Community Packages

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#74548 - [prometheus-bird-exporter] Exporter cannot access bird control socket

Attached to Project: Community Packages
Opened by Brian BIdulock (bidulock) - Sunday, 24 April 2022, 10:19 GMT
Last edited by David Thurstenson (thurstylark) - Wednesday, 27 April 2022, 22:41 GMT
Task Type Bug Report
Category Packages
Status Assigned
Assigned To Tim (bastelfreak)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No

Details

Description:

The configuration of prometheus-bird-exporter.service is restricting it
from accessing the /run/bird/bird.ctl socket necessary for it to scrape
metrics.

This is because it is run with User=bird_exporter Group=bird_exporter
which prohibit it from accessing the /run/bird/bird.ctl socket.

Additional info:
* package version(s)

bird 2.0.9-2
prometheus-bird-exporter 1.2.6-1

* config and/or log files etc.

#/etc/conf.d/prometheus-bird-exporter
BIRD_EXPORTER_ARGS="-bird.v2=true -bird.socket /run/bird/bird.ctl"

above config otherwise prometheus-bird-exporter.service looks for
control socket in /var/run/bird.ctl by default.

* link to upstream bug report, if any

Steps to reproduce:

Install bird and prometheus-bird-exporter

$> systemctl start bird.service

$> prometheus-bird-exporter -bird.v2=true -bird.socket /run/bird/bird.ctl &
$> curl localhost:9324/metrics

The above two will work (as prometheus-bird-exporter is run as root).

$> kill %1
$> systemctl start prometheus-bird-exporter.service
$> curl localhost:9324/metrics
$> systemctl status prometheus-bird-exporter.service

Above yields:

Apr 24 03:58:57 hamm prometheus-bird-exporter[676776]: time="2022-04-24T09:58:57Z" level=error msg="dial unix /run/bird/bird.ctl: connect: permission denied"
Apr 24 03:59:00 hamm prometheus-bird-exporter[676776]: time="2022-04-24T09:59:00Z" level=error msg="dial unix /run/bird/bird.ctl: connect: permission denied"

This task depends upon

Comment by Tim (bastelfreak) - Wednesday, 04 May 2022, 06:46 GMT
Hi,
sorry for the late reply. The own user/group is on purpose. The idea is that you add the bird_exporter user to the bird group. This is currently not done by the package itself ( I think that's not possible, but I'm not sure). I could add a postinstall message that informs user about it. If you prefer to run the exporter as root, you can use a systemd dropin file to overwrite the User/Group settings.

Does that help you?
Comment by Brian BIdulock (bidulock) - Thursday, 05 May 2022, 16:07 GMT
You could have installed a sysusers.d file as part of the package that adds bird_exporter user to the bird group with the line:

m bird_exporter bird

Please do this to avoid breaking existing installations during upgrade. Thank you.
Comment by Brian BIdulock (bidulock) - Thursday, 05 May 2022, 16:13 GMT
So, just add the line

m bird_exporter bird

to the prometheus-bird-exporter.conf file that you are already installing in /usr/lib/sysusers.d
Comment by Brian BIdulock (bidulock) - Thursday, 05 May 2022, 16:20 GMT
The bird package has DynamicUser=true in its service unit. Just the m line will break the service unit because the static group will be created without a static user named bird.
Comment by Tim (bastelfreak) - Thursday, 05 May 2022, 19:38 GMT
The exporter has no dependency to bird at the moment (but we could change that). I think we could add the sysusers file when https://bugs.archlinux.org/task/71902 is solved.

Loading...