Merge ~guoqiao/charm-nrpe:LP1906991-chown-nagios-dirs into charm-nrpe:master
Status: | Merged | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Approved by: | Xav Paice | ||||||||||||
Approved revision: | 5db37c59e2fa6b11385f8418a164c285d5735fab | ||||||||||||
Merge reported by: | Joe Guo | ||||||||||||
Merged at revision: | 5db37c59e2fa6b11385f8418a164c285d5735fab | ||||||||||||
Proposed branch: | ~guoqiao/charm-nrpe:LP1906991-chown-nagios-dirs | ||||||||||||
Merge into: | charm-nrpe:master | ||||||||||||
Diff against target: |
25 lines (+14/-0) 1 file modified
hooks/nrpe_utils.py (+14/-0) |
||||||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Xav Paice (community) | Approve | ||
Andrea Ieri | Approve | ||
Review via email: mp+397462@code.launchpad.net |
Commit message
nrpe_utils.py: ensure permission for /var/lib/nagios
This nrpe charm will install nagios-nrpe-server deb package.
In its preinst script[0], it will add nagios user and create `/var/lib/nagios` as home dir.
When other charm like hw-health relates to this charm, they will:
1) setup cronjob to run script
2) generate output file into /var/lib/nagios
3) read output file from /var/lib/nagios
Before, these are all done via root user, so no permission issue.
But recently, the cronjob user is switched from root to nagios, which caused following issues:
1) original output file was created by root, cronjob script by nagios user can not write to it.
2) In some situation, owner of `/var/lib/nagios/` is changed to root, cronjob script can not write file into this dir.
related bugs:
LP: #1906991
LP: #1904045
LP: #1866382
In this patch, we:
1) ensure `/var/lib/nagios` is owned by nagios user
2) setgid on dir group, to ensure any new created file in `/var/lib/nagios` has group `nagios`.
NOTE: this patch avoids to chown recursively, which implies, if there is a legacy output file
owned by root, we have to fix it manually, or fix it from the related charm side.
[0]: https:/
Looks fine, added the pythonic alternative. Not sure of our preference to use sub process.
get the additonal +1