Hi Stuart, the proper solution is to grant read access to a group on these files (like 'admin' in debian) and add the collectd user to that group.
> Wed Apr 29 2015 15:08:25 EDT from "Stuart Cracraft" <smcracr...@me.com> >Subject: [collectd] collectd restriction > > So, even though collectd runs by default as root, > > none of its children can be so-configured, due to a decision > > shown in: > > > > https://collectd.org/wiki/index.php/Plugin:Exec > > > > which restricts Exec-based plugins to using uid!=0 as the > > uid for the running collectors as children of collectd: > > > > "The security concerns are addressed by forcing the plugin to check that >custom programs are never executed with superuser privileges. If the daemon >runs as root, you /have to/ configure another user ID with which the new >process is created." > > > > This is a half-hearted, strange attempt to draconianly > > say "all uid=0" is bad and feels suspiciously nannyish, big-government. > > > > In fact, there are many commands which require root to > > access protected files or devices and which do not have > > non-Exec collectd-generic-support but constitute invaluable > > information to have collected, graphed and alarmed on. > > > > I am surprised at the above decision and am asking > > the community how you collect root-accessible-only data > > in collectd when there no plugin exec, nor otherwise, to collectd. > > > > > > > > > >
_______________________________________________ collectd mailing list collectd@verplant.org http://mailman.verplant.org/listinfo/collectd
_______________________________________________ collectd mailing list collectd@verplant.org http://mailman.verplant.org/listinfo/collectd
