blob: ec91f6e8dd02d421c1aee64d702c37adbce9ac7c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
#!/bin/sh
set -e
### Create groups
if ! getent group tedge >/dev/null; then
groupadd --system tedge
fi
### Create users
# Create user tedge with no home(--no-create-home), no login(--shell) and in group tedge(--gid)
if ! getent passwd tedge >/dev/null; then
useradd --system --no-create-home --shell /sbin/nologin --gid tedge tedge
fi
### Create file in /etc/sudoers.d directory. With this configuration, the tedge user have the right to call the tedge command with sudo rights, which is required for system-wide configuration in "/etc/tedge"
echo "tedge ALL = (ALL) NOPASSWD: /usr/bin/tedge, /etc/tedge/sm-plugins/[a-zA-Z0-9]*, /bin/sync, /sbin/init" >/etc/sudoers.d/tedge
if [ -f "/etc/sudoers.d/010_pi-nopasswd" ]; then
echo "tedge ALL = (ALL) NOPASSWD: /usr/bin/tedge, /etc/tedge/sm-plugins/[a-zA-Z0-9]*, /bin/sync, /sbin/init" >/etc/sudoers.d/tedge-nopasswd
fi
# change the owenership of the below directories/files to `tedge` user,
# as there is only `tedge` user exists.
if [ -d "/etc/tedge/operations/c8y" ]; then
sudo chown tedge:tedge /etc/tedge/operations/c8y
sudo chown tedge:tedge /etc/tedge/operations/c8y/c8y_*
fi
if [ -d "/etc/tedge/operations/az" ]; then
sudo chown tedge:tedge /etc/tedge/operations/az
fi
if [ -d "/etc/tedge/.agent/" ]; then
sudo chown tedge:tedge /etc/tedge/.agent
fi
if [ -d "/var/log/tedge/agent/" ]; then
sudo chown tedge:tedge /var/log/tedge/agent
fi
if [ -f "/run/lock/tedge_agent.lock" ]; then
sudo chown tedge:tedge /run/lock/tedge_agent.lock
fi
if [ -f "/run/lock/tedge-mapper-c8y.lock" ]; then
sudo chown tedge:tedge /run/lock/tedge-mapper-c8y.lock
fi
if [ -f "/run/lock/tedge-mapper-az.lock" ]; then
sudo chown tedge:tedge /run/lock/tedge-mapper-az.lock
fi
if [ -f "/run/lock/tedge-mapper-collectd.lock" ]; then
sudo chown tedge:tedge /run/lock/tedge-mapper-collectd.lock
fi
|
