Cacti (home)ForumsDocumentation
Cacti: offical forums and support
It is currently Sun May 28, 2017 3:54 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 18 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Wed Mar 01, 2017 3:51 pm 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
If

Console -> Cacti Settings -> Data Storage -> Structured RRD Path

is selected, the folder named after the ID of the device is created immediately (unlike previous cacti version, where it was created by the poller) but with a wrong user owner and attributes, and it is impossible for the poller to write into such folder (apache:apache is the owner)

This does not happend if Structured RRD Path is not selected, RRD files are created by the poller correctly.

Attached the image of the data and the issue, please consider that

device ID 10 was created with Structured RRD Path enabled
device ID 11 was created with Structured RRD Path disabled

Attachment:
cacti_issue.PNG
cacti_issue.PNG [ 71.74 KiB | Viewed 701 times ]


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Wed Mar 01, 2017 4:03 pm 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
ADD:

Removing a device does not remove the related RRDs

even if
Console -> Cacti Settings -> RRDfile Auto Clean is ENABLED
and
Console -> Cacti Settings -> RRDfile Auto Clean Method is DELETE


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Wed Mar 01, 2017 5:26 pm 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
ADD:

there is no "refresh" ring button image, but just the link :

Old CACTI 8.8x

Attachment:
Capture2.PNG
Capture2.PNG [ 13.83 KiB | Viewed 684 times ]


NEW CACTI 1.0.4

Attachment:
Capture.PNG
Capture.PNG [ 9.81 KiB | Viewed 684 times ]


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Wed Mar 01, 2017 11:14 pm 
Offline

Joined: Mon Mar 30, 2015 3:28 am
Posts: 3
Try set apache:apache for your rra/
Then inside your crontab, replace cactiuser with apache.

See if works or not.


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Thu Mar 02, 2017 4:54 pm 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
I will try, I believe it will work but this is not the behavior of previous versions of Cacti (that demanded the creation of the folder to the poller).


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Fri Mar 03, 2017 2:58 am 
Offline
Cacti Guru User
User avatar

Joined: Thu Jan 31, 2008 6:39 am
Posts: 2580
Location: Kressbronn, Germany
With the permissions, you do the following:

- Create a group where apache and the cacti polling user belong to.
- Change the ownership of the rra directory so that the group has read+write access to it
- Follow the Answer from this post to make the group permission "sticky": Getting new files to inherit group permissions on Linux

Now even if apache creates the folder, the cacti polling user should have write access to it.

_________________
Greetings,
Phalek
---
Need more help ? Read the Cacti documentation or my new Cacti Book
Need on-site support ? Look here Cacti Workshop
Need professional Cacti support ? Look here CereusService
---
Plugins : CereusTransporter | CereusReporting | nmidWebService | nmidSmokeping | nmidWeb2 |

Code:
CereusServer Master:  SYSTEM STATS: Time:2.5621 Method:spine Processes:1 Threads:16 Hosts:446 HostsPerProcess:446 DataSources:14683 RRDsProcessed:7573
CereusServer Agent:   SYSTEM STATS: Time:27.4840 Method:spine Processes:1 Threads:8 Hosts:16 HostsPerProcess:16 DataSources:114576 RRDsProcessed:48061


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Sun Mar 05, 2017 6:45 am 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
phalek wrote:
With the permissions, you do the following:

- Create a group where apache and the cacti polling user belong to.
- Change the ownership of the rra directory so that the group has read+write access to it
- Follow the Answer from this post to make the group permission "sticky": Getting new files to inherit group permissions on Linux

Now even if apache creates the folder, the cacti polling user should have write access to it.



Thank you, that was a good advise, with the command:

chmod g+s /var/www/html/cacti/rra/

I am able to have a structured RRD path and have the folders and files created and populated correctly.

so my question is if there are some file permission I did set up incorrectly or this is something related to the 1.x version?

I noticed that before setting the SGID permission, i saw the following log in CACTI:
Quote:
2017-03-05 11:23:53 - CMDPHP ERROR: Unable to set directory permissions for '/var/www/html/cacti/rra/20'
2017-03-05 11:23:53 - CMDPHP PHP ERROR WARNING Backtrace: (/host.php: 53 form_save)(/host.php: 171 api_device_save)(/lib/api_device.php: 228 chown)(CactiErrorHandler)(/lib/functions.php: 4259 cacti_debug_backtrace)
2017-03-05 11:23:53 - ERROR PHP WARNING: chown(): Operation not permitted in file: /var/www/html/cacti/lib/api_device.php on line: 228


I am going to provide here the directory permission and ownership of the cacti folder and the detail of the users and poller process

1 ) user cactiuser has also apache group membership

[root@cactiM cacti]# groups cactiuser
cactiuser : cactiuser apache

[root@cactiM cacti]# groups apache
apache : apache

2) apache runs the httpd service

3) poller runs under the cron table of user cactiuser

[root@cactiM cacti]# crontab -e -u cactiuser
*/5 * * * * php /var/www/html/cacti/poller.php > /dev/null 2>&1

4) /var/www/html/cacti is owned by cactiuser:apache for all folders and files (recursively) and RRA folder has the SGID permission on the folder (highlighted)

