[opensuse] /etc/permissions.d on openSuSE 13.2 / nagvis/mk-livestatus
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed? I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf .. or is this the wrong point to set this up? in my example, I want to set up apache2/nagvis/mk-livestatus/nagios link, but the socket created by mk-livestatus is set to the wrong group. /usr/share/doc/packages/mk-livestatus/livestatus-README.SUSE recommends to fix it with setting up permissions in /etc/permissions.d/ thank you for any hints -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed?
For starters, see "man permissions'.
I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
chkstat is invoked by rpms or by YaST. -- Per Jessen, Zürich (-4.9°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Friday 2017-01-06 13:16, Per Jessen wrote:
Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed?
For starters, see "man permissions'.
I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
chkstat is invoked by rpms or by YaST.
so it cannot be used for that purpose. Is there any other tool? or do I need to set up it in the service definition of nagios in systemd (which gets overwritten by every update...) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
06.01.2017 15:22, Paul Neuwirth пишет:
On Friday 2017-01-06 13:16, Per Jessen wrote:
Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed?
For starters, see "man permissions'.
I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
chkstat is invoked by rpms or by YaST.
so it cannot be used for that purpose.
Which purpose? You started with question about solution without telling which problem you are trying to solve. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Friday 2017-01-06 13:45, Andrei Borzenkov wrote:
Date: Fri, 6 Jan 2017 13:45:46 From: Andrei Borzenkov <arvidjaar@gmail.com> To: opensuse@opensuse.org Subject: Re: [opensuse] /etc/permissions.d on openSuSE 13.2 / nagvis/mk-livestatus
06.01.2017 15:22, Paul Neuwirth пишет:
On Friday 2017-01-06 13:16, Per Jessen wrote:
Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed?
For starters, see "man permissions'.
I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
chkstat is invoked by rpms or by YaST.
so it cannot be used for that purpose.
Which purpose? You started with question about solution without telling which problem you are trying to solve.
missing in the last quote. I want to link nagvis (on apache) to mk-livestatus (module on nagios), but the socket created has wrong owner, so inaccessible for wwwrun. easiest solution would be to add the group to wwwrun. but the default setup mentions the solution with /etc/permissions.d/ but the unix socket is deleted/created wit stop/start of nagios. So this won't work.
Paul Neuwirth wrote:
I want to link nagvis (on apache) to mk-livestatus (module on nagios), but the socket created has wrong owner, so inaccessible for wwwrun. easiest solution would be to add the group to wwwrun. but the default setup mentions the solution with /etc/permissions.d/ but the unix socket is deleted/created wit stop/start of nagios. So this won't work.
Amend the start/stop script for nagios to also change the socket owner? -- Per Jessen, Zürich (-4.8°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Friday 2017-01-06 14:36, Per Jessen wrote:
Paul Neuwirth wrote:
I want to link nagvis (on apache) to mk-livestatus (module on nagios), but the socket created has wrong owner, so inaccessible for wwwrun. easiest solution would be to add the group to wwwrun. but the default setup mentions the solution with /etc/permissions.d/ but the unix socket is deleted/created wit stop/start of nagios. So this won't work.
Amend the start/stop script for nagios to also change the socket owner?
I also thought about this. I recently did such changes, but it is quite problematic, because these scripts get overwritten on rpm update. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2017-01-06 14:39, Paul Neuwirth wrote:
On Friday 2017-01-06 14:36, Per Jessen wrote:
Paul Neuwirth wrote:
I want to link nagvis (on apache) to mk-livestatus (module on nagios), but the socket created has wrong owner, so inaccessible for wwwrun. easiest solution would be to add the group to wwwrun. but the default setup mentions the solution with /etc/permissions.d/ but the unix socket is deleted/created wit stop/start of nagios. So this won't work.
Amend the start/stop script for nagios to also change the socket owner?
I also thought about this. I recently did such changes, but it is quite problematic, because these scripts get overwritten on rpm update.
Then report bug so that permissions are corrected. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar)
Paul Neuwirth wrote:
On Friday 2017-01-06 14:36, Per Jessen wrote:
Paul Neuwirth wrote:
I want to link nagvis (on apache) to mk-livestatus (module on nagios), but the socket created has wrong owner, so inaccessible for wwwrun. easiest solution would be to add the group to wwwrun. but the default setup mentions the solution with /etc/permissions.d/ but the unix socket is deleted/created wit stop/start of nagios. So this won't work.
Amend the start/stop script for nagios to also change the socket owner?
I also thought about this. I recently did such changes, but it is quite problematic, because these scripts get overwritten on rpm update.
You could override this with a systemd service unit drop-in, that's easily done. -- Per Jessen, Zürich (-5.0°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Paul Neuwirth wrote:
On Friday 2017-01-06 13:16, Per Jessen wrote:
Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed?
