[collectd] Can't run collectd as unprivileged user in network mode

George izghitu at gmail.com
Fri Dec 14 14:44:39 CET 2018 

Hi,

I am trying to configure collectd to run as a central server for other
collectd clients and to LISTEN for incoming requests. I need it to run as
an unprivileged user but it fails with the following errors:
[metrics at office ~]$ collectd -C /etc/collectd.conf  -f
[2018-12-14 05:31:16] plugin_load: plugin "logfile" successfully loaded.
[2018-12-14 05:31:16] logfile: invalid loglevel [debug] defaulting to 'info'
[2018-12-14 05:31:16] plugin_load: plugin "network" successfully loaded.
[2018-12-14 05:31:16] plugin_load: plugin "rrdtool" successfully loaded.
[2018-12-14 05:31:16] network plugin: setsockopt (bind-if): Operation not
permitted
[2018-12-14 05:31:16] network plugin: network_config_add_listen:
sockent_server_listen failed.
[2018-12-14 05:31:16] set_thread_name("rrdtool queue"): Permission denied
[2018-12-14 05:31:16] set_thread_name("writer#0"): Permission denied
[2018-12-14 05:31:16] set_thread_name("writer#1"): Permission denied
[2018-12-14 05:31:16] set_thread_name("writer#2"): Permission denied
[2018-12-14 05:31:16] set_thread_name("writer#3"): Permission denied
[2018-12-14 05:31:16] set_thread_name("writer#4"): Permission denied
[2018-12-14 05:31:16] Initialization complete, entering read-loop.
^C[2018-12-14 05:31:17] Exiting normally.
[2018-12-14 05:31:17] collectd: Stopping 5 write threads.
[2018-12-14 05:31:17] rrdtool plugin: Shutting down the queue thread.

The OS is CentOS 7. The collectd version is the latest. The
/var/lib/collectd, /usr/lib/collectd, /etc/collectd.conf and
/etc/collectd.passwd files/folders are owned by the metrics user and the
network plugin settings are below:
<Plugin "network">
        <Listen "HIDDEN" "25826">
                SecurityLevel "Sign"
                AuthFile "/etc/collectd.passwd"
                Interface "enp1s0f0"
        </Listen>
</Plugin>

I tried the setcap command like this:
setcap 'cap_net_bind_service=+epi' /usr/sbin/collectd

but it did not help.
Please help. Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.verplant.org/pipermail/collectd/attachments/20181214/ce4f33bb/attachment.html>

More information about the collectd mailing list