-rw-rw-r--. 1 cactiuser apache 4320 Feb 27 00:23 about.php
-rw-rw-r--. 1 cactiuser apache 51199 Feb 27 00:23 aggregate_graphs.php
-rw-rw-r--. 1 cactiuser apache 18035 Feb 27 00:23 aggregate_items.php
-rw-rw-r--. 1 cactiuser apache 23853 Feb 27 00:23 aggregate_templates.php
-rw-rw-r--. 1 cactiuser apache 13174 Feb 27 00:23 auth_changepassword.php
-rw-rw-r--. 1 cactiuser apache 25569 Feb 27 00:23 auth_login.php
-rw-rw-r--. 1 cactiuser apache 14226 Feb 27 00:23 auth_profile.php
-rw-rw-r--. 1 cactiuser apache 22419 Feb 27 00:23 automation_devices.php
-rw-rw-r--. 1 cactiuser apache 35547 Feb 27 00:23 automation_graph_rules.php
-rw-rw-r--. 1 cactiuser apache 36501 Feb 27 00:23 automation_networks.php
-rw-rw-r--. 1 cactiuser apache 35956 Feb 27 00:23 automation_snmp.php
-rw-rw-r--. 1 cactiuser apache 19329 Feb 27 00:23 automation_templates.php
-rw-rw-r--. 1 cactiuser apache 35734 Feb 27 00:23 automation_tree_rules.php
-rw-rw-r--. 1 cactiuser apache 3229 Feb 27 00:23 boost_rrdupdate.php
drwxrwxr-x. 6 cactiuser apache 85 Feb 27 00:23 cache
-rw-rw-r--. 1 cactiuser apache 209876 Feb 27 00:23 cacti.sql
-rw-rw-r--. 1 cactiuser apache 29617 Feb 27 00:23 cdef.php
drwxrwxr-x. 2 cactiuser apache 4096 Feb 27 00:23 cli
-rw-rw-r--. 1 cactiuser apache 1899 Feb 27 00:23 clog.php
-rw-rw-r--. 1 cactiuser apache 1905 Feb 27 00:23 clog_user.php
-rw-rw-r--. 1 cactiuser apache 28253 Feb 27 00:23 cmd.php
-rw-rw-r--. 1 cactiuser apache 7718 Feb 27 00:23 cmd_realtime.php
-rw-rw-r--. 1 cactiuser apache 23829 Feb 27 00:23 color.php
-rw-rw-r--. 1 cactiuser apache 14086 Feb 27 00:23 color_templates_items.php
-rw-rw-r--. 1 cactiuser apache 21945 Feb 27 00:23 color_templates.php
-rw-rw-r--. 1 cactiuser apache 28220 Feb 27 00:23 data_input.php
-rw-rw-r--. 1 cactiuser apache 43637 Feb 27 00:23 data_queries.php
-rw-rw-r--. 1 cactiuser apache 31654 Feb 27 00:23 data_source_profiles.php
-rw-rw-r--. 1 cactiuser apache 57989 Feb 27 00:23 data_sources.php
-rw-rw-r--. 1 cactiuser apache 38587 Feb 27 00:23 data_templates.php
drwxrwxr-x. 5 cactiuser apache 74 Feb 27 00:24 docs
drwxrwxr-x. 2 cactiuser apache 156 Feb 27 00:23 formats
-rw-rw-r--. 1 cactiuser apache 14032 Feb 27 00:23 gprint_presets.php
-rw-rw-r--. 1 cactiuser apache 4703 Feb 27 00:23 graph_image.php
-rw-rw-r--. 1 cactiuser apache 6898 Feb 27 00:23 graph_json.php
-rw-rw-r--. 1 cactiuser apache 18858 Feb 27 00:23 graph.php
-rw-rw-r--. 1 cactiuser apache 13591 Feb 27 00:23 graph_realtime.php
-rw-rw-r--. 1 cactiuser apache 22910 Feb 27 00:23 graphs_items.php
-rw-rw-r--. 1 cactiuser apache 38719 Feb 27 00:23 graphs_new.php
-rw-rw-r--. 1 cactiuser apache 68068 Feb 27 00:23 graphs.php
-rw-rw-r--. 1 cactiuser apache 9788 Feb 27 00:23 graph_templates_inputs.php
-rw-rw-r--. 1 cactiuser apache 25380 Feb 27 00:23 graph_templates_items.php
-rw-rw-r--. 1 cactiuser apache 36829 Feb 27 00:23 graph_templates.php
-rw-rw-r--. 1 cactiuser apache 25317 Feb 27 00:23 graph_view.php
-rw-rw-r--. 1 cactiuser apache 10777 Feb 27 00:23 graph_xport.php
-rw-rw-r--. 1 cactiuser apache 59641 Feb 27 00:23 host.php
-rw-rw-r--. 1 cactiuser apache 29418 Feb 27 00:23 host_templates.php
drwxrwxr-x. 2 cactiuser apache 4096 Feb 27 00:23 images
drwxrwxr-x. 13 cactiuser apache 4096 Mar 1 21:28 include
-rw-rw-r--. 1 cactiuser apache 5478 Feb 27 00:23 index.php
drwxrwxr-x. 3 cactiuser apache 4096 Feb 27 00:23 install
drwxrwxr-x. 2 cactiuser apache 4096 Feb 27 00:23 lib
-rw-rw-r--. 1 cactiuser apache 15141 Feb 27 00:23 LICENSE
-rw-rw-r--. 1 cactiuser apache 3477 Feb 27 00:23 link.php
-rw-rw-r--. 1 cactiuser apache 21051 Feb 27 00:23 links.php
drwxrwxr-x. 4 cactiuser apache 35 Feb 27 00:23 locales
drwxrwxr-x. 2 cactiuser apache 40 Feb 27 00:23 log
-rw-rw-r--. 1 cactiuser apache 7687 Feb 27 00:23 logout.php
-rw-rw-r--. 1 cactiuser apache 39469 Feb 27 00:23 managers.php
drwxrwxr-x. 2 cactiuser apache 90 Feb 27 00:23 mibs
-rw-rw-r--. 1 cactiuser apache 4781 Feb 27 00:23 permission_denied.php
drwxrwxr-x. 2 cactiuser apache 23 Feb 27 00:23 plugins
-rw-rw-r--. 1 cactiuser apache 18328 Feb 27 00:23 plugins.php
-rw-rw-r--. 1 cactiuser apache 26305 Feb 27 00:23 poller_automation.php
-rw-rw-r--. 1 cactiuser apache 14309 Feb 27 00:23 poller_boost.php
-rw-rw-r--. 1 cactiuser apache 5554 Feb 27 00:23 poller_commands.php
-rw-rw-r--. 1 cactiuser apache 8616 Feb 27 00:23 poller_dsstats.php
-rw-rw-r--. 1 cactiuser apache 3667 Feb 27 00:23 poller_export.php
-rw-rw-r--. 1 cactiuser apache 14496 Feb 27 00:23 poller_maintenance.php
-rw-rw-r--. 1 cactiuser apache 24511 Feb 27 00:23 poller.php
-rw-rw-r--. 1 cactiuser apache 10091 Feb 27 00:23 poller_realtime.php
-rw-rw-r--. 1 cactiuser apache 8380 Feb 27 00:23 poller_recovery.php
-rw-rw-r--. 1 cactiuser apache 5686 Feb 27 00:23 poller_reports.php
-rw-rw-r--. 1 cactiuser apache 24861 Feb 27 00:23 pollers.php
-rw-rw-r--. 1 cactiuser apache 7202 Feb 27 00:23 poller_spikekill.php
-rw-rw-r--. 1 cactiuser apache 9811 Feb 27 00:23 README.md
-rw-rw-r--. 1 cactiuser apache 12025 Feb 27 00:23 remote_agent.php
-rw-rw-r--. 1 cactiuser apache 3034 Feb 27 00:23 reports_admin.php
-rw-rw-r--. 1 cactiuser apache 2935 Feb 27 00:23 reports_user.php
drwxrwxr-x. 5 cactiuser apache 86 Feb 27 00:23 resource
drwxrwsr-x. 5 cactiuser apache 4096 Mar 5 11:46 rra
-rw-rw-r--. 1 cactiuser apache 18739 Feb 27 00:23 rrdcleaner.php
drwxrwxr-x. 2 cactiuser apache 4096 Feb 27 00:23 scripts
-rw-rw-r--. 1 cactiuser apache 10994 Feb 27 00:23 script_server.php
-rw-rw-r--. 1 cactiuser apache 31604 Feb 27 00:23 settings.php
-rw-rw-r--. 1 cactiuser apache 17394 Feb 27 00:23 sites.php
-rw-rw-r--. 1 cactiuser apache 4079 Feb 27 00:23 snmpagent_mibcachechild.php
-rw-rw-r--. 1 cactiuser apache 2717 Feb 27 00:23 snmpagent_mibcache.php
-rw-rw-r--. 1 cactiuser apache 5784 Feb 27 00:23 snmpagent_persist.php
-rw-rw-r--. 1 cactiuser apache 3952 Feb 27 00:23 spikekill.php
-rw-rw-r--. 1 cactiuser apache 6491 Feb 27 00:23 templates_export.php
-rw-rw-r--. 1 cactiuser apache 4961 Feb 27 00:23 templates_import.php
-rw-rw-r--. 1 cactiuser apache 51387 Feb 27 00:23 tree.php
-rw-rw-r--. 1 cactiuser apache 101798 Feb 27 00:23 user_admin.php
-rw-rw-r--. 1 cactiuser apache 27641 Feb 27 00:23 user_domains.php
-rw-rw-r--. 1 cactiuser apache 84422 Feb 27 00:23 user_group_admin.php
-rw-rw-r--. 1 cactiuser apache 86333 Feb 27 00:23 utilities.php
-rw-rw-r--. 1 cactiuser apache 28885 Feb 27 00:23 vdef.php


