mirror of
https://github.com/ClusterCockpit/cc-metric-collector.git
synced 2025-01-13 15:49:06 +01:00
Add check for configuration files to be owned by user and have perm 0600. Fixes #33
This commit is contained in:
parent
ee4e1baf5b
commit
03d5486413
@ -3,6 +3,7 @@ package main
|
|||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"flag"
|
"flag"
|
||||||
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"os/signal"
|
"os/signal"
|
||||||
"syscall"
|
"syscall"
|
||||||
@ -15,9 +16,9 @@ import (
|
|||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
lp "github.com/ClusterCockpit/cc-energy-manager/pkg/cc-message"
|
||||||
mr "github.com/ClusterCockpit/cc-metric-collector/internal/metricRouter"
|
mr "github.com/ClusterCockpit/cc-metric-collector/internal/metricRouter"
|
||||||
cclog "github.com/ClusterCockpit/cc-metric-collector/pkg/ccLogger"
|
cclog "github.com/ClusterCockpit/cc-metric-collector/pkg/ccLogger"
|
||||||
lp "github.com/ClusterCockpit/cc-energy-manager/pkg/cc-message"
|
|
||||||
mct "github.com/ClusterCockpit/cc-metric-collector/pkg/multiChanTicker"
|
mct "github.com/ClusterCockpit/cc-metric-collector/pkg/multiChanTicker"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -42,6 +43,27 @@ func LoadCentralConfiguration(file string, config *CentralConfigFile) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func ConfigFileCheck(file string) error {
|
||||||
|
|
||||||
|
info, err := os.Stat(file)
|
||||||
|
if err != nil {
|
||||||
|
cclog.Error("Cannot access file", file)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
uid := info.Sys().(*syscall.Stat_t).Uid
|
||||||
|
perm := info.Mode().Perm()
|
||||||
|
if uid != uint32(os.Getuid()) {
|
||||||
|
err = fmt.Errorf("file %s has a different owner", file)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if perm != 0600 {
|
||||||
|
err = fmt.Errorf("file %s has a invalid permissions", file)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
type RuntimeConfig struct {
|
type RuntimeConfig struct {
|
||||||
Interval time.Duration
|
Interval time.Duration
|
||||||
Duration time.Duration
|
Duration time.Duration
|
||||||
@ -167,6 +189,12 @@ func mainFunc() int {
|
|||||||
CliArgs: ReadCli(),
|
CliArgs: ReadCli(),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
err = ConfigFileCheck(rcfg.CliArgs["configfile"])
|
||||||
|
if err != nil {
|
||||||
|
cclog.Error(err.Error())
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
// Load and check configuration
|
// Load and check configuration
|
||||||
err = LoadCentralConfiguration(rcfg.CliArgs["configfile"], &rcfg.ConfigFile)
|
err = LoadCentralConfiguration(rcfg.CliArgs["configfile"], &rcfg.ConfigFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -208,16 +236,31 @@ func mainFunc() int {
|
|||||||
cclog.Error("Metric router configuration file must be set")
|
cclog.Error("Metric router configuration file must be set")
|
||||||
return 1
|
return 1
|
||||||
}
|
}
|
||||||
|
err = ConfigFileCheck(rcfg.ConfigFile.RouterConfigFile)
|
||||||
|
if err != nil {
|
||||||
|
cclog.Error(err.Error())
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
if len(rcfg.ConfigFile.SinkConfigFile) == 0 {
|
if len(rcfg.ConfigFile.SinkConfigFile) == 0 {
|
||||||
cclog.Error("Sink configuration file must be set")
|
cclog.Error("Sink configuration file must be set")
|
||||||
return 1
|
return 1
|
||||||
}
|
}
|
||||||
|
err = ConfigFileCheck(rcfg.ConfigFile.SinkConfigFile)
|
||||||
|
if err != nil {
|
||||||
|
cclog.Error(err.Error())
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
if len(rcfg.ConfigFile.CollectorConfigFile) == 0 {
|
if len(rcfg.ConfigFile.CollectorConfigFile) == 0 {
|
||||||
cclog.Error("Metric collector configuration file must be set")
|
cclog.Error("Metric collector configuration file must be set")
|
||||||
return 1
|
return 1
|
||||||
}
|
}
|
||||||
|
err = ConfigFileCheck(rcfg.ConfigFile.CollectorConfigFile)
|
||||||
|
if err != nil {
|
||||||
|
cclog.Error(err.Error())
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
// Set log file
|
// Set log file
|
||||||
if logfile := rcfg.CliArgs["logfile"]; logfile != "stderr" {
|
if logfile := rcfg.CliArgs["logfile"]; logfile != "stderr" {
|
||||||
@ -260,6 +303,11 @@ func mainFunc() int {
|
|||||||
|
|
||||||
// Create new receive manager
|
// Create new receive manager
|
||||||
if len(rcfg.ConfigFile.ReceiverConfigFile) > 0 {
|
if len(rcfg.ConfigFile.ReceiverConfigFile) > 0 {
|
||||||
|
err = ConfigFileCheck(rcfg.ConfigFile.ReceiverConfigFile)
|
||||||
|
if err != nil {
|
||||||
|
cclog.Error(err.Error())
|
||||||
|
return 1
|
||||||
|
}
|
||||||
rcfg.ReceiveManager, err = receivers.New(&rcfg.Sync, rcfg.ConfigFile.ReceiverConfigFile)
|
rcfg.ReceiveManager, err = receivers.New(&rcfg.Sync, rcfg.ConfigFile.ReceiverConfigFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
cclog.Error(err.Error())
|
cclog.Error(err.Error())
|
||||||
|
Loading…
Reference in New Issue
Block a user