diff options
Diffstat (limited to '')
-rw-r--r-- | system/Makefile.am | 2 | ||||
-rwxr-xr-x | system/edit-config | 309 | ||||
-rwxr-xr-x | system/edit-config.in | 83 | ||||
-rw-r--r-- | system/netdata.logrotate.in | 2 | ||||
-rw-r--r-- | system/netdata.service.in | 6 |
5 files changed, 315 insertions, 87 deletions
diff --git a/system/Makefile.am b/system/Makefile.am index 72d123daa..1a1b41e26 100644 --- a/system/Makefile.am +++ b/system/Makefile.am @@ -3,7 +3,6 @@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in CLEANFILES = \ - edit-config \ netdata-openrc \ netdata.logrotate \ netdata.service \ @@ -55,7 +54,6 @@ dist_libsys_DATA = \ $(NULL) dist_noinst_DATA = \ - edit-config.in \ install-service.sh.in \ netdata-openrc.in \ netdata.logrotate.in \ diff --git a/system/edit-config b/system/edit-config new file mode 100755 index 000000000..754f9374a --- /dev/null +++ b/system/edit-config @@ -0,0 +1,309 @@ +#!/usr/bin/env sh + +# shellcheck disable=SC1091 +[ -f /etc/profile ] && . /etc/profile + +set -e + +script_dir="$(CDPATH="" cd -- "$(dirname -- "$0")" && pwd -P)" + +usage() { + check_directories + cat <<EOF +USAGE: + ${0} [options] FILENAME + + Copy and edit the stock config file named: FILENAME + if FILENAME is already copied, it will be edited as-is. + + Stock config files at: '${NETDATA_STOCK_CONFIG_DIR}' + User config files at: '${NETDATA_USER_CONFIG_DIR}' + + The editor to use can be specified either by setting the EDITOR + environment variable, or by using the --editor option. + + The file to edit can also be specified using the --file option. + + For a list of known config files, run '${0} --list' +EOF + exit 0 +} + +error() { + echo >&2 "ERROR: ${1}" +} + +abspath() { + if [ -d "${1}" ]; then + echo "$(cd "${1}" && /usr/bin/env PWD= pwd -P)/" + else + echo "$(cd "$(dirname "${1}")" && /usr/bin/env PWD= pwd -P)/$(basename "${1}")" + fi +} + +is_prefix() { + echo "${2}" | grep -qE "^${1}" + return $? +} + +check_directories() { + if [ -e "${script_dir}/.environment" ]; then + OLDPATH="${PATH}" + # shellcheck disable=SC1091 + . "${script_dir}/.environment" + PATH="${OLDPATH}" + fi + + if [ -n "${NETDATA_PREFIX}" ] && [ -d "${NETDATA_PREFIX}/usr/lib/netdata/conf.d" ]; then + stock_dir="${NETDATA_PREFIX}/usr/lib/netdata/conf.d" + elif [ -n "${NETDATA_PREFIX}" ] && [ -d "${NETDATA_PREFIX}/lib/netdata/conf.d" ]; then + stock_dir="${NETDATA_PREFIX}/lib/netdata/conf.d" + elif [ -d "${script_dir}/../../usr/lib/netdata/conf.d" ]; then + stock_dir="${script_dir}/../../usr/lib/netdata/conf.d" + elif [ -d "${script_dir}/../../lib/netdata/conf.d" ]; then + stock_dir="${script_dir}/../../lib/netdata/conf.d" + elif [ -d "/usr/lib/netdata/conf.d" ]; then + stock_dir="/usr/lib/netdata/conf.d" + fi + + [ -z "${NETDATA_USER_CONFIG_DIR}" ] && NETDATA_USER_CONFIG_DIR="${script_dir}" + [ -z "${NETDATA_STOCK_CONFIG_DIR}" ] && NETDATA_STOCK_CONFIG_DIR="${stock_dir}" + + if [ -z "${NETDATA_STOCK_CONFIG_DIR}" ]; then + error "Unable to find stock config directory." + exit 1 + fi +} + +check_editor() { + if [ -z "${editor}" ]; then + if [ -n "${EDITOR}" ] && command -v "${EDITOR}" >/dev/null 2>&1; then + editor="${EDITOR}" + elif