search

fboaventura / dckr-mrtg

:whale: Docker MRTG Instance that will configure monitoring from the environment variable.
https://hub.docker.com/r/fboaventura/dckr-mrtg/
MIT License
26 stars 17 forks source link

initgroups failed: root Permission denied #6

Closed Swiftyhu closed 1 year ago

Swiftyhu commented 2 years ago

Hi!

I'm getting this error message....

mrtg_1  | FILE /etc/crontabs/root USER root PID  34 /usr/bin/mrtg /etc/mrtg/mrtg.cfg || true
mrtg_1  | initgroups failed: root Permission denied
mrtg_1  | unable to ChangeUser (user root /usr/bin/mrtg /etc/mrtg/mrtg.cfg || true)
mrtg_1  | exit status 1 from user root /usr/bin/mrtg /etc/mrtg/mrtg.cfg || true

It never gets data from the router...

Swiftyhu commented 2 years ago

Maybe this is the solution: https://github.com/inter169/systs/blob/master/alpine/crond/README.md

fboaventura commented 2 years ago

@Swiftyhu I'll take a look at this error ASAP.

Sorry about the delay. I wasn't getting notifications from Github.

fboaventura commented 2 years ago

@Swiftyhu, if you are still using it, can you please validate that the crontab is working? It seems that on a previous Alpine version, the issue was fixed.

Swiftyhu commented 2 years ago

Hi @fboaventura

I have just pulled the newest version.... v2.4.0 However:

mrtg_1  | 2022-11-22 12:08:58: (server.c.1568) server started (lighttpd/1.4.64)
mrtg_1  | FILE /etc/crontabs/root USER root PID  23 /usr/bin/mrtg /etc/mrtg/mrtg.cfg || true
mrtg_1  | initgroups failed: root Permission denied
mrtg_1  | unable to ChangeUser (user root /usr/bin/mrtg /etc/mrtg/mrtg.cfg || true)
mrtg_1  | exit status 1 from user root /usr/bin/mrtg /etc/mrtg/mrtg.cfg || true
fboaventura commented 2 years ago

@Swiftyhu, can you please, share the relevant part of your docker-compose.yml or the configuration part of your deployment?

I use this docker-compose.yml file to run the tests:

---
version: "3.5"
services:
  mrtg:
    image: fboaventura/dckr-mrtg:v2.4.0
    hostname: mrtg
    restart: always
    ports:
      - "8880:80"
    volumes:
      - "./conf.d:/etc/mrtg/conf.d"
      - "./html:/usr/share/nginx/html"
    environment:
      TZ: "Brazil/East"
      HOSTS: 'public:snmpd'
    tmpfs:
      - "/run"
  snmpd:
    image: crazymax/snmpd
    container_name: snmpd
    privileged: true
    ports:
      - target: 161
        published: 161
        protocol: udp
    volumes:
      - "/:/rootfs:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - ./snmpd.conf:/etc/snmpd.conf
    restart: always

With this snmpd.conf:

sysLocation    Here
sysContact     s@s.net

sysServices    72

master  agentx

view   systemonly  included   .1.3.6.1.2.1.1
view   systemonly  included   .1.3.6.1.2.1.25.1

rocommunity  public default

And I didn't see the error. It is on my roadmap to make the instance run as a non-root user, but I didn't get to this yet, so everything inside the instance is being executed as root.

TweakM commented 1 year ago

My pull request (https://github.com/fboaventura/dckr-mrtg/pull/13) might solve this problem as it adds the capability to specify a USERID and GROUPID for the lighttpd service

fboaventura commented 1 year ago

@Swiftyhu, can you verify if the issue is fixed for you, please?