summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Cargo.lock2
-rw-r--r--configuration/contrib/tedge_upgrade/upgrade_tedge_0.6.sh10
-rwxr-xr-xconfiguration/debian/tedge/postinst11
-rw-r--r--configuration/debian/tedge/postrm18
-rw-r--r--configuration/debian/tedge_agent/postinst22
-rw-r--r--configuration/debian/tedge_agent/postrm28
-rw-r--r--configuration/debian/tedge_mapper/postinst15
-rw-r--r--configuration/debian/tedge_mapper/postrm11
-rw-r--r--configuration/init/systemd/tedge-agent.service2
-rw-r--r--configuration/init/systemd/tedge-mapper-az.service2
-rw-r--r--configuration/init/systemd/tedge-mapper-c8y.service2
-rw-r--r--configuration/init/systemd/tedge-mapper-collectd.service2
-rw-r--r--crates/common/tedge_users/src/lib.rs1
-rw-r--r--crates/core/c8y_translator/fuzz/Cargo.lock8
-rw-r--r--crates/core/tedge_agent/src/agent.rs14
-rw-r--r--crates/core/tedge_mapper/src/az/mapper.rs4
-rw-r--r--crates/core/tedge_mapper/src/c8y/mapper.rs12
-rw-r--r--docs/src/howto-guides/002_installation.md13
18 files changed, 47 insertions, 130 deletions
diff --git a/Cargo.lock b/Cargo.lock
index ab748b99..cc5437c8 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2999,7 +2999,7 @@ dependencies = [
[[package]]
name = "tedge_watchdog"
-version = "0.6.1"
+version = "0.6.2"
dependencies = [
"anyhow",
"clap 3.1.6",
diff --git a/configuration/contrib/tedge_upgrade/upgrade_tedge_0.6.sh b/configuration/contrib/tedge_upgrade/upgrade_tedge_0.6.sh
new file mode 100644
index 00000000..df5b1ba0
--- /dev/null
+++ b/configuration/contrib/tedge_upgrade/upgrade_tedge_0.6.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# change the owenership of the below directories/files to `tedge` user,
+# as there is only `tedge` user exists.
+
+sudo chown tedge:tedge /etc/tedge/operations/c8y/c8y_*
+sudo chown tedge:tedge /etc/tedge/.agent
+sudo chown tedge:tedge /var/log/tedge/agent
+sudo chown tedge:tedge /run/lock/tedge_agent.lock
+sudo chown tedge:tedge /run/lock/tedge-mapper-c8y.lock \ No newline at end of file
diff --git a/configuration/debian/tedge/postinst b/configuration/debian/tedge/postinst
index 788fb369..21794570 100755
--- a/configuration/debian/tedge/postinst
+++ b/configuration/debian/tedge/postinst
@@ -2,11 +2,6 @@
set -e
### Create groups
-# thin-edge.io compoments run within their own groups and users the following steps add new groups if they don't exist.
