Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

adding sudo section and config snippet into README #2

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

adding sudo section and config snippet into README #2

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 31 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,12 @@ This script collects [lvmcache / dm-cache](https://www.kernel.org/doc/Documentat
Exec "user:group" "/path/to/collectd-lvmcache"
</Plugin>
```
Note: you are recommended to run under the least privileged user like `nobody` and in that case you need to allow `user` to elevate privileges via `sudo` for `specific command`, see below.

### Command-line (for testing)

Under `root` (or other user having access to `dmesetup` command), simply run:
```
$ ./collectd-lvmcache
# ./collectd-lvmcache
PUTVAL "hostname.tld/lvmcache-lv0/df_complex-dirty" interval=1 N:0
PUTVAL "hostname.tld/lvmcache-lv0/df_complex-metadata_used" interval=1 N:9199616
PUTVAL "hostname.tld/lvmcache-lv0/df_complex-metadata_free" interval=1 N:1064542208
Expand All @@ -28,3 +29,31 @@ PUTVAL "hostname.tld/lvmcache-lv0/cache_result-write_misses" interval=1 N:294842
PUTVAL "hostname.tld/lvmcache-lv0/cache_result-demotions" interval=1 N:0
PUTVAL "hostname.tld/lvmcache-lv0/cache_result-promotions" interval=1 N:1806
```

### Sudo setup
Example for Ubuntu 20.04, but all modern distros should be the same or very similar:
* assuming you have chosen `nobody` as user in collectd's config, then configure `/etc/sudoers.d/nobody_dmsetup_status`, with content
```
# allow nobody user to query LVM CACHE stats without password
nobody ALL=(root:root) NOPASSWD: /sbin/dmsetup status --target cache
```
* checking by listing allowed commands and options for `nobody`:
```
root@server# sudo -U nobody -l
Matching Defaults entries for nobody on server:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User nobody may run the following commands on server:
(root : root) NOPASSWD: /sbin/dmsetup status --target cache
```
* checking under `nobody` user itself (I've installed script into `/opt/scripts/monitoring/collectd/collectd-lvmcache`):
```
root@server:~# sudo -u nobody /bin/bash
nobody@server:/home/admin$ cd /tmp
nobody@server:/tmp$ /opt/scripts/monitoring/collectd/collectd-lvmcache
PUTVAL "hostname.tld/lvmcache-vg0-data/df_complex-dirty" interval=1 N:109051904
PUTVAL "hostname.tld/lvmcache-vg0-data/df_complex-metadata_used" interval=1 N:10108928
PUTVAL "hostname.tld/lvmcache-vg0-data/df_complex-metadata_free" interval=1 N:31834112
...
...
```