[Xymon] Hide usernam and password in http test

Jeremy Laidman jeremy at laidman.org
Fri Mar 19 12:45:21 CET 2021


Very strange.

The code (within xymonnet) that loads the file first looks for
$XYMONHOME/etc/netrc and then looks for $HOME/.netrc (where $HOME should be
~xymon, the xymon user's home directory).

Could be the format you have is not recognised by Xymon. Unfortunately,
there are no diagnostics if the file is unreadable or malformed.

The code seems to suggest that you can use keywords: machine, login,
password, account, macef and default.

A comment can be denoted by a hash (#), leading and trailing whitespace is
ignored. Tokens are separated by whitespace (tabs and spaces).

So something like this:

# my authentication params
hostname beatbox.example.com login webadmin password pr1v at te

This will cause an authentication string of "webadmin:pr1v at te" to be
assigned to the hostname beatbox, presumably to be used in a URL such as
https://beatbox.example.com/testthis.html. The string is base64-encoded and
included in an "Authorization: Basic <base64>" header.

On my system, if I run "strace xymoncmd xymonnet www.example.com 2>&1 |
grep netrc" I get this:

open("/usr/lib/xymon/server/etc/netrc", O_RDONLY) = -1 ENOENT (No such file
or directory)
open("/usr/lib/xymon/.netrc", O_RDONLY) = -1 ENOENT (No such file or
directory)

So it's definitely looking for it. If I mis-type the hostname, to something
that doesn't exist in hosts.cfg, or if I choose a host that doesn't have
"http://<something>", the strace doesn't show any output, so it doesn't
even try to find a netrc file.

I appreciate that you have another solution, but you (and others) might
find it helpful to find out why this isn't working for you.

Cheers
Jeremy


On Fri, 19 Mar 2021 at 18:58, Chris Pretorius <chrisp at lightstone.co.za>
wrote:

> I tried
>
> $XYMON/etc/netrc and $XYMON/etc/.netrc
>
>
>
> And xymon user homedir both netrc and .netrc
>
>
>
> Also set chmod 600 to all the files
>
>
>
> I found a different end point on the webserver (Windows, not IIS) that
> doesn’t require authentication that I can use in the test.
>
> Seems to be doing the job.
>
>
>
> Thanx everyone for your guidance, much appreciated.
>
>
>
> *From:* Jeremy Laidman <jeremy at laidman.org>
> *Sent:* Friday, 19 March 2021 08:12
> *To:* Chris Pretorius <chrisp at lightstone.co.za>
> *Cc:* Xymon Mailing List <xymon at xymon.com>
> *Subject:* Re: [Xymon] Hide usernam and password in http test
>
>
>
> The online manpage (probably the most up-to-date) says that the netrc file
> is in $XYMON/etc/netrc - note that there is no dot in the filename.
>
>
>
> https://xymon.sourceforge.io/xymon/help/manpages/man1/xymonnet.1.html
>
>
>
> On Thu, 18 Mar 2021 at 22:45, Chris Pretorius <chrisp at lightstone.co.za>
> wrote:
>
> Hi
>
>
>
> Im running a xymon server installed from the Terabithia repository
>
>
>
> Release: xymon-4.3.30-1
>
>
>
> I added a http test that requires basic authentication. The password has
> special characters.
>
>
>
> The test works when I add the username and password in the full url, ie.
> https://server/page.htm?user=User&password=p@sw0rd
>
>
>
> The man pages mention a file ~/.netrc where you can store username and
> password for basic authentication
>
>
>
> Which directory should the file be stored on the server.
>
>
>
> Best regards
>
>
>
>
>
>
>
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20210319/9c15395e/attachment.htm>


More information about the Xymon mailing list