-if ! getent group tedge-users >/dev/null; then
- addgroup --quiet tedge-users
-fi
-
if ! getent group tedge >/dev/null; then
addgroup --quiet --system tedge
fi
@@ -22,11 +17,11 @@ if ! grep -q "/etc/tedge/mosquitto-conf" "/etc/mosquitto/mosquitto.conf"; then
echo "include_dir /etc/tedge/mosquitto-conf" >>/etc/mosquitto/mosquitto.conf
fi
-### Create file in /etc/sudoers.d directory. With this configuration, all users in the group tedge-users have the right to call the tedge command with sudo rights, which is required for system-wide configuration in "/etc/tedge"
-echo "%tedge-users ALL = (ALL) /usr/bin/tedge" >/etc/sudoers.d/tedge-users
+### Create file in /etc/sudoers.d directory. With this configuration, the tedge user have the right to call the tedge command with sudo rights, which is required for system-wide configuration in "/etc/tedge"
+echo "tedge ALL = (ALL) NOPASSWD: /usr/bin/tedge, /etc/tedge/sm-plugins/[a-zA-Z0-9]*, /bin/sync, /sbin/init" >/etc/sudoers.d/tedge
if [ -f "/etc/sudoers.d/010_pi-nopasswd" ]; then
- echo "%tedge-users ALL = (ALL) NOPASSWD: /usr/bin/tedge" >/etc/sudoers.d/tedge-users-nopasswd
+ echo "tedge ALL = (ALL) NOPASSWD: /usr/bin/tedge, /etc/tedge/sm-plugins/[a-zA-Z0-9]*, /bin/sync, /sbin/init" >/etc/sudoers.d/tedge-nopasswd
fi
# Initialize the tedge
diff --git a/configuration/debian/tedge/postrm b/configuration/debian/tedge/postrm
index 27c334de..ab676b96 100644
--- a/configuration/debian/tedge/postrm
+++ b/configuration/debian/tedge/postrm
@@ -7,19 +7,19 @@ remove_user_tedge() {
fi
}
-remove_tedge_users_group() {
- if getent group tedge-users > /dev/null; then
- groupdel tedge-users
+remove_tedge_group() {
+ if getent group tedge > /dev/null; then
+ groupdel tedge
fi
}
remove_sudoers_file() {
- if [ -f "/etc/sudoers.d/tedge-users" ]; then
- rm /etc/sudoers.d/tedge-users
+ if [ -f "/etc/sudoers.d/tedge" ]; then
+ rm /etc/sudoers.d/tedge
fi
- if [ -f "/etc/sudoers.d/tedge-users-nopasswd" ]; then
- rm /etc/sudoers.d/tedge-users-nopasswd
+ if [ -f "/etc/sudoers.d/tedge-nopasswd" ]; then
+ rm /etc/sudoers.d/tedge-nopasswd
fi
}
@@ -44,7 +44,7 @@ purge_var_log() {
case "$1" in
purge)
remove_user_tedge
- remove_tedge_users_group
+ remove_tedge_group
remove_mosquitto_edit
remove_sudoers_file
purge_configs
@@ -53,7 +53,7 @@ case "$1" in
remove)
remove_user_tedge
- remove_tedge_users_group
+ remove_tedge_group
remove_mosquitto_edit
remove_sudoers_file
;;
diff --git a/configuration/debian/tedge_agent/postinst b/configuration/debian/tedge_agent/postinst
index 7430e3dc..4059b182 100644
--- a/configuration/debian/tedge_agent/postinst
+++ b/configuration/debian/tedge_agent/postinst
@@ -2,26 +2,6 @@
set -e
-### Create a group "tedge-agent" if not created before
-if ! getent group tedge-agent >/dev/null; then
- addgroup --quiet --system tedge-agent
-fi
-
-### Create a user "tedge-agent" if not created before
-# Create user tedge-agent with no home(--no-create-home), no login(--shell) and in group tedge-agent(--ingroup)
-if ! getent passwd tedge-agent >/dev/null; then
- adduser --quiet --system --no-create-home --ingroup tedge-agent --shell /usr/sbin/nologin tedge-agent
- adduser tedge-agent tedge
-fi
-
-### Create file in /etc/sudoers.d directory
-# tedge-agent needs to execute some of its operations as a system user therefore it needs an entry in /etc/sudoers.
