Changes committed to git://oss.sgi.com/pcp/pcp.git dev
build/mac/cmdline-install | 6 +--
build/mac/installer-resources/postflight | 4 --
build/mac/installer-resources/postinstall | 30 +++++++++++++++---
build/mac/installer-resources/postupgrade | 30 +++++++++++++++---
build/mac/installer-resources/preflight | 4 --
build/mac/installer-resources/preinstall | 4 --
build/mac/installer-resources/preupgrade | 4 --
build/rpm/devtoolset.spec | 12 ++++++-
build/rpm/fedora.spec | 12 ++++++-
build/rpm/pcp.spec.in | 11 ++++++
build/sun/postinstall | 5 +++
configure.in | 4 +-
debian/GNUmakefile | 2 -
debian/pcp-testsuite.postinst | 7 ++++
debian/pcp.postinst | 5 +++
man/man1/pmdashping.1 | 8 ++++
qa/314 | 5 +--
src/include/pcp/impl.h | 1
src/include/pcp/platform_header.h.in | 1
src/libpcp/src/util.c | 44 +++++++++++++++++++++++++++
src/libpcp/src/win32.c | 7 ++++
src/perl/PMDA/PMDA.xs | 2 -
src/perl/PMDA/local.c | 24 --------------
src/pmcd/pmcd.options | 5 ++-
src/pmcd/pmdaproc.sh | 6 ++-
src/pmcd/rc_pmcd | 2 -
src/pmcd/src/.gitignore | 1
src/pmcd/src/pmcd.c | 34 +++++++++++++-------
src/pmdas/aix/aix.c | 4 +-
src/pmdas/apache/Install | 1
src/pmdas/apache/apache.c | 2 +
src/pmdas/bash/Install | 1
src/pmdas/bash/bash.c | 2 +
src/pmdas/bonding/Install | 1
src/pmdas/bonding/pmdabonding.pl | 2 -
src/pmdas/cisco/Install | 14 --------
src/pmdas/cisco/pmda.c | 1
src/pmdas/darwin/pmda.c | 2 +
src/pmdas/dbping/Install | 5 ---
src/pmdas/dbping/pmdadbping.pl | 1
src/pmdas/dtsrun/Install | 1
src/pmdas/dtsrun/pmdadtsrun.pl | 1
src/pmdas/elasticsearch/Install | 1
src/pmdas/elasticsearch/pmdaelasticsearch.pl | 3 -
src/pmdas/freebsd/freebsd.c | 2 +
src/pmdas/gpsd/Install | 1
src/pmdas/gpsd/pmdagpsd.pl | 1
src/pmdas/hotproc/Install | 15 ---------
src/pmdas/hotproc/src/hotproc.c | 1
src/pmdas/kvm/Install | 8 ++--
src/pmdas/kvm/Remove | 4 --
src/pmdas/kvm/pmdakvm.pl | 6 +--
src/pmdas/linux/pmda.c | 2 +
src/pmdas/linux_proc/Install | 5 ---
src/pmdas/linux_proc/pmda.c | 19 +++++++++--
src/pmdas/lmsensors/Install | 14 --------
src/pmdas/lmsensors/lmsensors.c | 2 +
src/pmdas/logger/Install | 3 +
src/pmdas/logger/logger.c | 2 +
src/pmdas/lustrecomm/Install | 17 ----------
src/pmdas/lustrecomm/lustrecomm.c | 2 +
src/pmdas/mailq/Install | 14 --------
src/pmdas/mailq/mailq.c | 2 +
src/pmdas/memcache/Install | 5 ---
src/pmdas/memcache/pmdamemcache.pl | 7 +---
src/pmdas/mmv/Install | 1
src/pmdas/mmv/mmv.c | 2 +
src/pmdas/mounts/Install | 17 ----------
src/pmdas/mounts/mounts.c | 2 +
src/pmdas/mssql/Install | 5 ---
src/pmdas/mssql/pmdamssql.pl | 4 --
src/pmdas/mysql/Install | 5 ---
src/pmdas/mysql/pmdamysql.pl | 1
src/pmdas/named/Install | 1
src/pmdas/named/pmdanamed.pl | 3 +
src/pmdas/netfilter/Install | 1
src/pmdas/netfilter/pmdanetfilter.pl | 3 +
src/pmdas/news/Install | 5 ---
src/pmdas/news/pmdanews.pl | 7 +---
src/pmdas/oracle/Install | 1
src/pmdas/pdns/Install | 1
src/pmdas/postfix/Install | 1
src/pmdas/postfix/pmdapostfix.pl | 2 +
src/pmdas/postgresql/Install | 1
src/pmdas/process/Install | 23 +-------------
src/pmdas/roomtemp/Install | 17 ----------
src/pmdas/rsyslog/Install | 1
src/pmdas/rsyslog/pmdarsyslog.pl | 5 +--
src/pmdas/samba/Install | 1
src/pmdas/samba/pmdasamba.pl | 2 +
src/pmdas/sample/Install | 14 --------
src/pmdas/sample/src/pmda.c | 21 ++++++++++--
src/pmdas/sendmail/Install | 18 -----------
src/pmdas/sendmail/sendmail.c | 2 +
src/pmdas/shping/Install | 15 ---------
