From 0064f99dd2dbcc28fd14e74fddc54aef52082cba Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Tue, 1 Jan 2019 17:05:42 +0100 Subject: Renaming netdata to netdata-core, making netdata a meta package depending on the (typical) netdata components that it contained before the package reshuffeling. Signed-off-by: Daniel Baumann --- debian/control | 53 +++++++++++------ debian/netdata-core.dirs | 6 ++ debian/netdata-core.docs | 1 + debian/netdata-core.install | 12 ++++ debian/netdata-core.lintian-overrides | 6 ++ debian/netdata-core.maintscript | 2 + debian/netdata-core.manpages | 1 + debian/netdata-core.netdata.init | 103 ++++++++++++++++++++++++++++++++++ debian/netdata-core.netdata.logrotate | 13 +++++ debian/netdata-core.netdata.service | 53 +++++++++++++++++ debian/netdata-core.postinst | 53 +++++++++++++++++ debian/netdata-core.postrm | 46 +++++++++++++++ debian/netdata.dirs | 5 -- debian/netdata.docs | 1 - debian/netdata.init | 103 ---------------------------------- debian/netdata.install | 12 ---- debian/netdata.lintian-overrides | 6 -- debian/netdata.logrotate | 13 ----- debian/netdata.maintscript | 2 - debian/netdata.manpages | 1 - debian/netdata.postinst | 53 ----------------- debian/netdata.postrm | 46 --------------- debian/netdata.service | 53 ----------------- debian/rules | 20 +++++-- 24 files changed, 349 insertions(+), 315 deletions(-) create mode 100644 debian/netdata-core.dirs create mode 100644 debian/netdata-core.docs create mode 100644 debian/netdata-core.install create mode 100644 debian/netdata-core.lintian-overrides create mode 100644 debian/netdata-core.maintscript create mode 100644 debian/netdata-core.manpages create mode 100644 debian/netdata-core.netdata.init create mode 100644 debian/netdata-core.netdata.logrotate create mode 100644 debian/netdata-core.netdata.service create mode 100755 debian/netdata-core.postinst create mode 100755 debian/netdata-core.postrm delete mode 100644 debian/netdata.dirs delete mode 100644 debian/netdata.docs delete mode 100644 debian/netdata.init delete mode 100644 debian/netdata.install delete mode 100644 debian/netdata.lintian-overrides delete mode 100644 debian/netdata.logrotate delete mode 100644 debian/netdata.maintscript delete mode 100644 debian/netdata.manpages delete mode 100755 debian/netdata.postinst delete mode 100755 debian/netdata.postrm delete mode 100644 debian/netdata.service diff --git a/debian/control b/debian/control index 77c36f84d..fa759f168 100644 --- a/debian/control +++ b/debian/control @@ -19,40 +19,59 @@ Vcs-Git: https://salsa.debian.org/debian/netdata.git Package: netdata Section: net +Architecture: all +Depends: + netdata-core (=${source:Version}), + netdata-plugins-bash (=${source:Version}), + netdata-web (=${source:Version}), + ${misc:Depends}, +Recommends: + netdata-plugins-nodejs (=${source:Version}), + netdata-plugins-python (=${source:Version}), +Description: real-time performance monitoring (metapackage) + Netdata is distributed, real-time, performance and health monitoring for + systems and applications. It provides insights of everything happening on the + systems it runs using interactive web dashboards. + . + It can run autonomously without any third party components or it can be + integrated to existing monitoring tool chains (Prometheus, Graphite, + OpenTSDB, Kafka, Grafana, etc). + . + This package is a metapackage depending on the typical netdata components. + +Package: netdata-core +Section: net Architecture: linux-any Pre-Depends: ${misc:Pre-Depends}, Depends: libcap2-bin, lsb-base, - netdata-plugins-bash (=${source:Version}), - netdata-plugins-nodejs (=${source:Version}), - netdata-plugins-python (=${source:Version}), - netdata-web (=${source:Version}), ${misc:Depends}, ${shlibs:Depends}, Recommends: curl, -Description: real-time performance monitoring +Breaks: + netdata (<< 1.11.1+dfsg-3~), +Description: real-time performance monitoring (core) Netdata is distributed, real-time, performance and health monitoring for systems and applications. It provides insights of everything happening on the systems it runs using interactive web dashboards. . - It can run autonomously without any third party components or it can be - integrated to existing monitoring tool chains (Prometheus, Graphite, - OpenTSDB, Kafka, Grafana, etc). + This package contains the minimal core. Package: netdata-plugins-bash +Section: net Architecture: all Multi-Arch: foreign Depends: bash, - netdata (=${source:Version}), + netdata-core (=${source:Version}), ${misc:Depends}, Suggests: fping, Enhances: - netdata, + netdata-core, Description: real-time performance monitoring (bash plugins) Netdata is distributed, real-time, performance and health monitoring for systems and applications. It provides insights of everything happening on the @@ -61,14 +80,15 @@ Description: real-time performance monitoring (bash plugins) This package contains the plugins using bash. Package: netdata-plugins-nodejs +Section: net Architecture: all Multi-Arch: foreign Depends: - netdata (=${source:Version}), + netdata-core (=${source:Version}), nodejs, ${misc:Depends}, Enhances: - netdata, + netdata-core, Description: real-time performance monitoring (nodejs plugins) Netdata is distributed, real-time, performance and health monitoring for systems and applications. It provides insights of everything happening on the @@ -77,17 +97,18 @@ Description: real-time performance monitoring (nodejs plugins) This package contains the plugins using nodejs. Package: netdata-plugins-python +Section: net Architecture: all Multi-Arch: foreign Depends: - netdata (=${source:Version}), + netdata-core (=${source:Version}), python3, python3-six, python3-urllib3 (>= 1.22), python3-yaml, ${misc:Depends}, Enhances: - netdata, + netdata-core, Description: real-time performance monitoring (python plugins) Netdata is distributed, real-time, performance and health monitoring for systems and applications. It provides insights of everything happening on the @@ -101,14 +122,14 @@ Architecture: all Depends: fonts-font-awesome, libjs-bootstrap, - netdata (=${source:Version}), + netdata-core (=${source:Version}), ${misc:Depends}, Conflicts: netdata-data, Replaces: netdata-data, Enhances: - netdata, + netdata-core, Description: real-time performance monitoring (web) Netdata is distributed, real-time, performance and health monitoring for systems and applications. It provides insights of everything happening on the diff --git a/debian/netdata-core.dirs b/debian/netdata-core.dirs new file mode 100644 index 000000000..6cda555ff --- /dev/null +++ b/debian/netdata-core.dirs @@ -0,0 +1,6 @@ +etc/netdata +usr/share/netdata/web +var/cache/netdata +var/lib/netdata +var/log/netdata +var/run diff --git a/debian/netdata-core.docs b/debian/netdata-core.docs new file mode 100644 index 000000000..b43bf86b5 --- /dev/null +++ b/debian/netdata-core.docs @@ -0,0 +1 @@ +README.md diff --git a/debian/netdata-core.install b/debian/netdata-core.install new file mode 100644 index 000000000..9c682310d --- /dev/null +++ b/debian/netdata-core.install @@ -0,0 +1,12 @@ +/etc/netdata/edit-config +/etc/netdata/health.d +/etc/netdata/statsd.d +/usr/lib/netdata/conf.d/apps_groups.conf +/usr/lib/netdata/conf.d/health.d +/usr/lib/netdata/conf.d/health_alarm_notify.conf +/usr/lib/netdata/conf.d/health_email_recipients.conf +/usr/lib/netdata/conf.d/statsd.d +/usr/lib/netdata/conf.d/stream.conf +/usr/sbin + +debian/netdata.conf /etc/netdata