For starters, see "man permissions'.
I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
chkstat is invoked by rpms or by YaST.
so it cannot be used for that purpose. Is there any other tool? or do I need to set up it in the service definition of nagios in systemd (which gets overwritten by every update...)
See my previous post - assuming nagios is "nagios.service", you can create /etc/systemd/system/nagios.service.d/something.conf and add your overrides or extensions there. That works really well. -- Per Jessen, Zürich (-5.3°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Friday 2017-01-06 15:54, Per Jessen wrote:
Paul Neuwirth wrote:
On Friday 2017-01-06 13:16, Per Jessen wrote:
Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed?
For starters, see "man permissions'.
I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
chkstat is invoked by rpms or by YaST.
so it cannot be used for that purpose. Is there any other tool? or do I need to set up it in the service definition of nagios in systemd (which gets overwritten by every update...)
See my previous post - assuming nagios is "nagios.service", you can create /etc/systemd/system/nagios.service.d/something.conf and add your overrides or extensions there. That works really well.
Thank you, this really helps -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Paul Neuwirth wrote:
On Friday 2017-01-06 15:54, Per Jessen wrote:
Paul Neuwirth wrote:
On Friday 2017-01-06 13:16, Per Jessen wrote:
Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed?
For starters, see "man permissions'.
I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
chkstat is invoked by rpms or by YaST.
so it cannot be used for that purpose. Is there any other tool? or do I need to set up it in the service definition of nagios in systemd (which gets overwritten by every update...)
See my previous post - assuming nagios is "nagios.service", you can create /etc/systemd/system/nagios.service.d/something.conf and add your overrides or extensions there. That works really well.
Thank you, this really helps
That's great - depending on what you need, using those drop-ins can be a little tricky, but you'll find many examples out there. -- Per Jessen, Zürich (-6.8°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 06/01/17 17:36, Per Jessen wrote:
Paul Neuwirth wrote:
On Friday 2017-01-06 15:54, Per Jessen wrote:
Paul Neuwirth wrote:
On Friday 2017-01-06 13:16, Per Jessen wrote:
Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed?
For starters, see "man permissions'.
I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
chkstat is invoked by rpms or by YaST.
so it cannot be used for that purpose. Is there any other tool? or do I need to set up it in the service definition of nagios in systemd (which gets overwritten by every update...)
See my previous post - assuming nagios is "nagios.service", you can create /etc/systemd/system/nagios.service.d/something.conf and add your overrides or extensions there. That works really well.
Thank you, this really helps
That's great - depending on what you need, using those drop-ins can be a little tricky, but you'll find many examples out there.
Just to add, this is a deliberate design feature of systemd - the designers assumed that the upstream defaults in the service file or whatever would not suit everyone, so they provided a way for end users to create their own local file, with only their local changes, that then modifies the defaults provided by the distro. And just like distros are not allowed to update /usr/local, they're not allowed to update this, either. Cheers, Wol -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2017-01-06 12:49, Paul Neuwirth wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed? I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
Yes, you have to call manually "chkstat --system --set". But this doesn't help if you need the permissions to be set automatically after creation of a file or socket - for that, something would have to be watching for file creation all the time. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar)
The permissions for check_mk mk-livestatus should be set accordingly via the %post from the RPM and if it's not please report a bug and I'll fix it, I'm one of the maintainers. From: https://build.opensuse.org/package/view_file/server:monitoring/check_mk/chec... %post -n mk-livestatus %if 0%{?suse_version} < 01210 %run_permissions %else %set_permissions %{_sysconfdir}/permissions.d/mk-livestatus %endif -- Later, Darin On Fri, Jan 6, 2017 at 6:49 AM, Paul Neuwirth <mail@paul-neuwirth.nl> wrote:
Hello group, after websearching around, I did not find anything, about this: How are permissions, set in /etc/permissions.* and /etc/permissions.d/* processed? I added a file according to a manual in /etc/permissions.d/, but these permissions do not get applied (after file creation by a daemon). Old documentation/threads mention SuSEconfig, but this tool is not used anymore... How do I apply these settings/ which service needs to be reloaded/restarted? files seem to be handled by chkstat according to rpm -qf ..
or is this the wrong point to set this up?
in my example, I want to set up apache2/nagvis/mk-livestatus/nagios link, but the socket created by mk-livestatus is set to the wrong group. /usr/share/doc/packages/mk-livestatus/livestatus-README.SUSE recommends to fix it with setting up permissions in /etc/permissions.d/
thank you for any hints
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (6)
-
Andrei Borzenkov -
Carlos E. R. -
Darin Perusich -
Paul Neuwirth -
Per Jessen -
Wols Lists