-
Notifications
You must be signed in to change notification settings - Fork 5.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
No LVM disk space usage on CentOS #6401
Comments
Hi @tech-mint , I saw the issue that you cited( #3696) and according to that issue, there was a problem with the permissions. The netdata user(the default is "netdata", but you can change it using the option "run as user" in the section [global] of netdata.conf.) did not have permission to access the volume. In the issue the user said us that the netdata was running in chroot(an isolated environment), so it could not access his lvm volume that was in the root of the operate system. For we confirm that you are having the exact same problem, please can you do the following steps:
With your an answer and the next steps we can confirm that you have the exact same issue related in #3696. |
I really appreciate your quick response and attention the answer to your questions are as following:
thanks |
To be owner by root cannot be considered a problem, unless the other two other group of permissions does not allow the user netdata to access it. You created the lvm as "root", so it is possible that the group root is also the owner of the group, you can check this running the following command: $ ls -l / | grep VOLUME , here I am assuming that your lvm is a directory called /VOLUME, please, change the directory in "ls" command and the "VOLUME" in the "grep" according to your virtual machine. An important thing that we must have in our mind, case the root is the group of the volume, you will follow in one of the following cases: 1 - root is group : It is not recommended the netdata to be part of the root group, to be more precise, it is not recommended that anybody except root to be in this group. Please, remember that everything that I am doing here are suppositions, no less important, I am trying to always bring the safety to the description, because we want netdata running and your data safe. We cannot split both. There are more than 10 years that I am not working more as a network administrator, so considering this, what I can say for you now is until where I remember we can use /etc/fstab to set some information about users, another possible road is to take care about the permission for others. In your netdata logs, do you have same error about access denied to the volume we are talking about? Best regards! |
i checked and the logs had nothing on lvm thanks for your support |
Hi @tech-mint , the first letter of the result("l") is showing us that you have a symbolic link to /dev/vg/dm-0, please, can you run the following command: $ ls -l /dev/vg | grep dm-0 this will give us the permission on dm-0 that is your lvm device. |
hi @thiagoftsm here what it is: |
Hi @tech-mint , Now it is completely clear the motive Netdata cannot give to you information, as you can see in this output, the dm-0 volume only allows the user root and users inside root group to read and write on the device. The last three characters are saying us that other users cannot do nothing in the device. Best regards! |
is it safe to add the netdata user to root group? |
This is a very good question. In normal situation we avoid to add any user to the root group, because it would have great permissions, this won't affect only the LVM monitoring, but it can affect a lot of different places of the operate system. I did not work with this specific feature of netdata yet, but I can imagine that netdata only needs to read something from dm-0, no less important, according to Costa at #3696 the netdata only needs to read the volume . You know better than anybody your structure, so you can determine what I will say, case it is possible to give only the read permission on dm-0, it could fix the problems, but it is necessary to measure the impact of this in your security policy rules. |
Adding the netdata user to the root group is not a solution. Certain plugins run as root precisely to avoid doing that. @vlvkobal please check and see what's the problem with LVM. |
There are no special problems with LVM. Netdata uses We can rewrite the |
I don't think it's worth splitting out. Having an execute bit set on a directory is not actually that much of a security risk by itself, and it's not hard to restrict it to just the Netdata user using ACL's. |
Question summary
the lvm disk space usage isn't monitoring.
OS / Environment
CentOS 7.3
I did reviewed issue #3696 but couldn't understand anything
The text was updated successfully, but these errors were encountered: