Merge pull request #24 from gangadharaswamy/master

INT-797: Added user permission check for telegraf config path
wavefrontHQ · Mar 19, 2021 · 972d412 · 972d412
2 parents 001eadc + 93108fb
commit 972d412
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 1 deletion.
diff --git a/wavefront_cli/__init__.py b/wavefront_cli/__init__.py
@@ -1,2 +1,2 @@
 """Initialize wavefront cli version."""
-__version__ = '0.0.121'
+__version__ = '0.0.122'
diff --git a/wavefront_cli/commands/install.py b/wavefront_cli/commands/install.py
@@ -2,7 +2,10 @@
 
 from __future__ import print_function
 
+import os
+import pwd
 import sys
+import time
 
 from wavefront_cli import lib
 from wavefront_cli.integrations.statsd import StatsD
@@ -167,6 +170,22 @@ def run(self):
                 if not lib.agent.tag_telegraf_config('cli user tags', tags):
                     sys.exit(1)
 
+            # check if user 'telegraf' has read permission for config path if
+            # not change owner of telegraf path to 'telegraf' user recursively
+            uid = pwd.getpwnam(agent_name).pw_uid
+            path = '/etc/telegraf'
+
+            if not uid == os.stat(path).st_uid:
+                os.chown(path, uid, -1)
+                for root, dirs, files in os.walk(path):
+                    for name in dirs:
+                        os.chown(os.path.join(root, name), uid, -1)
+                    for name in files:
+                        os.chown(os.path.join(root, name), uid, -1)
+            # The static sleep is added for `os.chown` to change owner of
+            # telegraf sub-directories and files
+            time.sleep(5)
+
             lib.system.restart_service(agent_name)
 
         # Integrations: agent must be restarted after installing an integration