Is there a way to tell hobbit to use sudo to read a log file?
I want to monitor a log file owned by root, rw for root, nothing for anyone else. It is owned by an application that rolls it and resets permissions. I don't want to mess with the app.
I can write a cron job to check and set permissions, but that is not ideal.
Thanks
Craig Cook
Systems Monitoring Consulting and Support Services http://www.cookitservices.com
Cetainly, I once implemented a bb external module that was able to retrieve informaton own by roo but using PowerBroker. If I am going to do it again (which looks like I need to), I will try to drop PowerBroker and using sudo with sudoers on ldap(R1) for one central access control.
Regards R1: http://www.courtesan.com/sudo/readme_ldap.html tj ----- Original Message ----- From: "Craig Cook" <craig at cookitservices.com> To: <hobbit at hswn.dk> Sent: Wednesday, October 18, 2006 11:47 PM Subject: [hobbit] log permissions
Is there a way to tell hobbit to use sudo to read a log file?
I want to monitor a log file owned by root, rw for root, nothing for anyone else. It is owned by an application that rolls it and resets permissions. I don't want to mess with the app.
I can write a cron job to check and set permissions, but that is not ideal.
Thanks
Craig Cook
Systems Monitoring Consulting and Support Services http://www.cookitservices.com
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
By default Hobbit installs with its log reading module SUID root, so that it can read root-owned logfiles.
-Charles
T.J. Yang wrote:
Cetainly, I once implemented a bb external module that was able to retrieve informaton own by roo but using PowerBroker. If I am going to do it again (which looks like I need to), I will try to drop PowerBroker and using sudo with sudoers on ldap(R1) for one central access control.
Regards R1: http://www.courtesan.com/sudo/readme_ldap.html tj ----- Original Message ----- From: "Craig Cook" <craig at cookitservices.com> To: <hobbit at hswn.dk> Sent: Wednesday, October 18, 2006 11:47 PM Subject: [hobbit] log permissions
Is there a way to tell hobbit to use sudo to read a log file?
I want to monitor a log file owned by root, rw for root, nothing for anyone else. It is owned by an application that rolls it and resets permissions. I don't want to mess with the app.
I can write a cron job to check and set permissions, but that is not ideal.
Thanks
Craig Cook
Systems Monitoring Consulting and Support Services http://www.cookitservices.com
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
On Thu, Oct 19, 2006 at 04:58:07PM -0700, Charles Jones wrote:
By default Hobbit installs with its log reading module SUID root, so that it can read root-owned logfiles.
No, that was a mistake done in one of the early 4.2.0 beta versions. The release version refuses to run as suid-root.
The recommended solution is to make the Hobbit user be a member of a group that has read-access to the logfiles.
Regards, Henrik
Current implemenation of bulletin_header appear after following *_header. Is it possible to mek bulletin_header code display before *_header files ?
Right now I have web pages that company header/icons apprear after hobbit header.
bash-3.00$ ls *_header
acknowledge_header bbsnap2_header confreport_header hist_header
info_header report_header
bb2_header bbsnap_header event_header histlog_header
maintact_header snapshot_header
bb_header bbsnapnk_header findhost_header hobbitnk_header
maint_header
bbnk_header bulletin_header ghosts_header
hostgraphs_header nkedit_header
bbrep_header columndoc_header graphs_header hostsvc_header
replog_header
bash-3.00$
Regards
T.J. Yang
Add a Yahoo! contact to Windows Live Messenger for a chance to win a free trip! http://www.imagine-windowslive.com/minisites/yahoo/default.aspx?locale=en-us...
On Fri, Oct 20, 2006 at 03:49:23PM -0500, T.J. Yang wrote:
Current implemenation of bulletin_header appear after following *_header. Is it possible to mek bulletin_header code display before *_header files ?
No, because the *_header files hold the HTML preamble, with the "<DOCTYPE...." and "<HTML>" tags which must go first to be valid HTML.
But the files are customizable, so feel free to edit them to suit your needs.
Regards, Henrik
Looks like hp-ux 10.20 is not tested yet. I am trying to prepare hobbit client for 10.20 and run into following issues
"-lnsl", should be taken out in makefile when compiling for 10.20
because 10.20 has no nsl library.(not my credit, others helped me).lanscan -p doesn't work on 10.20
echo "[ifstat]" /usr/sbin/lanscan -p | while read PPA; do /usr/sbin/lanadmin -g mibstats $PPA; done
no solution yet.
