tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-04-08 17:05:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Install /var/run/icinga2/rw command mode, add configure options.

Browse Source 
- changed locations for icinga2.cmd and livestatus unix socket
- make install creates /var/run/icinga2/rw and sets g+s for
  icinga:icingacmd
- configure options: --with-icinga[cmd]-{user,group}=
- add autoconf macros to check user/group and bail early if not created
- update documentation/INSTALL

fixes #4444
refs #3186
This commit is contained in:
Michael Friedrich 2013-09-27 19:41:08 +02:00
parent 87fa063528
commit 9c6b79e4f2
8 changed files with 122 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
INSTALL
View File

@ -39,6 +39,24 @@ mentioned above:
* GNU bison (bison)
* GNU flex (flex)
User Requirements
-----------------
By default Icinga will run as user 'icinga' and group 'icinga'. Additionally the
ExternalCommandListener and LivestatusListener require a dedicated command group
'icingacmd'. You can choose your own user/group names and pass them to configure
later.
# groupadd icinga
# groupadd icingacmd
# useradd -c "icinga" -s /sbin/nologin -G icingacmd -g icinga
Add the webserver user to the icingacmd group for granting write permissions.
Change 'www-data' to your distribution specific webserver user.
# usermod -a -G icingacmd www-data
Building Icinga 2
-----------------
@ -53,6 +71,9 @@ The configure script supports all the usual parameters one comes to expect
from autoconf. In particular you may want to use --prefix to specify an
alternative installation prefix.
Use --with-icinga[cmd]-{user,group}= to set the run and command user/group
for Icinga 2.
Note: The Git repository does not contain any auto-generated Autotools files,
i.e. there is no 'configure' script. In this case you will need to regenerate
the 'configure' script by running 'autogen.sh'. However, as an end-user you

2
Makefile.am
View File

@ -35,6 +35,8 @@ install-data-local:
$(MKDIR_P) $(DESTDIR)${localstatedir}/lib/${PACKAGE}/cluster/log
$(MKDIR_P) $(DESTDIR)${localstatedir}/lib/${PACKAGE}
$(MKDIR_P) $(DESTDIR)${localstatedir}/run/${PACKAGE}
$(INSTALL) -m 775 -d $(COMMAND_OPTS) $(DESTDIR)${localstatedir}/run/${PACKAGE}/rw
chmod g+s $(DESTDIR)${localstatedir}/run/${PACKAGE}/rw
EXTRA_DIST = $(icinga2doc_DATA) git_version.sh icinga2.spec

39
configure.ac
View File

@ -33,6 +33,45 @@ AC_PROG_MKDIR_P
AC_FUNC_VFORK
AC_ARG_WITH([icinga_user],
AC_HELP_STRING([--with-icinga-user=<user>],[sets user name to run icinga2]),
icinga_user=$withval,
icinga_user=icinga
)
ACICINGA_CHECK_USER([$icinga_user], run)
AC_SUBST(icinga_user)
AC_ARG_WITH(icinga_group,
AC_HELP_STRING([--with-icinga-group=<group>],[sets group name to run icinga2]),
icinga_group=$withval,
icinga_group=icinga
)
ACICINGA_CHECK_GROUP([$icinga_group], run)
AC_SUBST(icinga_group)
INSTALL_OPTS="-o $icinga_user -g $icinga_grp"
AC_SUBST(INSTALL_OPTS)
AC_ARG_WITH(icingacmd_user,
AC_HELP_STRING([--with-icingacmd-user=<user>],[sets user name for icinga2 command access]),
icingacmd_user=$withval,
icingacmd_user=icinga
)
ACICINGA_CHECK_USER([$icingacmd_user], cmd)
AC_SUBST(icingacmd_user)
AC_ARG_WITH(icingacmd_group,
AC_HELP_STRING([--with-icingacmd-group=<group>] ,[sets group name for icinga2 command access]),
icingacmd_group=$withval,
icingacmd_group=icingacmd
)
ACICINGA_CHECK_GROUP([$icingacmd_group], cmd)
AC_SUBST(icingacmd_group)
COMMAND_OPTS="-o $icingacmd_user -g $icingacmd_group"
AC_SUBST(COMMAND_OPTS)
CFLAGS="$CFLAGS -D_GNU_SOURCE -pthread"
CXXFLAGS="$CXXFLAGS -D_GNU_SOURCE -pthread"

2
contrib/process_check_result
View File

@ -34,7 +34,7 @@ EOF
ECHO="/bin/echo"
CMDFILE="/var/run/icinga2/icinga2.cmd"
CMDFILE="/var/run/icinga2/rw/icinga2.cmd"
HOST=""
SERVICE=""
RETURNCODE=0

