From 067305602f373d12286e492143bf6cb2a32ffe31 Mon Sep 17 00:00:00 2001 From: Costa Tsaousis Date: Sun, 9 Oct 2022 17:02:30 +0300 Subject: [PATCH] allow netdata installer to install and run netdata as any user (#13780) * allow netdata installer to install and run netdata as any user * Update netdata-installer.sh Co-authored-by: Austin S. Hemmelgarn * Update netdata-installer.sh Co-authored-by: Austin S. Hemmelgarn Co-authored-by: Austin S. Hemmelgarn --- build/subst.inc | 1 + configure.ac | 2 ++ netdata-installer.sh | 58 +++++++++++++++++++-------------------- system/netdata.service.in | 6 ++-- 4 files changed, 35 insertions(+), 32 deletions(-) diff --git a/build/subst.inc b/build/subst.inc index f51f47074d..3c972114b8 100644 --- a/build/subst.inc +++ b/build/subst.inc @@ -13,6 +13,7 @@ -e 's#[@]libsysdir_POST@#$(libsysdir)#g' \ -e 's#[@]enable_aclk_POST@#$(enable_aclk)#g' \ -e 's#[@]enable_cloud_POST@#$(enable_cloud)#g' \ + -e 's#[@]netdata_user_POST@#$(netdata_user)#g' \ $< > $@.tmp; then \ mv "$@.tmp" "$@"; \ else \ diff --git a/configure.ac b/configure.ac index e2c73e28b2..327cbb6c7a 100644 --- a/configure.ac +++ b/configure.ac @@ -1540,6 +1540,7 @@ configdir="${sysconfdir}/netdata" libconfigdir="${libdir}/netdata/conf.d" logdir="${localstatedir}/log/netdata" pluginsdir="${libexecdir}/netdata/plugins.d" +netdata_user="${with_user}" libsysdir="${libdir}/netdata/system" AC_SUBST([varlibdir]) @@ -1552,6 +1553,7 @@ AC_SUBST([libconfigdir]) AC_SUBST([logdir]) AC_SUBST([pluginsdir]) AC_SUBST([webdir]) +AC_SUBST([netdata_user]) AC_SUBST([libsysdir]) CFLAGS="${originalCFLAGS} ${OPTIONAL_LTO_CFLAGS} ${OPTIONAL_PROTOBUF_CFLAGS} ${OPTIONAL_MATH_CFLAGS} ${OPTIONAL_NFACCT_CFLAGS} \ diff --git a/netdata-installer.sh b/netdata-installer.sh index e2e7c647ce..a466447238 100755 --- a/netdata-installer.sh +++ b/netdata-installer.sh @@ -934,6 +934,34 @@ if [ "$have_autotools" ]; then fi fi +# function to extract values from the config file +config_option() { + section="${1}" + key="${2}" + value="${3}" + + if [ -x "${NETDATA_PREFIX}/usr/sbin/netdata" ] && [ -r "${NETDATA_PREFIX}/etc/netdata/netdata.conf" ]; then + "${NETDATA_PREFIX}/usr/sbin/netdata" \ + -c "${NETDATA_PREFIX}/etc/netdata/netdata.conf" \ + -W get "${section}" "${key}" "${value}" || + echo "${value}" + else + echo "${value}" + fi +} + +# the user netdata will run as +if [ "$(id -u)" = "0" ]; then + NETDATA_USER="$(config_option "global" "run as user" "netdata")" + ROOT_USER="root" +else + NETDATA_USER="${USER}" + ROOT_USER="${USER}" +fi +NETDATA_GROUP="$(id -g -n "${NETDATA_USER}")" +[ -z "${NETDATA_GROUP}" ] && NETDATA_GROUP="${NETDATA_USER}" +echo >&2 "Netdata user and group set to: ${NETDATA_USER}/${NETDATA_GROUP}" + # shellcheck disable=SC2086 if ! run ./configure \ --prefix="${NETDATA_PREFIX}/usr" \ @@ -943,7 +971,7 @@ if ! run ./configure \ --libdir="${NETDATA_PREFIX}/usr/lib" \ --with-zlib \ --with-math \ - --with-user=netdata \ + --with-user="${NETDATA_USER}" \ ${NETDATA_CONFIGURE_OPTIONS} \ CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}"; then fatal "Failed to configure Netdata sources." I000A @@ -1077,34 +1105,6 @@ progress "Read installation options from netdata.conf" [ ! -f "${NETDATA_PREFIX}/etc/netdata/netdata.conf" ] && touch "${NETDATA_PREFIX}/etc/netdata/netdata.conf" -# function to extract values from the config file -config_option() { - section="${1}" - key="${2}" - value="${3}" - - if [ -s "${NETDATA_PREFIX}/etc/netdata/netdata.conf" ]; then - "${NETDATA_PREFIX}/usr/sbin/netdata" \ - -c "${NETDATA_PREFIX}/etc/netdata/netdata.conf" \ - -W get "${section}" "${key}" "${value}" || - echo "${value}" - else - echo "${value}" - fi -} - -# the user netdata will run as -if [ "$(id -u)" = "0" ]; then - NETDATA_USER="$(config_option "global" "run as user" "netdata")" - ROOT_USER="root" -else - NETDATA_USER="${USER}" - ROOT_USER="${USER}" -fi -NETDATA_GROUP="$(id -g -n "${NETDATA_USER}")" -[ -z "${NETDATA_GROUP}" ] && NETDATA_GROUP="${NETDATA_USER}" -echo >&2 "Netdata user and group is finally set to: ${NETDATA_USER}/${NETDATA_GROUP}" - # port defport=19999 NETDATA_PORT="$(config_option "web" "default port" ${defport})" diff --git a/system/netdata.service.in b/system/netdata.service.in index 37ce784bc9..3947392f44 100644 --- a/system/netdata.service.in +++ b/system/netdata.service.in @@ -7,16 +7,16 @@ After=network.target httpd.service squid.service nfs-server.service mysqld.servi [Service] Type=simple -User=netdata +User=@netdata_user_POST@ Group=netdata RuntimeDirectory=netdata RuntimeDirectoryMode=0775 PIDFile=/run/netdata/netdata.pid ExecStart=@sbindir_POST@/netdata -P /run/netdata/netdata.pid -D ExecStartPre=/bin/mkdir -p @localstatedir_POST@/cache/netdata -ExecStartPre=/bin/chown -R netdata:netdata @localstatedir_POST@/cache/netdata +ExecStartPre=/bin/chown -R @netdata_user_POST@ @localstatedir_POST@/cache/netdata ExecStartPre=/bin/mkdir -p /run/netdata -ExecStartPre=/bin/chown -R netdata:netdata /run/netdata +ExecStartPre=/bin/chown -R @netdata_user_POST@ /run/netdata PermissionsStartOnly=true # saving a big db on slow disks may need some time