- swapinfo default mode is 544(at least in my 10.20 boxes).
echo "[swapinfo]" /usr/sbin/swapinfo -tm
bash-2.05a$ ls -l /usr/sbin/swapinfo -r-xr--r-- 1 bin bin 16384 Jun 10 1996 /usr/sbin/swapinfo bash-2.05a$
I am planning to change mode from 544 to 555 to resolve the issue.
- hobbitclient-hp-ux.sh, like vmstat, top should (IMHO) store tmp files in $BBTMP not $BBHOME/tmp.
<snip> then if test -x "$TOP" then echo "[top]" # Cits Bogajewski 03-08-2005: redirect of top fails $TOP -d 1 -f $BBTMP/top.OUT cat $BBTMP/top.OUT rm $BBTMP/top.OUT fi fi
vmstat
nohup sh -c "vmstat 300 2 1>$BBTMP/hobbit_vmstat.$MACHINEDOTS.$$ 2>&1; mv $BBTMP /hobbit_vmstat.$MACHINEDOTS.$$ $BBTMP/hobbit_vmstat.$MACHINEDOTS" </dev/null
/d ev/null 2>&1 & <snip>
T.J. Yang
Stay in touch with old friends and meet new ones with Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spa...
Hi,
Henrik's manpages are very good source for me to understand Hobbit. But I really like to see documents with TOC,Chapter, index structures.
Currently I am starting to use docbook to genterate RTF,PDF,HTML format for hobbit. I will draw content source from manpages and hobbit wiki. Basically it will be sgml version of what hobbit wiki looks, user, developer,administrator guides with graph generated using graphviz.
If you are interested to particpate, please write me email.
Also let me know your comment here in this maillist.
T.J. Yang
Stay in touch with old friends and meet new ones with Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spa...
Is now right time to bring up this subject ?
My plan is to have hobbit users pitch some funds to hire a proessional do it. Any interests ?
See http://gnustep.org/newiconcampaign/index.html for references.
T.J. Yang
Stay in touch with old friends and meet new ones with Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spa...
Hi, Jasper
Can you provide me a quote for Hobbit logo and icons ?
References:
- http://www.hswn.dk/hobbit/
- http://www.hswn.dk/hobbit/help/hobbit-tips.html#icons
- http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit
Regards
T.J. Yang
Try the next generation of search with Windows Live Search today!
http://imagine-windowslive.com/minisites/searchlaunch/?locale=en-us&source=h...
Sorry for mis sent this email to the hobbit list. I should go to bed.
tj
From: "T.J. Yang" <tj_yang at hotmail.com> Reply-To: hobbit at hswn.dk To: hobbit at hswn.dk Subject: [hobbit] Quotes for Hobbit logo and icons Date: Sat, 21 Oct 2006 09:48:44 -0500
Hi, Jasper
Can you provide me a quote for Hobbit logo and icons ?
References:
- http://www.hswn.dk/hobbit/
- http://www.hswn.dk/hobbit/help/hobbit-tips.html#icons
- http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit
Regards
T.J. Yang
Try the next generation of search with Windows Live Search today!
http://imagine-windowslive.com/minisites/searchlaunch/?locale=en-us&source=h...To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
Get FREE company branded e-mail accounts and business Web site from Microsoft Office Live http://clk.atdmt.com/MRT/go/mcrssaub0050001411mrt/direct/01/
Is there any way to set the default umask for the user of that Application? If so you could have it create the file with read privileges on group then add the hobbit user to that applications group. Just an idea\
Trent
-----Original Message----- From: Craig Cook [mailto:craig at cookitservices.com] Sent: Wednesday, October 18, 2006 11:47 PM To: hobbit at hswn.dk Subject: [hobbit] log permissions
Is there a way to tell hobbit to use sudo to read a log file?
I want to monitor a log file owned by root, rw for root, nothing for anyone else. It is owned by an application that rolls it and resets permissions. I don't want to mess with the app.
I can write a cron job to check and set permissions, but that is not ideal.
Thanks
Craig Cook
Systems Monitoring Consulting and Support Services http://www.cookitservices.com
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
participants (5)
-
craig@cookitservices.com
-
henrik@hswn.dk
-
jonescr@cisco.com
-
tj_yang@hotmail.com
-
trent@wispair.net