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Sun Mar 05, 2017 6:52 am 
Offline
Cacti Guru User
User avatar

Joined: Thu Jan 31, 2008 6:39 am
Posts: 2580
Location: Kressbronn, Germany
Ok, in that case, this issue here

Code:
Unable to set directory permissions for '/var/www/html/cacti/rra/20'

may have been solved by actually chanign the owner and group owbership from

Code:
cactiuser.apache

to

Code:
apache.cactiuser



Looks like the webinterface actually tries to make permission right when creating the directories, but failed due to it now being the owner ...

_________________
Greetings,
Phalek
---
Need more help ? Read the Cacti documentation or my new Cacti Book
Need on-site support ? Look here Cacti Workshop
Need professional Cacti support ? Look here CereusService
---
Plugins : CereusTransporter | CereusReporting | nmidWebService | nmidSmokeping | nmidWeb2 |

Code:
CereusServer Master:  SYSTEM STATS: Time:2.5621 Method:spine Processes:1 Threads:16 Hosts:446 HostsPerProcess:446 DataSources:14683 RRDsProcessed:7573
CereusServer Agent:   SYSTEM STATS: Time:27.4840 Method:spine Processes:1 Threads:8 Hosts:16 HostsPerProcess:16 DataSources:114576 RRDsProcessed:48061


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Sun Mar 05, 2017 7:19 am 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
Hi,

I removed the SGID sticky option from /rra/ folder and changed the folder owner as you suggested, but i had the same problem, only the SGID sticky option worked


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Sun Mar 05, 2017 5:08 pm 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
I had a look at the function returning the error, it calls a chown and chgrp functions in PHP

Interesting is that even by command line under apache user, I cannot change the owner of these directory

Code:
[root@cactiM cacti]# ll rra
total 5180
drwxr-xr-x. 2 apache    apache         6 Mar  5 21:56 17
drwxr-xr-x. 2 apache    apache         6 Mar  5 21:59 18
drwxr-xr-x. 2 apache    apache         6 Mar  5 22:23 19
drwxr-xr-x. 2 apache    apache         6 Mar  5 22:25 20
drwxr-xr-x. 2 apache    apache         6 Mar  5 22:30 21
[root@cactiM cacti]# sudo -u apache chown cactiuser.apache ./rra/21/
chown: changing ownership of ‘./rra/21/’: Operation not permitted
[root@cactiM cacti]# sudo -u cactiuser chown cactiuser.apache ./rra/21/
chown: changing ownership of ‘./rra/21/’: Operation not permitted
[root@cactiM cacti]# pwd
/var/www/html/cacti




