Agent effective user and group can be set in configuration file
authorVictor Kirhenshtein <victor@netxms.org>
Thu, 15 Sep 2016 08:39:40 +0000 (11:39 +0300)
committerVictor Kirhenshtein <victor@netxms.org>
Thu, 15 Sep 2016 08:39:40 +0000 (11:39 +0300)
ChangeLog
src/agent/core/nxagentd.cpp
src/java/netxms-eclipse/AgentManager/META-INF/MANIFEST.MF
src/java/netxms-eclipse/AgentManager/src/org/netxms/ui/eclipse/agentmanager/widgets/internal/AgentConfigSourceViewerConfiguration.java

index b3f6dfc..fe6673d 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,7 @@
 - Built-in superuser account renamed to "system"
 - Default "admin" account now is ordinary member of "Admins" group without built-in privileges
 - New method "enableDiscoveryPolling" in NXSL class "Node"
 - Built-in superuser account renamed to "system"
 - Default "admin" account now is ordinary member of "Admins" group without built-in privileges
 - New method "enableDiscoveryPolling" in NXSL class "Node"
+- Agent effective user and group can be set in configuration file
 - New agent metrics for self-monitoring:
        Agent.SyslogProxy.IsEnabled, Agent.SyslogProxy.ReceivedMessages, Agent.SyslogProxy.QueueSize
 - Management console
 - New agent metrics for self-monitoring:
        Agent.SyslogProxy.IsEnabled, Agent.SyslogProxy.ReceivedMessages, Agent.SyslogProxy.QueueSize
 - Management console
index 44a5b99..7c27bd8 100644 (file)
@@ -266,9 +266,9 @@ static NX_CFG_TEMPLATE m_cfgTemplate[] =
    { _T("EnableWatchdog"), CT_BOOLEAN, 0, 0, AF_ENABLE_WATCHDOG, 0, &g_dwFlags, NULL },
    { _T("EncryptedSharedSecret"), CT_STRING, 0, 0, MAX_SECRET_LENGTH, 0, g_szSharedSecret, NULL },
    { _T("ExecTimeout"), CT_LONG, 0, 0, 0, 0, &g_dwExecTimeout, NULL },
    { _T("EnableWatchdog"), CT_BOOLEAN, 0, 0, AF_ENABLE_WATCHDOG, 0, &g_dwFlags, NULL },
    { _T("EncryptedSharedSecret"), CT_STRING, 0, 0, MAX_SECRET_LENGTH, 0, g_szSharedSecret, NULL },
    { _T("ExecTimeout"), CT_LONG, 0, 0, 0, 0, &g_dwExecTimeout, NULL },
+   { _T("ExternalList"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszExtListsList, NULL },
        { _T("ExternalMasterAgent"), CT_STRING, 0, 0, MAX_PATH, 0, g_masterAgent, NULL },
    { _T("ExternalParameter"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszExtParamList, NULL },
        { _T("ExternalMasterAgent"), CT_STRING, 0, 0, MAX_PATH, 0, g_masterAgent, NULL },
    { _T("ExternalParameter"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszExtParamList, NULL },
-   { _T("ExternalList"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszExtListsList, NULL },
    { _T("ExternalParameterShellExec"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszShExtParamList, NULL },
    { _T("ExternalParametersProvider"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszParamProviderList, NULL },
    { _T("ExternalSubagent"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszExtSubagentList, NULL },
    { _T("ExternalParameterShellExec"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszShExtParamList, NULL },
    { _T("ExternalParametersProvider"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszParamProviderList, NULL },
    { _T("ExternalSubagent"), CT_STRING_LIST, '\n', 0, 0, 0, &m_pszExtSubagentList, NULL },
@@ -751,6 +751,11 @@ BOOL Initialize()
    DebugPrintf(INVALID_INDEX, 1, _T("Data directory: %s"), g_szDataDirectory);
    CreateFolder(g_szDataDirectory);
 