-echo "%tedge-agent ALL = (ALL) NOPASSWD: /etc/tedge/sm-plugins/[a-zA-Z0-9]*, /bin/sync, /sbin/init" >/etc/sudoers.d/tedge-agent
-
-if [ -f "/etc/sudoers.d/010_pi-nopasswd" ]; then
- echo "%tedge-agent ALL = (ALL) NOPASSWD: /etc/tedge/sm-plugins/[a-zA-Z0-9]*, /bin/sync, /sbin/init" >/etc/sudoers.d/tedge-agent-nopasswd
-fi
-
# Reenable the services only if systemctl is available
if command -v systemctl >/dev/null; then
### Enable the sm services if the device is connected to c8y cloud
@@ -33,6 +13,6 @@ if command -v systemctl >/dev/null; then
fi
# Initialize the agent
-runuser -u tedge-agent -- tedge_agent --init
+runuser -u tedge -- tedge_agent --init
#DEBHELPER#
diff --git a/configuration/debian/tedge_agent/postrm b/configuration/debian/tedge_agent/postrm
index 115688e2..9b4c4681 100644
--- a/configuration/debian/tedge_agent/postrm
+++ b/configuration/debian/tedge_agent/postrm
@@ -1,23 +1,6 @@
#!/bin/sh
set -e
-remove_tedge_agent_user() {
- if getent passwd tedge-agent >/dev/null; then
- pkill -u tedge-agent || true
- deluser --quiet --system tedge-agent
- fi
-}
-
-remove_sudoers_file() {
- if [ -f "/etc/sudoers.d/tedge-agent" ]; then
- rm /etc/sudoers.d/tedge-agent
- fi
-
- if [ -f "/etc/sudoers.d/tedge-agent-nopasswd" ]; then
- rm /etc/sudoers.d/tedge-agent-nopasswd
- fi
-}
-
purge_agent_directory() {
if [ -d "/etc/tedge/.agent" ]; then
rm -rf /etc/tedge/.agent
@@ -26,17 +9,10 @@ purge_agent_directory() {
case "$1" in
purge)
- remove_tedge_agent_user
- remove_sudoers_file
- purge_agent_directory
- ;;
-
- remove)
- remove_tedge_agent_user
- remove_sudoers_file
+ purge_agent_directory
;;
- upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
;;
*)
diff --git a/configuration/debian/tedge_mapper/postinst b/configuration/debian/tedge_mapper/postinst
index a8625f3f..bb12342a 100644
--- a/configuration/debian/tedge_mapper/postinst
+++ b/configuration/debian/tedge_mapper/postinst
@@ -2,19 +2,8 @@
set -e
-### Create a group "tedge-mapper" if not created before
-if ! getent group tedge-mapper >/dev/null; then
- addgroup --quiet --system tedge-mapper
-fi
-
-### Create a user "tedge-mapper" if not created before
-# Create user tedge-mapper with no home(--no-create-home), no login(--shell) and in group tedge(--ingroup)
-if ! getent passwd tedge-mapper >/dev/null; then
- adduser --quiet --system --no-create-home --ingroup tedge-mapper --shell /usr/sbin/nologin tedge-mapper
- adduser tedge-mapper tedge
-fi
### Initialize the sm mapper
-runuser -u tedge-mapper -- tedge_mapper --init c8y
-runuser -u tedge-mapper -- tedge_mapper --init az
+runuser -u tedge -- tedge_mapper --init c8y
+runuser -u tedge -- tedge_mapper --init az
#DEBHELPER#
diff --git a/configuration/debian/tedge_mapper/postrm b/configuration/debian/tedge_mapper/postrm
index eec30fbb..150afe9d 100644
--- a/configuration/debian/tedge_mapper/postrm
+++ b/configuration/debian/tedge_mapper/postrm
@@ -1,13 +1,6 @@
#!/bin/sh
set -e
-remove_tedge_mapper_user() {
- if getent passwd tedge-mapper >/dev/null; then
- pkill -u tedge-mapper || true
- deluser --quiet --system tedge-mapper
- fi
-}
-
purge_operations() {
if [ -d "/etc/tedge/operations" ]; then
rm -rf /etc/tedge/operations
@@ -16,12 +9,10 @@ purge_operations() {
case "$1" in
purge)
- remove_tedge_mapper_user
- purge_operations
+ purge_operations
;;
remove)
- remove_tedge_mapper_user
;;
upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
diff --git a/configuration/init/systemd/tedge-agent.service b/configuration/init/systemd/tedge-agent.service
index 70f0ee9d..6d954ffe 100644
--- a/configuration/init/systemd/tedge-agent.service
+++ b/configuration/init/systemd/tedge-agent.service
@@ -3,7 +3,7 @@ Description=tedge-agent is a thin-edge.io component to support operations.
