[collectd] The Exec plugin and enforcing non-root execution

[Jan Kundrát]

Hi,
I want to monitor status of the redundant power supply on a Supermicro 
motherboard (H8DGT). It is available via IPMI, but even after patching 
src/ipmi.c, I cannot get collectd to monitor that particular sensor. Turns 
out this is because the "sensor reading type" is "sensor specific". Even 
when I patch ipmi.c to call ipmi_sensor_id_get_reading even for these 
sensors, the sensor_read_handler function is simply not called -- 
presumably because this reading type confuses OpenIPMI which refuses to 
work with that. I cannot blame it, but that'[s the HW we've bought a couple 
months ago :(.

OK, I can easily get roughly the same result via the command line -- simply 
executing `ipmitool sdr get 'PS Status' | grep 'Sensor Reading' | cut -d : 
-f 2 | tr -d '[[:space:]]' | tr -d h` is ugly, but works well enough. 
However, this command needs root, as /dev/ipmi0 is root:root, 0660.

Now I could set up sudo for this script, I could also have it run from cron 
and talk to collectd via socat and the unix sock plugin, I could even write 
a C suid wrapper for just this, or perhaps mess with udev rules for making 
that device node owned by another group. However, I would have to do all 
that just because there are four lines in exec.c which prevent running 
plugins as root.

I would like to respectfully ask you to reconsider this design choice. 
Please consider my use case, as well as the plugins on the net (and even 
collectd.git's own contrib/exec-smartctl). Do we *really* get any benefit 
by this forced dropping of root, only to gain it again through a SUID 
wrapper? I just fail to see any benefits here.

I've read the git log, apparently this has been the status quo since the 
very beginning seven years ago. I'm sure there must have been *some* 
reason, but I fail to see it -- please, educate me.

With kind regards,
Jan

-- 
Trojitá, a fast Qt IMAP e-mail client -- http://trojita.flaska.net/