New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Doc debian 10 updates #11488
Doc debian 10 updates #11488
Conversation
There are ways to install debian without the acl package. Add it to the required list
Debian does not require systemd. This makes calling systemctl to restart processes a problem. The more generic way in Debian is to call service
In Debian webservers are configured using -available and -enabled directories. Make better use of this stucture.
Instead of overwriting snmpd.conf inform Debian of the change. Because snmpd.conf contains sensitive info make it only user accessible
some questions:
|
apparently I need more git school. I thought I answered most of these questions in the commit messages. Apparently my additional lines went missing.
Debian has the command editor which is the users preferred editor. It can be nano or emacs or vim or something different.
snmpd.conf holds (can hold) sensitive information like community stings and passwords.
This is to let the package manager know this file is now managed in an other way than through the package manager.
This was not changed. The file was called *.vhost already. And it works as the include is * include /etc/nginx/sites-enabled/*;
This line is not removed. |
changing editor from snmpd chmod dpkg-divert |
@robje something new about it? |
@robje maybe a note about editor. So people don't get stuck in vim ;D Also, this needs merging with upstream. |
something new here? |
AFAIK nano is the default editor in Debian, no worries about getting stuck in vim unless one really wants to :)
|
agreed
snmpd.conf is read before dropping privileges. On a new installation it is owned by root.
Will put this forward in a separate pull request |
``` | ||
|
||
# Configure snmpd | ||
|
||
```bash | ||
cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf | ||
chmod 600 /etc/snmp/snmpd.conf |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you change mod to 600 ... doesn't work if snmpd.conf is not owned by snmpd user
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if you limit access such high a chown is also needed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is not. snmpd is started as root and privileges are dropped after starting. snmpd must be started as root to acquire privileged port 161.
snmpd.conf is read as root, before dropping privileges.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This pull request has been mentioned on LibreNMS Community. There might be relevant details there: https://community.librenms.org/t/v1-65-release-changelog-june-2020/12687/1 |
1 similar comment
This pull request has been mentioned on LibreNMS Community. There might be relevant details there: https://community.librenms.org/t/v1-65-release-changelog-june-2020/12687/1 |
Some (Debian specific) updates to the Debian 10 installation procedure.
DO NOT DELETE THE UNDERLYING TEXT
Please note
Testers
If you would like to test this pull request then please run:
./scripts/github-apply <pr_id>
, i.e./scripts/github-apply 5926
After you are done testing, you can remove the changes with
./scripts/github-remove
. If there are schema changes, you can ask on discord how to revert.