search

librenms / docker

LibreNMS Docker image
MIT License
691 stars 278 forks source link

LibreNMS docker user cannot find fping #197

Closed duhow closed 3 years ago

duhow commented 3 years ago

Behaviour

Steps to reproduce this issue

  1. Call ping.php with user librenms

Expected behaviour

fping should work

Actual behaviour

sh: exec: line 1: fping: not found

Configuration

Logs

bash-5.1# su librenms
/root $ cd /opt/librenms/
/opt/librenms $ whoami
librenms
/opt/librenms $ ./ping.php -v -d
SQL[select `devices`.`device_id`, `hostname`, `overwrite_ip`, `status`, `status_reason`, `last_ping`, `last_ping_timetaken`, `max_depth` from `devices` left join `devices_attribs` on `devices`.`device_id` = `devices_attribs`.`device_id` and `devices_attribs`.`attrib_type` = ? where `disabled` = ? and (`devices_attribs`.`attrib_value` is null or `devices_attribs`.`attrib_value` != ?) order by `max_depth` asc ["override_icmp_disable",0,"true"] 2.01ms] 

Tier 0 (11): 192.168.2.32, 192.168.2.34, 192.168.2.36, 192.168.2.38, 192.168.2.40, 192.168.2.1, 192.168.2.33, 192.168.2.35, 192.168.2.37, 192.168.2.39, 192.168.2.57
'fping' '-f' '-' '-e' '-t' '500' '-r' '2'  
sh: exec: line 1: fping: not found  
Pinged 11 devices in 0.02s
/opt/librenms $ which fping
/opt/librenms $ 

bash-5.1# whoami
root
bash-5.1# which fping
/usr/sbin/fping
bash-5.1# /opt/librenms/ping.php -v -d
SQL[select `devices`.`device_id`, `hostname`, `overwrite_ip`, `status`, `status_reason`, `last_ping`, `last_ping_timetaken`, `max_depth` from `devices` left join `devices_attribs` on `devices`.`device_id` = `devices_attribs`.`device_id` and `devices_attribs`.`attrib_type` = ? where `disabled` = ? and (`devices_attribs`.`attrib_value` is null or `devices_attribs`.`attrib_value` != ?) order by `max_depth` asc ["override_icmp_disable",0,"true"] 1.52ms] 

Tier 0 (11): 192.168.2.1, 192.168.2.33, 192.168.2.35, 192.168.2.37, 192.168.2.39, 192.168.2.57, 192.168.2.32, 192.168.2.34, 192.168.2.36, 192.168.2.38, 192.168.2.40
'fping' '-f' '-' '-e' '-t' '500' '-r' '2'  
192.168.2.1 is alive (0.186 ms)  
Attempting to record data for 192.168.2.1... Success
SQL[update `devices` set `last_ping` = ?, `last_ping_timetaken` = ? where `device_id` = ? ["2021-04-24 10:10:50","0.186",1] 6.92ms] 

RRD[update /data/rrd/192.168.2.1/ping-perf.rrd N:0.186]  
RRDtool Output: Recorded data for 192.168.2.1 (tier 0)  
192.168.2.33 is alive (0.209 ms)  
Attempting to record data for 192.168.2.33... Success
SQL[update `devices` set `last_ping` = ?, `last_ping_timetaken` = ? where `device_id` = ? ["2021-04-24 10:10:50","0.209",3] 2.61ms] 

RRD[update /data/rrd/192.168.2.57/ping-perf.rrd N:173]  
RRDtool Output: OK u:0.00 s:0.01 r:0.14
Recorded data for 192.168.2.57 (tier 0)  
Pinged 11 devices in 0.24s

Moved from https://github.com/librenms/librenms/issues/12791

murrant commented 3 years ago

I know it is not the fix, but as a workaround, you can set fping to /usr/sbin/fping in the webui

crazy-max commented 3 years ago

@duhow Cannot reproduce:

$ docker-compose exec librenms php ping.php
Pinged 11 devices in 0.15s
duhow commented 3 years ago

@crazy-max like I said, user root can, user librenms cannot.

root@nukevim:/dev/shm/docker/examples/compose# docker-compose exec librenms php ping.php
Pinged 0 devices in 0.01s
root@nukevim:/dev/shm/docker/examples/compose# docker-compose exec librenms whoami
root
root@nukevim:/dev/shm/docker/examples/compose# docker-compose exec librenms which fping
/usr/sbin/fping
crazy-max commented 3 years ago

@duhow 

$ docker-compose exec --user librenms librenms bash -c "whoami && which fping && php ping.php"
librenms
/usr/sbin/fping
Pinged 11 devices in 0.15s
$ docker-compose exec librenms bash -c "whoami && which fping && php ping.php"
root
/usr/sbin/fping
Pinged 11 devices in 0.15s
duhow commented 3 years ago

Found su -l librenms does provide the correct path and enables user to execute it.