    DebugPrintf(INVALID_INDEX, 1, _T("Data directory: %s"), g_szDataDirectory);
    CreateFolder(g_szDataDirectory);
 
+#ifndef _WIN32
+   nxlog_debug(2, _T("Effective user ID %d"), (int)geteuid());
+   nxlog_debug(2, _T("Effective group ID %d"), (int)getegid());
+#endif
+
    //Initialize log parser policy folder
    tail = g_szDataDirectory[_tcslen(g_szDataDirectory) - 1];
        _sntprintf(g_szLogParserDirectory, MAX_PATH, _T("%s%s%s"), g_szDataDirectory,
    //Initialize log parser policy folder
    tail = g_szDataDirectory[_tcslen(g_szDataDirectory) - 1];
        _sntprintf(g_szLogParserDirectory, MAX_PATH, _T("%s%s%s"), g_szDataDirectory,
@@ -1555,17 +1560,6 @@ int main(int argc, char *argv[])
    }
 
 #if !defined(_WIN32)
    }
 
 #if !defined(_WIN32)
-   if (gid > 0)
-   {
-      if (setgid(gid) != 0)
-         _tprintf(_T("setgid(%d) call failed (%s)\n"), gid, _tcserror(errno));
-   }
-   if (uid > 0)
-   {
-      if (setuid(uid) != 0)
-         _tprintf(_T("setuid(%d) call failed (%s)\n"), uid, _tcserror(errno));
-   }
-
        if (!_tcscmp(g_szConfigFile, _T("{search}")))
        {
       TCHAR path[MAX_PATH] = _T("");
        if (!_tcscmp(g_szConfigFile, _T("{search}")))
        {
       TCHAR path[MAX_PATH] = _T("");
@@ -1777,6 +1771,50 @@ int main(int argc, char *argv[])
                }
                                        if (iExitCode == 0)
                {
                }
                                        if (iExitCode == 0)
                {
+#ifndef _WIN32
+                                          if (gid == 0)
+                                          {
+                                             const TCHAR *v = g_config->getValue(_T("/agent/GroupId"));
+                                             if (v != NULL)
+                                             {
+#ifdef UNICODE
+                                                char vmb[64];
+                                                WideCharToMultiByte(CP_ACP, WC_DEFAULTCHAR | WC_COMPOSITECHECK, v, -1, vmb, 64, NULL, NULL);
+                                                vmb[63] = 0;
+                                                gid = GetGroupId(vmb);
+#else
+                                                gid = GetGroupId(v);
+#endif
+                                             }
+                                          }
+                  if (uid == 0)
+                  {
+                     const TCHAR *v = g_config->getValue(_T("/agent/UserId"));
+                     if (v != NULL)
+                     {
+#ifdef UNICODE
+                        char vmb[64];
+                        WideCharToMultiByte(CP_ACP, WC_DEFAULTCHAR | WC_COMPOSITECHECK, v, -1, vmb, 64, NULL, NULL);
+                        vmb[63] = 0;
+                        uid = GetUserId(vmb);
+#else
+                        uid = GetUserId(v);
+#endif
+                     }
+                  }
+
+                  if (gid > 0)
+                  {
+                     if (setgid(gid) != 0)
+                        _tprintf(_T("setgid(%d) call failed (%s)\n"), gid, _tcserror(errno));
+                  }
+                  if (uid > 0)
+                  {
+                     if (setuid(uid) != 0)
+                        _tprintf(_T("setuid(%d) call failed (%s)\n"), uid, _tcserror(errno));
