[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[monit] Feature request - read-only users for certain services
|
From: |
John Barton |
|
Subject: |
[monit] Feature request - read-only users for certain services |
|
Date: |
Wed, 14 Jan 2009 14:12:34 -0600 |
|
User-agent: |
Thunderbird 2.0.0.19 (Windows/20081209) |
I would like to toss out a feature request for the monit team to
consider. I would like to be able to specify a user as having read-only
access to certain services, and standard access for other services. Here
is my situation:
We are running an authentication daemon to interface our systems with
Active Directory, and we have had intermittent issues where the system
loses the ability to authenticate people or someone's failure attempts
are cached and they can not log into the machine even after the are
placed into the correct security group. Usually, a restart of the
process / clearing of the cache fixes the issue. I would like to be able
to give our help desk access to the monit interface so they can view a
read-only status of the server, but allow them to restart the
authentication daemon in the event it doesn't work properly. It would be
almost impossible to write a script for monit to use in order to check
for the issue, because it could be specific to a single userid.
I picture something like this:
set httpd port 2812
allow localhost
allow 192.168.0.0/24
allow md5 /etc/monit.passwd
check process auth_daemon with pidfile "/var/run/file.pid"
start program = "/etc/init.d/authdaemon start"
stop program = "/etc/init.d/authdaemon stop"
if 5 restarts within 5 cycles then timeout
check process sshd with pidfile "/var/run/sshd.pid"
start program = "/etc/init.d/sshd start"
stop program = "/etc/init.d/sshd stop"
if 5 restarts within 5 cycles then timeout
allow helpdesk read-only
Thoughts?
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [monit] Feature request - read-only users for certain services,
John Barton <=