Reduce priviliges required to query btrfs volumes #5

leth · 2023-03-12T21:07:29Z

In prometheus/node_exporter#2632 we figured out that O_NOATIME was increasing the privileges needed!

O_NOATIME (since Linux 2.6.8)
              Do not update the file last access time (st_atime in the
              inode) when the file is [read(2)](https://man7.org/linux/man-pages/man2/read.2.html).

              This flag can be employed only if one of the following
              conditions is true:

              *  The effective UID of the process matches the owner UID
                 of the file.

              *  The calling process has the CAP_FOWNER capability in
                 its user namespace and the owner UID of the file has a
                 mapping in the namespace.

dennwc

Awesome, thank you!

Allow non-root users to query btrfs volumes

1d77559

leth force-pushed the run-as-non-root branch from 1c25f7b to 1d77559 Compare March 12, 2023 21:07

dennwc self-assigned this Mar 12, 2023

dennwc approved these changes Mar 12, 2023

View reviewed changes

dennwc merged commit a1f570b into dennwc:master Mar 12, 2023

leth deleted the run-as-non-root branch March 12, 2023 21:20

leth mentioned this pull request Mar 12, 2023

Reduce privileges needed for btrfs device stats prometheus/node_exporter#2634

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Reduce priviliges required to query btrfs volumes #5

Reduce priviliges required to query btrfs volumes #5

leth commented Mar 12, 2023

dennwc left a comment

Reduce priviliges required to query btrfs volumes #5

Reduce priviliges required to query btrfs volumes #5

Conversation

leth commented Mar 12, 2023

dennwc left a comment

Choose a reason for hiding this comment