diff --git a/debian/netdata-core.lintian-overrides b/debian/netdata-core.lintian-overrides new file mode 100644 index 000000000..13c47ca46 --- /dev/null +++ b/debian/netdata-core.lintian-overrides @@ -0,0 +1,6 @@ +# See Debian policy 10.9. apps.plugin has extra capabilities, so don't let +# normal users run it. +netdata-core: non-standard-executable-perm usr/lib/*/netdata/plugins.d/apps.plugin 0754 != 0755 + +# freeipmi plugin +netdata-core: setuid-binary usr/lib/x86_64-linux-gnu/netdata/plugins.d/freeipmi.plugin 4754 root/root diff --git a/debian/netdata-core.maintscript b/debian/netdata-core.maintscript new file mode 100644 index 000000000..ba48e62e5 --- /dev/null +++ b/debian/netdata-core.maintscript @@ -0,0 +1,2 @@ +rm_conffile /etc/netdata/python.d/gunicorn_log.conf 1.8.0+dfsg-1~ netdata +rm_conffile /etc/netdata/python.d/nginx_log.conf 1.8.0+dfsg-1~ netdata diff --git a/debian/netdata-core.manpages b/debian/netdata-core.manpages new file mode 100644 index 000000000..421a3ab88 --- /dev/null +++ b/debian/netdata-core.manpages @@ -0,0 +1 @@ +debian/netdata.1 diff --git a/debian/netdata-core.netdata.init b/debian/netdata-core.netdata.init new file mode 100644 index 000000000..42e291751 --- /dev/null +++ b/debian/netdata-core.netdata.init @@ -0,0 +1,103 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: netdata +# Required-Start: $local_fs $remote_fs $network +# Required-Stop: $local_fs $remote_fs $network +# Should-Start: $syslog +# Should-Stop: $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Real-time charts for system monitoring +# Description: Start netdata, a real-time monitoring tool +### END INIT INFO + +# Documentation +# man netdata +# file:///usr/share/doc/netdata/html/index.html +# https://github.com/netdata/netdata + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +. /lib/lsb/init-functions + +NAME=netdata +PIDFILE=/run/netdata.pid +DAEMON=/usr/sbin/$NAME +DAEMON_USER=$NAME +DAEMON_ARGS="-P $PIDFILE" + +# Exit if executable is not installed +[ -x "$DAEMON" ] || exit 0 + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DESC="the netdata daemon" +CONF_FNAME=/etc/netdata/netdata.conf + +STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}" + +case "$1" in + start) + if [ ! -f "$CONF_FNAME" ]; then + log_action_msg "Not starting $DESC: $CONF_FNAME is missing." + exit 0 + fi + + log_action_begin_msg "Starting $DESC" + + if start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON --test; then + if start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON -- $DAEMON_ARGS; then + log_action_end_msg 0 + else + log_action_end_msg 1 + exit 1 + fi + else + log_action_end_msg 0 "already running" + fi + ;; + stop) + log_action_begin_msg "Stopping $DESC" + pid=`cat $PIDFILE 2>/dev/null` || true + if test ! -f $PIDFILE -o -z "$pid"; then + log_action_end_msg 0 "not running - there is no $PIDFILE" + exit 0 + fi + + if start-stop-daemon --stop --quiet --pidfile $PIDFILE --retry=$STOP_SCHEDULE; then + log_action_end_msg 0 + else + log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied" + exit 1 + fi + ;; + restart|force-reload) + $0 stop + $0 start + ;; + status) + if test ! -r $(dirname $PIDFILE); then + log_failure_msg "cannot read PID file $PIDFILE" + exit 4 + fi + pid=`cat $PIDFILE 2>/dev/null` || true + if test ! -f $PIDFILE -o -z "$pid"; then + log_failure_msg "$NAME is not running" + exit 3 + fi + if ps "$pid" >/dev/null 2>&1; then + log_success_msg "$NAME is running" + exit 0 + else + log_failure_msg "$NAME is not running" + exit 1 + fi + ;; + *) + log_action_msg "Usage: $0 {start|stop|restart|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/debian/netdata-core.netdata.logrotate b/debian/netdata-core.netdata.logrotate