src/pmdas/shping/pmda.c | 13 ++++++-
src/pmdas/simple/Install | 6 +--
src/pmdas/simple/pmdasimple.pl | 2 +
src/pmdas/simple/simple.c | 2 +
src/pmdas/snmp/Install | 5 ---
src/pmdas/snmp/pmdasnmp.pl | 2 +
src/pmdas/summary/Install | 13 -------
src/pmdas/summary/pmda.c | 1
src/pmdas/systemtap/Install | 5 ---
src/pmdas/systemtap/pmdasystemtap.pl | 6 +--
src/pmdas/trace/Install | 16 +--------
src/pmdas/trace/src/pmda.c | 2 +
src/pmdas/trivial/Install | 17 ----------
src/pmdas/trivial/trivial.c | 2 +
src/pmdas/txmon/Install | 16 ---------
src/pmdas/txmon/txmon.c | 2 +
src/pmdas/vmware/Install | 5 ---
src/pmdas/vmware/pmdavmware.pl | 6 +--
src/pmdas/weblog/Install | 16 ---------
src/pmdas/weblog/pmda.c | 1
src/pmdas/zimbra/Install | 3 +
src/pmdas/zimbra/pmdazimbra.pl | 2 +
src/pmie/src/pmie.c | 12 ++++++-
src/pmlogctl/pmlogger_check.sh | 8 ++--
src/pmlogger/pmlogger.c | 18 +++++++++--
src/pmproxy/pmproxy.c | 6 +--
src/pmproxy/pmproxy.options | 6 +--
122 files changed, 406 insertions(+), 423 deletions(-)
commit ee474263ee8737dd75540ab435fe47e39ef9bb05
Author: Nathan Scott <nathans@xxxxxxxxxx>
Date: Fri Nov 16 13:52:09 2012 +1100
Transition daemons to run under an unprivileged user account
Introduces a common __pmSetProcessIdentity() helper routine that
allows a daemon started as root to drop privileges. A common -U
command line option is used in many (more) daemons now to allow
them to potentially run as root again should an issue arise. The
perl PCP::PMDA module has been updated to use it in its set_user
interface (pre-existing, for PMDAs already dropping privileges).
Packaging support is added to create a "pcp" user/group for the PCP
daemons to use - which they now do by default.
pmcd is the trickiest, as it creates children (pmdas) that may or
may not have to run as the same user (or even root, for backward
compatibility). The approach taken has been to start all PMDAs,
then drop privileges, then enter the main (network facing) loop.
This means the agents also run initially as root, allowing them to
change user (e.g. to postgres) if needed, or to continue to run as
root (back-compat) or to also switch to running as "pcp". Many of
the PMDAs have been updated to do the latter (whereever possible).
The one caveat with the above is that sighup handling in pmcd is
no longer as straight-forward. Since pmcd is no longer root when
it receives sighup, it can only (re)start pmdas running as the same
user. Since the Install scripts use sighup to request pmcd start
the new agent, we've had to add a 'forced_restart' shell variable
into the pmdaproc.sh known set, which can be used to indicate that
a PMDA requires a full pmcd restart to complete its Install. This
is *set by default* for backward compatibility, thus PMDA authors
who choose to run their PMDA as "pcp", should set forced_restart to
false - allowing sighup to start their PMDA, and be less invasive
to existing pmcd clients (which will otherwise need to reconnect to
pmcd, typically losing all state).
pmproxy has been changed from "nobody" to run as the "pcp" user
by default as well (old behaviour available via -U still). System
pmlogger and pmie daemons also now run as the "pcp" user by default.
commit 0265c2fa11f3f57857289bcbd8ed18808300b08b
Author: Nathan Scott <nathans@xxxxxxxxxx>
Date: Fri Nov 16 12:01:23 2012 +1100
Ensure non-root pmcd can write to tmpfile location in qa/314
|