<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On 11 March 2015 at 10:49, Shawn Heisey <span dir="ltr"><<a href="mailto:hobbit@elyograg.org" target="_blank">hobbit@elyograg.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">I ran into a number of issues, and I've fixed all but one of them. The<br>
graphs aren't working. I followed all the instructions on that page,<br>
except that the config files I edited did not have "hobbit" in the name<br>
because I'm running 4.3.14 on the server and 4.3.7 on the client.<br>
<br>
What troubleshooting steps do I need to follow to figure out if I did<br>
something wrong with the graphing config and what to change?<br></blockquote><div><br></div><div>Look for the RRD files.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">I solved this with these changes to<br>
the client system:<br>
<br>
In /etc/sudoers.d/xymon:<br>
xymon ALL=(postfix : xymon) SETENV:NOPASSWD:<br>
/usr/lib/xymon/client/ext/postfix.sh<br>
<br>
In /etc/xymon/clientlaunch.d/xymon/postfix.cfg:<br>
CMD /usr/bin/sudo -E -u postfix -g xymon $XYMONCLIENTHOME/ext/postfix.sh<br>
<br>
In /var/lib/xymon/tmp:<br>
chmod g+w -R .<br>
<br>
Is that a reasonable permission fix, or should I have done it a<br>
different way?<br></blockquote><div><br></div><div>That's a common solution to this problem. I'm not sure I like the idea of altering the perms on /var/lib/xymon/tmp/, but I can't see a particularly nasty exploit being made available by this.</div><div><br></div><div>A better option might be to add the "sudo" command into the script (before each "find" command) rather than running the whole script under sudo, and in this way, most of the script runs as the xymon user, meaning no permissions problems.</div><div><br></div><div>Three other options come to mind:</div><div><br></div><div>1) add the xymon user to the postfix group</div><div>2) have the postfix user periodically dump the "find" command output to temp files, and adjust the xymon script to use the files (essntially commenting out the lines that run "find" and update the ".old" files</div><div>3) have the postfix user run the postfix.sh script (eg via her cron), such as making /etc/cron.d/xymon-postfix:<br></div><div><br></div><div> */5 * * * * postfix ( /usr/lib/xymon/client/xymoncmd /bin/sh -c 'XYMONTMP=/tmp $XYMONCLIENTHOME/ext/postfix.sh' ) >/tmp/somelogfile 2>&1</div><div><br></div><div>I've used all of these to good effect. I think the last of these options is my preferred option. A variation on the last one is to change the script to use /tmp instead of $BBTMP, and then the crontab line is much simpler.</div><div><br></div><div>J</div><div><br></div></div></div></div>