Agreed that 666 is not the best, but with iptable rules and external acls, it isn’t a major concern, ~KEM
> On Jun 1, 2016, at 17:17, Dan O'Neill <[email protected]> wrote: > > Just to be pedantic, one might want to chmod 664 so that the world doesn't > have write access to the rrd files. I'll keep reading your responses and try > to help. > > btw, is there an IRC channel? Should we create one? > > On Wed, Jun 1, 2016 at 2:08 PM, masonke <[email protected] > <mailto:[email protected]>> wrote: > Until today we never had a problem, we are constantly adding targets and have > a rigid salt stack deployment. Just for safety, not he master, every 10 > minutes a cron job kicks off a script that sets these perms not he master > > cd /var/lib/smokeping > find . -type f -name '*.rrd' | xargs chown smokeping:www-data > find . -type f -name '*.rrd' | xargs chmod 666 > > Will add the chgrp and chown, just to make sure. > > I am hoping that when I go back and look at it later, the problem will jump > out at me. > ~KEM > >> On Jun 1, 2016, at 16:57, Dan O'Neill <[email protected] >> <mailto:[email protected]>> wrote: >> >> Hi, >> >> Let me walk through an example of my configuration and the permissions >> changes required. I add slaves frequently and have this process somewhat >> nailed. >> >> Given: >> - Slave is called c2nyc >> - Hierarchy is client -> boatsrus -> ping boatsrus.com >> <http://boatsrus.com/> >> - Apache user is www-data >> - Apache group is www-data >> >> >> Steps on the Master: >> 1. cd /var/lib/smokeping >> 2. chgroup www-data boatsrus >> 3. chmod g+w boatsrus >> 4. cd boatsrus >> 5. chgrp www-data *c2nyc.rrd >> 6. chmod g+w *c2nyc.rrd >> >> And that is pretty much the permissions structure that works. >> >> ------ >> >> Separately, what error are you seeing on the slave side? >> >> dano >> >> >> On Wed, Jun 1, 2016 at 1:47 PM, masonke <[email protected] >> <mailto:[email protected]>> wrote: >> This really looks like a permissions issue, but I just can’t find it. In >> desperation, I made all the red files and directories that hold them 777, >> just to see what would happen. It did not change anything. >> >> It is almost like the process that moves the data from the slave.cache files >> into the rrd file is not running. If I reboot the master, all the >> backlogged slave_cache data is added to the rrd and you can see it on the >> graphs. >> >> Really is a crazy thing with the secrets file, the error is on the slave, >> not the master. >> >> I will can the whole thing and restart from scratch if I can’t get it fixed >> by noon tomorrow. >> >> >> ~KEM >> >> > > > >
_______________________________________________ smokeping-users mailing list [email protected] https://lists.oetiker.ch/cgi-bin/listinfo/smokeping-users
