Ownership and permissions of /etc/netdata (#7244)
* make install takes care of ownership and permissions of /etc/netdata Instead of netdata-installer.sh * Fix identation in Makefile.am files * netdata-installer.sh: Clearer variable assignment * netdata-installer.sh: Set /etc/netdata/netdata.conf ownership to root:root and permissions to 0644 * netdata-installer.sh: Set /etc/netdata/.environment permissions to 0644 * install-or-update.sh: Set permissions for /opt/netdata/etc/netdata.conf to 0644 * install-or-update.sh: Use ${NETDATA_PREFIX} more * install-or-update.sh: Improve indentation * install-or-update.sh: Do not create /opt/netdata/etc/netdata directories * debian/rules: /etc/netdata files and directories are now installed by make install * debian/rules: Properly copy files across directories When destination directory exists * netdata.spec.in: /etc/netdata ownership and permissions * Revert "Fix identation in Makefile.am files" This reverts commit 63fdb299b69152fda6984f81b0fef02f364c5efe. * Remove uninstall-local recipes from Makefile.am files * Removed superfluous whitespace and hash
This commit is contained in:
parent
be75567a7d
commit
1094175c3b
|
@ -27,6 +27,14 @@ SUBDIRS = \
|
|||
tc.plugin \
|
||||
$(NULL)
|
||||
|
||||
usercustompluginsconfigdir=$(configdir)/custom-plugins.d
|
||||
usergoconfigdir=$(configdir)/go.d
|
||||
|
||||
# Explicitly install directories to avoid permission issues due to umask
|
||||
install-exec-local:
|
||||
$(INSTALL) -d $(DESTDIR)$(usercustompluginsconfigdir)
|
||||
$(INSTALL) -d $(DESTDIR)$(usergoconfigdir)
|
||||
|
||||
dist_noinst_DATA = \
|
||||
README.md \
|
||||
$(NULL)
|
||||
|
|
|
@ -34,6 +34,10 @@ dist_userchartsconfig_DATA = \
|
|||
.keep \
|
||||
$(NULL)
|
||||
|
||||
# Explicitly install directories to avoid permission issues due to umask
|
||||
install-exec-local:
|
||||
$(INSTALL) -d $(DESTDIR)$(userchartsconfigdir)
|
||||
|
||||
chartsconfigdir=$(libconfigdir)/charts.d
|
||||
dist_chartsconfig_DATA = \
|
||||
$(NULL)
|
||||
|
|
|
@ -26,6 +26,10 @@ dist_usernodeconfig_DATA = \
|
|||
.keep \
|
||||
$(NULL)
|
||||
|
||||
# Explicitly install directories to avoid permission issues due to umask
|
||||
install-exec-local:
|
||||
$(INSTALL) -d $(DESTDIR)$(usernodeconfigdir)
|
||||
|
||||
nodeconfigdir=$(libconfigdir)/node.d
|
||||
dist_nodeconfig_DATA = \
|
||||
$(NULL)
|
||||
|
|
|
@ -32,6 +32,10 @@ dist_userpythonconfig_DATA = \
|
|||
.keep \
|
||||
$(NULL)
|
||||
|
||||
# Explicitly install directories to avoid permission issues due to umask
|
||||
install-exec-local:
|
||||
$(INSTALL) -d $(DESTDIR)$(userpythonconfigdir)
|
||||
|
||||
pythonconfigdir=$(libconfigdir)/python.d
|
||||
dist_pythonconfig_DATA = \
|
||||
$(NULL)
|
||||
|
|
|
@ -16,3 +16,7 @@ userstatsdconfigdir=$(configdir)/statsd.d
|
|||
dist_userstatsdconfig_DATA = \
|
||||
.keep \
|
||||
$(NULL)
|
||||
|
||||
# Explicitly install directories to avoid permission issues due to umask
|
||||
install-exec-local:
|
||||
$(INSTALL) -d $(DESTDIR)$(userstatsdconfigdir)
|
||||
|
|
|
@ -28,10 +28,6 @@ debian/%.postinst: debian/%.postinst.in
|
|||
override_dh_install: debian/netdata.postinst
|
||||
dh_install
|
||||
|
||||
# Remove unneeded .keep files
|
||||
#
|
||||
find "$(TOP)" -name .keep -exec rm '{}' ';'