command -v editor >/dev/null 2>&1; then + editor="editor" + elif command -v vi >/dev/null 2>&1; then + editor="vi" + else + error "Unable to find a usable editor, tried \${EDITOR} (${EDITOR}), editor, and vi." + exit 1 + fi + elif ! command -v "${editor}" >/dev/null 2>&1; then + error "Unable to locate user specified editor ${editor}, is it in your PATH?" + exit 1 + fi +} + +running_in_container() { + [ -e /.dockerenv ] && return 0 + [ -e /.dockerinit ] && return 0 + [ -r /proc/1/environ ] && tr '\000' '\n' </proc/1/environ | grep -Eiq '^container=podman' && return 0 + grep -qF -e /docker/ -e /libpod- /proc/self/cgroup 2>/dev/null && return 0 +} + +get_docker_command() { + if [ -x "${docker}" ]; then + return 0 + elif command -v docker >/dev/null 2>&1; then + docker="$(command -v docker)" + elif command -v podman >/dev/null 2>&1; then + docker="$(command -v podman)" + else + error "Unable to find a usable container tool stack. I support Docker and Podman." + exit 1 + fi +} + +run_in_container() { + ${docker} exec "${1}" /bin/sh -c "${2}" || return 1 + return 0 +} + +check_for_container() { + get_docker_command + ${docker} container inspect "${1}" >/dev/null 2>&1 || return 1 + run_in_container "${1}" "[ -d \"${NETDATA_STOCK_CONFIG_DIR}\" ]" >/dev/null 2>&1 || return 1 + return 0 +} + +handle_container() { + if running_in_container; then + return 0 + elif [ -z "${container}" ] && [ -f "${script_dir}/.container-hostname" ]; then + echo >&2 "Autodetected containerized Netdata instance. Attempting to autodetect container ID." + possible_container="$(cat "${script_dir}/.container-hostname")" + if check_for_container "${possible_container}"; then + container="${possible_container}" + elif check_for_container netdata; then + container="netdata" + else + error "Could not autodetect container ID. It must be supplied on the command line with the --container option." + exit 1 + fi + + echo >&2 "Found Netdata container with ID or name ${container}" + elif [ -n "${container}" ]; then + if ! check_for_container "${container}"; then + error "No container with ID or name ${container} exists." + exit 1 + fi + fi +} + +list_files() { + check_directories + handle_container + + if test -t; then + width="$(tput cols)" + fi + + if [ -z "${container}" ]; then + if [ "$(uname -s)" = "Linux" ]; then + # shellcheck disable=SC2046,SC2086 + files="$(cd "${NETDATA_STOCK_CONFIG_DIR}" && ls ${width:+-C} ${width:+-w ${width}} $(find . -type f | cut -d '/' -f 2-))" + elif [ "$(uname -s)" = "FreeBSD" ]; then + if [ -n "${width}" ]; then + export COLUMNS="${width}" + fi + + # shellcheck disable=SC2046 + files="$(cd "${NETDATA_STOCK_CONFIG_DIR}" && ls ${width:+-C} $(find . -type f | cut -d '/' -f 2-))" + else + # shellcheck disable=SC2046 + files="$(cd "${NETDATA_STOCK_CONFIG_DIR}" && ls $(find . -type f | cut -d '/' -f 2-))" + fi + else + files="$(run_in_container "${container}" "cd /usr/lib/netdata/conf.d && ls ${width:+-C} ${width:+-w ${width}} \$(find . -type f | cut -d '/' -f 2-)")" + fi + + if [ -z "${files}" ]; then + error "Failed to find any configuration files." + exit 1 + fi + + cat <<EOF +The following configuration files are known to this