Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assorted updates for apps_groups.conf. #13618

Merged
merged 21 commits into from
Sep 4, 2022
Merged

Assorted updates for apps_groups.conf. #13618

merged 21 commits into from
Sep 4, 2022

Conversation

Ferroin
Copy link
Member

@Ferroin Ferroin commented Sep 2, 2022
edited
Loading

Summary

This is a sweeping set of updates to the default apps plugin configuration, with the goal of a basic install of most Linux distributions having complete coverage of all basic system services (IOW, everything under other on such a system should be user activity).

  • The auth group is expanded to include sssd (used on Fedora and RHEL systems) and gssproxy, as well as properly categorizing polkitd and saslauthd as authentication tools instead of ‘system’ and ‘mail’ respectively.
  • The httpd group now includes H2O.
  • The email group now includes msmtp (widely used on minimalist systems, as well as in our own Docker images) and nullmailer (widely used on Debian systems).
  • The netmanager group is expanded to include all the common network management daemons.
  • A new ‘firewall’ group covers firewalld, UFW, and the nftables tooling.
  • A new bluetooth group has been added to cover Bluetooth tooling.
  • The ha group now includes ucarp, which is a userspace FOSS implementation of Cisco’s VRRP, used on pfSense and other firewall appliances.
  • The logs group now includes syskogd and metalog (the next most common syslog implementations after what we already have listed).
  • Monit is now it’s own group, instead of being grouped with other NMS tools. It’s used for a lot more than just NMS.
  • Watchdog is now it’s own group, instead of being grouped with other NMS tools, as it has a nontrivial probability of matching things that are not NMS tools.
  • A new group has been added to cover libvirt services.
  • A new group has been added to cover userspace guest agents for VMs. Currently includes the QEMU and SPICE guest agents, plus cloud-init (which is functionally a guest agent).
  • SFTP tooling has been added to the ssh group. Depending on circumstances, the SFTP component may actually be a separate process from the SSH server, so we should be explicitly matching on it here.
  • PTP tooling has been added to the time group. PTP is an alternative to NTP that provides much tighter synchronization over local networks with much lower overhead, but does not support ‘internet time’. It’s used mostly in scientific computing contexts where clock synchronization within a cluster is more important than the cluster having the ‘correct’ time from outside perspectives.
  • The ISC DHCP client (dhclient) is now properly categorized as DHCP tooling.
  • Avahi is now properly categorized in the dns group (except for avahi-autoipd, which is a netowrk manager).
  • Coverage of package managers has been greatly expanded with a new packagemanager group. This group includes standard package management tooling from most common distributions, as well as packagekit (moved from the system group).
  • The media group has been expanded to include a couple of additional media players.
  • A new audio group has been added to cover sound servers. It includes pulseaudio (moved from the now renamed X group), pipewire, wireplumber (the pipewire session management tooling), and JACK.
  • The X group has been renamed to gui, and expanded to include colord (moved from the system group), seatd (a seat management daemon popular for use with Wayland), greetd (a display-manager equivalent tool used widely with Wayland), and a selection of popular Wayland compositors.
  • The system group has been greatly expanded, and now includes all of the following:
    • elogind: A popular non-systemd replacement for systemd-logind. Used by default on most non-systemd systems.
    • eudev and mdev: Popular alternatives to the systemd udev implementation.
    • llvmpolld and dmeventd: Widely used supplementary services for LVM. llvmpolld provides background completion polling for long running LVM operations, and dmeventd provides monitoring and auto-remediation functionality.
    • rasdaemon: Provides userspace logging of memory errors and MCEs.
    • irqbalance: Widely used tool for managing IRQ distribution on large x86 systems
    • start-stop-daemon: Widely used tool for managing daemons on non-systemd systems.
    • A generic match for init.
    • OpenRC’s standard tooling (the openrc* and supervise-daemon matches).
    • Runit’s standard tooling (the runit, runsvdir, and runsv matches).
    • auditd: the standard userspace component for Linux’s auditing framework.
    • lsmd: System service for libstoragemanagement, used by default on RHEL systems.
    • abrt: The RHEL/Fedora automatic bug reporting tool.
    • NSCD: The name service cache daemon, used by default on openSUSE, provides caching for getent() calls.
  • A new inetd group has been created for inetd and xinetd (moved from the system group). These both are potential targets for DoS attacks, so categorizing them separately is important.
  • A new filesysnc group has been created for Dropbox and Syncthing.
Test Plan

The modified config file can be directly copied to any system running Netdata, and then the agent restarted.

