Proper username detection for Postfix
'grp' module that was used in Postfix autodetection,
to retrieve username monasca-agent runs with' was actually
returning the gropname of that user.
Instead of retrieving gid, new code retrieves user uid and later
on, using pwd module, retrieves its username.
Detected on SLES SP 12.
Change-Id: I3da4ca138424d065a8373b5786673dd265bdfaac
(cherry picked from commit 242da17f4b)
This commit is contained in:
Tomasz Trębski
Johannes Grassler
parent
ea8d4a7594
commit
df3a66503b
|
|
@ -1,39 +1,64 @@
|
||||||
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
|
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
|
||||||
|
# Copyright 2017 Fujitsu LIMITED
|
||||||
|
|
||||||
import grp
|
|
||||||
import logging
|
import logging
|
||||||
import os
|
import os
|
||||||
|
import pwd
|
||||||
import yaml
|
import yaml
|
||||||
|
|
||||||
import monasca_setup.agent_config
|
from monasca_setup import agent_config
|
||||||
import monasca_setup.detection
|
from monasca_setup.detection import plugin
|
||||||
|
from monasca_setup.detection import utils
|
||||||
|
|
||||||
log = logging.getLogger(__name__)
|
log = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
_POSTFIX_PROC_NAME = 'postfix'
|
||||||
|
_POSTFIX_DIRECTORY = """/var/spool/postfix"""
|
||||||
|
_POSTFIX_CHECK_COMMAND = ('sudo -l -U {0} find %s/incoming '
|
||||||
|
'-type f > /dev/null' % _POSTFIX_DIRECTORY)
|
||||||
|
"""Command to verify if user running monasca-agent
|
||||||
|
has sudo permission to access postfix directory"""
|
||||||
|
|
||||||
class Postfix(monasca_setup.detection.Plugin):
|
|
||||||
|
class Postfix(plugin.Plugin):
|
||||||
"""If postfix is running install the default config.
|
"""If postfix is running install the default config.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
ERROR_MSG = 'postfix plugin will not be configured.'
|
||||||
|
|
||||||
def _detect(self):
|
def _detect(self):
|
||||||
"""Run detection, set self.available True if the service is detected.
|
"""Run detection, set self.available True if the service is detected.
|
||||||
|
|
||||||
"""
|
"""
|
||||||
# Detect Agent's OS username by getting the group owner of confg file
|
|
||||||
try:
|
try:
|
||||||
gid = os.stat('/etc/monasca/agent/agent.yaml').st_gid
|
has_process = (utils.find_process_cmdline(_POSTFIX_PROC_NAME)
|
||||||
agent_user = grp.getgrgid(gid)[0]
|
is not None)
|
||||||
except OSError:
|
agent_user = self._get_agent_username() if has_process else None
|
||||||
agent_user = None
|
has_user = agent_user is not None
|
||||||
if monasca_setup.detection.find_process_cmdline('postfix') is not None:
|
has_sudoers = (self._has_sudoers(agent_user)
|
||||||
# Test for sudo access
|
if agent_user else False)
|
||||||
test_sudo = os.system('sudo -l -U {0} find /var/spool/postfix/incoming -type f > /dev/null'.format(agent_user))
|
except Exception:
|
||||||
if test_sudo != 0:
|
|
||||||
log.info("Postfix found but the required sudo access is not configured.\n\t" +
|
|
||||||
"Refer to plugin documentation for more detail")
|
|
||||||
return False
|
|
||||||
self.available = True
|
|
||||||
else:
|
|
||||||
self.available = False
|
self.available = False
|
||||||
|
detailed_msg = ('Unexpected exception while '
|
||||||
|
'running postfix detection.')
|
||||||
|
log.exception('%s\n%s' % (detailed_msg, self.ERROR_MSG))
|
||||||
|
else:
|
||||||
|
self.available = has_process and has_sudoers
|
||||||
|
if not self.available:
|
||||||
|
if not has_process:
|
||||||
|
detailed_msg = ('%s process was not found.'
|
||||||
|
% _POSTFIX_PROC_NAME)
|
||||||
|
log.info('%s\n%s' % (detailed_msg, self.ERROR_MSG))
|
||||||
|
elif not has_user:
|
||||||
|
detailed_msg = 'Did not locate agent\'s username.'
|
||||||
|
log.error('%s\n%s' % (detailed_msg, self.ERROR_MSG))
|
||||||
|
elif not has_sudoers:
|
||||||
|
detailed_msg = ('%s cannot access %s directory. '
|
||||||
|
'\n Refer to postfix plugin documentation '
|
||||||
|
'for more details.'
|
||||||
|
% (agent_user, _POSTFIX_DIRECTORY))
|
||||||
|
log.error('%s\n%s' % (detailed_msg, self.ERROR_MSG))
|
||||||
|
|
||||||
def build_config(self):
|
def build_config(self):
|
||||||
"""Build the config as a Plugins object and return.
|
"""Build the config as a Plugins object and return.
|
||||||
|
|
@ -43,9 +68,20 @@ class Postfix(monasca_setup.detection.Plugin):
|
||||||
# plugin is the exception not the rule
|
# plugin is the exception not the rule
|
||||||
with open(os.path.join(self.template_dir, 'conf.d/postfix.yaml.example'), 'r') as postfix_template:
|
with open(os.path.join(self.template_dir, 'conf.d/postfix.yaml.example'), 'r') as postfix_template:
|
||||||
default_net_config = yaml.safe_load(postfix_template.read())
|
default_net_config = yaml.safe_load(postfix_template.read())
|
||||||
config = monasca_setup.agent_config.Plugins()
|
config = agent_config.Plugins()
|
||||||
config['postfix'] = default_net_config
|
config['postfix'] = default_net_config
|
||||||
return config
|
return config
|
||||||
|
|
||||||
def dependencies_installed(self):
|
def dependencies_installed(self):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def _get_agent_username():
|
||||||
|
uid = os.stat('/etc/monasca/agent/agent.yaml').st_uid
|
||||||
|
agent_user = pwd.getpwuid(uid).pw_name
|
||||||
|
return agent_user
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def _has_sudoers(agent_user):
|
||||||
|
test_sudo = os.system(_POSTFIX_CHECK_COMMAND.format(agent_user))
|
||||||
|
return test_sudo == 0
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue