diff options
author | Austin S. Hemmelgarn <austin@netdata.cloud> | 2023-02-06 11:14:09 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-06 11:14:09 -0500 |
commit | a52d9ef14a6e968365cd8bc6851bebb309258099 (patch) | |
tree | a956cc4b41beb24712d7a1a1bf4899babf63aea6 | |
parent | f59bf0a5d81cb8da369e21b8a4d7623c0c0aa88c (diff) |
Indicate what root privileges are needed for in kickstart.sh. (#14314)
* Indicate what root privileges are needed for in kickstart.sh.
Instead of just blindly prompting the user for root privileges when they
are needed in the kickstart script, print a message about _why_ we need
root privileges. This improves transparency for users about why they are
being prompted.
* Fix shellcheck issues.
* Fix message formatting.
* Fix handling of root privilege messages.
We should be printing one per command, not one per word of the command.
-rwxr-xr-x | packaging/installer/kickstart.sh | 82 |
1 files changed, 44 insertions, 38 deletions
diff --git a/packaging/installer/kickstart.sh b/packaging/installer/kickstart.sh index 5d50c8ef38..104329267b 100755 --- a/packaging/installer/kickstart.sh +++ b/packaging/installer/kickstart.sh @@ -406,7 +406,7 @@ success_banner() { cleanup() { if [ -z "${NO_CLEANUP}" ] && [ -n "${tmpdir}" ]; then cd || true - ${ROOTCMD} rm -rf "${tmpdir}" + run_as_root rm -rf "${tmpdir}" fi } @@ -497,6 +497,16 @@ run() { return ${ret} } +run_as_root() { + confirm_root_support + + if [ "$(id -u)" -ne "0" ]; then + printf >&2 "Root privileges required to run %s\n" "${*}" + fi + + run ${ROOTCMD} "${@}" +} + run_script() { set_tmpdir @@ -800,6 +810,7 @@ uninstall() { return 0 else progress "Found existing netdata-uninstaller. Running it.." + # shellcheck disable=SC2086 if ! run_script "${uninstaller}" ${FLAGS}; then warning "Uninstaller failed. Some parts of Netdata may still be present on the system." fi @@ -813,6 +824,7 @@ uninstall() { progress "Downloading netdata-uninstaller ..." download "${uninstaller_url}" "${tmpdir}/netdata-uninstaller.sh" chmod +x "${tmpdir}/netdata-uninstaller.sh" + # shellcheck disable=SC2086 if ! run_script "${tmpdir}/netdata-uninstaller.sh" ${FLAGS}; then warning "Uninstaller failed. Some parts of Netdata may still be present on the system." fi @@ -858,7 +870,7 @@ detect_existing_install() { if [ -n "${ndprefix}" ]; then typefile="${ndprefix}/etc/netdata/.install-type" if [ -r "${typefile}" ]; then - ${ROOTCMD} sh -c "cat \"${typefile}\" > \"${tmpdir}/install-type\"" + run_as_root sh -c "cat \"${typefile}\" > \"${tmpdir}/install-type\"" # shellcheck disable=SC1090,SC1091 . "${tmpdir}/install-type" else @@ -868,7 +880,7 @@ detect_existing_install() { envfile="${ndprefix}/etc/netdata/.environment" if [ "${INSTALL_TYPE}" = "unknown" ] || [ "${INSTALL_TYPE}" = "custom" ]; then if [ -r "${envfile}" ]; then - ${ROOTCMD} sh -c "cat \"${envfile}\" > \"${tmpdir}/environment\"" + run_as_root sh -c "cat \"${envfile}\" > \"${tmpdir}/environment\"" # shellcheck disable=SC1091 . "${tmpdir}/environment" if [ -n "${NETDATA_IS_STATIC_INSTALL}" ]; then @@ -1022,30 +1034,30 @@ soft_disable_cloud() { cloud_prefix="${INSTALL_PREFIX}/var/lib/netdata/cloud.d" - run ${ROOTCMD} mkdir -p "${cloud_prefix}" + run_as_root mkdir -p "${cloud_prefix}" cat > "${tmpdir}/cloud.conf" << EOF [global] enabled = no EOF - run ${ROOTCMD} cp "${tmpdir}/cloud.conf" "${cloud_prefix}/cloud.conf" + run_as_root cp "${tmpdir}/cloud.conf" "${cloud_prefix}/cloud.conf" if [ -z "${NETDATA_NO_START}" ]; then case "${SYSTYPE}" in - Darwin) run ${ROOTCMD} launchctl kickstart -k com.github.netdata ;; - FreeBSD) run ${ROOTCMD} service netdata restart ;; + Darwin) run_as_root launchctl kickstart -k com.github.netdata ;; + FreeBSD) run_as_root service netdata restart ;; Linux) - initpath="$(${ROOTCMD} readlink /proc/1/exe)" + initpath="$(run_as_root readlink /proc/1/exe)" if command -v service > /dev/null 2>&1; then - run ${ROOTCMD} service netdata restart + run_as_root service netdata restart elif command -v rc-service > /dev/null 2>&1; then - run ${ROOTCMD} rc-service netdata restart + run_as_root rc-service netdata restart elif [ "$(basename "${initpath}" 2> /dev/null)" = "systemd" ]; then - run ${ROOTCMD} systemctl restart netdata + run_as_root systemctl restart netdata elif [ -f /etc/init.d/netdata ]; then - run ${ROOTCMD} /etc/init.d/netdata restart + run_as_root /etc/init.d/netdata restart fi ;; esac @@ -1144,7 +1156,7 @@ claim() { fi # shellcheck disable=SC2086 - run ${ROOTCMD} "${NETDATA_CLAIM_PATH}" -token="${NETDATA_CLAIM_TOKEN}" -rooms="${NETDATA_CLAIM_ROOMS}" -url="${NETDATA_CLAIM_URL}" ${NETDATA_CLAIM_EXTRA} + run_as_root "${NETDATA_CLAIM_PATH}" -token="${NETDATA_CLAIM_TOKEN}" -rooms="${NETDATA_CLAIM_ROOMS}" -url="${NETDATA_CLAIM_URL}" ${NETDATA_CLAIM_EXTRA} case $? in 0) progress "Successfully claimed node" @@ -1224,16 +1236,16 @@ set_auto_updates() { if [ "${DRY_RUN}" -eq 1 ]; then progress "Would have attempted to enable automatic updates." # This first case is for catching using a new kickstart script with an old build. It can be safely removed after v1.34.0 is released. - elif ! grep -q '\-\-enable-auto-updates' ${updater}; then + elif ! grep -q '\-\-enable-auto-updates' "${updater}"; then echo - elif ! ${ROOTCMD} ${updater} --enable-auto-updates "${NETDATA_AUTO_UPDATE_TYPE}"; then + elif ! run_as_root "${updater}" --enable-auto-updates "${NETDATA_AUTO_UPDATE_TYPE}"; then warning "Failed to enable auto updates. Netdata will still work, but you will need to update manually." fi else if [ "${DRY_RUN}" -eq 1 ]; then progress "Would have attempted to disable automatic updates." else - ${ROOTCMD} ${updater} --disable-auto-updates + run_as_root "${updater}" --disable-auto-updates fi fi } @@ -1323,7 +1335,7 @@ check_special_native_deps() { progress "EPEL is available, attempting to install so that required dependencies are available." # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} install ${pkg_install_opts} epel-release; then + if ! run_as_root env ${env} ${pm_cmd} install ${pkg_install_opts} epel-release; then warning "Failed to install EPEL, even though it is required to install native packages on this system." return 1 fi @@ -1503,21 +1515,21 @@ try_package_install() { if [ -n "${needs_early_refresh}" ]; then # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} ${repo_subcmd} ${repo_update_opts}; then + if ! run_as_root env ${env} ${pm_cmd} ${repo_subcmd} ${repo_update_opts}; then warning "${failed_refresh_msg}" return 2 fi fi # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} install ${pkg_install_opts} "${tmpdir}/${repoconfig_file}"; then + if ! run_as_root env ${env} ${pm_cmd} install ${pkg_install_opts} "${tmpdir}/${repoconfig_file}"; then warning "Failed to install repository configuration package." return 2 fi if [ -n "${repo_subcmd}" ]; then # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} ${repo_subcmd} ${repo_update_opts}; then + if ! run_as_root env ${env} ${pm_cmd} ${repo_subcmd} ${repo_update_opts}; then fatal "${failed_refresh_msg}" F0205 fi fi @@ -1538,7 +1550,7 @@ try_package_install() { if [ -z "${NO_CLEANUP}" ]; then progress "Attempting to uninstall repository configuration package." # shellcheck disable=SC2086 - run ${ROOTCMD} env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" + run_as_root env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" fi return 2 fi @@ -1548,23 +1560,23 @@ try_package_install() { if [ -z "${NO_CLEANUP}" ]; then progress "Attempting to uninstall repository configuration package." # shellcheck disable=SC2086 - run ${ROOTCMD} env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" + run_as_root env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" fi return 2 fi if [ "${NETDATA_DISABLE_TELEMETRY}" -eq 1 ]; then - run ${ROOTCMD} mkdir -p "/etc/netdata" - run ${ROOTCMD} touch "/etc/netdata/.opt-out-from-anonymous-statistics" + run_as_root mkdir -p "/etc/netdata" + run_as_root touch "/etc/netdata/.opt-out-from-anonymous-statistics" fi # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} install ${pkg_install_opts} "netdata${NATIVE_VERSION}"; then + if ! run_as_root env ${env} ${pm_cmd} install ${pkg_install_opts} "netdata${NATIVE_VERSION}"; then warning "Failed to install Netdata package." if [ -z "${NO_CLEANUP}" ]; then progress "Attempting to uninstall repository configuration package." # shellcheck disable=SC2086 - run ${ROOTCMD} env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" + run_as_root env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" fi return 2 fi @@ -1657,7 +1669,7 @@ try_static_install() { progress "Installing netdata" # shellcheck disable=SC2086 - if ! run ${ROOTCMD} sh "${tmpdir}/${netdata_agent}" ${opts} -- ${NETDATA_INSTALLER_OPTIONS}; then + if ! run_as_root sh "${tmpdir}/${netdata_agent}" ${opts} -- ${NETDATA_INSTALLER_OPTIONS}; then warning "Failed to install static build of Netdata on ${SYSARCH}." run rm -rf /opt/netdata return 2 @@ -1666,16 +1678,16 @@ try_static_install() { if [ "${DRY_RUN}" -ne 1 ]; then install_type_file="/opt/netdata/etc/netdata/.install-type" if [ -f "${install_type_file}" ]; then - ${ROOTCMD} sh -c "cat \"${install_type_file}\" > \"${tmpdir}/install-type\"" - ${ROOTCMD} chown "$(id -u)":"$(id -g)" "${tmpdir}/install-type" + run_as_root sh -c "cat \"${install_type_file}\" > \"${tmpdir}/install-type\"" + run_as_root chown "$(id -u)":"$(id -g)" "${tmpdir}/install-type" # shellcheck disable=SC1090,SC1091 . "${tmpdir}/install-type" cat > "${tmpdir}/install-type" <<- EOF INSTALL_TYPE='kickstart-static' PREBUILT_ARCH='${PREBUILT_ARCH}' EOF - ${ROOTCMD} chown netdata:netdata "${tmpdir}/install-type" - ${ROOTCMD} cp "${tmpdir}/install-type" "${install_type_file}" + run_as_root chown netdata:netdata "${tmpdir}/install-type" + run_as_root cp "${tmpdir}/install-type" "${install_type_file}" fi fi } @@ -1728,14 +1740,8 @@ install_local_build_dependencies() { opts="--dont-wait --non-interactive" fi - if [ "${SYSTYPE}" = "Darwin" ]; then - sudo="" - else - sudo="${ROOTCMD}" - fi - # shellcheck disable=SC2086 - if ! run ${sudo} "${bash}" "${tmpdir}/install-required-packages.sh" ${opts} netdata; then + if ! run_as_root "${bash}" "${tmpdir}/install-required-packages.sh" ${opts} netdata; then warning "Failed to install all required packages, but installation might still be possible." fi } |