archive/netdata_netdata
0
0
Fork 0
mirror of https://github.com/netdata/netdata.git synced 2025-04-06 22:38:55 +00:00
Code Issues Projects Releases Wiki Activity

fix: use setuid as a fallback for static builds when setcap fails for plugins ()

Browse source 
fix: use setuid as a fallback if setcap fails for plugins
This commit is contained in:
Ilya Mashchenko 2024-12-15 21:36:59 +02:00 committed by GitHub
parent fe744ae2d2
commit 3d1eb72359
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 19 additions and 9 deletions

28
packaging/makeself/install-or-update.sh
View file

@ -207,17 +207,27 @@ for x in ndsudo apps.plugin perf.plugin slabinfo.plugin debugfs.plugin freeipmi.
done
if command -v setcap >/dev/null 2>&1; then
run setcap "cap_dac_read_search,cap_sys_ptrace=ep" "usr/libexec/netdata/plugins.d/apps.plugin"
run setcap "cap_dac_read_search=ep" "usr/libexec/netdata/plugins.d/slabinfo.plugin"
run setcap "cap_dac_read_search=ep" "usr/libexec/netdata/plugins.d/debugfs.plugin"
if ! run setcap "cap_dac_read_search,cap_sys_ptrace=ep" "usr/libexec/netdata/plugins.d/apps.plugin"; then
run chmod 4750 "usr/libexec/netdata/plugins.d/apps.plugin"
fi
if ! run setcap "cap_dac_read_search=ep" "usr/libexec/netdata/plugins.d/slabinfo.plugin"; then
run chmod 4750 "usr/libexec/netdata/plugins.d/slabinfo.plugin"
fi
if ! run setcap "cap_dac_read_search=ep" "usr/libexec/netdata/plugins.d/debugfs.plugin"; then
run chmod 4750 "usr/libexec/netdata/plugins.d/debugfs.plugin"
fi
if ! run setcap "cap_dac_read_search+epi cap_net_admin+epi cap_net_raw=eip" "usr/libexec/netdata/plugins.d/go.d.plugin"; then
run chmod 4750 "usr/libexec/netdata/plugins.d/go.d.plugin"
fi
if command -v capsh >/dev/null 2>&1 && capsh --supports=cap_perfmon 2>/dev/null ; then
run setcap "cap_perfmon=ep" "usr/libexec/netdata/plugins.d/perf.plugin"
else
run setcap "cap_sys_admin=ep" "usr/libexec/netdata/plugins.d/perf.plugin"
fi
perf_caps="cap_sys_admin=ep"
if command -v capsh >/dev/null 2>&1 && capsh --supports=cap_perfmon 2>/dev/null; then
perf_caps="cap_perfmon=ep"
fi
run setcap "cap_dac_read_search+epi cap_net_admin+epi cap_net_raw=eip" "usr/libexec/netdata/plugins.d/go.d.plugin"
if ! run setcap "${perf_caps}" "usr/libexec/netdata/plugins.d/perf.plugin"; then
run chmod 4750 "usr/libexec/netdata/plugins.d/perf.plugin"
fi
else
for x in apps.plugin perf.plugin slabinfo.plugin debugfs.plugin; do
f="usr/libexec/netdata/plugins.d/${x}"