After=syslog.target network.target mosquitto.service
[Service]
-User=tedge-agent
+User=tedge
RuntimeDirectory=tedge_agent
ExecStart=/usr/bin/tedge_agent
Restart=on-failure
diff --git a/configuration/init/systemd/tedge-mapper-az.service b/configuration/init/systemd/tedge-mapper-az.service
index b87c3d23..062f1d89 100644
--- a/configuration/init/systemd/tedge-mapper-az.service
+++ b/configuration/init/systemd/tedge-mapper-az.service
@@ -3,7 +3,7 @@ Description=tedge-mapper-az checks Thin Edge JSON measurements and forwards to A
After=syslog.target network.target mosquitto.service
[Service]
-User=tedge-mapper
+User=tedge
ExecStart=/usr/bin/tedge_mapper az
Restart=on-failure
RestartPreventExitStatus=255
diff --git a/configuration/init/systemd/tedge-mapper-c8y.service b/configuration/init/systemd/tedge-mapper-c8y.service
index a6de52ea..bfa85775 100644
--- a/configuration/init/systemd/tedge-mapper-c8y.service
+++ b/configuration/init/systemd/tedge-mapper-c8y.service
@@ -3,7 +3,7 @@ Description=tedge-mapper-c8y converts Thin Edge JSON measurements to Cumulocity
After=syslog.target network.target mosquitto.service
[Service]
-User=tedge-mapper
+User=tedge
ExecStart=/usr/bin/tedge_mapper c8y
Restart=on-failure
RestartPreventExitStatus=255
diff --git a/configuration/init/systemd/tedge-mapper-collectd.service b/configuration/init/systemd/tedge-mapper-collectd.service
index 0499c3c9..62e86a49 100644
--- a/configuration/init/systemd/tedge-mapper-collectd.service
+++ b/configuration/init/systemd/tedge-mapper-collectd.service
@@ -3,7 +3,7 @@ Description=tedge-mapper-collectd converts Thin Edge JSON measurements to Cumulo
After=syslog.target network.target mosquitto.service
[Service]
-User=tedge-mapper
+User=tedge
ExecStart=/usr/bin/tedge_mapper collectd
Restart=on-failure
RestartPreventExitStatus=255
diff --git a/crates/common/tedge_users/src/lib.rs b/crates/common/tedge_users/src/lib.rs
index d2065e8f..68ccc32e 100644
--- a/crates/common/tedge_users/src/lib.rs
+++ b/crates/common/tedge_users/src/lib.rs
@@ -12,7 +12,6 @@ pub use windows::*;
pub const ROOT_USER: &str = "root";
pub const TEDGE_USER: &str = "tedge";
-pub const TEDGE_AGENT_USER: &str = "tedge-agent";
pub const BROKER_USER: &str = "mosquitto";
#[allow(dead_code)] // These errors are only raised from unix
diff --git a/crates/core/c8y_translator/fuzz/Cargo.lock b/crates/core/c8y_translator/fuzz/Cargo.lock
index e7a4927b..b9b5965d 100644
--- a/crates/core/c8y_translator/fuzz/Cargo.lock
+++ b/crates/core/c8y_translator/fuzz/Cargo.lock
@@ -25,7 +25,7 @@ checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a"
[[package]]
name = "c8y_translator"
-version = "0.6.1"
+version = "0.6.2"
dependencies = [
"clock",
"json-writer",
@@ -56,7 +56,7 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
[[package]]
name = "clock"
-version = "0.6.1"
+version = "0.6.2"
dependencies = [
"mockall",
"time",
@@ -97,7 +97,7 @@ checksum = "1aab8fc367588b89dcee83ab0fd66b72b50b72fa1904d7095045ace2b0c81c35"
[[package]]
name = "json-writer"
-version = "0.6.1"
+version = "0.6.2"
dependencies = [
"serde_json",
"thiserror",
@@ -309,7 +309,7 @@ checksum = "507e9898683b6c43a9aa55b64259b721b52ba226e0f3779137e50ad114a4c90b"
[[package]]
name = "thin_edge_json"