script: + +${files} +EOF + exit 0 +} + +parse_args() { + while [ -n "${1}" ]; do + case "${1}" in + "--help") usage ;; + "--list") list_files ;; + "--file") + if [ -n "${2}" ]; then + file="${2}" + shift 1 + else + error "No file specified to edit." + exit 1 + fi + ;; + "--container") + if [ -n "${2}" ]; then + container="${2}" + shift 1 + else + error "No container ID or name specified with the --container option." + exit 1 + fi + ;; + "--editor") + if [ -n "${2}" ]; then + editor="${2}" + shift 1 + else + error "No editor specified with the --editor option." + exit 1 + fi + ;; + *) + if [ -z "${2}" ]; then + file="${1}" + else + error "Unrecognized option ${1}." + exit 1 + fi + ;; + esac + shift 1 + done + + [ -z "${file}" ] && usage + + absfile="$(abspath "${file}")" + if ! is_prefix "${script_dir}" "${absfile}"; then + error "${file} is not located under ${script_dir}" + exit 1 + fi + + file="${absfile##"${script_dir}"}" +} + +copy_native() { + if [ ! -w "${NETDATA_USER_CONFIG_DIR}" ]; then + error "Cannot write to ${NETDATA_USER_CONFIG_DIR}!" + exit 1 + fi + + if [ -f "${NETDATA_STOCK_CONFIG_DIR}/${1}" ]; then + echo >&2 "Copying '${NETDATA_STOCK_CONFIG_DIR}/${1}' to '${NETDATA_USER_CONFIG_DIR}/${1}' ... " + cp -p "${NETDATA_STOCK_CONFIG_DIR}/${1}" "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1 + else + echo >&2 "Creating empty '${NETDATA_USER_CONFIG_DIR}/${1}' ... " + touch "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1 + fi +} + +copy_container() { + if [ ! -w "${NETDATA_USER_CONFIG_DIR}" ]; then + error "Cannot write to ${NETDATA_USER_CONFIG_DIR}!" + exit 1 + fi + + if run_in_container "${container}" "[ -f \"${NETDATA_STOCK_CONFIG_DIR}/${1}\" ]"; then + echo >&2 "Copying '${NETDATA_STOCK_CONFIG_DIR}/${1}' to '${NETDATA_USER_CONFIG_DIR}/${1}' ... " + ${docker} cp -a "${container}:${NETDATA_STOCK_CONFIG_DIR}/${1}" "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1 + else + echo >&2 "Creating empty '${NETDATA_USER_CONFIG_DIR}/${1}' ... " + touch "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1 + fi +} + +copy() { + if [ -f "${NETDATA_USER_CONFIG_DIR}/${1}" ]; then + return 0 + elif [ -n "${container}" ]; then + copy_container "${1}" + else + copy_native "${1}" + fi +} + +edit() { + echo >&2 "Editing '${1}' ..." + + # check we can edit + if [ ! -w "${1}" ]; then + error "Cannot write to ${1}!" + exit 1 + fi + + "${editor}" "${1}" + exit $? +} + +main() { + parse_args "${@}" + check_directories + check_editor + handle_container + copy "${file}" + edit "${absfile}" +} + +main "${@}" diff --git a/system/edit-config.in b/system/edit-config.in deleted file mode 100755 index 050d97cde..000000000 --- a/system/edit-config.in +++ /dev/null @@ -1,83 +0,0 @@ -#!