rasto
commented
11 years ago Hi,
the proper quick hack would be to add SUDO in front of every grep /var/log... command in DistResource.java file. :)
The problem with this solution is that if you allow just some commands for sudo, you'd have to allow the "sudo grep" command and it would let the user see any file. (that's why it's not there)
Other solution is to change permissions on the log files, so that the required users can read it.
Only if you allow all the commands for a user, it would make sense to run "sudo grep /var/log".
I think what LCMC can do to cover all the possibilities in the future: check permissions of the log file, if not readable, try it with sudo.
scr267
Hello Rasto,
I'm using LCMC to manage some pacemaker / drbd clusters and I've got a request for a small modification: When logged into a cluster as a user who has sudo privileges, the log viewer mechanism does not seem to make use of it; we always get permission denied errors.
I've been looking at the code and think that in the file DistResource.java where you have your logs object constants ( around lines 397 -- 406 ) it may be possible to use the SUDO constant. I've tested this but unfortunately it doesn't work because the pattern needs to be converted to the proper distribution command. The refreshLogs function in Logs.java uses the execCommandRaw function to execute it. "SUDO" will not get the distribution conversion and will get passed to the host as is... "@DMCSUDO@".
I've also attempted to modify the "command" string which requests the logs in Logs.java
final String command = DistResource.SUDO + host.getDistCommand(logFileCommand(), replaceHash);
Again, the "SUDO" placeholder appears instead of a distribution specific sudo command... Obviously I'm not knowledgeable enough of the code to be able to submit a patch.
I've been using LCMC for over a year and I find that the progress made on the tool is fantastic. Great job!
Xavier