So I guess I ran into an injection problem:
I added hosts per bash script and API call to LibreNMS. By mistake I added a host named $OUTPUT, which the API confirmed:
{
"status": "ok",
"message": "Device $OUTPUT (772) has been added successfully"
}
As I tried to delete the device named $OUTPUT through the web interface, the log in the web interface told me, that it deleted all rrd files of all the devices. Uh, nice one. Unfortunately I didn’t make a screen shot as I was too busy having a mild heart attack.
After recovering from that heart attack I checked the rrd directories and found the rrd files still beeing there and still being updated. In the web interface no graphs are showing up, so I guess the references to the rrd files are deleted in the database.
A quick du -a /opt/librenms/rrd/ | grep '\.rrd' | wc -l
shows 6134 rrd files, which shuold work, as the stats of the system are as follows:
Devices | 762 | Ports | 735 |
---|---|---|---|
IPv4 Addresses | 104 | IPv4 Networks | 21 |
IPv6 Addresses | 0 | IPv6 Networks | 0 |
Services | 0 | Applications | 0 |
Processors | 22 | Memory | 45 |
Storage | 9 | Disk I/O | 13 |
HR-MIB | 15 | Entity-MIB | 877 |
Syslog Entries | 0 | Eventlog Entries | 140933 |
Sensors | 1532 | Wireless Sensors | 0 |
Toner | 0 |
Roundabout 700 are ping-only hosts, the rest are PSUs and a few big network devices. This is only my test system, so setting it up a-new is already counted in. But could the inserting-$OUTPUT-deleting-$OUTPUT be dangerous?
Oh, yes, my validate.php. (The discovery-fail is due to me adding 7000 hosts as a bulk just a few minutes before the $OUTPUT incident. The rest isn’t connected to the deletion incident IMHO.)
/opt/librenms/validate.php
====================================
Component | Version
--------- | -------
LibreNMS | 1.58.1
DB Schema | 2019_08_10_223200_add_enabled_to_users (147)
PHP | 7.2.5
MySQL | 10.2.25-MariaDB
RRDTool | 1.7.0
SNMP | NET-SNMP 5.7.3
====================================
[OK] Composer Version: 1.9.1
[OK] Dependencies up-to-date.
[OK] Database connection successful
[OK] Database schema correct
[FAIL] Discovery has not completed in the last 24 hours.
[FIX]:
Check the cron job to make sure it is running and using discovery-wrapper.py
[FAIL] fping6 location is incorrect or bin not installed.
[FIX]:
Install fping6 or manually set the path to fping6 by placing the following in config.php: $config['fping6'] = '/path/to/fping6';
[WARN] Your local git contains modified files, this could prevent automatic updates.
[FIX]:
You can fix this with ./scripts/github-remove
Modified Files:
bootstrap/cache/.gitignore
html/.htaccess
rrd/.gitignore
storage/app/.gitignore
storage/app/public/.gitignore
storage/debugbar/.gitignore
storage/framework/cache/.gitignore
storage/framework/cache/data/.gitignore
storage/framework/sessions/.gitignore
storage/framework/testing/.gitignore
storage/framework/views/.gitignore
storage/logs/.gitignore