|
||||
|
||||
# Set the CUPS plugin install rule
|
||||
#
|
||||
mkdir -p $(TOP)-plugin-cups/usr/libexec/netdata/plugins.d
|
||||
|
@ -40,24 +36,9 @@ override_dh_install: debian/netdata.postinst
|
|||
|
||||
# Set the rest of the software in the main package
|
||||
#
|
||||
cp -rp $(TEMPTOP)/usr $(TOP)/usr
|
||||
cp -rp $(TEMPTOP)/var $(TOP)/var
|
||||
#cp -rp $(TEMPTOP)/etc $(TOP)/etc
|
||||
|
||||
# Copy sample netdata.conf
|
||||
cp -p $(CURDIR)/system/edit-config $(TOP)/etc/netdata/
|
||||
|
||||
# Create placeholder dirs in netdata configuration directory
|
||||
#
|
||||
mkdir -p $(TOP)/etc/netdata/health.d
|
||||
mkdir -p $(TOP)/etc/netdata/python.d
|
||||
mkdir -p $(TOP)/etc/netdata/charts.d
|
||||
mkdir -p $(TOP)/etc/netdata/cystonm-plugins.d
|
||||
mkdir -p $(TOP)/etc/netdata/go.d
|
||||
mkdir -p $(TOP)/etc/netdata/ssl
|
||||
mkdir -p $(TOP)/etc/netdata/node.d
|
||||
mkdir -p $(TOP)/etc/netdata/statsd.d
|
||||
|
||||
cp -rp $(TEMPTOP)/usr $(TOP)
|
||||
cp -rp $(TEMPTOP)/var $(TOP)
|
||||
cp -rp $(TEMPTOP)/etc $(TOP)
|
||||
|
||||
# Move files that local user shouldn't be editing to /usr/share/netdata
|
||||
#
|
||||
|
@ -110,10 +91,6 @@ override_dh_fixperms:
|
|||
chmod 0754 $(TOP)/usr/libexec/netdata/plugins.d/slabinfo.plugin
|
||||
chmod 0750 $(TOP)/usr/libexec/netdata/plugins.d/go.d.plugin
|
||||
|
||||
# Support script for configuration file management
|
||||
#
|
||||
chmod 0750 $(TOP)/etc/netdata/edit-config
|
||||
|
||||
# CUPS plugin package
|
||||
chmod 0750 $(TOP)-plugin-cups/usr/libexec/netdata/plugins.d/cups.plugin
|
||||
|
||||
|
|
|
@ -19,6 +19,10 @@ dist_userhealthconfig_DATA = \
|
|||
.keep \
|
||||
$(NULL)
|
||||
|
||||
# Explicitly install directories to avoid permission issues due to umask
|
||||
install-exec-local:
|
||||
$(INSTALL) -d $(DESTDIR)$(userhealthconfigdir)
|
||||
|
||||
healthconfigdir=$(libconfigdir)/health.d
|
||||
dist_healthconfig_DATA = \
|
||||
health.d/adaptec_raid.conf \
|
||||
|
|
|
@ -590,7 +590,7 @@ if [ "${UID}" = "0" ]; then
|
|||
ROOT_USER="root"
|
||||
else
|
||||
NETDATA_USER="${USER}"
|
||||
ROOT_USER="${NETDATA_USER}"
|
||||
ROOT_USER="${USER}"
|
||||
fi
|
||||
NETDATA_GROUP="$(id -g -n "${NETDATA_USER}")"
|
||||
[ -z "${NETDATA_GROUP}" ] && NETDATA_GROUP="${NETDATA_USER}"
|
||||
|
@ -649,19 +649,6 @@ if [ ! -d "${NETDATA_RUN_DIR}" ]; then
|
|||
run mkdir -p "${NETDATA_RUN_DIR}" || exit 1
|
||||
fi
|
||||
|
||||
# --- conf dir ----
|
||||
|
||||
for x in "python.d" "charts.d" "node.d" "health.d" "statsd.d" "go.d" "custom-plugins.d" "ssl"; do
|
||||
if [ ! -d "${NETDATA_USER_CONFIG_DIR}/${x}" ]; then
|
||||
echo >&2 "Creating directory '${NETDATA_USER_CONFIG_DIR}/${x}'"
|
||||
run mkdir -p "${NETDATA_USER_CONFIG_DIR}/${x}" || exit 1
|
||||
fi
|
||||
done
|
||||
run chown -R "${ROOT_USER}:${NETDATA_GROUP}" "${NETDATA_USER_CONFIG_DIR}"
|
||||
run find "${NETDATA_USER_CONFIG_DIR}" -type f -exec chmod 0640 {} \;
|
||||
run find "${NETDATA_USER_CONFIG_DIR}" -type d -exec chmod 0755 {} \;
|
||||
run chmod 755 "${NETDATA_USER_CONFIG_DIR}/edit-config"
|
||||
|
||||
# --- stock conf dir ----
|
||||
|
||||
[ ! -d "${NETDATA_STOCK_CONFIG_DIR}" ] && mkdir -p "${NETDATA_STOCK_CONFIG_DIR}"
|
||||
|
@ -920,10 +907,7 @@ else
|
|||
run_ok "netdata started!"
