<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Agreed that 666 is not the best, but with iptable rules and external acls, it isn’t a major concern,<br class=""><div class="">
~KEM
</div>
<br class=""><div><blockquote type="cite" class=""><div class="">On Jun 1, 2016, at 17:17, Dan O'Neill <<a href="mailto:dano@northpb.com" class="">dano@northpb.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Just to be pedantic, one might want to chmod 664 so that the world doesn't have write access to the rrd files. I'll keep reading your responses and try to help.<div class=""><br class=""></div><div class="">btw, is there an IRC channel? Should we create one?<br class=""><div class="gmail_extra"><br class=""><div class="gmail_quote">On Wed, Jun 1, 2016 at 2:08 PM, masonke <span dir="ltr" class=""><<a href="mailto:masonke@gmail.com" target="_blank" class="">masonke@gmail.com</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" class="">Until today we never had a problem, we are constantly adding targets and have a rigid salt stack deployment. Just for safety, not he master, every 10 minutes a cron job kicks off a script that sets these perms not he master<div class=""><br class=""></div><div class=""><div style="font-family:'Helvetica Neue';font-size:14px" class="">cd /var/lib/smokeping</div><span style="font-family:'Helvetica Neue';font-size:14px" class=""><div class="">find . -type f -name '*.rrd' | xargs chown smokeping:www-data</div><div class="">find . -type f -name '*.rrd' | xargs chmod 666</div><div class=""><br class=""></div><div class="">Will add the chgrp and chown, just to make sure.</div><div class=""><br class=""></div><div class="">I am hoping that when I go back and look at it later, the problem will jump out at me.</div></span><div class="">
~KEM
</div><div class=""><div class="h5">
<br class=""><div class=""><blockquote type="cite" class=""><div class="">On Jun 1, 2016, at 16:57, Dan O'Neill <<a href="mailto:dano@northpb.com" target="_blank" class="">dano@northpb.com</a>> wrote:</div><br class=""><div class=""><div dir="ltr" class="">Hi,<div class=""><br class=""></div><div class="">Let me walk through an example of my configuration and the permissions changes required. I add slaves frequently and have this process somewhat nailed.</div><div class=""><br class=""></div><div class="">Given:</div><div class="">- Slave is called c2nyc</div><div class="">- Hierarchy is client -> boatsrus -> ping <a href="http://boatsrus.com/" target="_blank" class="">boatsrus.com</a> </div><div class="">- Apache user is www-data</div><div class="">- Apache group is www-data</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">Steps on the Master:</div><div class="">1. cd /var/lib/smokeping </div><div class="">2. chgroup www-data boatsrus</div><div class="">3. chmod g+w boatsrus</div><div class="">4. cd boatsrus</div><div class="">5. chgrp www-data *c2nyc.rrd</div><div class="">6. chmod g+w *c2nyc.rrd</div><div class=""><br class=""></div><div class="">And that is pretty much the permissions structure that works. </div><div class=""><br class=""></div><div class="">------</div><div class=""><br class=""></div><div class="">Separately, what error are you seeing on the slave side?</div><div class=""><br class=""></div><div class="">dano</div><div class=""><br class=""></div><div class=""><div class="gmail_extra"><br class=""><div class="gmail_quote">On Wed, Jun 1, 2016 at 1:47 PM, masonke <span dir="ltr" class=""><<a href="mailto:masonke@gmail.com" target="_blank" class="">masonke@gmail.com</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" class="">This really looks like a permissions issue, but I just can’t find it. In desperation, I made all the red files and directories that hold them 777, just to see what would happen. It did not change anything. <div class=""><br class=""></div><div class="">It is almost like the process that moves the data from the slave.cache files into the rrd file is not running. If I reboot the master, all the backlogged slave_cache data is added to the rrd and you can see it on the graphs.</div><div class=""><br class=""></div><div class="">Really is a crazy thing with the secrets file, the error is on the slave, not the master.</div><div class=""><br class=""></div><div class="">I will can the whole thing and restart from scratch if I can’t get it fixed by noon tomorrow. </div><div class=""><br class=""></div><div class=""><br class=""><div class="">
~KEM</div><div class=""><div class=""><div class=""><br class=""></div></div></div></div></div></blockquote></div><div data-smartmail="gmail_signature" class=""><br class=""></div>
</div></div></div>
</div></blockquote></div><br class=""></div></div></div></div></blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div>
</div></div></div>
</div></blockquote></div><br class=""></body></html>