files
knatsakisknatsakis
authored
Ownership and permissions of /etc/netdata (netdata#7244)
* make install takes care of ownership and permissions of /etc/netdata Instead of netdata-installer.sh * Fix identation in Makefile.am files * netdata-installer.sh: Clearer variable assignment * netdata-installer.sh: Set /etc/netdata/netdata.conf ownership to root:root and permissions to 0644 * netdata-installer.sh: Set /etc/netdata/.environment permissions to 0644 * install-or-update.sh: Set permissions for /opt/netdata/etc/netdata.conf to 0644 * install-or-update.sh: Use ${NETDATA_PREFIX} more * install-or-update.sh: Improve indentation * install-or-update.sh: Do not create /opt/netdata/etc/netdata directories * debian/rules: /etc/netdata files and directories are now installed by make install * debian/rules: Properly copy files across directories When destination directory exists * netdata.spec.in: /etc/netdata ownership and permissions * Revert "Fix identation in Makefile.am files" This reverts commit 63fdb29. * Remove uninstall-local recipes from Makefile.am files * Removed superfluous whitespace and hash
1 parent be75567 commit 1094175

File tree

12 files changed

+62
-88
lines changed

12 files changed

+62
-88
lines changed

collectors/Makefile.am

+8
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,14 @@ SUBDIRS = \
2727
tc.plugin \
2828
$(NULL)
2929

30+
usercustompluginsconfigdir=$(configdir)/custom-plugins.d
31+
usergoconfigdir=$(configdir)/go.d
32+
33+
# Explicitly install directories to avoid permission issues due to umask
34+
install-exec-local:
35+
$(INSTALL) -d $(DESTDIR)$(usercustompluginsconfigdir)
36+
$(INSTALL) -d $(DESTDIR)$(usergoconfigdir)
37+
3038
dist_noinst_DATA = \
3139
README.md \
3240
$(NULL)

collectors/charts.d.plugin/Makefile.am

+4
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,10 @@ dist_userchartsconfig_DATA = \
3434
.keep \
3535
$(NULL)
3636

37+
# Explicitly install directories to avoid permission issues due to umask
38+
install-exec-local:
39+
$(INSTALL) -d $(DESTDIR)$(userchartsconfigdir)
40+
3741
chartsconfigdir=$(libconfigdir)/charts.d
3842
dist_chartsconfig_DATA = \
3943
$(NULL)

collectors/node.d.plugin/Makefile.am

+4
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,10 @@ dist_usernodeconfig_DATA = \
2626
.keep \
2727
$(NULL)
2828

29+
# Explicitly install directories to avoid permission issues due to umask
30+
install-exec-local:
31+
$(INSTALL) -d $(DESTDIR)$(usernodeconfigdir)
32+
2933
nodeconfigdir=$(libconfigdir)/node.d
3034
dist_nodeconfig_DATA = \
3135
$(NULL)

collectors/python.d.plugin/Makefile.am

+4
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,10 @@ dist_userpythonconfig_DATA = \
3232
.keep \
3333
$(NULL)
3434

35+
# Explicitly install directories to avoid permission issues due to umask
36+
install-exec-local:
37+
$(INSTALL) -d $(DESTDIR)$(userpythonconfigdir)
38+
3539
pythonconfigdir=$(libconfigdir)/python.d
3640
dist_pythonconfig_DATA = \
3741
$(NULL)

collectors/statsd.plugin/Makefile.am

+4
Original file line numberDiff line numberDiff line change
@@ -16,3 +16,7 @@ userstatsdconfigdir=$(configdir)/statsd.d
1616
dist_userstatsdconfig_DATA = \
1717
.keep \
1818
$(NULL)
19+
20+
# Explicitly install directories to avoid permission issues due to umask
21+
install-exec-local:
22+
$(INSTALL) -d $(DESTDIR)$(userstatsdconfigdir)

contrib/debian/rules

+3-26
Original file line numberDiff line numberDiff line change
@@ -28,10 +28,6 @@ debian/%.postinst: debian/%.postinst.in
2828
override_dh_install: debian/netdata.postinst
2929
dh_install
3030

