archive/netdata_netdata
0
0
Fork 0
mirror of https://github.com/netdata/netdata.git synced 2025-04-27 06:10:43 +00:00
Code Issues Projects Releases Wiki Activity

Get netdata execution path early to avoid user permission issues ()

Browse source 
* Get netdata execution path early to avoid user permission issues
This commit is contained in:
Markos Fountoulakis 2020-06-16 19:34:19 +03:00 committed by GitHub
parent ac9c33c344
commit c4fd4aa07c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 28 additions and 14 deletions

21
daemon/daemon.c
View file

@ -5,6 +5,27 @@
char pidfile[FILENAME_MAX + 1] = "";
char claimingdirectory[FILENAME_MAX + 1];
char exepath[FILENAME_MAX + 1];
void get_netdata_execution_path(void)
{
int ret;
size_t exepath_size = 0;
struct passwd *passwd = NULL;
char *user = NULL;
passwd = getpwuid(getuid());
user = (passwd && passwd->pw_name) ? passwd->pw_name : "";
exepath_size = sizeof(exepath) - 1;
ret = uv_exepath(exepath, &exepath_size);
if (0 != ret) {
error("uv_exepath(\"%s\", %u) (user: %s) failed (%s).", exepath, (unsigned)exepath_size, user,
uv_strerror(ret));
fatal("Cannot start netdata without getting execution path.");
}
exepath[exepath_size] = '\0';
}
static void chown_open_file(int fd, uid_t uid, gid_t gid) {
if(fd == -1) return;

4
daemon/daemon.h
View file

@ -10,7 +10,9 @@ extern int become_daemon(int dont_fork, const char *user);
extern void netdata_cleanup_and_exit(int i);
extern void send_statistics(const char *action, const char *action_result, const char *action_data);
extern char pidfile[];
extern void get_netdata_execution_path(void);
extern char pidfile[];
extern char exepath[];
#endif /* NETDATA_DAEMON_H */

3
daemon/main.c
View file

@ -1272,6 +1272,9 @@ int main(int argc, char **argv) {
// files using relative filenames
if(chdir(netdata_configured_user_config_dir) == -1)
fatal("Cannot cd to '%s'", netdata_configured_user_config_dir);
// Get execution path before switching user to avoid permission issues
get_netdata_execution_path();
}
{

14
spawn/spawn.c
View file

@ -190,8 +190,6 @@ struct spawn_cmd_info *spawn_get_unprocessed_cmd(void)
int create_spawn_server(uv_loop_t *loop, uv_pipe_t *spawn_channel, uv_process_t *process)
{
uv_process_options_t options = {0};
size_t exepath_size;
char exepath[FILENAME_MAX];
char *args[3];
int ret;
#define SPAWN_SERVER_DESCRIPTORS (3)
@ -202,15 +200,6 @@ int create_spawn_server(uv_loop_t *loop, uv_pipe_t *spawn_channel, uv_process_t
passwd = getpwuid(getuid());
user = (passwd && passwd->pw_name) ? passwd->pw_name : "";
exepath_size = sizeof(exepath);
ret = uv_exepath(exepath, &exepath_size);
if (0 != ret) {
error("uv_exepath(\"%s\", %u) (user: %s) failed (%s).", exepath, (unsigned)exepath_size, user,
uv_strerror(ret));
fatal("Cannot start netdata without the spawn server.");
}
exepath[exepath_size] = '\0';
args[0] = exepath;
args[1] = SPAWN_SERVER_COMMAND_LINE_ARGUMENT;
args[2] = NULL;
@ -231,8 +220,7 @@ int create_spawn_server(uv_loop_t *loop, uv_pipe_t *spawn_channel, uv_process_t
ret = uv_spawn(loop, process, &options); /* execute the netdata binary again as the netdata user */
if (0 != ret) {
error("uv_spawn (process: \"%s\", %u) (user: %s) failed (%s).", exepath, (unsigned)exepath_size, user,
uv_strerror(ret));
error("uv_spawn (process: \"%s\") (user: %s) failed (%s).", exepath, user, uv_strerror(ret));
fatal("Cannot start netdata without the spawn server.");
}