openstack
/
monasca-agent
Code Issues Proposed changes

Proper username detection for Postfix 

'grp' module that was used in Postfix autodetection,
to retrieve username monasca-agent runs with' was actually
returning the gropname of that user.

Instead of retrieving gid, new code retrieves user uid and later
on, using pwd module, retrieves its username.

Detected on SLES SP 12.

Change-Id: I3da4ca138424d065a8373b5786673dd265bdfaac
This commit is contained in:
Tomasz Trębski 2017-05-22 13:03:29 +02:00
parent 3a4d5c5ce9
commit 242da17f4b
1 changed files with 55 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
monasca_setup/detection/plugins/postfix.py
View File

@ -1,39 +1,64 @@
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# Copyright 2017 Fujitsu LIMITED
import grp
import logging
import os
import pwd
import yaml
import monasca_setup.agent_config
import monasca_setup.detection
from monasca_setup import agent_config
from monasca_setup.detection import plugin
from monasca_setup.detection import utils
log = logging.getLogger(__name__)
_POSTFIX_PROC_NAME = 'postfix'
_POSTFIX_DIRECTORY = """/var/spool/postfix"""
_POSTFIX_CHECK_COMMAND = ('sudo -l -U {0} find %s/incoming '
'-type f > /dev/null' % _POSTFIX_DIRECTORY)
"""Command to verify if user running monasca-agent
has sudo permission to access postfix directory"""
class Postfix(monasca_setup.detection.Plugin):
class Postfix(plugin.Plugin):
"""If postfix is running install the default config.
"""
ERROR_MSG = 'postfix plugin will not be configured.'
def _detect(self):
"""Run detection, set self.available True if the service is detected.
"""
# Detect Agent's OS username by getting the group owner of confg file
try:
gid = os.stat('/etc/monasca/agent/agent.yaml').st_gid
agent_user = grp.getgrgid(gid)[0]
except OSError:
agent_user = None
if monasca_setup.detection.find_process_cmdline('postfix') is not None:
# Test for sudo access
test_sudo = os.system('sudo -l -U {0} find /var/spool/postfix/incoming -type f > /dev/null'.format(agent_user))
if test_sudo != 0:
log.info("Postfix found but the required sudo access is not configured.\n\t" +
"Refer to plugin documentation for more detail")
return False
self.available = True
else:
has_process = (utils.find_process_cmdline(_POSTFIX_PROC_NAME)
is not None)
agent_user = self._get_agent_username() if has_process else None
has_user = agent_user is not None
has_sudoers = (self._has_sudoers(agent_user)
if agent_user else False)
except Exception:
self.available = False
detailed_msg = ('Unexpected exception while '
'running postfix detection.')
log.exception('%s\n%s' % (detailed_msg, self.ERROR_MSG))
else:
self.available = has_process and has_sudoers
if not self.available:
if not has_process:
detailed_msg = ('%s process was not found.'
% _POSTFIX_PROC_NAME)
log.info('%s\n%s' % (detailed_msg, self.ERROR_MSG))
elif not has_user:
detailed_msg = 'Did not locate agent\'s username.'
log.error('%s\n%s' % (detailed_msg, self.ERROR_MSG))
elif not has_sudoers:
detailed_msg = ('%s cannot access %s directory. '
'\n Refer to postfix plugin documentation '
'for more details.'
% (agent_user, _POSTFIX_DIRECTORY))
log.error('%s\n%s' % (detailed_msg, self.ERROR_MSG))
def build_config(self):
"""Build the config as a Plugins object and return.
@ -43,9 +68,20 @@ class Postfix(monasca_setup.detection.Plugin):
# plugin is the exception not the rule
with open(os.path.join(self.template_dir, 'conf.d/postfix.yaml.example'), 'r') as postfix_template:
default_net_config = yaml.safe_load(postfix_template.read())
config = monasca_setup.agent_config.Plugins()
config = agent_config.Plugins()
config['postfix'] = default_net_config
return config
def dependencies_installed(self):
return True
@staticmethod
def _get_agent_username():
uid = os.stat('/etc/monasca/agent/agent.yaml').st_uid
agent_user = pwd.getpwuid(uid).pw_name
return agent_user
@staticmethod
def _has_sudoers(agent_user):
test_sudo = os.system(_POSTFIX_CHECK_COMMAND.format(agent_user))
return test_sudo == 0