31-
# Remove unneeded .keep files
32-
#
33-
find "$(TOP)" -name .keep -exec rm '{}' ';'
34-
3531
# Set the CUPS plugin install rule
3632
#
3733
mkdir -p $(TOP)-plugin-cups/usr/libexec/netdata/plugins.d
@@ -40,24 +36,9 @@ override_dh_install: debian/netdata.postinst
4036

4137
# Set the rest of the software in the main package
4238
#
43-
cp -rp $(TEMPTOP)/usr $(TOP)/usr
44-
cp -rp $(TEMPTOP)/var $(TOP)/var
45-
#cp -rp $(TEMPTOP)/etc $(TOP)/etc
46-
47-
# Copy sample netdata.conf
48-
cp -p $(CURDIR)/system/edit-config $(TOP)/etc/netdata/
49-
50-
# Create placeholder dirs in netdata configuration directory
51-
#
52-
mkdir -p $(TOP)/etc/netdata/health.d
53-
mkdir -p $(TOP)/etc/netdata/python.d
54-
mkdir -p $(TOP)/etc/netdata/charts.d
55-
mkdir -p $(TOP)/etc/netdata/cystonm-plugins.d
56-
mkdir -p $(TOP)/etc/netdata/go.d
57-
mkdir -p $(TOP)/etc/netdata/ssl
58-
mkdir -p $(TOP)/etc/netdata/node.d
59-
mkdir -p $(TOP)/etc/netdata/statsd.d
60-
39+
cp -rp $(TEMPTOP)/usr $(TOP)
40+
cp -rp $(TEMPTOP)/var $(TOP)
41+
cp -rp $(TEMPTOP)/etc $(TOP)
6142

6243
# Move files that local user shouldn't be editing to /usr/share/netdata
6344
#
@@ -110,10 +91,6 @@ override_dh_fixperms:
11091
chmod 0754 $(TOP)/usr/libexec/netdata/plugins.d/slabinfo.plugin
11192
chmod 0750 $(TOP)/usr/libexec/netdata/plugins.d/go.d.plugin
11293

113-
# Support script for configuration file management
114-
#
115-
chmod 0750 $(TOP)/etc/netdata/edit-config
116-
11794
# CUPS plugin package
11895
chmod 0750 $(TOP)-plugin-cups/usr/libexec/netdata/plugins.d/cups.plugin
11996

health/Makefile.am

+4
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,10 @@ dist_userhealthconfig_DATA = \
1919
.keep \
2020
$(NULL)
2121

22+
# Explicitly install directories to avoid permission issues due to umask
23+
install-exec-local:
24+
$(INSTALL) -d $(DESTDIR)$(userhealthconfigdir)
25+
2226
healthconfigdir=$(libconfigdir)/health.d
2327
dist_healthconfig_DATA = \
2428
health.d/adaptec_raid.conf \

netdata-installer.sh

+3-18
Original file line numberDiff line numberDiff line change
@@ -590,7 +590,7 @@ if [ "${UID}" = "0" ]; then
590590
ROOT_USER="root"
591591
else
592592
NETDATA_USER="${USER}"
593-
ROOT_USER="${NETDATA_USER}"
593+
ROOT_USER="${USER}"
594594
fi
595595
NETDATA_GROUP="$(id -g -n "${NETDATA_USER}")"
596596
[ -z "${NETDATA_GROUP}" ] && NETDATA_GROUP="${NETDATA_USER}"
@@ -649,19 +649,6 @@ if [ ! -d "${NETDATA_RUN_DIR}" ]; then
649649
run mkdir -p "${NETDATA_RUN_DIR}" || exit 1
650650
fi
651651

652-
# --- conf dir ----
653-
654-
for x in "python.d" "charts.d" "node.d" "health.d" "statsd.d" "go.d" "custom-plugins.d" "ssl"; do
655-
if [ ! -d "${NETDATA_USER_CONFIG_DIR}/${x}" ]; then
656-
echo >&2 "Creating directory '${NETDATA_USER_CONFIG_DIR}/${x}'"
657-
run mkdir -p "${NETDATA_USER_CONFIG_DIR}/${x}" || exit 1
658-
fi
659-
done
660-
run chown -R "${ROOT_USER}:${NETDATA_GROUP}" "${NETDATA_USER_CONFIG_DIR}"
661-
run find "${NETDATA_USER_CONFIG_DIR}" -type f -exec chmod 0640 {} \;
662-
run find "${NETDATA_USER_CONFIG_DIR}" -type d -exec chmod 0755 {} \;
663-
run chmod 755 "${NETDATA_USER_CONFIG_DIR}/edit-config"
664-
665652
# --- stock conf dir ----
666653