6
doc/2.1.2-setting-up-icinga-classic-ui.md
View File

@ -41,7 +41,7 @@ OPTIONS* section:
object\_cache\_file |/var/cache/icinga2/objects.cache
status\_file |/var/cache/icinga2/status.dat
resource\_file |-
command\_file |/var/run/icinga2/icinga2.cmd
command\_file |/var/run/icinga2/rw/icinga2.cmd
check\_external\_commands |1
interval\_length |60
status\_update\_interval |10
@ -59,8 +59,8 @@ OPTIONS* section:
In order for commands to work you will need to grant the web server
write permissions for the command pipe:
# chgrp www-data /var/run/icinga2/icinga2.cmd
# chmod 660 /var/run/icinga2/icinga2.cmd
# chgrp www-data /var/run/icinga2/rw/icinga2.cmd
# chmod 660 /var/run/icinga2/rw/icinga2.cmd
> **Note**
>

10
doc/3.3-object-types.md
View File

@ -478,8 +478,8 @@ Example:
library "compat"
object StatusDataWriter "status" {
status\_path = "/data/status.dat",
objects\_path = "/data/objects.path"
status\_path = "/var/cache/icinga2/status.dat",
objects\_path = "/var/cache/icinga2/objects.path"
}
Attributes:
@ -498,14 +498,14 @@ Example:
library "compat"
object ExternalCommandListener "external" {
command\_path = "/data/icinga2.cmd"
command\_path = "/var/run/icinga2/rw/icinga2.cmd"
}
Attributes:
Name |Description
----------------|----------------
command\_path |**Optional.** Path to the command pipe. Defaults to IcingaLocalStateDir + "/run/icinga2/icinga2.cmd".
command\_path |**Optional.** Path to the command pipe. Defaults to IcingaLocalStateDir + "/run/icinga2/rw/icinga2.cmd".
### CompatLogger
@ -516,7 +516,7 @@ Example:
library "compat"
object CompatLogger "my-log" {
log\_dir = "/data/compat-log",
log\_dir = "/var/log/icinga2/compat/compat-log",
rotation\_method = "HOURLY"
}

18
etc/init.d/icinga2.in
View File

@ -19,13 +19,15 @@ sbindir=@sbindir@
bindir=@bindir@
sysconfdir=@sysconfdir@
localstatedir=@localstatedir@
icinga_user=@icinga_user@
icinga_group=@icinga_group@
DAEMON=$bindir/icinga2
ICINGA2_CONFIG_FILE=$sysconfdir/icinga2/icinga2.conf
ICINGA2_PID_FILE=$localstatedir/run/icinga2/icinga2.pid
ICINGA2_ERROR_LOG=$localstatedir/log/icinga2/error.log
ICINGA2_USER=icinga
ICINGA2_GROUP=icinga
ICINGA2_USER=$icinga_user
ICINGA2_GROUP=$icinga_group
test -x $DAEMON || exit 0
@ -35,10 +37,20 @@ if [ ! -e $ICINGA2_CONFIG_FILE ]; then
fi
# Get function from functions library
if [ -e /etc/init.d/functions ]; then
if [ -f /etc/rc.d/init.d/functions ]; then
. /etc/rc.d/init.d/functions
elif [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
fi
# Load extra environment variables
if [ -f /etc/sysconfig/icinga ]; then
. /etc/sysconfig/icinga
fi
if [ -f /etc/default/icinga ]; then
. /etc/default/icinga
fi
# Start Icinga 2
start() {
mkdir -p `dirname -- $ICINGA2_PID_FILE`

36
m4/ax_icinga_user_group.m4 Normal file
View File

@ -0,0 +1,36 @@
#/******************************************************************************
# * Icinga 2 *
# * Copyright (C) 2012-2013 Icinga Development Team (http://www.icinga.org/) *
# * *
# * This program is free software; you can redistribute it and/or *
# * modify it under the terms of the GNU General Public License *
# * as published by the Free Software Foundation; either version 2 *
# * of the License, or (at your option) any later version. *
# * *
# * This program is distributed in the hope that it will be useful, *
# * but WITHOUT ANY WARRANTY; without even the implied warranty of *
# * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
# * GNU General Public License for more details. *
# * *
# * You should have received a copy of the GNU General Public License *
# * along with this program; if not, write to the Free Software Foundation *
# * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. *
# ******************************************************************************/
AC_DEFUN([ACICINGA_CHECK_USER],[
x=$1
y=$2
AC_MSG_CHECKING([if $y user $x exists])
AS_IF([ $GREP -q "^$x:" /etc/passwd ],
[ AC_MSG_RESULT([found]) ],
[ AC_MSG_ERROR([not found]) ])
])
AC_DEFUN([ACICINGA_CHECK_GROUP],[
x=$1
y=$2
AC_MSG_CHECKING([if $y group $x exists])
AS_IF([ $GREP -q "^$x:" /etc/group ],
[ AC_MSG_RESULT([found]) ],
[ AC_MSG_ERROR([not found]) ])
])