From ed845d871a2687e6a428cdb2f98bd3c8a55925d5 Mon Sep 17 00:00:00 2001 From: Jordi Sanfeliu Date: Wed, 28 Oct 2020 09:08:55 +0100 Subject: [PATCH] added support to be able to run as a regular user #288 --- lib/Monitorix.pm | 12 +++++++++--- monitorix | 31 +++++++++++++++++-------------- 2 files changed, 26 insertions(+), 17 deletions(-) diff --git a/lib/Monitorix.pm b/lib/Monitorix.pm index a599c2f..6e10817 100644 --- a/lib/Monitorix.pm +++ b/lib/Monitorix.pm @@ -103,14 +103,20 @@ sub setup_riglim { sub httpd_setup { my $myself = (caller(0))[3]; - my ($config, $debug) = @_; + my ($config, $reguser) = @_; my $pid; + my ($uid, $gid); - my (undef, undef, $uid) = getpwnam($config->{httpd_builtin}->{user}); - my (undef, undef, $gid) = getgrnam($config->{httpd_builtin}->{group}); my $host = $config->{httpd_builtin}->{host}; my $port = $config->{httpd_builtin}->{port}; + if($reguser) { + (undef, undef, $uid, $gid ) = getpwuid($<); + } else { + (undef, undef, $uid) = getpwnam($config->{httpd_builtin}->{user}); + (undef, undef, $gid) = getgrnam($config->{httpd_builtin}->{group}); + } + if(!defined($uid)) { logger("$myself: ERROR: invalid user defined."); return; diff --git a/monitorix b/monitorix index 765f251..85c79e3 100755 --- a/monitorix +++ b/monitorix @@ -55,7 +55,7 @@ sub INT_handler { my ($signal) = @_; logger("SIG$signal caught."); - flush_accounting_rules(\%config, $options{d}); + flush_accounting_rules(\%config, $options{d}) unless $options{u}; if(lc($config{httpd_builtin}->{enabled} || "") eq "y") { kill(15, $config{httpd_pid}); } @@ -90,7 +90,7 @@ sub HUP_handler { require HTTPServer; kill(15, $config{httpd_pid}); kill(9, $config{httpd_pid}); - httpd_setup(\%config, $options{d}); + httpd_setup(\%config, $options{u}); logger("Restarted HTTP built-in server (pid $config{httpd_pid}).") if (defined($config{httpd_pid})); } } @@ -501,7 +501,7 @@ EOF # Main # ---------------------------------------------------------------------------- -getopts("c:p:d:vn", \%options) || usage(); +getopts("c:p:d:vnu", \%options) || usage(); if($options{v}) { print("Monitorix version " . VERSION . " (" . RELDATE . ")\n"); @@ -542,13 +542,14 @@ if(grep {$_ eq $config{os}} ("FreeBSD", "OpenBSD", "NetBSD")) { $SIG{'CHLD'} = 'DEFAULT'; } -$0 = sprintf("%s %s%s%s%s%s", +$0 = sprintf("%s %s%s%s%s%s%s", $^V lt 5.6.2 ? "monitorix" : abs_path($0), $options{c} ? "-c $options{c}" : "", $options{p} ? " -p $options{p}" : "", $options{d} ? " -d $options{d}" : "", $options{v} ? " -v" : "", - $options{n} ? " -n" : ""); + $options{n} ? " -n" : "", + $options{u} ? " -u" : ""); daemonize() unless $options{n}; logger("Starting Monitorix version " . VERSION . " (pid $$)."); @@ -672,7 +673,7 @@ if(open(OUT, "> " . $config{base_dir} . "/cgi/monitorix.conf.path")) { logger("WARNING: unable to create the file '$config{base_dir}/cgi/monitorix.conf.path'. $!"); } -if($config{os} eq "Linux") { +if($config{os} eq "Linux" && !$config{u}) { # make sure that 'ip_default_table' option has a consistent value $config{ip_default_table} = "filter" if !$config{ip_default_table}; @@ -689,7 +690,7 @@ if($config{os} eq "Linux") { } # make sure that there aren't residual Monitorix iptables rules -flush_accounting_rules(\%config, $options{d}); +flush_accounting_rules(\%config, $options{d}) unless $options{u}; logger("Initializing graphs."); @@ -745,14 +746,16 @@ create_index(); # start the HTTP built-in (if enabled) if(lc($config{httpd_builtin}->{enabled} || "") eq "y") { - logger("Setting owner/group and permission bits for the imgs/ directory.") if defined($options{d}); - my (undef, undef, $uid) = getpwnam($config{httpd_builtin}->{user}); - my (undef, undef, $gid) = getgrnam($config{httpd_builtin}->{group}); - chown($uid, $gid, $config{base_dir} . "/" . $config{imgs_dir}); - chmod(0755, $config{base_dir} . "/" . $config{imgs_dir}); + if(!$config{u}) { + logger("Setting owner/group and permission bits for the imgs/ directory.") if defined($options{d}); + my (undef, undef, $uid) = getpwnam($config{httpd_builtin}->{user}); + my (undef, undef, $gid) = getgrnam($config{httpd_builtin}->{group}); + chown($uid, $gid, $config{base_dir} . "/" . $config{imgs_dir}); + chmod(0755, $config{base_dir} . "/" . $config{imgs_dir}); + } require HTTPServer; - httpd_setup(\%config, $options{d}); + httpd_setup(\%config, $options{u}); logger("Started HTTP built-in server (pid $config{httpd_pid}).") if (defined($config{httpd_pid})); } @@ -895,7 +898,7 @@ while(1) { require HTTPServer; kill(15, $config{httpd_pid}); kill(9, $config{httpd_pid}); - httpd_setup(\%config, $options{d}); + httpd_setup(\%config, $options{u}); logger("Restarted HTTP built-in server (pid $config{httpd_pid}).") if defined($config{httpd_pid}); } }