@Ferroin
Move connmand to network management tools, and add wicked.
54d5d3b 
Connmand is definitely a network management tool, and we were missing
SUSE’s home-grown tooling (wicked) as well.
@Ferroin
Add H2O to web servers.
4f17da1
@Ferroin
Add msmtp and nullmailer to email servers.
b9a6b69
@Ferroin
Add ucarp to HA group.
9ca8f24 
ucarp is a userspace implementation of CARP, a FOSS clone of Cisco's
VRRP. It’s used for automatic failover across routers and between
systems where the exact instance connected to does not matter.
@Ferroin
Split monit and watchdog to their own groups.
a53eb32 
Monit is used for a lot more than just network monitoring (it’s also a
service manager, and can even be used as an init system).

‘watchdog’ is a super-generic name, and while there may be some NMS with
that name, it also happens to match a local watchdog device manager (not
unusual on a server), so it really should be it’s own thing.
@Ferroin
Add SFTP tooling to ssh group.
0088d90
@Ferroin
Add PTP tooling to time group.
c638324
@Ferroin
Create a packagemanager group.
8051a46 
This folds in the existing apt group, as well as matching packagekit
instead of having the system group match it, and also adds a bunch of
other package management tools. Additionally, add RPM and DEB build
tooling to the build group.
@Ferroin
Update media grouping.
08a2d0b 
Adds clementine and strawberry music players, and also creates a new
group called audio that includes pulseaudio, pipewire, and jack tooling.
@Ferroin
Rename X group to gui and expand it.
fb257db 
Moves colord to gui group, adds seatd (used with some wayland
compositors), greetd (a popular display-manager equivalent for wayland
setups), and a couple of popular wayland-native compositors.
@Ferroin
Update system and logging groups
98a0329 
- Add sysklogd and metalog to logs group.
- Split inetd and xinetd to their own group.
- Add a number of common system services to the system group.
- Add common service management tooling to the system group (covering
  OpenRC and runit).
@Ferroin
Add libvirt group.
ee6191a
@Ferroin
Add common VM guest agent group.
33c53df
@Ferroin
Add dhclient to dhcp group.
44958b9
@Ferroin
Add printing group covering CUPS and lpd.
4da46ba
@Ferroin
Categorize Avahi correctly (it’s DNS and SLAAC, not media).
7263eea
@Ferroin
Add filesync group.
f0d6c41 
Covering Dropbox and Syncthing.
@Ferroin
Even more common services.
ed24519
@Ferroin
Add new bluetooth group.
4184c4f
@github-actions github-actions bot added area/collectors Everything related to data collection collectors/apps labels Sep 2, 2022
@Ferroin Ferroin marked this pull request as ready for review September 2, 2022 16:24
ilyam8
ilyam8 previously approved these changes Sep 3, 2022
View reviewed changes
@thiagoftsm thiagoftsm self-requested a review September 3, 2022 20:35
thiagoftsm
thiagoftsm approved these changes Sep 3, 2022
View reviewed changes
Copy link
Contributor

@thiagoftsm thiagoftsm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now that ❤️ slackpkg ❤️ was added 😆 😄 🤣, LGTM!

@ilyam8 ilyam8 merged commit 5cff446 into netdata:master Sep 4, 2022
@Ferroin Ferroin deleted the apps-system branch September 5, 2022 12:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thiagoftsm thiagoftsm thiagoftsm approved these changes

@ilyam8 ilyam8 ilyam8 approved these changes

@vlvkobal vlvkobal Awaiting requested review from vlvkobal

Assignees
No one assigned
Labels
area/collectors Everything related to data collection collectors/apps
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Ferroin @ilyam8 @thiagoftsm