Module: check_mk
Branch: master
Commit: 5a9a96b6d020a651d309a4207eff1c3aaa35b126
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=5a9a96b6d020a6…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue Nov 30 16:37:02 2010 +0100
wato: Implemented usage of sudo in wato when running e.g. in OMD shared mode; Added nice
error message with detailed instructions on how to fix the problem
---
web/htdocs/htmllib.py | 7 ++++---
web/htdocs/wato.py | 27 ++++++++++++++++++++++-----
2 files changed, 26 insertions(+), 8 deletions(-)
diff --git a/web/htdocs/htmllib.py b/web/htdocs/htmllib.py
index 5673a09..333fda4 100644
--- a/web/htdocs/htmllib.py
+++ b/web/htdocs/htmllib.py
@@ -24,7 +24,7 @@
# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
# Boston, MA 02110-1301 USA.
-import time, cgi, config, os, defaults
+import time, cgi, config, os, defaults, pwd
from lib import *
# Python 2.3 does not have 'set' in normal namespace.
# But it can be imported from 'sets'
@@ -496,7 +496,8 @@ class html:
self.write("Booom (%s)" % url)
def omd_mode(self):
+ apache_user = pwd.getpwuid( os.getuid() )[ 0 ]
if 'OMD_SITE' in self.req.subprocess_env and 'OMD_MODE' in
self.req.subprocess_env:
- return (self.req.subprocess_env['OMD_MODE'],
self.req.subprocess_env['OMD_SITE'])
+ return (apache_user, self.req.subprocess_env['OMD_MODE'],
self.req.subprocess_env['OMD_SITE'])
else:
- return (None, None)
+ return (apache_user, None, None)
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index 020f7c8..1b3df4c 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -493,27 +493,44 @@ def check_mk_automation(command, args=[], indata=""):
if defaults.check_mk_automation:
commandargs = defaults.check_mk_automation.split()
else:
- omd_mode, omd_site = html.omd_mode()
+ apache_user, omd_mode, omd_site = html.omd_mode()
if not omd_mode or omd_mode == 'own':
commandargs = [ 'check_mk', '--automation' ]
else:
- commandargs = [ 'python',
+ commandargs = [ 'sudo', '-u', omd_site,
'/usr/bin/env', 'python',
'/omd/sites/'+omd_site+'/share/check_mk/modules/check_mk.py',
'--defaults',
'/omd/sites/'+omd_site+'/etc/check_mk/defaults',
'--automation' ]
+
+ if commandargs[0] == 'sudo':
+ sudo_msg = ("<p>The webserver is running as user which has no rights
on the "
+ "needed Check_MK/Nagios files.<br />Please ensure you have
set-up "
+ "the sudo environment correctly. e.g. proceed as
follows:</p>\n"
+ "<ol><li>install sudo package</li>\n"
+ "<li>Append the following to the
<code>/etc/sudoers</code> file:\n"
+ "<pre># Needed for WATO - the Check_MK Web Administration
Tool\n"
+ "Defaults:%s !requiretty\n"
+ "%s ALL = (%s) NOPASSWD: %s *\n"
+ "</pre></li>\n"
+ "<li>Retry this operation</li></ol>\n" %
+ (apache_user, apache_user, omd_site, "
".join(commandargs[2:])))
+
cmd = commandargs + [ command ] + args
try:
p = subprocess.Popen(cmd,
stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
except Exception, e:
- raise MKGeneralException("Cannot execute <tt>%s</tt>: %s" %
(commandargs[0], e))
+ if commandargs[0] == 'sudo':
+ raise MKGeneralException("Cannot execute <tt>%s</tt>:
%s<br /><br >%s" % (commandargs[0], e, sudo_msg))
+ else:
+ raise MKGeneralException("Cannot execute <tt>%s</tt>:
%s" % (commandargs[0], e))
p.stdin.write(repr(indata))
p.stdin.close()
outdata = p.stdout.read()
exitcode = p.wait()
if exitcode != 0:
- raise MKGeneralException("Error running <tt>%s</tt>:
<pre>%s</pre>" %
- (" ".join(cmd), outdata))
+ raise MKGeneralException("Error running <tt>%s</tt>:
<pre>%s</pre>%s" %
+ (" ".join(cmd), outdata, sudo_msg))
try:
return eval(outdata)
except Exception, e: