log permissions 🔗 link

Is there a way to tell hobbit to use sudo to read a log file?

I want to monitor a log file owned by root, rw for root, nothing for anyone else.  It is owned by an application that rolls it and resets permissions.  I don't want to mess with the app.

I can write a cron job to check and set permissions, but that is not ideal.

Thanks

Craig Cook
--
Systems Monitoring Consulting and Support Services
http://www.cookitservices.com

Cetainly, I once implemented  a bb external module  that was able to retrieve informaton own by roo but using PowerBroker.
If I am going to do it again (which looks like I need to), I will try to drop PowerBroker
and using sudo with sudoers on ldap(R1) for one central access control.

Regards
R1: http://www.courtesan.com/sudo/readme_ldap.html
tj
----- Original Message ----- From: "Craig Cook" <user-618593604956@xymon.invalid>
To: <user-ae9b8668bcde@xymon.invalid>
Sent: Wednesday, October 18, 2006 11:47 PM
Subject: [hobbit] log permissions

Is there a way to tell hobbit to use sudo to read a log file?

I want to monitor a log file owned by root, rw for root, nothing for anyone else.  It is owned by an application that rolls it and resets permissions. I don't want to mess with the app.

I can write a cron job to check and set permissions, but that is not ideal.

Thanks

Craig Cook
--
Systems Monitoring Consulting and Support Services
http://www.cookitservices.com

By default Hobbit installs with its log reading module SUID root, so that it can read root-owned logfiles.

-Charles

T.J. Yang wrote:

Is there any way to set the default umask for the user of that Application?
If so you could have it create the file with read privileges on group then
add the hobbit user to that applications group.  Just an idea\

Trent

-----Original Message-----
From: Craig Cook [mailto:user-618593604956@xymon.invalid] 
Sent: Wednesday, October 18, 2006 11:47 PM
To: user-ae9b8668bcde@xymon.invalid
Subject: [hobbit] log permissions

Is there a way to tell hobbit to use sudo to read a log file?

I want to monitor a log file owned by root, rw for root, nothing for anyone
else.  It is owned by an application that rolls it and resets permissions.
I don't want to mess with the app.

I can write a cron job to check and set permissions, but that is not ideal.

Thanks

Craig Cook
--
Systems Monitoring Consulting and Support Services
http://www.cookitservices.com

On Thu, Oct 19, 2006 at 04:58:07PM -0700, Charles Jones wrote:

No, that was a mistake done in one of the early 4.2.0 beta versions.
The release version refuses to run as suid-root.

The recommended solution is to make the Hobbit user be a member of a
group that has read-access to the logfiles.


Regards,
Henrik

Current implemenation of bulletin_header appear after following *_header.
Is it possible to mek bulletin_header code display before *_header files ?

Right now I have web pages that company header/icons  apprear after hobbit header.


bash-3.00$ ls *_header
acknowledge_header  bbsnap2_header      confreport_header   hist_header          info_header         report_header
bb2_header          bbsnap_header       event_header        histlog_header       maintact_header     snapshot_header
bb_header           bbsnapnk_header     findhost_header     hobbitnk_header      maint_header
bbnk_header         bulletin_header     ghosts_header       hostgraphs_header   nkedit_header
bbrep_header        columndoc_header    graphs_header       hostsvc_header       replog_header
bash-3.00$

Regards

T.J. Yang

Add a Yahoo! contact to Windows Live Messenger for a chance to win a free trip! http://www.imagine-windowslive.com/minisites/yahoo/default.aspx?locale=en-us&hmtagline

On Fri, Oct 20, 2006 at 03:49:23PM -0500, T.J. Yang wrote:

No, because the *_header files hold the HTML preamble, with the
"<DOCTYPE...." and "<HTML>" tags which must go first to be valid HTML.

But the files are customizable, so feel free to edit them to suit your
needs.


Regards,
Henrik

Looks like hp-ux 10.20 is not tested yet. I am trying to prepare hobbit client for 10.20 and run into following issues
1.  "-lnsl", should be taken out in makefile when compiling for 10.20  because 10.20 has no nsl library.(not my credit, others helped me).

2. lanscan -p doesn't work on 10.20

echo "[ifstat]"
/usr/sbin/lanscan -p | while read PPA; do /usr/sbin/lanadmin -g mibstats $PPA; done

no solution yet.

3. swapinfo default mode is 544(at least in my 10.20 boxes).

echo "[swapinfo]"
/usr/sbin/swapinfo -tm

bash-2.05a$ ls -l /usr/sbin/swapinfo
-r-xr--r--   1 bin        bin          16384 Jun 10  1996 /usr/sbin/swapinfo
bash-2.05a$

I am planning to change mode from 544 to 555 to resolve the issue.


3. hobbitclient-hp-ux.sh, like vmstat, top should (IMHO) store tmp files in $BBTMP not $BBHOME/tmp.

<snip>
then
    if test -x "$TOP"
    then
        echo "[top]"
        # Cits Bogajewski 03-08-2005: redirect of top fails
        $TOP -d 1 -f $BBTMP/top.OUT
        cat $BBTMP/top.OUT
        rm $BBTMP/top.OUT
    fi
fi

# vmstat
nohup sh -c "vmstat 300 2 1>$BBTMP/hobbit_vmstat.$MACHINEDOTS.$$ 2>&1; mv $BBTMP
/hobbit_vmstat.$MACHINEDOTS.$$ $BBTMP/hobbit_vmstat.$MACHINEDOTS" </dev/null  >/d
ev/null 2>&1 &
<snip>

T.J. Yang

Stay in touch with old friends and meet new ones with Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us

Hi,

Henrik's manpages are very good source for me to understand Hobbit. But I really like to
see documents with TOC,Chapter, index structures.

Currently I am starting to use docbook to genterate RTF,PDF,HTML format for hobbit.
I will draw content source from manpages and hobbit wiki. Basically it will be sgml version
of what hobbit wiki looks, user, developer,administrator guides with graph generated using graphviz.


If you are interested to particpate, please write me email.

Also let me know your comment here in this maillist.

T.J. Yang

Stay in touch with old friends and meet new ones with Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us

Is now  right time to bring up this subject ?

My plan is to have hobbit users pitch some funds to hire a proessional do 
it.
Any interests ?

See http://gnustep.org/newiconcampaign/index.html for references.

T.J. Yang

Stay in touch with old friends and meet new ones with Windows Live Spaces 
http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us

Hi, Jasper

Can you provide me a quote for Hobbit logo and icons ?


References:
1. http://www.hswn.dk/hobbit/
2. http://www.hswn.dk/hobbit/help/hobbit-tips.html#icons
3. http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit

Regards


T.J. Yang

Try the next generation of search with Windows Live Search today!  
http://imagine-windowslive.com/minisites/searchlaunch/?locale=en-us&source=hmtagline

Sorry for mis sent this email to the hobbit  list. I should go to bed.

tj

Get FREE company branded e-mail accounts and business Web site from 
Microsoft Office Live 
http://clk.atdmt.com/MRT/go/mcrssaub0050001411mrt/direct/01/