667654
[ ! -d "${NETDATA_STOCK_CONFIG_DIR}" ] && mkdir -p "${NETDATA_STOCK_CONFIG_DIR}"
@@ -920,10 +907,7 @@ else
920907
run_ok "netdata started!"
921908
create_netdata_conf "${NETDATA_PREFIX}/etc/netdata/netdata.conf" "http://localhost:${NETDATA_PORT}/netdata.conf"
922909
fi
923-
if [ "${UID}" -eq 0 ]; then
924-
run chown "${NETDATA_USER}" "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
925-
fi
926-
run chmod 0664 "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
910+
run chmod 0644 "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
927911

928912
if [ "$(uname)" = "Linux" ]; then
929913
# -------------------------------------------------------------------------
@@ -1086,6 +1070,7 @@ RELEASE_CHANNEL="${RELEASE_CHANNEL}"
10861070
IS_NETDATA_STATIC_BINARY="${IS_NETDATA_STATIC_BINARY}"
10871071
NETDATA_LIB_DIR="${NETDATA_LIB_DIR}"
10881072
EOF
1073+
run chmod 0644 "${NETDATA_USER_CONFIG_DIR}/.environment"
10891074

10901075
echo >&2 "Setting netdata.tarball.checksum to 'new_installation'"
10911076
cat <<EOF > "${NETDATA_LIB_DIR}/netdata.tarball.checksum"

netdata.spec.in

+6-17
Original file line numberDiff line numberDiff line change
@@ -256,7 +256,7 @@ autoreconf -ivf
256256
rm -rf "${RPM_BUILD_ROOT}"
257257
%{__make} %{?_smp_mflags} DESTDIR="${RPM_BUILD_ROOT}" install
258258

259-
find "${RPM_BUILD_ROOT}" -name .keep -delete
259+
find "${RPM_BUILD_ROOT}%{_localstatedir}" -name .keep -delete -print
260260

261261
install -m 644 -p system/netdata.conf "${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}"
262262

@@ -290,9 +290,6 @@ install -m 4750 -p slabinfo.plugin "${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/plug
290290
# ###########################################################
291291
# Install registry directory
292292
install -m 755 -d "${RPM_BUILD_ROOT}%{_localstatedir}/lib/%{name}/registry"
293-
install -m 755 -d "${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/custom-plugins.d"
294-
install -m 755 -d "${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/go.d"
295-
install -m 755 -d "${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/ssl"
296293

297294
# ###########################################################
298295
# Install netdata service
@@ -423,20 +420,19 @@ rm -rf "${RPM_BUILD_ROOT}"
423420

424421
%files
425422
%doc README.md
426-
%defattr(-,root,netdata)
423+
%{_sysconfdir}/%{name}
424+
%config(noreplace) %{_sysconfdir}/%{name}/netdata.conf
427425

428-
%dir %{_sysconfdir}/%{name}
426+
%defattr(-,root,netdata)
429427
%dir %{_libdir}/%{name}
430428

431-
%config(noreplace) %{_sysconfdir}/%{name}/*.conf
432429
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
433430

434431
%{_libdir}/%{name}
435432

436433
%defattr(0755,netdata,netdata,0755)
437434
%{_libexecdir}/%{name}
438435
%{_sbindir}/%{name}
439-
%{_sysconfdir}/%{name}/edit-config
440436

441437
%defattr(4750,root,netdata,0750)
442438

@@ -466,15 +462,6 @@ rm -rf "${RPM_BUILD_ROOT}"
466462
%dir %{_datadir}/%{name}
467463

468464
%defattr(0750,netdata,netdata,0755)
469-
470-
%dir %{_sysconfdir}/%{name}/health.d
471-
%dir %{_sysconfdir}/%{name}/python.d
472-
%dir %{_sysconfdir}/%{name}/charts.d
473-
%dir %{_sysconfdir}/%{name}/custom-plugins.d
474-
%dir %{_sysconfdir}/%{name}/go.d
475-
%dir %{_sysconfdir}/%{name}/ssl
476-
%dir %{_sysconfdir}/%{name}/node.d
477-
%dir %{_sysconfdir}/%{name}/statsd.d
478465
%{_libdir}/%{name}/conf.d/
479466

