Re: [Proposal] control storage systems

[Thomas Oppel]

> >>>2) Monitoring filesystems ++ (Rory + hauk)
> >>
> >>+1
> >
> >Rory do not want monit to remove temporary files. I have no opinion
> >this way or that, what do other committers think?
>
> -1 for removing files. I think it is sufficient to sent alarm. In the
> case that the space will come critical, it often signals some problem,
> that can't be solved just by removing temporary files. If the
> "watermark" is set carefully and the admin will be noted by monit about
> it, he can get action before something bad will happen. If the systems
> behavior is production of unneeded temporary files, it can be solved by
> simple cronjob.

-1. Yep. Is shoud definitely just do what its expected to do: monitoring.

Btw. I can understand it makes much fun testing out what else can be done with 
monit, but, please, let me remark some things from the admin user point of 
view:
I personally started to use it, because it exactly did what I was looking for: 
a local daemon monitoring daemon with a mail notify  -  and nothing more. The 
most importand use was monitoring sshd, and as it worked satisfying apaches 
and some databases followed.
The article that made me noticing monit (that was on 2.4.1) emphasised that 
when prefering it to other current monitoring tools definitely discurraged to 
use it with http enabled.
Security experts convinced me that HTTP _is_not_ a friendly protocol. Can you 
be shure monit doesn't open up for intruders?
And genarally, what plans do you have on security code audits? F.e. has 
anybody ever had RATS running over it or another code checking tool?
Another thing: Meanwhile also cron and syslog are monitored by monit on my 
boxes, but I'll never get noticed, if an intruder shuts down monit before he 
shuts down syslog, right? There no optionless 'always alert on monit 
shutdown', I guess.
I feel a bit unhappy, that I don't have the time to do the RATS thing f.e., 
and cannot follow up in deep what you're activly implementing. So, please 
forgive me for another question: Is the extra functionality that modularized 
that it can be backed out by an extra option while copile time? Or better the 
other way round: '--with-http[s]' | '--with-[extraFoo]' ?
This is what runs through my thoughts all the time you head for a new feature.
I don't want to discourage anybody. But I'd rather see it included in a major 
distro as a toot to increase security in means of sustainability and 
protection than to bloat of unselectable features.

Do you get what I mean? I really don't want to annoy annybody.
Greetings, Leppo.

P.S.: +1 for disk space monitoring, but please as '--with-diskspace' compile 
time option.
-- 
Kourentis und Brüggemann
Informationssysteme GbR.
Rheinallee 72 - 53173 Bonn
Tel.  0228 / 3635 07
Fax.  0228 / 3635 09
Mobil 0163 / 5635830