+                  }
+#endif
+
                                                s_pid = getpid();
                                                if (Initialize())
                                                {
                                                s_pid = getpid();
                                                if (Initialize())
                                                {
index 7a0e178..e87efbb 100644 (file)
@@ -2,18 +2,18 @@ Manifest-Version: 1.0
 Bundle-ManifestVersion: 2
 Bundle-Name: Agent Management Plug-In for NXMC
 Bundle-SymbolicName: org.netxms.ui.eclipse.agentmanager;singleton:=true
 Bundle-ManifestVersion: 2
 Bundle-Name: Agent Management Plug-In for NXMC
 Bundle-SymbolicName: org.netxms.ui.eclipse.agentmanager;singleton:=true
-Bundle-Version: 2.0.1
+Bundle-Version: 2.1.0
 Bundle-Activator: org.netxms.ui.eclipse.agentmanager.Activator
 Bundle-Vendor: netxms.org
 Require-Bundle: org.eclipse.ui;bundle-version="3.8.2",
  org.eclipse.core.runtime;bundle-version="3.8.0",
  org.eclipse.jface.text;bundle-version="3.8.2",
 Bundle-Activator: org.netxms.ui.eclipse.agentmanager.Activator
 Bundle-Vendor: netxms.org
 Require-Bundle: org.eclipse.ui;bundle-version="3.8.2",
  org.eclipse.core.runtime;bundle-version="3.8.0",
  org.eclipse.jface.text;bundle-version="3.8.2",
- org.netxms.ui.eclipse.console;bundle-version="2.0.0",
+ org.netxms.ui.eclipse.console;bundle-version="2.1.0",
  org.eclipse.ui.workbench.texteditor;bundle-version="3.8.0",
  org.eclipse.ui.workbench.texteditor;bundle-version="3.8.0",
- org.netxms.ui.eclipse.objectbrowser;bundle-version="2.0.0",
+ org.netxms.ui.eclipse.objectbrowser;bundle-version="2.1.0",
  org.eclipse.ui.forms;bundle-version="3.5.200",
  org.eclipse.ui.forms;bundle-version="3.5.200",
- org.netxms.ui.eclipse.nxsl;bundle-version="2.0.0",
- org.netxms.ui.eclipse.clientlibrary;bundle-version="2.0.0"
+ org.netxms.ui.eclipse.nxsl;bundle-version="2.0.7",
+ org.netxms.ui.eclipse.clientlibrary;bundle-version="2.1.0"
 Bundle-RequiredExecutionEnvironment: JavaSE-1.6
 Bundle-ActivationPolicy: lazy
 Export-Package: org.netxms.ui.eclipse.agentmanager.dialogs,
 Bundle-RequiredExecutionEnvironment: JavaSE-1.6
 Bundle-ActivationPolicy: lazy
 Export-Package: org.netxms.ui.eclipse.agentmanager.dialogs,
index 1d1e6cd..aa667be 100644 (file)
@@ -51,10 +51,20 @@ public class AgentConfigSourceViewerConfiguration extends SourceViewerConfigurat
        private static final String[] configKeywords = { 
                "Action",  //$NON-NLS-1$
                "ActionShellExec",  //$NON-NLS-1$
        private static final String[] configKeywords = { 
                "Action",  //$NON-NLS-1$
                "ActionShellExec",  //$NON-NLS-1$
+      "AppAgent",  //$NON-NLS-1$
+      "BackgroundLogWriter",  //$NON-NLS-1$
                "CodePage",  //$NON-NLS-1$
                "ConfigIncludeDir",  //$NON-NLS-1$
                "ControlServers",  //$NON-NLS-1$
                "CreateCrashDumps",  //$NON-NLS-1$
                "CodePage",  //$NON-NLS-1$
                "ConfigIncludeDir",  //$NON-NLS-1$
                "ControlServers",  //$NON-NLS-1$
                "CreateCrashDumps",  //$NON-NLS-1$
+      "DataCollectionThreadPoolSize",  //$NON-NLS-1$