|
||||
create_netdata_conf "${NETDATA_PREFIX}/etc/netdata/netdata.conf" "http://localhost:${NETDATA_PORT}/netdata.conf"
|
||||
fi
|
||||
if [ "${UID}" -eq 0 ]; then
|
||||
run chown "${NETDATA_USER}" "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
|
||||
fi
|
||||
run chmod 0664 "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
|
||||
run chmod 0644 "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
|
||||
|
||||
if [ "$(uname)" = "Linux" ]; then
|
||||
# -------------------------------------------------------------------------
|
||||
|
@ -1086,6 +1070,7 @@ RELEASE_CHANNEL="${RELEASE_CHANNEL}"
|
|||
IS_NETDATA_STATIC_BINARY="${IS_NETDATA_STATIC_BINARY}"
|
||||
NETDATA_LIB_DIR="${NETDATA_LIB_DIR}"
|
||||
EOF
|
||||
run chmod 0644 "${NETDATA_USER_CONFIG_DIR}/.environment"
|
||||
|
||||
echo >&2 "Setting netdata.tarball.checksum to 'new_installation'"
|
||||
cat <<EOF > "${NETDATA_LIB_DIR}/netdata.tarball.checksum"
|
||||
|
|
|
@ -256,7 +256,7 @@ autoreconf -ivf
|
|||
rm -rf "${RPM_BUILD_ROOT}"
|
||||
%{__make} %{?_smp_mflags} DESTDIR="${RPM_BUILD_ROOT}" install
|
||||
|
||||
find "${RPM_BUILD_ROOT}" -name .keep -delete
|
||||
find "${RPM_BUILD_ROOT}%{_localstatedir}" -name .keep -delete -print
|
||||
|
||||
install -m 644 -p system/netdata.conf "${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}"
|
||||
|
||||
|
@ -290,9 +290,6 @@ install -m 4750 -p slabinfo.plugin "${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/plug
|
|||
# ###########################################################
|
||||
# Install registry directory
|
||||
install -m 755 -d "${RPM_BUILD_ROOT}%{_localstatedir}/lib/%{name}/registry"
|
||||
install -m 755 -d "${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/custom-plugins.d"
|
||||
install -m 755 -d "${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/go.d"
|
||||
install -m 755 -d "${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/ssl"
|
||||
|
||||
# ###########################################################
|
||||
# Install netdata service
|
||||
|
@ -423,12 +420,12 @@ rm -rf "${RPM_BUILD_ROOT}"
|
|||
|
||||
%files
|
||||
%doc README.md
|
||||
%defattr(-,root,netdata)
|
||||
%{_sysconfdir}/%{name}
|
||||
%config(noreplace) %{_sysconfdir}/%{name}/netdata.conf
|
||||
|
||||
%dir %{_sysconfdir}/%{name}
|
||||
%defattr(-,root,netdata)
|
||||
%dir %{_libdir}/%{name}
|
||||
|
||||
%config(noreplace) %{_sysconfdir}/%{name}/*.conf
|
||||
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
|
||||
|
||||
%{_libdir}/%{name}
|
||||
|
@ -436,7 +433,6 @@ rm -rf "${RPM_BUILD_ROOT}"
|
|||
%defattr(0755,netdata,netdata,0755)
|
||||
%{_libexecdir}/%{name}
|
||||
%{_sbindir}/%{name}
|
||||
%{_sysconfdir}/%{name}/edit-config
|
||||
|
||||
%defattr(4750,root,netdata,0750)
|
||||
|
||||
|
@ -466,15 +462,6 @@ rm -rf "${RPM_BUILD_ROOT}"
|
|||
%dir %{_datadir}/%{name}
|
||||
|
||||
%defattr(0750,netdata,netdata,0755)
|
||||
|
||||
%dir %{_sysconfdir}/%{name}/health.d
|
||||
%dir %{_sysconfdir}/%{name}/python.d
|
||||
%dir %{_sysconfdir}/%{name}/charts.d
|
||||
%dir %{_sysconfdir}/%{name}/custom-plugins.d
|
||||
%dir %{_sysconfdir}/%{name}/go.d
|
||||
%dir %{_sysconfdir}/%{name}/ssl
|
||||
%dir %{_sysconfdir}/%{name}/node.d
|
||||
%dir %{_sysconfdir}/%{name}/statsd.d
|
||||
%{_libdir}/%{name}/conf.d/
|
||||
|
||||
%if %{with systemd}
|
||||
|
@ -515,6 +502,8 @@ Use this plugin to enable metrics collection from cupsd, the daemon running when
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Nov 04 2019 Konstantinos Natsakis <konstantinos.natsakis@gmail.com> 0.0.0-10
|
||||
- Fix /etc/netdata permissions
|
||||
* Mon Sep 23 2019 Konstantinos Natsakis <konstantinos.natsakis@gmail.com> 0.0.0-9
|
||||
- Do not build CUPS plugin subpackage on CentOS 6 and CentOS 7
|
||||
* Tue Aug 20 2019 Pavlos Emm. Katsoulakis <paul@netdat.acloud> - 0.0.0-8
|
||||
|
|
|
@ -200,19 +200,6 @@ then
|
|||
fi
|
||||
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
|
||||
progress "create user config directories"
|
||||
|
||||
for x in "python.d" "charts.d" "node.d" "health.d" "statsd.d" "custom-plugins.d" "ssl"
|
||||
do
|
||||
if [ ! -d "etc/netdata/${x}" ]
|
||||
then
|
||||
run mkdir -p "etc/netdata/${x}" || exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
progress "fix permissions"
|
||||
|
||||
|
@ -244,20 +231,18 @@ fi
|
|||
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
|
||||
if [ ${STARTIT} -eq 0 ]; then
|
||||
create_netdata_conf "/opt/netdata/etc/netdata/netdata.conf"
|
||||
netdata_banner "is installed now!"
|
||||
create_netdata_conf "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
|
||||
netdata_banner "is installed now!"
|
||||
else
|
||||
progress "starting netdata"
|
||||
progress "starting netdata"
|
||||
|
||||
if ! restart_netdata "/opt/netdata/bin/netdata"; then
|
||||
create_netdata_conf "/opt/netdata/etc/netdata/netdata.conf"
|
||||
netdata_banner "is installed and running now!"
|
||||
else
|
||||
create_netdata_conf "/opt/netdata/etc/netdata/netdata.conf" "http://localhost:19999/netdata.conf"
|
||||
netdata_banner "is installed now!"
|
||||
fi
|
||||
if ! restart_netdata "${NETDATA_PREFIX}/bin/netdata"; then
|
||||
create_netdata_conf "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
|
||||
netdata_banner "is installed and running now!"
|
||||
else
|
||||
create_netdata_conf "${NETDATA_PREFIX}/etc/netdata/netdata.conf" "http://localhost:19999/netdata.conf"
|
||||
netdata_banner "is installed now!"
|
||||
fi
|
||||
fi
|
||||
run chown "${NETDATA_USER}:${NETDATA_GROUP}" "/opt/netdata/etc/netdata/netdata.conf"
|
||||
run chmod 0664 "/opt/netdata/etc/netdata/netdata.conf"
|
||||
run chmod 0644 "${NETDATA_PREFIX}/etc/netdata/netdata.conf"
|
||||
|
|
|
@ -20,6 +20,10 @@ dist_config_SCRIPTS = \
|
|||
edit-config \
|
||||
$(NULL)
|
||||
|
||||
# Explicitly install directories to avoid permission issues due to umask
|
||||
install-exec-local:
|
||||
$(INSTALL) -d $(DESTDIR)$(configdir)
|
||||
|
||||
nodist_noinst_DATA = \
|
||||
netdata-openrc \
|
||||
netdata.logrotate \
|
||||
|
|
|
@ -9,6 +9,12 @@ SUBDIRS = \
|
|||
server \
|
||||
$(NULL)
|
||||
|
||||
usersslconfigdir=$(configdir)/ssl
|
||||
|
||||
# Explicitly install directories to avoid permission issues due to umask
|
||||
install-exec-local:
|
||||
$(INSTALL) -d $(DESTDIR)$(usersslconfigdir)
|
||||
|
||||
dist_noinst_DATA = \
|
||||
README.md \
|
||||
gui/confluence/README.md \
|
||||
|
|
Loading…
Reference in New Issue