[Xymon] Potential bug in FILE analysis

Adam Goryachev mailinglists at websitemanagers.com.au
Fri May 23 01:18:46 CEST 2014


OK, so you are using sudo to generate a list of filenames, so xymon can 
read the list of filenames you want to monitor (the same as if you just 
hardcoded /var/crash/bounds and /var/crash/vmdump.0 into the 
clientlocal.cfg file.

However, when xymon tries to look at the details for the file you have 
asked it to check, it can't determine *any* information about the file, 
not even whether it exists or not, because it doesn't have sufficient 
privileges. You would need xymon to have sudo power to check the file as 
well, (not sure if that would be feasible) or else to add at least rx 
permissions for xymon to be able to provide information:

ls -ld test
drwx------ 2 root root 4096 May 23 09:10 test
agoryachev at it-desktop:/tmp$ ls -l test
ls: cannot open directory test: Permission denied
agoryachev at it-desktop:/tmp$ sudo chmod +r test
root at it-desktop:/tmp# exit
agoryachev at it-desktop:/tmp$ ls -l test
ls: cannot access test/two: Permission denied
ls: cannot access test/one: Permission denied
total 0
-????????? ? ? ? ?            ? one
-????????? ? ? ? ?            ? two
agoryachev at it-desktop:/tmp$ ls -l test/one
ls: cannot access test/one: Permission denied
agoryachev at it-desktop:/tmp$ sudo chmod +x test
root at it-desktop:/tmp# exit
agoryachev at it-desktop:/tmp$ ls -l test
total 0
-rw-r--r-- 1 root root 0 May 23 09:10 one
-rw-r--r-- 1 root root 0 May 23 09:10 two

So you can read the directory contents with +r, but you need +x to be 
able to stat those directory entries. At least, that applies on my Linux 
workstation, it may depend on your OS/etc.

Regards,
Adam

On 22/05/14 15:40, Vernon Everett wrote:
> Hi all
>
> Not sure if this really classifies as a bug or not.
> I am inclined to think it is.
>
> In clientlocal.cfg, I have
> [sunos]
> file:`/usr/bin/sudo /usr/bin/find /var/crash/ -type f 2> /dev/null`
>
> And this finds 2 files.
> /var/crash/bounds
> /var/crash/vmdump.0
> So far so good.
>
> However, /var/crash/ is a symlink to /var/share/crash/
> And /var/share/crash has permissions or 700
> So Xymon can determine there is a file, but cannot collect any 
> metadata on the file, since it cannot stat the files in /var/share/crash/
>
> In analysis.cfg I have this line (with appropriate HOST= value, of course)
> FILE    %^/var/cores/.*         NOEXIST         red
> When I go to the "files" page, I see the file names there.
> Clicking on the file names, I get this info.
> [file:/var/crash/vmdump.0]
> ERROR: Permission denied
>
> But no red status appears on the test.
> Testing, using a similar directory structure, where Xymon can stat the 
> files, does give a red status.
>
> I can understand that Xymon can't give any info on the file because of 
> permissions, but in this case, all I care about is that the file 
> exists, which Xymon has determined.
> That should trigger a red status.
>
> Using Xymon 4.3.10
>
> Regards
> Vernon
>
>
>
>
>
> -- 
> "Accept the challenges so that you can feel the exhilaration of victory"
> - General George Patton
>
>
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon


-- 
Adam Goryachev Website Managers www.websitemanagers.com.au
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20140523/5bacd12f/attachment.html>


More information about the Xymon mailing list