On Thu, 17 March 2011 Florian Forster <[email protected]> wrote: > On Sun, Mar 13, 2011 at 07:04:39AM -0000, Andrew Yates wrote: > > (It might also be a good idea to run collectd as an unprivileged user > > by default. A quick test suggests that of the default plugins only > > 'df' may require root privileges.) > > In the vast majority of cases, the "df" plugin doesn't need privileges. > The only problematic case I can think of right now is if some file > system is mounted at "/secret/foo" and the unprivileged user isn't > allowed to read "/secret". > > Plugins which do require privileges can be found in the collectd wiki in > the "Plugins requiring privileges" category [0]. > > [0] <http://collectd.org/wiki/index.php/Category:Plugins_requiring_privileges>
>From those I'm wondering what special privileges netlink plugin needs... on the systems I run it on, it runs as unprivileged user. For DNS, Ping and IPTables plugins just setting the appropriate capabilities, e.g. using file based capabilities, does suffice. For serial I would say adding the right group should do it as well. At least file based capabilities and unprivileged user does work fine for me with ping plugin. Bruno _______________________________________________ collectd mailing list [email protected] http://mailman.verplant.org/listinfo/collectd