Here is the function, I read that in PHP only the superuser can change the owner of a file or directory:

http://php.net/manual/en/function.chown.php


Code:
       if ($host_id > 0) {
                if (read_config_option('extended_paths') == 'on'){
                        $host_dir = $config['rra_path'] . '/' . $host_id;
                        if (!is_dir($host_dir)){
                                if (is_writable($config['rra_path'])) {
                                        if (mkdir($host_dir, 0775)) {
                                                if ($config['cacti_server_os'] != 'win32') {
                                                        $owner_id      = fileowner($config['rra_path']);
                                                        $group_id      = filegroup($config['rra_path']);

                                                        if ((chown($host_dir, $owner_id)) &&
                                                                (chgrp($host_dir, $group_id))) {
                                                                /* permissions set ok */
                                                        }else{
                                                                cacti_log("ERROR: Unable to set directory permissions for '" . $host_dir . "'", FALSE);
                                                        }
                                                }
                                        }else{
                                                cacti_log("ERROR: Unable to create directory '" . $host_dir . "'", FALSE);
                                        }
                                }else{
                                        cacti_log("ERROR: Unable to create directory due to missing write permissions '" . $host_dir . "'", FALSE);
                                }
                        }
                }


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Sun Mar 05, 2017 5:13 pm 
Offline
Cacti Guru User
User avatar

Joined: Thu Jan 31, 2008 6:39 am
Posts: 2580
Location: Kressbronn, Germany
Out of curiosity. Do you have selinux enabled ?

_________________
Greetings,
Phalek
---
Need more help ? Read the Cacti documentation or my new Cacti Book
Need on-site support ? Look here Cacti Workshop
Need professional Cacti support ? Look here CereusService
---
Plugins : CereusTransporter | CereusReporting | nmidWebService | nmidSmokeping | nmidWeb2 |

Code:
CereusServer Master:  SYSTEM STATS: Time:2.5621 Method:spine Processes:1 Threads:16 Hosts:446 HostsPerProcess:446 DataSources:14683 RRDsProcessed:7573
CereusServer Agent:   SYSTEM STATS: Time:27.4840 Method:spine Processes:1 Threads:8 Hosts:16 HostsPerProcess:16 DataSources:114576 RRDsProcessed:48061


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Sun Mar 05, 2017 6:53 pm 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
I use it in permissive mode, but i tried also setting it to disabled and rebooting, same result.

Code:
[root@cactiM cacti]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Mon Mar 06, 2017 1:37 am 
Offline
Cacti Guru User
User avatar

Joined: Thu Jan 31, 2008 6:39 am
Posts: 2580
Location: Kressbronn, Germany
I've created a ticket in GitHub for this: https://github.com/Cacti/cacti/issues/376

_________________
Greetings,
Phalek
---
Need more help ? Read the Cacti documentation or my new Cacti Book
Need on-site support ? Look here Cacti Workshop
Need professional Cacti support ? Look here CereusService
---
Plugins : CereusTransporter | CereusReporting | nmidWebService | nmidSmokeping | nmidWeb2 |

Code:
CereusServer Master:  SYSTEM STATS: Time:2.5621 Method:spine Processes:1 Threads:16 Hosts:446 HostsPerProcess:446 DataSources:14683 RRDsProcessed:7573
CereusServer Agent:   SYSTEM STATS: Time:27.4840 Method:spine Processes:1 Threads:8 Hosts:16 HostsPerProcess:16 DataSources:114576 RRDsProcessed:48061


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Tue Mar 07, 2017 8:56 am 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
Thank you,

In case i can provide further detail about this issue if needed


Top
 Profile  
 
 Post subject: Re: [Cacti 1.0.4] Structured RRD Path - BUG
PostPosted: Tue Mar 14, 2017 4:03 am 
Offline

Joined: Sun Feb 26, 2017 10:33 am
Posts: 46
Hi,

Do you know if this is resolved in the new 1.0.5 release?


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 18 posts ]  Go to page 1, 2  Next

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Protected by Anti-Spam ACP Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group