[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Proposal] control storage systems

From: rory
Subject: Re: [Proposal] control storage systems
Date: Thu, 10 Oct 2002 17:18:52 -0700 (PDT)

> <address@hidden> writes:
>> >> I might punt on the "remove temp files". I think it would be better
>> >> to have a hook into allowing a script to be executed or nothing at
>> >> all.
>> >
>> > We kind of ruled out external scripts/plugins previously if I
>> > remember correctly for a good reason, besides removing temporary
>> > files is easy to do from within monit, we could simply fire off a
>> > new background thread that clean up the file system.
>> The only thing I don't like about monit removing files or packaging
>> files or whatnot is that we have to start worrying about permissions,
>> especially if some of the filesystems get monitored via NFS.>
> I know you're probably itching to do some Perl scripts for monit :-)
> but won't the same permission argument apply for an external script?

Call me cynical, but...

With an external script, you kind of assume that the person making the
script knows what he's doing, and whatever he's done, he's done to
himself. In this case, monit isn't "responsible" for deleting someone's
dissertation.Yes, someone is still responsible if they do something like:

alert /tmp 90%
remove *.tmp *core* ..*

But, we at least shouldn't make it easier for someone to do that.

In general, I'm opposed to monitoring systems being able to take
destructive action.
Since we don't want to do external scripts (reasonable) as long as we
support alerts, they can be transformed into SMTP traps and should someone
want to take automatic action, they are free to do so.>
> When removing temporary files, monit could just check that the
> effective user running monit has permission and if not, simply do not
> remove the file? (I know too little about NFS but permissions are
> probably tricky with NFS, yes?)

The above rationale, I think, applies here as well.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]