inputs.disk log spamming with encrypted disks decrypted using zuluCrypt

[hlovdal]

Relevant telegraf.conf

# Read metrics about disk usage by mount point
[[inputs.disk]]
  ## By default stats will be gathered for all mount points.
  ## Set mount_points will restrict the stats to only the specified mount points.
  # mount_points = ["/"]

  ## Ignore mount points by filesystem type.
  ignore_fs = ["tmpfs", "devtmpfs", "devfs", "iso9660", "overlay", "aufs", "squashfs", "cgroup", "sysfs", "proc", "securityfs", "devpts", "pstore", "configfs", "hugetlbfs", "debugfs", "selinuxfs", "mqueue", "rpc_pipefs", "nsfs", "tracefs", "fuse.portal" ]

Logs from Telegraf

Apr 14 15:34:50 host.example.com telegraf[701511]: 2022-04-14T13:34:50Z I! Starting Telegraf 1.22.1
Apr 14 15:34:50 host.example.com telegraf[701511]: 2022-04-14T13:34:50Z I! Loaded inputs: chrony conntrack cpu disk diskio hddtemp kernel mem netstat processes sensors swap system
Apr 14 15:34:50 host.example.com telegraf[701511]: 2022-04-14T13:34:50Z I! Loaded aggregators:
Apr 14 15:34:50 host.example.com telegraf[701511]: 2022-04-14T13:34:50Z I! Loaded processors:
Apr 14 15:34:50 host.example.com telegraf[701511]: 2022-04-14T13:34:50Z I! Loaded outputs: influxdb
Apr 14 15:34:50 host.example.com telegraf[701511]: 2022-04-14T13:34:50Z I! Tags enabled: host=host.example.com
Apr 14 15:34:50 host.example.com systemd[1]: Started The plugin-driven server agent for reporting metrics into InfluxDB.
Apr 14 15:34:50 host.example.com telegraf[701511]: 2022-04-14T13:34:50Z I! [agent] Config: Interval:10s, Quiet:false, Hostname:"host.example.com", Flush Interval:10s
Apr 14 15:35:00 host.example.com telegraf[701511]: 2022-04-14T13:35:00Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:35:10 host.example.com telegraf[701511]: 2022-04-14T13:35:10Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:35:20 host.example.com telegraf[701511]: 2022-04-14T13:35:20Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:35:30 host.example.com telegraf[701511]: 2022-04-14T13:35:30Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:35:40 host.example.com telegraf[701511]: 2022-04-14T13:35:40Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:35:50 host.example.com telegraf[701511]: 2022-04-14T13:35:50Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:36:00 host.example.com telegraf[701511]: 2022-04-14T13:36:00Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:36:10 host.example.com telegraf[701511]: 2022-04-14T13:36:10Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:36:20 host.example.com telegraf[701511]: 2022-04-14T13:36:20Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:36:30 host.example.com telegraf[701511]: 2022-04-14T13:36:30Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied
Apr 14 15:36:40 host.example.com telegraf[701511]: 2022-04-14T13:36:40Z E! [inputs.disk] [SystemPS] => error getting disk usage ("/run/media/private/root/sdb1"): permission denied

System info

Telegraf 1.22.1, Fedora 35

Docker

No response

Steps to reproduce

I use zuluCrypt to decrypt a disk with the command

zuluCrypt-cli -o -d /dev/sdb1 -M -m sdb1

and this (specifically the -M option) causes the decrypted file system to have two mount points, where telegraf does not have permission to the private mount:

$ sudo -u telegraf cat /proc/self/mounts | grep sdb1
/dev/mapper/zuluCrypt-0-NAAN-sdb1-782698459 /run/media/private/root/sdb1 ext4 rw,seclabel,nosuid,nodev,relatime 0 0
/dev/mapper/zuluCrypt-0-NAAN-sdb1-782698459 /run/media/public/sdb1 ext4 rw,seclabel,nosuid,nodev,relatime 0 0
$ sudo -u telegraf stat /run/media/private/root/sdb1
stat: cannot statx '/run/media/private/root/sdb1': Permission denied
$ sudo -u telegraf stat /run/media/public/sdb1
  File: /run/media/public/sdb1
  Size: 4096            Blocks: 8          IO Block: 4096   directory
Device: fd01h/64769d    Inode: 2           Links: 5
Access: (0777/drwxrwxrwx)  Uid: ( ...)   Gid: ( ...)
Context: system_u:object_r:container_file_t:s0
Access: 2022-04-14 15:35:35.195353161 +0200
Modify: 2020-10-13 02:47:49.450933429 +0200
Change: 2022-04-11 21:06:11.437295638 +0200
 Birth: 2017-08-17 21:14:39.000000000 +0200
$

Expected behavior

While zuluCrypt perhaps is too niche to expect to support out of the box, I most certainly expect to be able to manually mitigate the issue when discovered. Maybe with a ignore_mount_points option?

I can live with a single, static /run/media/private/root/sdb1 ignore entry since I currently only have one disk I decrypt with zuluCrypt, although being able to filter on /run/media/private/* would be the best.

Actual behavior

Telegraf is currently unusable since it spams the log constantly.

Additional info

This is very similar to #10897, however this cannot be filtered by file system type.

[nferch]

Are these bind mounts similar to #10897 (comment) ?

I'm working on an option to exclude these, in my case I can't predict what the mount points would be so an ignore_mount_points option would not work.