Change the default agent user to mon-agent

Changed some places to templates to make it possible to change agent user using monasca_setup. There is one place that it is still hard coded The deb creation now uses a hardcoded mon-agent user instead of monasca-agent Change-Id: I8f2ee8903289d74c0397ccf911701c89e7a1b691
2015-05-06 11:41:28 -06:00 · 2015-05-06 11:41:28 -06:00 · b0cc0ccb14
parent 9e6169522a
commit b0cc0ccb14
11 changed files with 25 additions and 22 deletions
--- a/docs/Agent.md
+++ b/docs/Agent.md
@ -34,7 +34,7 @@ The Agent is composed of the following components:

 | Component Name | Process Name | Description |
 | -------------- | ------------ | ----------- |
-| Supervisor | supervisord | Runs as root, launches all other processes as the "monasca-agent" user.  This process manages the lifecycle of the Collector, Forwarder and Statsd Daemon.  It allows Start, Stop and Restart of all the agent processes together. |
+| Supervisor | supervisord | Runs as root, launches all other processes as the user configured to run monasca-agent.  This process manages the lifecycle of the Collector, Forwarder and Statsd Daemon.  It allows Start, Stop and Restart of all the agent processes together. |
 | Collector | monasca-collector | Gathers system & application metrics on a configurable interval and sends them to the Forwarder process. The collector runs various plugins for collection of different plugins.| 
 | Forwarder | monasca-forwarder | Gathers data from the collector and statsd and submits it to Monasca API over SSL (tcp/17123) | 
 | Statsd Daemon | monasca-statsd | Statsd engine capable of handling dimensions associated with metrics submitted by a client that supports them. Also supports metrics from the standard statsd client. (udp/8125) | 
--- a/monasca_agent/collector/checks_d/postfix.py
+++ b/monasca_agent/collector/checks_d/postfix.py
@ -10,8 +10,8 @@ class PostfixCheck(AgentCheck):
    WARNING: the user that monasca-agent runs as must have sudo access for the 'find' command
             sudo access is not required when running monasca-agent as root (not recommended)

-    example /etc/sudoers entry:
-             monasca-agent ALL=(ALL) NOPASSWD:/usr/bin/find
+    example /etc/sudoers entry (assumes monasca-agent runs as user mon-agent):
+             mon-agent ALL=(ALL) NOPASSWD:/usr/bin/find

    YAML config options:
        "directory" - the value of 'postconf -h queue_directory'
--- a/monasca_setup/detection/plugins/postfix.py
+++ b/monasca_setup/detection/plugins/postfix.py
@ -17,7 +17,8 @@ class Postfix(monasca_setup.detection.Plugin):
        """
        if monasca_setup.detection.find_process_cmdline('postfix') is not None:
            # Test for sudo access
-            test_sudo = os.system('sudo -l -U monasca-agent find /var/spool/postfix/incoming -type f > /dev/null')
+            # TODO: don't hardcode the user. Need to get it from the arguments to monasca_setup
+            test_sudo = os.system('sudo -l -U mon-agent find /var/spool/postfix/incoming -type f > /dev/null')
            if test_sudo != 0:
                log.info("Postfix found but the required sudo access is not configured.\n\t" +
                         "Refer to plugin documentation for more detail")
--- a/monasca_setup/main.py
+++ b/monasca_setup/main.py
@ -88,7 +88,7 @@ def main(argv=None):
    parser.add_argument('--skip_enable', help="By default the service is enabled, " +
                                              "which requires the script run as root. Set this to skip that step.",
                        action="store_true")
-    parser.add_argument('--user', help="User name to run monasca-agent as", default='monasca-agent')
+    parser.add_argument('--user', help="User name to run monasca-agent as", default='mon-agent')
    parser.add_argument('-s', '--service', help="Service this node is associated with, added as a dimension.")
    parser.add_argument('--amplifier', help="Integer for the number of additional measurements to create. " +
                                            "Additional measurements contain the 'amplifier' dimension. " +
@ -133,7 +133,7 @@ def main(argv=None):
        # Write the supervisor.conf
        write_template(os.path.join(args.template_dir, 'supervisor.conf.template'),
                       os.path.join(args.config_dir, 'supervisor.conf'),
-                       {'prefix': PREFIX_DIR, 'log_dir': args.log_dir},
+                       {'prefix': PREFIX_DIR, 'log_dir': args.log_dir, 'monasca_user': args.user},
                       gid)

    # Run through detection and config building for the plugins
--- a/monasca_setup/service/linux.py
+++ b/monasca_setup/service/linux.py
@ -18,7 +18,7 @@ class LinuxInit(service.Service):
    def enable(self):
        """ Does user/group directory creation.
        """
-        # Create monasca-agent user/group if needed
+        # Create user/group if needed
        try:
            user = pwd.getpwnam(self.username)
        except KeyError:
@ -108,7 +108,7 @@ class Systemd(LinuxInit):

 class SysV(LinuxInit):

-    def __init__(self, prefix_dir, config_dir, log_dir, template_dir, name='monasca-agent', username='monasca-agent'):
+    def __init__(self, prefix_dir, config_dir, log_dir, template_dir, username, name='monasca-agent'):
        """Setup this service with the given init template.