+      "DataDirectory",  //$NON-NLS-1$
+      "DataReconciliationBlockSize",  //$NON-NLS-1$
+      "DataReconciliationTimeout",  //$NON-NLS-1$
+      "DailyLogFileSuffix",  //$NON-NLS-1$
+      "DebugLevel",  //$NON-NLS-1$
+      "DisableIPv4",  //$NON-NLS-1$
+      "DisableIPv6",  //$NON-NLS-1$
                "DumpDirectory",  //$NON-NLS-1$
                "EnableActions",  //$NON-NLS-1$
                "EnabledCiphers", //$NON-NLS-1$
                "DumpDirectory",  //$NON-NLS-1$
                "EnableActions",  //$NON-NLS-1$
                "EnabledCiphers", //$NON-NLS-1$
@@ -64,16 +74,19 @@ public class AgentConfigSourceViewerConfiguration extends SourceViewerConfigurat
                "EnableWatchdog", //$NON-NLS-1$
                "ExecTimeout", //$NON-NLS-1$
       "ExternalList", //$NON-NLS-1$
                "EnableWatchdog", //$NON-NLS-1$
                "ExecTimeout", //$NON-NLS-1$
       "ExternalList", //$NON-NLS-1$
+      "ExternalMasterAgent", //$NON-NLS-1$
                "ExternalParameter", //$NON-NLS-1$
                "ExternalParameterShellExec", //$NON-NLS-1$
                "ExternalParameter", //$NON-NLS-1$
                "ExternalParameterShellExec", //$NON-NLS-1$
-               "ExternalSubAgent", //$NON-NLS-1$
+      "ExternalSubAgent", //$NON-NLS-1$
                "FileStore", //$NON-NLS-1$
                "FileStore", //$NON-NLS-1$
+      "GroupId", //$NON-NLS-1$
                "ListenAddress", //$NON-NLS-1$
                "ListenPort", //$NON-NLS-1$
                "LogFile", //$NON-NLS-1$
                "LogHistorySize", //$NON-NLS-1$
                "LogRotationMode",  //$NON-NLS-1$
                "LogUnresolvedSymbols", //$NON-NLS-1$
                "ListenAddress", //$NON-NLS-1$
                "ListenPort", //$NON-NLS-1$
                "LogFile", //$NON-NLS-1$
                "LogHistorySize", //$NON-NLS-1$
                "LogRotationMode",  //$NON-NLS-1$
                "LogUnresolvedSymbols", //$NON-NLS-1$
+      "LongRunningQueryThreshold", //$NON-NLS-1$
                "MasterServers", //$NON-NLS-1$
                "MaxLogSize", //$NON-NLS-1$
                "MaxSessions", //$NON-NLS-1$
                "MasterServers", //$NON-NLS-1$
                "MaxLogSize", //$NON-NLS-1$
                "MaxSessions", //$NON-NLS-1$
@@ -84,9 +97,14 @@ public class AgentConfigSourceViewerConfiguration extends SourceViewerConfigurat
                "SessionIdleTimeout", //$NON-NLS-1$
                "SharedSecret", //$NON-NLS-1$
                "SNMPTimeout", //$NON-NLS-1$
                "SessionIdleTimeout", //$NON-NLS-1$
                "SharedSecret", //$NON-NLS-1$
                "SNMPTimeout", //$NON-NLS-1$
+      "SNMPTrapListenAddress", //$NON-NLS-1$
+      "SNMPTrapPort", //$NON-NLS-1$
                "StartupDelay", //$NON-NLS-1$
                "SubAgent", //$NON-NLS-1$
                "StartupDelay", //$NON-NLS-1$
                "SubAgent", //$NON-NLS-1$
-               "WaitForProcess" //$NON-NLS-1$
+      "SyslogListenPort", //$NON-NLS-1$
+      "UserId", //$NON-NLS-1$
+               "WaitForProcess", //$NON-NLS-1$
+      "ZoneId" //$NON-NLS-1$
        };
        
        private static final IRule[] codeRules = { 
        };
        
        private static final IRule[] codeRules = {