Telegraf - smartmontools not working

dR3b · August 6, 2019, 10:04am

I approached it this way:

Add sudo rights for telegraf:

security.sudo.extraRules = [{
  commands = [{
    command = "${pkgs.smartmontools}/bin/smartctl";
    options = [ "NOPASSWD" ];
  }];
  users = [ "telegraf" ];
}];

Add path for sensoers and smartmontools:

systemd.services.telegraf.path = [ pkgs.lm_sensors pkgs.smartmontools ];

Add the check:

services.telegraf = {
  enable = true;
  extraConfig =  {
    inputs = {

      ...

      sensors = [{}];
      smart = [{
        use_sudo = true;
      }];

      ...

    };
  };
};

Error:

[inputs.smart]: Error in plugin: failed to run command sudo -n /nix/store/zyxd72dfgwpmy4896xlfk44b75snign2-smartmontools-7.0/bin/smartctl --scan: exit status 1 - sudo: /nix/store/w6hlz3cd54w7sppp20ay0pc8c7pcd90b-sudo-1.8.27/bin/sudo sudo: effective uid is not 0, is sudo installed setuid root?

What am I missing?
Thanks.

zimbatm · August 8, 2019, 12:11pm

It looks like it’s using the sudo package binary directly but the /nix/store doesn’t support setuid flags. For that we have the setuid wrappers like /run/wrappers/bin/sudo that is being installed by security.sudo.enable = true;.

Make sure that security.sudo.enable = true; is set and that the sudo package is not part of the environment.systemPackages list. If that doesn’t work it means that something in the telegraf module is loading sudo directly.

dR3b · August 8, 2019, 1:11pm

Doesn’t seem to be working:

[inputs.smart]: Error in plugin: failed to run comm and sudo -n /nix/store/zyxd72dfgwpmy4896xlfk44b75snign2-smartmontools-7.0/bin --scan: exec: "sudo": exeAll cutable file not found in $PATH -

zimbatm · August 8, 2019, 1:14pm

I think you’ll also have to add "/run/wrappers/bin" to this list.

dR3b · August 8, 2019, 1:29pm

I tried both:

systemd.services.telegraf.path = [ pkgs.lm_sensors pkgs.smartmontools /run/wrappers ];
systemd.services.telegraf.path = [ pkgs.lm_sensors pkgs.smartmontools /run/wrappers/bin ];

error: getting attributes of path '/run/wrappers/binbin': No such file or directory
error: getting attributes of path '/run/wrappersbin': No such file or directory

zimbatm · August 8, 2019, 1:34pm

Try this:

systemd.services.telegraf.path = [ pkgs.lm_sensors pkgs.smartmontools "/run/wrappers" ];

If the string is not quoted, nix will try and add it to the /nix/store.

dR3b · August 8, 2019, 1:51pm

What a mistake! Thanks it’s working