        """
@ -125,7 +125,8 @@ class SysV(LinuxInit):
        # Write the init script and enable.
        with open(self.init_template, 'r') as template:
            with open(self.init_script, 'w') as conf:
-                conf.write(template.read().format(prefix=self.prefix_dir, config_dir=self.config_dir))
+                conf.write(template.read().format(prefix=self.prefix_dir, monasca_user=self.username,
+                                                  config_dir=self.config_dir))
        os.chown(self.init_script, 0, 0)
        os.chmod(self.init_script, 0755)

@ -170,4 +171,4 @@ class SysV(LinuxInit):
        if len(glob.glob('/etc/rc?.d/S??monasca-agent')) > 0:
            return True
        else:
-            return False
+            return False
--- a/packaging/monasca-agent-deb/monasca-agent.init
+++ b/packaging/monasca-agent-deb/monasca-agent.init
@ -17,7 +17,7 @@ export PYTHONPATH=$PYTHONPATH:/usr/monasca/agent/
 AGENTPATH="/usr/local/bin/monasca-collector"
 AGENTCONF="/etc/monasca/agent/agent.yaml"
 MONASCASTATSDPATH="/usr/local/bin/monasca-statsd"
-AGENTUSER="monasca-agent"
+AGENTUSER="mon-agent"
 FORWARDERPATH="/usr/local/bin/monasca-forwarder"
 NAME="monasca-agent"
 DESC="Monasca Monitoring Agent"
--- a/packaging/monasca-agent-deb/postinst
+++ b/packaging/monasca-agent-deb/postinst
@ -4,12 +4,13 @@ set -e

 case "$1" in
    configure)
+        AGENT_USER=mon-agent 
        update-rc.d monasca-agent defaults
-        adduser --system monasca-agent --disabled-login --shell /bin/sh --no-create-home --quiet
+        adduser --system ${AGENT_USER} --disabled-login --shell /bin/sh --no-create-home --quiet
        usermod -d /usr/share/monasca/agent monasca-agent
        chown root:root /etc/init.d/monasca-agent
-        chown -R monasca-agent:root /etc/monasca/agent
-        chown -R monasca-agent:root /var/log/monasca/agent
+        chown -R ${AGENT_USER}:root /etc/monasca/agent
+        chown -R ${AGENT_USER}:root /var/log/monasca/agent
        chown -R root:root /usr/share/monasca/agent
        chown -h root:root /usr/bin/monasca-statsd
        chown -h root:root /usr/bin/monasca-collector
--- a/packaging/monasca-agent-deb/postrm
+++ b/packaging/monasca-agent-deb/postrm
@ -3,7 +3,7 @@ set -e

 if [ "$1" = purge ]; then
    update-rc.d monasca-agent remove
-    deluser monasca-agent
+    deluser mon-agent
 fi

 exit 0
--- a/packaging/monasca-agent-deb/supervisor.conf
+++ b/packaging/monasca-agent-deb/supervisor.conf
@ -24,7 +24,7 @@ stdout_logfile=NONE
 stderr_logfile=NONE
 priority=999
 startsecs=2
-user=monasca-agent
+user=mon-agent
 environment=LC_ALL=POSIX,PYTHONPATH='/usr/share/monasca/agent:$PYTHONPATH'

 [program:forwarder]
@ -33,7 +33,7 @@ stdout_logfile=NONE
 stderr_logfile=NONE
 startsecs=3
 priority=998
-user=monasca-agent
+user=mon-agent

 [program:statsd]
 command=/usr/bin/monasca-statsd
@ -41,7 +41,7 @@ stdout_logfile=NONE
 stderr_logfile=NONE
 startsecs=3
 priority=998
-user=monasca-agent
+user=mon-agent

 [group:monasca-agent]
 programs=forwarder,collector,statsd
--- a/packaging/monasca-agent.init.template
+++ b/packaging/monasca-agent.init.template
@ -16,7 +16,7 @@ PATH=$PATH:/sbin
 AGENTPATH="{prefix}/bin/monasca-collector"
 AGENTCONF="{config_dir}/agent.yaml"
 MONASCASTATSDPATH="{prefix}/bin/monasca-statsd"
-AGENTUSER="monasca-agent"
+AGENTUSER="{monasca_user}"
 FORWARDERPATH="{prefix}/bin/monasca-forwarder"
 NAME="monasca-agent"
 DESC="Monasca Monitoring Agent"
--- a/packaging/supervisor.conf.template
+++ b/packaging/supervisor.conf.template
@ -23,7 +23,7 @@ stdout_logfile=NONE
 stderr_logfile=NONE
 priority=999
 startsecs=2
-user=monasca-agent
+user={monasca_user}
 autorestart=true

 [program:forwarder]
@ -32,7 +32,7 @@ stdout_logfile=NONE
 stderr_logfile=NONE
 startsecs=3
 priority=998
-user=monasca-agent
+user={monasca_user}
 autorestart=true

 [program:statsd]
@ -41,7 +41,7 @@ stdout_logfile=NONE
 stderr_logfile=NONE
 startsecs=3
 priority=998
-user=monasca-agent
+user={monasca_user}
 autorestart=true

 [group:monasca-agent]