2016-02-07 20:02:44 +00:00
#!/bin/sh
set -e
2018-04-06 20:49:42 +00:00
CLICKHOUSE_USER=${CLICKHOUSE_USER=clickhouse}
CLICKHOUSE_GROUP=${CLICKHOUSE_GROUP=${CLICKHOUSE_USER}}
2018-08-05 05:46:09 +00:00
CLICKHOUSE_CONFDIR=${CLICKHOUSE_CONFDIR=/etc/clickhouse-server}
2018-04-06 20:49:42 +00:00
CLICKHOUSE_DATADIR=${CLICKHOUSE_DATADIR=/var/lib/clickhouse}
CLICKHOUSE_LOGDIR=${CLICKHOUSE_LOGDIR=/var/log/clickhouse-server}
2018-08-24 00:21:03 +00:00
CLICKHOUSE_BINDIR=${CLICKHOUSE_BINDIR=/usr/bin}
CLICKHOUSE_GENERIC_PROGRAM=${CLICKHOUSE_GENERIC_PROGRAM=clickhouse}
2019-01-31 13:03:17 +00:00
EXTRACT_FROM_CONFIG=${CLICKHOUSE_GENERIC_PROGRAM}-extract-from-config
CLICKHOUSE_CONFIG=$CLICKHOUSE_CONFDIR/config.xml
2018-08-24 00:21:03 +00:00
2018-11-27 16:11:46 +00:00
OS=${OS=`lsb_release -is 2>/dev/null || uname -s ||:`}
2017-01-31 19:53:05 +00:00
2018-03-01 20:16:03 +00:00
test -f /etc/default/clickhouse && . /etc/default/clickhouse
2017-01-31 19:53:05 +00:00
2017-01-09 13:42:29 +00:00
if [ "$1" = configure ]; then
2018-01-19 18:54:40 +00:00
if [ -x "/bin/systemctl" ] && [ -f /etc/systemd/system/clickhouse-server.service ] && [ -d /run/systemd/system ]; then
# if old rc.d service present - remove it
if [ -x "/etc/init.d/clickhouse-server" ]; then
update-rc.d clickhouse-server remove
echo "ClickHouse init script has migrated to systemd. Please manually stop old server and restart the service: sudo killall clickhouse-server && sleep 5 && sudo service clickhouse-server restart"
fi
/bin/systemctl daemon-reload
/bin/systemctl enable clickhouse-server
else
# If you downgrading to version older than 1.1.54336 run: systemctl disable clickhouse-server
if [ -x "/etc/init.d/clickhouse-server" ]; then
2018-05-18 17:36:12 +00:00
if [ "$OS" = "rhel" ] || [ "$OS" = "centos" ] || [ "$OS" = "fedora" ]; then
2018-04-16 21:03:35 +00:00
echo # TODO
else
update-rc.d clickhouse-server defaults 19 19 >/dev/null || exit $?
fi
2018-01-19 18:54:40 +00:00
fi
2017-10-11 15:00:34 +00:00
fi
# Make sure the administrative user exists
if ! getent passwd ${CLICKHOUSE_USER} > /dev/null; then
2018-05-18 17:36:12 +00:00
if [ "$OS" = "rhel" ] || [ "$OS" = "centos" ] || [ "$OS" = "fedora" ]; then
2018-03-27 11:29:11 +00:00
adduser --system --no-create-home --home /nonexistent \
2018-04-10 18:25:08 +00:00
--shell /bin/false ${CLICKHOUSE_USER} > /dev/null
2018-03-27 11:29:11 +00:00
else
adduser --system --disabled-login --no-create-home --home /nonexistent \
2018-04-10 18:25:08 +00:00
--shell /bin/false --group --gecos "ClickHouse server" ${CLICKHOUSE_USER} > /dev/null
2018-03-27 11:29:11 +00:00
fi
2017-10-11 15:00:34 +00:00
fi
# if the user was created manually, make sure the group is there as well
if ! getent group ${CLICKHOUSE_GROUP} > /dev/null; then
addgroup --system ${CLICKHOUSE_GROUP} > /dev/null
fi
# make sure user is in the correct group
if ! id -Gn ${CLICKHOUSE_USER} | grep -qw ${CLICKHOUSE_USER}; then
adduser ${CLICKHOUSE_USER} ${CLICKHOUSE_GROUP} > /dev/null
fi
# check validity of user and group
if [ "`id -u ${CLICKHOUSE_USER}`" -eq 0 ]; then
echo "The ${CLICKHOUSE_USER} system user must not have uid 0 (root).
2017-01-09 13:42:29 +00:00
Please fix this and reinstall this package." >&2
2017-10-11 15:00:34 +00:00
exit 1
fi
2017-01-09 13:42:29 +00:00
2017-10-11 15:00:34 +00:00
if [ "`id -g ${CLICKHOUSE_GROUP}`" -eq 0 ]; then
echo "The ${CLICKHOUSE_USER} system user must not have root as primary group.