480467
%if %{with systemd}
@@ -515,6 +502,8 @@ Use this plugin to enable metrics collection from cupsd, the daemon running when
515502
%endif
516503

517504
%changelog
505+
* Mon Nov 04 2019 Konstantinos Natsakis <[email protected]> 0.0.0-10
506+
- Fix /etc/netdata permissions
518507
* Mon Sep 23 2019 Konstantinos Natsakis <[email protected]> 0.0.0-9
519508
- Do not build CUPS plugin subpackage on CentOS 6 and CentOS 7
520509
* Tue Aug 20 2019 Pavlos Emm. Katsoulakis <[email protected]> - 0.0.0-8

packaging/makeself/install-or-update.sh

+12-27
Original file line numberDiff line numberDiff line change
@@ -200,19 +200,6 @@ then
200200
fi
201201

202202

203-
# -----------------------------------------------------------------------------
204-
205-
progress "create user config directories"
206-
207-
for x in "python.d" "charts.d" "node.d" "health.d" "statsd.d" "custom-plugins.d" "ssl"
208-
do
209-
if [ ! -d "etc/netdata/${x}" ]
210-
then
211-
run mkdir -p "etc/netdata/${x}" || exit 1
212-
fi
213-
done
214-
215-
216203
# -----------------------------------------------------------------------------
217204
progress "fix permissions"
218205

@@ -244,20 +231,18 @@ fi
244231

245232

246233
# -----------------------------------------------------------------------------
247-
248234
if [ ${STARTIT} -eq 0 ]; then
249-
create_netdata_conf "/opt/netdata/etc/netdata/netdata.conf"
250-
netdata_banner "is installed now!"
235+
create_netdata_conf "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
236+
netdata_banner "is installed now!"
251237
else
252-
progress "starting netdata"
253-
254-
if ! restart_netdata "/opt/netdata/bin/netdata"; then
255-
create_netdata_conf "/opt/netdata/etc/netdata/netdata.conf"
256-
netdata_banner "is installed and running now!"
257-
else
258-
create_netdata_conf "/opt/netdata/etc/netdata/netdata.conf" "http://localhost:19999/netdata.conf"
259-
netdata_banner "is installed now!"
260-
fi
238+
progress "starting netdata"
239+
240+
if ! restart_netdata "${NETDATA_PREFIX}/bin/netdata"; then
241+
create_netdata_conf "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
242+
netdata_banner "is installed and running now!"
243+
else
244+
create_netdata_conf "${NETDATA_PREFIX}/etc/netdata/netdata.conf" "http://localhost:19999/netdata.conf"
245+
netdata_banner "is installed now!"
246+
fi
261247
fi
262-
run chown "${NETDATA_USER}:${NETDATA_GROUP}" "/opt/netdata/etc/netdata/netdata.conf"
263-
run chmod 0664 "/opt/netdata/etc/netdata/netdata.conf"
248+
run chmod 0644 "${NETDATA_PREFIX}/etc/netdata/netdata.conf"

system/Makefile.am

+4
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,10 @@ dist_config_SCRIPTS = \
2020
edit-config \
2121
$(NULL)
2222

23+
# Explicitly install directories to avoid permission issues due to umask
24+
install-exec-local:
25+
$(INSTALL) -d $(DESTDIR)$(configdir)
26+
2327
nodist_noinst_DATA = \
2428
netdata-openrc \
2529
netdata.logrotate \

web/Makefile.am

+6
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,12 @@ SUBDIRS = \
99
server \
1010
$(NULL)
1111

12+
usersslconfigdir=$(configdir)/ssl
13+
14+
# Explicitly install directories to avoid permission issues due to umask
15+
install-exec-local:
16+
$(INSTALL) -d $(DESTDIR)$(usersslconfigdir)
17+
1218
dist_noinst_DATA = \
1319
README.md \
1420
gui/confluence/README.md \

0 commit comments

Comments
 (0)