new file mode 100644 index 000000000..7ede4fcb0 --- /dev/null +++ b/debian/netdata-core.netdata.logrotate @@ -0,0 +1,13 @@ +/var/log/netdata/*log { + compress + create 0640 netdata adm + weekly + delaycompress + missingok + notifempty + rotate 14 + sharedscripts + postrotate + /bin/kill -HUP `pidof netdata 2>/dev/null` 2>/dev/null || true + endscript +} diff --git a/debian/netdata-core.netdata.service b/debian/netdata-core.netdata.service new file mode 100644 index 000000000..54f4d03e7 --- /dev/null +++ b/debian/netdata-core.netdata.service @@ -0,0 +1,53 @@ +# netdata systemd target + +[Unit] +Description=netdata - Real-time performance monitoring +Documentation=man:netdata +Documentation=file:///usr/share/doc/netdata/html/index.html +Documentation=https://github.com/netdata/netdata +After=network-online.target httpd.service squid.service nfs-server.service mysqld.service named.service postfix.service +ConditionPathExists=/etc/netdata/netdata.conf + +[Service] +Type=simple +Environment="netdata_LOG_LOCATION=/var/log/netdata/log" +ExecStart=/usr/sbin/netdata -D +ExecReload=/usr/sbin/netdata reload +TimeoutStopSec=10 +KillMode=mixed +KillSignal=SIGTERM +OOMScoreAdjust=-900 + +User=netdata +Group=netdata +Restart=on-abnormal +RestartSec=2s +LimitNOFILE=65536 + +WorkingDirectory=/tmp + +# Hardening + +NoNewPrivileges=false +PermissionsStartOnly=true +# CAP_SETGID is required for setgroups() +# CAP_NET_RAW is needed by fping, see #864370 +CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_SYS_PTRACE CAP_SETGID CAP_SETUID CAP_NET_RAW +PrivateTmp=true +ProtectHome=read-only +ProtectSystem=full + +ReadOnlyDirectories=/ +ReadWriteDirectories=/proc/self +ReadWriteDirectories=/var + +# Access to devices and kernel modules and tunables is required +PrivateDevices=no +ProtectKernelModules=no +ProtectKernelTunables=no + +StandardOutput=syslog+console +StandardError=syslog+console + +[Install] +WantedBy=multi-user.target diff --git a/debian/netdata-core.postinst b/debian/netdata-core.postinst new file mode 100755 index 000000000..c99048900 --- /dev/null +++ b/debian/netdata-core.postinst @@ -0,0 +1,53 @@ +#!/bin/sh + +set -e + +case "${1}" in + configure) + # creating group + if ! getent group netdata > /dev/null 2>&1 + then + groupadd --system netdata + fi + + # creating user + if ! getent passwd netdata > /dev/null 2>&1 + then + useradd --system -g netdata --home-dir /var/lib/netdata --no-create-home netdata + mkdir -p /var/lib/netdata + fi + + # creating directory overrides + for DIRECTORY in /var/cache/netdata /var/lib/netdata + do + mkdir -p "${DIRECTORY}" + + if ! dpkg-statoverride --list "${DIRECTORY}" > /dev/null 2>&1 + then + dpkg-statoverride --update --add netdata netdata 0755 "${DIRECTORY}" + fi + done + + # handling plugin capabilities (or setuid as fallback) + chown -R root:netdata /usr/lib/netdata/plugins.d + setcap cap_dac_read_search,cap_sys_ptrace+ep /usr/lib/netdata/plugins.d/apps.plugin || \ + chmod 4754 /usr/lib/netdata/plugins.d/apps.plugin + + # handling log owner and permissions + chown netdata:adm /var/log/netdata + chmod 2750 /var/log/netdata + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + *) + echo "postinst called with unknown argument \`${1}'" >&2 + exit 1 + ;; +esac + +#DEBHELPER# + +exit 0 diff --git a/debian/netdata-core.postrm b/debian/netdata-core.postrm new file mode 100755 index 000000000..1ac2941ae --- /dev/null +++ b/debian/netdata-core.postrm @@ -0,0 +1,46 @@ +#!