2017-01-09 13:42:29 +00:00
Please fix this and reinstall this package." >&2
2017-10-11 15:00:34 +00:00
exit 1
fi
2019-02-11 14:44:45 +00:00
if [ -x "$CLICKHOUSE_BINDIR/$EXTRACT_FROM_CONFIG" ] && [ -f "$CLICKHOUSE_CONFIG" ]; then
CLICKHOUSE_DATADIR_FROM_CONFIG=$(su -s $SHELL ${CLICKHOUSE_USER} -c "$CLICKHOUSE_BINDIR/$EXTRACT_FROM_CONFIG --config-file=\"$CLICKHOUSE_CONFIG\" --key=path") ||:
2019-01-31 13:03:17 +00:00
echo "Path to data directory in ${CLICKHOUSE_CONFIG}: ${CLICKHOUSE_DATADIR_FROM_CONFIG}"
fi
CLICKHOUSE_DATADIR_FROM_CONFIG=${CLICKHOUSE_DATADIR_FROM_CONFIG=$CLICKHOUSE_DATADIR}
2018-08-05 05:46:09 +00:00
2019-01-31 13:03:17 +00:00
if [ ! -d ${CLICKHOUSE_DATADIR_FROM_CONFIG} ]; then
mkdir -p ${CLICKHOUSE_DATADIR_FROM_CONFIG}
chown ${CLICKHOUSE_USER}:${CLICKHOUSE_GROUP} ${CLICKHOUSE_DATADIR_FROM_CONFIG}
chmod 700 ${CLICKHOUSE_DATADIR_FROM_CONFIG}
2017-10-11 15:00:34 +00:00
fi
2018-11-27 16:11:46 +00:00
if [ -d ${CLICKHOUSE_CONFDIR} ]; then
2018-12-24 12:45:50 +00:00
rm -fv ${CLICKHOUSE_CONFDIR}/*-preprocessed.xml ||:
2018-11-27 16:11:46 +00:00
fi
2019-01-31 13:03:17 +00:00
[ -e ${CLICKHOUSE_CONFDIR}/preprocessed ] || ln -s ${CLICKHOUSE_DATADIR_FROM_CONFIG}/preprocessed_configs ${CLICKHOUSE_CONFDIR}/preprocessed ||:
2018-11-27 16:11:46 +00:00
2017-10-11 15:00:34 +00:00
if [ ! -d ${CLICKHOUSE_LOGDIR} ]; then
mkdir -p ${CLICKHOUSE_LOGDIR}
chown root:${CLICKHOUSE_GROUP} ${CLICKHOUSE_LOGDIR}
# Allow everyone to read logs, root and clickhouse to read-write
chmod 775 ${CLICKHOUSE_LOGDIR}
fi
2019-01-23 19:37:07 +00:00
# Set net_admin capabilities to support introspection of "taskstats" performance metrics from the kernel
# and ipc_lock capabilities to allow mlock of clickhouse binary.
# 1. Check that "setcap" tool exists.
# 2. Check that an arbitrary program with installed capabilities can run.
# 3. Set the capabilities.
# The second is important for Docker and systemd-nspawn.
# When the container has no capabilities,
# but the executable file inside the container has capabilities,
# then attempt to run this file will end up with a cryptic "Operation not permitted" message.
2018-11-14 01:11:13 +00:00
2019-01-23 19:45:31 +00:00
TMPFILE=/tmp/test_setcap.sh
2018-08-24 00:21:03 +00:00
command -v setcap >/dev/null \
2019-01-23 19:45:31 +00:00
&& echo > $TMPFILE && chmod a+x $TMPFILE && $TMPFILE && setcap "cap_net_admin,cap_ipc_lock+ep" $TMPFILE && $TMPFILE && rm $TMPFILE \
2019-01-23 19:43:17 +00:00
&& setcap "cap_net_admin,cap_ipc_lock+ep" "${CLICKHOUSE_BINDIR}/${CLICKHOUSE_GENERIC_PROGRAM}" \
2018-11-14 01:11:13 +00:00
|| echo "Cannot set 'net_admin' or 'ipc_lock' capability for clickhouse binary. This is optional. Taskstats accounting will be disabled. To enable taskstats accounting you may add the required capability later manually."
2018-08-24 00:21:03 +00:00
2017-10-11 15:00:34 +00:00
# Clean old dynamic compilation results
2019-01-31 13:03:17 +00:00
if [ -d "${CLICKHOUSE_DATADIR_FROM_CONFIG}/build" ]; then
rm -f ${CLICKHOUSE_DATADIR_FROM_CONFIG}/build/*.cpp ${CLICKHOUSE_DATADIR_FROM_CONFIG}/build/*.so ||:
2017-10-11 15:00:34 +00:00
fi
2017-01-31 19:53:05 +00:00
fi