zabbix: use separate users for agent and server

author Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>

Thu, 15 Jan 2026 12:41:05 +0000 (07:41 -0500)

committer Hannu Nyman <hannu.nyman@iki.fi>

Sun, 18 Jan 2026 05:21:18 +0000 (07:21 +0200)
author Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
Thu, 15 Jan 2026 12:41:05 +0000 (07:41 -0500)
committer Hannu Nyman <hannu.nyman@iki.fi>
Sun, 18 Jan 2026 05:21:18 +0000 (07:21 +0200)
diff --git a/admin/zabbix/Makefile b/admin/zabbix/Makefile

index c7b75caa3d002d41cbb3845a383d9d2608e3f1f2..023ea1c46a8fafd555db67102d72f49fd92964f0 100644 (file)
--- a/admin/zabbix/Makefile
+++ b/admin/zabbix/Makefile
@@ -56,7 +56,6 @@ define Package/zabbix/Default
    SUBMENU:=Zabbix
    TITLE:=Zabbix
    URL:=https://www.zabbix.com/
-  USERID:=zabbix=53:zabbix=53
    DEPENDS+=$(ICONV_DEPENDS) +libpcre2 +zlib
  endef
  
@@ -67,6 +66,7 @@ define Package/zabbix-agentd
    PROVIDES:=zabbix-agentd
    VARIANT:=nossl
    DEFAULT_VARIANT:=1
+  USERID:=zabbix-agent=53:zabbix-agent=53
  endef
  
  define Package/zabbix-agentd-openssl
@@ -75,6 +75,7 @@ define Package/zabbix-agentd-openssl
    DEPENDS+= +libevent2-pthreads +libopenssl
    PROVIDES:=zabbix-agentd
    VARIANT:=openssl
+  USERID:=zabbix-agent=53:zabbix-agent=53
  endef
  
  define Package/zabbix-agentd-gnutls
@@ -83,6 +84,7 @@ define Package/zabbix-agentd-gnutls
    DEPENDS+= +libevent2-pthreads +libgnutls
    PROVIDES:=zabbix-agentd
    VARIANT:=gnutls
+  USERID:=zabbix-agent=53:zabbix-agent=53
  endef
  
  define Package/zabbix-extra-mac80211
@@ -161,6 +163,7 @@ define Package/zabbix-server/Default
      +libevent2-pthreads \
      +libevent2-extra \
      +fping
+  USERID:=zabbix-server=70:zabbix-server=70
  endef
  
  define Package/zabbix-server
diff --git a/admin/zabbix/files/zabbix_agentd.init b/admin/zabbix/files/zabbix_agentd.init

index 2938caff4d8d1a8db2f9446737a6443237c646bc..04bef3730d3a6185a14862c05cc70d34c540222f 100755 (executable)
--- a/admin/zabbix/files/zabbix_agentd.init
+++ b/admin/zabbix/files/zabbix_agentd.init
@@ -13,8 +13,8 @@ start_service() {
  
         [ -f ${CONFIG} ] || return 1
  
-       mkdir -p /var/run/zabbix
-       chown zabbix:zabbix /var/run/zabbix
+       mkdir -p /var/run/zabbix-agent
+       chown zabbix-agent:zabbix-agent /var/run/zabbix-agent
  
         procd_open_instance
         procd_set_param command ${PROG} -c ${CONFIG} -f
diff --git a/admin/zabbix/files/zabbix_server.defaults b/admin/zabbix/files/zabbix_server.defaults

index 4b14067eebe02d7288bdb09422ec2abc984dbbe7..4a8638a9e8934f217082b6f2c532863c095fbbab 100644 (file)
--- a/admin/zabbix/files/zabbix_server.defaults
+++ b/admin/zabbix/files/zabbix_server.defaults
@@ -1,3 +1,3 @@
  #!/bin/sh
  
-chown zabbix:zabbix /etc/zabbix_server.conf
+chown zabbix-server:zabbix-server /etc/zabbix_server.conf
diff --git a/admin/zabbix/files/zabbix_server.init b/admin/zabbix/files/zabbix_server.init

index a6b49460b4bee5238e61a3807c6c72dde6fd0c9d..bcbdb41cd7d7e9be5be18aee8e8df80a6353f142 100755 (executable)
--- a/admin/zabbix/files/zabbix_server.init
+++ b/admin/zabbix/files/zabbix_server.init
@@ -27,12 +27,12 @@ start_service() {
                 return 1
         fi
  
-       mkdir -p /var/run/zabbix
-       chown zabbix:zabbix /var/run/zabbix
+       mkdir -p /var/run/zabbix-server
+       chown zabbix-server:zabbix-server /var/run/zabbix-server
  
         procd_open_instance
         procd_set_param command ${PROG} -c ${CONFIG} -f
-       procd_set_param user zabbix
+       procd_set_param user zabbix-server
         procd_set_param limits nofile="16384 100000"
         procd_set_param file ${CONFIG}
         procd_set_param respawn
diff --git a/admin/zabbix/patches/010-change-agentd-config.patch b/admin/zabbix/patches/010-change-agentd-config.patch

index 024b56e879c3df9cd032976a0e7107ae1eea2b03..894b224119a3767bb4c2cc3d8eb33cb0eeed43fc 100644 (file)
--- a/admin/zabbix/patches/010-change-agentd-config.patch
+++ b/admin/zabbix/patches/010-change-agentd-config.patch
@@ -31,7 +31,7 @@ Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
  -# Default:
  -# PidFile=/tmp/zabbix_agentd.pid
  +# Zabbix always creates a PidFile. Make sure it is where we want it.
-+PidFile=/var/run/zabbix/zabbix_agentd.pid
++PidFile=/var/run/zabbix-agent/zabbix_agentd.pid
  +
  +# use syslog
  +LogType=system
diff --git a/admin/zabbix/patches/020-change-server-config.patch b/admin/zabbix/patches/020-change-server-config.patch

index 493638dae26204697b867759e43fb03e55656407..bdd6f1764d509de8b0e848f553e97708190b7777 100644 (file)
--- a/admin/zabbix/patches/020-change-server-config.patch
+++ b/admin/zabbix/patches/020-change-server-config.patch
@@ -45,7 +45,7 @@ Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
   
  +# Although procd does not require a pid file, zabbix uses the pidfile to
  +# shut down correctly on receipt of a TERM or INT signal.
-+PidFile=/var/run/zabbix/zabbix_server.pid
++PidFile=/var/run/zabbix-server/zabbix_server.pid
  +
   ### Option: SocketDir
   #     IPC socket directory.
author	Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
	Thu, 15 Jan 2026 12:41:05 +0000 (07:41 -0500)
committer	Hannu Nyman <hannu.nyman@iki.fi>
	Sun, 18 Jan 2026 05:21:18 +0000 (07:21 +0200)
admin/zabbix/Makefile		patch \| blob \| history
admin/zabbix/files/zabbix_agentd.init		patch \| blob \| history
admin/zabbix/files/zabbix_server.defaults		patch \| blob \| history
admin/zabbix/files/zabbix_server.init		patch \| blob \| history
admin/zabbix/patches/010-change-agentd-config.patch		patch \| blob \| history
admin/zabbix/patches/020-change-server-config.patch		patch \| blob \| history