/usr/bin/env sh - -[ -f /etc/profile ] && . /etc/profile - -file="${1}" - -if [ "$(command -v editor)" ]; then - EDITOR="${EDITOR-editor}" -else - EDITOR="${EDITOR-vi}" -fi - -[ -z "${NETDATA_USER_CONFIG_DIR}" ] && NETDATA_USER_CONFIG_DIR="@configdir_POST@" -[ -z "${NETDATA_STOCK_CONFIG_DIR}" ] && NETDATA_STOCK_CONFIG_DIR="@libconfigdir_POST@" - -if [ -z "${file}" ]; then - cat << EOF - -USAGE: - ${0} FILENAME - - Copy and edit the stock config file named: FILENAME - if FILENAME is already copied, it will be edited as-is. - - The EDITOR shell variable is used to define the editor to be used. - - Stock config files at: '${NETDATA_STOCK_CONFIG_DIR}' - User config files at: '${NETDATA_USER_CONFIG_DIR}' - - Available files in '${NETDATA_STOCK_CONFIG_DIR}' to copy and edit: - -EOF - - cd "${NETDATA_STOCK_CONFIG_DIR}" || exit 1 - ls >&2 -R ./*.conf ./*/*.conf - exit 1 - -fi - -edit() { - echo >&2 "Editing '${1}' ..." - - # check we can edit - if [ ! -w "${1}" ]; then - echo >&2 "Cannot write to ${1}! Aborting ..." - exit 1 - fi - - "${EDITOR}" "${1}" - exit $? -} - -copy_and_edit() { - # check we can copy - if [ ! -w "${NETDATA_USER_CONFIG_DIR}" ]; then - echo >&2 "Cannot write to ${NETDATA_USER_CONFIG_DIR}! Aborting ..." - exit 1 - fi - - if [ ! -f "${NETDATA_USER_CONFIG_DIR}/${1}" ]; then - echo >&2 "Copying '${NETDATA_STOCK_CONFIG_DIR}/${1}' to '${NETDATA_USER_CONFIG_DIR}/${1}' ... " - cp -p "${NETDATA_STOCK_CONFIG_DIR}/${1}" "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1 - fi - - edit "${NETDATA_USER_CONFIG_DIR}/${1}" -} - -# make sure it is not absolute filename -c1="$(echo "${file}" | cut -b 1)" -if [ "${c1}" = "/" ] || [ "${c1}" = "." ]; then - echo >&2 "Please don't use filenames starting with '/' or '.'" - exit 1 -fi - -# already exists -[ -f "${NETDATA_USER_CONFIG_DIR}/${file}" ] && edit "${NETDATA_USER_CONFIG_DIR}/${file}" - -# stock config is valid, copy and edit -[ -f "${NETDATA_STOCK_CONFIG_DIR}/${file}" ] && copy_and_edit "${file}" - -# no such config found -echo >&2 "File '${file}' is not found in '${NETDATA_STOCK_CONFIG_DIR}'" -exit 1 diff --git a/system/netdata.logrotate.in b/system/netdata.logrotate.in index a766b6cce..2c4949e5f 100644 --- a/system/netdata.logrotate.in +++ b/system/netdata.logrotate.in @@ -7,6 +7,6 @@ notifempty sharedscripts postrotate - /bin/kill -HUP `cat @localstatedir_POST@/run/netdata/netdata.pid 2>/dev/null` 2>/dev/null || true + /bin/kill -HUP `cat /run/netdata/netdata.pid 2>/dev/null` 2>/dev/null || true endscript } diff --git a/system/netdata.service.in b/system/netdata.service.in index 3947392f4..25d95b2b8 100644 --- a/system/netdata.service.in +++ b/system/netdata.service.in @@ -52,7 +52,7 @@ CapabilityBoundingSet=CAP_SYS_ADMIN CAP_PERFMON CapabilityBoundingSet=CAP_SYS_PTRACE # is required for ebpf plugin CapabilityBoundingSet=CAP_SYS_RESOURCE -# is required for fping app +# is required for go.d/ping app CapabilityBoundingSet=CAP_NET_RAW # is required for cgroups plugin CapabilityBoundingSet=CAP_SYS_CHROOT @@ -71,6 +71,10 @@ ProtectControlGroups=on ReadWriteDirectories=/run/netdata # This is needed to make email-based alert deliver work if Postfix is the email provider on the system. ReadWriteDirectories=-/var/spool/postfix/maildrop +# LXCFS directories (https://github.com/lxc/lxcfs#lxcfs) +# If we don't set them explicitly, systemd mounts procfs from the host. See https://github.com/netdata/netdata/issues/14238. +BindReadOnlyPaths=-/proc/cpuinfo -/proc/diskstats -/proc/loadavg -/proc/meminfo +BindReadOnlyPaths=-/proc/stat -/proc/swaps -/proc/uptime -/proc/slabinfo [Install] WantedBy=multi-user.target |