-version = "0.6.1"
+version = "0.6.2"
dependencies = [
"clock",
"json-writer",
diff --git a/crates/core/tedge_agent/src/agent.rs b/crates/core/tedge_agent/src/agent.rs
index ec2d80b6..b7c7ba27 100644
--- a/crates/core/tedge_agent/src/agent.rs
+++ b/crates/core/tedge_agent/src/agent.rs
@@ -226,18 +226,8 @@ impl SmAgent {
#[instrument(skip(self), name = "sm-agent")]
pub async fn init(&mut self, config_dir: PathBuf) -> Result<(), anyhow::Error> {
let cfg_dir = config_dir.as_path().display().to_string();
- create_directory_with_user_group(
- &format!("{cfg_dir}/.agent"),
- "tedge-agent",
- "tedge-agent",
- 0o775,
- )?;
- create_directory_with_user_group(
- "/var/log/tedge/agent",
- "tedge-agent",
- "tedge-agent",
- 0o775,
- )?;
+ create_directory_with_user_group(&format!("{cfg_dir}/.agent"), "tedge", "tedge", 0o775)?;
+ create_directory_with_user_group("/var/log/tedge/agent", "tedge", "tedge", 0o775)?;
info!("Initializing the tedge agent session");
mqtt_channel::init_session(&self.config.mqtt_config).await?;
diff --git a/crates/core/tedge_mapper/src/az/mapper.rs b/crates/core/tedge_mapper/src/az/mapper.rs
index 2971d2f9..7f608f08 100644
--- a/crates/core/tedge_mapper/src/az/mapper.rs
+++ b/crates/core/tedge_mapper/src/az/mapper.rs
@@ -33,8 +33,8 @@ impl TEdgeComponent for AzureMapper {
let config_dir = cfg_dir.display().to_string();
create_directory_with_user_group(
&format!("{config_dir}/operations/az"),
- "tedge-mapper",
- "tedge-mapper",
+ "tedge",
+ "tedge",
0o775,
)?;
diff --git a/crates/core/tedge_mapper/src/c8y/mapper.rs b/crates/core/tedge_mapper/src/c8y/mapper.rs
index 3bb4d2dd..3842b3a5 100644
--- a/crates/core/tedge_mapper/src/c8y/mapper.rs
+++ b/crates/core/tedge_mapper/src/c8y/mapper.rs
@@ -94,20 +94,20 @@ impl TEdgeComponent for CumulocityMapper {
fn create_directories(config_dir: &str) -> Result<(), anyhow::Error> {
create_directory_with_user_group(
&format!("{config_dir}/operations/c8y"),
- "tedge-mapper",
- "tedge-mapper",
+ "tedge",
+ "tedge",
0o775,
)?;
create_file_with_user_group(
&format!("{config_dir}/operations/c8y/c8y_SoftwareUpdate"),
- "tedge-mapper",
- "tedge-mapper",
+ "tedge",
+ "tedge",
0o644,
)?;
create_file_with_user_group(
&format!("{config_dir}/operations/c8y/c8y_Restart"),
- "tedge-mapper",
- "tedge-mapper",
+ "tedge",
+ "tedge",
0o644,
)?;
Ok(())
diff --git a/docs/src/howto-guides/002_installation.md b/docs/src/howto-guides/002_installation.md
index 7e29b12e..d69974c5 100644
--- a/docs/src/howto-guides/002_installation.md
+++ b/docs/src/howto-guides/002_installation.md
@@ -103,19 +103,6 @@ Eg:
dpkg -i tedge_mapper_0.5.0_armhf.deb
```
-### Add your user to `tedge-users` group
-
-During the installation process, a `tedge-users` group is automatically created,
-in order to ease the administration of who can use the `sudo tedge` command on the device.
-Indeed, the `tedge` command needs to be run using `sudo`.
-So, unless all the users are granted sudo privileges, you have to add a user to the `tedge-users` group for that user to be able to use `tedge`.
-
-Run this command to add a user to the group.
-
-```shell
-sudo adduser <user> tedge-users
-```
-
## Next steps
1. [Connect your device to Cumulocity IoT](../tutorials/connect-c8y.md)