On 23 May 2014 11:21, Vernon Everett <everett.vernon at gmail.com> wrote:
Anybody know of a way to give Xymon elevated access permissions when it stats files it's checking? I would prefer not to change the directory permissions if I can avoid it.
Apart from running Xymon as root, I don't think you can do this.
An alternative* might be to have a script that creates hard links for all files in /var/crash/ into another directory that the xymon user can read. For example:
#!/bin/sh NEWDIR=/var/crash-monitor # must be same filesystem as /var/crash rm -rf "$NEWDIR" || exit 1 mkdir -f "$NEWDIR" || exit 1 chown root:xymon "$NEWDIR" chmod 550 "$NEWDIR" cd /var/crash || exit 1 for file in *; do ln "$f" "$NEWDIR/$f"; done ls "$NEWDIR"/*
This creates a replica of /var/crash/ that Xymon can read (and stat the files), without changing the original dir perms and ownership.
This is run from within the "file:" backticks (using sudo), and so it produces the hardlink names as its output.
You could have run this script from root's cron, but you'd have a race condition where sometimes Xymon will look at the replica directory after it has been created but before the hard links have been created.
*untested
j