[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [hobbit] client file check

To: <hobbit (at) hswn.dk>
Subject: RE: [hobbit] client file check
From: "Brand, Thomas R." <TRBrand (at) cvs.com>
Date: Mon, 6 Jul 2009 16:30:38 -0400
References: <37752EAC00ED92488874A27A4554C2F303330A2A (at) lzbs6301.na.lzb.hq> <4A525711.8090507 (at) makelofine.org>
Thread-index: Acn+dAfMeSjSN4eqQiG1CWoUS9B/2QAAfD9Q
Thread-topic: [hobbit] client file check

> -----Original Message-----
> From: dOCtoR MADneSs [mailto:doctor (at) makelofine.org]
> 
> You could try something like this :
> in local-client.cfg add a section for this host :
> [my_host]
> file:`sudo ls /your/file`
> and in hobbit-clients.cfg add a line in your host section :
> HOST=my_host
> FILE /your/file YOUR_SWITCHES
> 
> anyone disagree with it ?

Somewhat of a security risk; when using sudo, I recommend using 
full path to the executable: 
sudo /bin/ls /your/file

and in your /etc/sudoers file:

# Hobbit may run /bin/ls but flags are not allowed
hobbit   ALL = NOPASSWD: /bin/ls [!-]*


t09trbrxs# su - hobbit
hobbit (at) t09trbrxs:~> sudo /bin/ls /root/.ssh/authorized_keys
/root/.ssh/authorized_keys
hobbit (at) t09trbrxs:~> sudo /bin/ls --color=always
/root/.ssh/authorized_keys
hobbit's password:
hobbit (at) t09trbrxs:~>

Follow-Ups:
- RE: [hobbit] client file check
  - From: Scot Kreienkamp

References:
- client file check
  - From: Scot Kreienkamp
- Re: [hobbit] client file check
  - From: dOCtoR MADneSs

Prev by Date: Client reports (only) giving intermittent RRD graphing after 4.2.0 -> 4.3.0-beta2 upgrade
Next by Date: RE: [hobbit] Xymon hosts database.
Previous by thread: Re: [hobbit] client file check
Next by thread: RE: [hobbit] client file check
Index(es):
- Date
- Thread