/bin/sh + +set -e + +case "${1}" in + remove) + # removing directory overrides + for DIRECTORY in /var/cache/netdata /var/lib/netdata + do + if dpkg-statoverride --list | grep -qw "${DIRECTORY}" + then + dpkg-statoverride --remove "${DIRECTORY}" + fi + done + + # removing user + if getent passwd netdata > /dev/null 2>&1 + then + userdel netdata || echo "Unable to remove netdata user" + fi + + # removing group + if getent group netdata > /dev/null 2>&1 + then + groupdel netdata || echo "Unable to remove netdata group" + fi + ;; + + purge) + # removing directories + rm -rf /var/cache/netdata /var/lib/netdata /var/log/netdata + ;; + + upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + + ;; + + *) + echo "postrm called with unknown argument \`${1}'" >&2 + exit 1 + ;; +esac + +#DEBHELPER# + +exit 0 diff --git a/debian/netdata.dirs b/debian/netdata.dirs deleted file mode 100644 index 0c4eb7c5e..000000000 --- a/debian/netdata.dirs +++ /dev/null @@ -1,5 +0,0 @@ -etc/netdata -var/cache/netdata -var/lib/netdata -var/log/netdata -var/run diff --git a/debian/netdata.docs b/debian/netdata.docs deleted file mode 100644 index b43bf86b5..000000000 --- a/debian/netdata.docs +++ /dev/null @@ -1 +0,0 @@ -README.md diff --git a/debian/netdata.init b/debian/netdata.init deleted file mode 100644 index 42e291751..000000000 --- a/debian/netdata.init +++ /dev/null @@ -1,103 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: netdata -# Required-Start: $local_fs $remote_fs $network -# Required-Stop: $local_fs $remote_fs $network -# Should-Start: $syslog -# Should-Stop: $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Real-time charts for system monitoring -# Description: Start netdata, a real-time monitoring tool -### END INIT INFO - -# Documentation -# man netdata -# file:///usr/share/doc/netdata/html/index.html -# https://github.com/netdata/netdata - -# Load the VERBOSE setting and other rcS variables -. /lib/init/vars.sh - -# Define LSB log_* functions. -. /lib/lsb/init-functions - -NAME=netdata -PIDFILE=/run/netdata.pid -DAEMON=/usr/sbin/$NAME -DAEMON_USER=$NAME -DAEMON_ARGS="-P $PIDFILE" - -# Exit if executable is not installed -[ -x "$DAEMON" ] || exit 0 - -PATH=/sbin:/bin:/usr/sbin:/usr/bin -DESC="the netdata daemon" -CONF_FNAME=/etc/netdata/netdata.conf - -STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}" - -case "$1" in - start) - if [ ! -f "$CONF_FNAME" ]; then - log_action_msg "Not starting $DESC: $CONF_FNAME is missing." - exit 0 - fi - - log_action_begin_msg "Starting $DESC" - - if start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON --test; then - if start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON -- $DAEMON_ARGS; then - log_action_end_msg 0 - else - log_action_end_msg 1 - exit 1 - fi - else - log_action_end_msg 0 "already running" - fi - ;; - stop) - log_action_begin_msg "Stopping $DESC" - pid=`cat $PIDFILE 2>/dev/null` || true - if test ! -f $PIDFILE -o -z "$pid"; then - log_action_end_msg 0 "not running - there is no $PIDFILE" - exit 0 - fi - - if start-stop-daemon --stop --quiet --pidfile $PIDFILE --retry=$STOP_SCHEDULE; then - log_action_end_msg 0 - else - log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied" - exit 1 - fi - ;; - restart|force-reload) - $0 stop - $0 start - ;; - status) - if test ! -r $(dirname $PIDFILE); then - log_failure_msg "cannot read PID file $PIDFILE" - exit 4 - fi - pid=`cat $PIDFILE 2>/dev/null` || true - if test ! -f $PIDFILE -o -z "$pid"; then - log_failure_msg "$NAME is not running" - exit 3 - fi - if ps "$pid" >/dev/null 2>&1; then - log_success_msg "$NAME is running" - exit 0 - else - log_failure_msg "$NAME is not running" - exit 1 - fi - ;; - *) - log_action_msg "Usage: $0 {start|stop|restart|force-reload|status}" >&2 - exit 1 - ;; -esac - -exit 0 diff --git a/debian/netdata.install b/debian/netdata.install deleted file mode 100644 index 9c682310d..000000000 --- a/debian/netdata.install +++ /dev/null @@ -1,12 +0,0 @@ -/etc/netdata/edit-config -/etc/netdata/health.d -/etc/netdata/statsd.d -/usr/lib/netdata/conf.d/apps_groups.conf -/usr/lib/netdata/conf.d/health.d -/usr/lib/netdata/conf.d/health_alarm_notify.conf -/usr/lib/netdata/conf.d/health_email_recipients.conf -/usr/lib/netdata/conf.d/statsd.d -/usr/lib/netdata/conf.d/stream.conf -/usr/sbin - -debian/netdata.conf /etc/netdata diff --git a/debian/netdata.lintian-overrides b/debian/netdata.lintian-overrides deleted file mode 100644 index 188dc18bc..000000000 --- a/debian/netdata.lintian-overrides +++ /dev/null @@ -1,6 +0,0 @@ -# See Debian policy 10.9. apps.plugin has extra capabilities, so don't let -# normal users run it. -netdata: non-standard-executable-perm usr/lib/*/netdata/plugins.d/apps.plugin 0754 != 0755 - -# freeipmi plugin -netdata: setuid-binary usr/lib/x86_64-linux-gnu/netdata/plugins.d/freeipmi.plugin 4754 root/root diff --git a/debian/netdata.logrotate b/debian/netdata.logrotate deleted file mode 100644 index 7ede4fcb0..000000000 --- a/debian/netdata.logrotate +++ /dev/null @@ -1,13 +0,0 @@ -/var/log/netdata/*log { - compress - create 0640 netdata adm - weekly - delaycompress - missingok - notifempty - rotate 14 - sharedscripts - postrotate - /bin/kill -HUP `pidof netdata 2>/dev/null` 2>/dev/null || true - endscript -} diff --git a/debian/netdata.maintscript b/debian/netdata.maintscript deleted file mode 100644 index ba48e62e5..000000000 --- a/debian/netdata.maintscript +++ /dev/null @@ -1,2 +0,0 @@ -rm_conffile /etc/netdata/python.d/gunicorn_log.conf 1.8.0+dfsg-1~ netdata -rm_conffile /etc/netdata/python.d/nginx_log.conf 1.8.0+dfsg-1~ netdata diff --git a/debian/netdata.manpages b/debian/netdata.manpages deleted file mode 100644 index 421a3ab88..000000000 --- a/debian/netdata.manpages +++ /dev/null @@ -1 +0,0 @@ -debian/netdata.1 diff --git a/debian/netdata.postinst b/debian/netdata.postinst deleted file mode 100755 index c99048900..000000000 --- a/debian/netdata.postinst +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/sh - -set -e - -case "${1}" in - configure) - # creating group - if ! getent group netdata > /dev/null 2>&1 - then - groupadd --system netdata - fi - - # creating user - if ! getent passwd netdata > /dev/null 2>&1 - then - useradd --system -g netdata --home-dir /var/lib/netdata --no-create-home netdata - mkdir -p /var/lib/netdata - fi - - # creating directory overrides - for DIRECTORY in /var/cache/netdata /var/lib/netdata - do - mkdir -p "${DIRECTORY}" - - if ! dpkg-statoverride --list "${DIRECTORY}" > /dev/null 2>&1 - then - dpkg-statoverride --update --add netdata netdata 0755 "${DIRECTORY}" - fi - done - - # handling plugin capabilities (or setuid as fallback) - chown -R root:netdata /usr/lib/netdata/plugins.d - setcap cap_dac_read_search,cap_sys_ptrace+ep /usr/lib/netdata/plugins.d/apps.plugin || \ - chmod 4754 /usr/lib/netdata/plugins.d/apps.plugin - - # handling log owner and permissions - chown netdata:adm /var/log/netdata - chmod 2750 /var/log/netdata - ;; - - abort-upgrade|abort-remove|abort-deconfigure) - - ;; - - *) - echo "postinst called with unknown argument \`${1}'" >&2 - exit 1 - ;; -esac - -#DEBHELPER# - -exit 0 diff --git a/debian/netdata.postrm b/debian/netdata.postrm deleted file mode 100755 index 1ac2941ae..000000000 --- a/debian/netdata.postrm +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/sh - -set -e - -case "${1}" in - remove) - # removing directory overrides - for DIRECTORY in /var/cache/netdata /var/lib/netdata - do - if dpkg-statoverride --list | grep -qw "${DIRECTORY}" - then - dpkg-statoverride --remove "${DIRECTORY}" - fi - done - - # removing user - if getent passwd netdata > /dev/null 2>&1 - then - userdel netdata || echo "Unable to remove netdata user" - fi - - # removing group - if getent group netdata > /dev/null 2>&1 - then - groupdel netdata || echo "Unable to remove netdata group" - fi - ;; - - purge) - # removing directories - rm -rf /var/cache/netdata /var/lib/netdata /var/log/netdata - ;; - - upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) - - ;; - - *) - echo "postrm called with unknown argument \`${1}'" >&2 - exit 1 - ;; -esac - -#DEBHELPER# - -exit 0 diff --git a/debian/netdata.service b/debian/netdata.service deleted file mode 100644 index 54f4d03e7..000000000 --- a/debian/netdata.service +++ /dev/null @@ -1,53 +0,0 @@ -# netdata systemd target - -[Unit] -Description=netdata - Real-time performance monitoring -Documentation=man:netdata -Documentation=file:///usr/share/doc/netdata/html/index.html -Documentation=https://github.com/netdata/netdata -After=network-online.target httpd.service squid.service nfs-server.service mysqld.service named.service postfix.service -ConditionPathExists=/etc/netdata/netdata.conf - -[Service] -Type=simple -Environment="netdata_LOG_LOCATION=/var/log/netdata/log" -ExecStart=/usr/sbin/netdata -D -ExecReload=/usr/sbin/netdata reload -TimeoutStopSec=10 -KillMode=mixed -KillSignal=SIGTERM -OOMScoreAdjust=-900 - -User=netdata -Group=netdata -Restart=on-abnormal -RestartSec=2s -LimitNOFILE=65536 - -WorkingDirectory=/tmp - -# Hardening - -NoNewPrivileges=false -PermissionsStartOnly=true -# CAP_SETGID is required for setgroups() -# CAP_NET_RAW is needed by fping, see #864370 -CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_SYS_PTRACE CAP_SETGID CAP_SETUID CAP_NET_RAW -PrivateTmp=true -ProtectHome=read-only -ProtectSystem=full - -ReadOnlyDirectories=/ -ReadWriteDirectories=/proc/self -ReadWriteDirectories=/var - -# Access to devices and kernel modules and tunables is required -PrivateDevices=no -ProtectKernelModules=no -ProtectKernelTunables=no - -StandardOutput=syslog+console -StandardError=syslog+console - -[Install] -WantedBy=multi-user.target diff --git a/debian/rules b/debian/rules index 44ae64bd2..f30e70131 100755 --- a/debian/rules +++ b/debian/rules @@ -48,11 +48,11 @@ override_dh_install: dh_install # Move architecture dependent plugins - mkdir -p $(TOP)/usr/lib/netdata/plugins.d + mkdir -p $(TOP)-core/usr/lib/netdata/plugins.d for plugin in cgroup-network apps.plugin freeipmi.plugin; \ do \ mv $(TOP)-plugins-bash/usr/lib/netdata/plugins.d/$${plugin} \ - $(TOP)/usr/lib/netdata/plugins.d; \ + $(TOP)-core/usr/lib/netdata/plugins.d; \ done mkdir -p $(TOP)-plugins-nodejs/usr/lib/netdata/plugins.d @@ -74,6 +74,18 @@ override_dh_install-indep: # Setting package version (update check) echo $(VERSION) > $(TOP)-web/usr/share/netdata/web/version.txt +override_dh_installinit: + dh_installinit -p netdata-core --name=netdata + dh_installinit --remaining-packages + +override_dh_installsystemd: + dh_installsystemd -p netdata-core --name=netdata + dh_installsystemd --remaining-packages + +override_dh_installlogrotate: + dh_installlogrotate -p netdata-core --name=netdata + dh_installlogrotate --remaining-packages + override_dh_missing: dh_missing --fail-missing @@ -82,8 +94,8 @@ override_dh_fixperms-arch: # apps.plugin should only be runnable by the netdata user. It will be # given extra capabilities in the postinst script. - chmod 0754 $(TOP)/usr/lib/netdata/plugins.d/apps.plugin - chmod 4754 $(TOP)/usr/lib/netdata/plugins.d/freeipmi.plugin + chmod 0754 $(TOP)-core/usr/lib/netdata/plugins.d/apps.plugin + chmod 4754 $(TOP)-core/usr/lib/netdata/plugins.d/freeipmi.plugin chmod 0644 $(TOP)-plugins-bash/usr/lib/netdata/charts.d/*.sh chmod 0644 $(TOP)-plugins-bash/usr/lib/netdata/plugins.d/*.sh.inc chmod 0644 $(TOP)-plugins-python/usr/lib/netdata/python.d/*.py -- cgit v1.2.3