Permissions issue when using python virtualenv with python.d


I am working on a custom netdata module written in python. By default, python.d seems to use the system python install, but my module requires packages that I don’t want to install globally. So, I want python.d to use a virtual environment (virtualenv). I can get python.d to see the virtualenv python binary by adding the following to /etc/netdata/netdata.conf:

command options = -p/home/[username]/envs/netdata/bin/python3

Where /home/[username]/envs/netdata/bin/python3 is in my home directory and is the location of the python3 binary for the “netdata” virtualenv.

This “works” in that the log files shows that python.d attempts to use the virtualenv python binary. But, when restarting netdata, I get a permissions error that the binary cannot be executed by python.d:

/usr/libexec/netdata/plugins.d/python.d.plugin: line 18: /home/[username]/envs/netdata/bin/python3: Permission denied

/usr/libexec/netdata/plugins.d/python.d.plugin: line 18: exec: /home/[username]/envs/netdata/bin/python3: cannot execute: Permission denied

I have tried successively more liberal permission/ownership settings, and none have worked. Here are the current permissions for the python3 binary in question:

-rwxrwxrwx. 1 netdata netdata 11328 Sep 12 05:20 python3

The containing “netdata” and “bin” directories have the same reckless permission settings.

On top of these settings, I have also tried temporarily setting SELinux enforcement to “Permissive”, and that has no effect. I don’t see any entries in /var/log/audit/audit.log that would suggest SELinux is blocking anything, but I confess I generally find SELinux baffling and could be missing something.

Question: What I am doing wrong here, and what permission settings (or other measures) can I take to allow python.d to use this python virtualenv?

Operating System: CentOS Linux 7 (Core)
Kernel: Linux 3.10.0-1160.76.1.el7.x86_64
Netdata v1.36.0-104-nightly

David Rose

apologies for the delay here @dmrose Akismet flagged your message as spam for some reason so it was put on hold :frowning:

I’m not exactly sure about this one but maybe @ilyam8 or @Austin_Hemmelgarn might have an idea.

Hi @dmrose ! Not a python expert at all, but a couple of questions:

Does Netdata run as your user or as netdata user? Could that be it? If it’s running as netdata, then most likely it can’t reach your /home directory at all.

You could I believe use the system python3 binary, but if you need any local modules to install them with pip3 install --user. If you’re running netdata with netdata user, then you could install those only for the netdata user.