Re: [Nagios-devel] Need a way to prevent custom object variables
Posted: Sun Jan 07, 2007 8:27 pm
sean finney wrote:
> hey guys,
>
> On Tue, 2007-01-02 at 21:21 -0600, Ethan Galstad wrote:
>>> Still have the problem of how to make the custom variable useful
>>> though since it can't be on the command line for the same reason.
>>>
>>> -- rouilj
>>> John Rouillard
>> Yeah, probably the only safe way to do it would be to pass the name of a
>> file (which contains the password, etc. and is locked down) to the
>> command that's being run. As you noted, command lines and environment
>> vars are viewable by other processes/people.
>
> just fyi, there was a similar-but-slightly-broader-scoped discussion on
> the nagios-plugins devel list a few months back. the consensus is that
> we'll be extending the core plugins and probably providing hooks for
> 3rd party plugins to use an updated configuration file format
> (orthogonal to the checkcommands stuff) which will let the admin specify
> additional cmdline arguments which will then be fed to getopt without
> being put on the command line. so you could have something like:
>
>
> [check_mysql]
> user=root
> password=supersecret
>
> and so on.
>
> while there might still be an argument for passing/hiding custom
> variables through nagios' config, i thought i should mention this so we
> don't have multiple groups of people doing the same but slightly
> different thing seperately.
>
>
>
> sean
Thanks for the heads-up Sean!
Ethan Galstad,
Nagios Developer
---
Email: [email protected]
Website: http://www.nagios.org
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]
> hey guys,
>
> On Tue, 2007-01-02 at 21:21 -0600, Ethan Galstad wrote:
>>> Still have the problem of how to make the custom variable useful
>>> though since it can't be on the command line for the same reason.
>>>
>>> -- rouilj
>>> John Rouillard
>> Yeah, probably the only safe way to do it would be to pass the name of a
>> file (which contains the password, etc. and is locked down) to the
>> command that's being run. As you noted, command lines and environment
>> vars are viewable by other processes/people.
>
> just fyi, there was a similar-but-slightly-broader-scoped discussion on
> the nagios-plugins devel list a few months back. the consensus is that
> we'll be extending the core plugins and probably providing hooks for
> 3rd party plugins to use an updated configuration file format
> (orthogonal to the checkcommands stuff) which will let the admin specify
> additional cmdline arguments which will then be fed to getopt without
> being put on the command line. so you could have something like:
>
>
> [check_mysql]
> user=root
> password=supersecret
>
> and so on.
>
> while there might still be an argument for passing/hiding custom
> variables through nagios' config, i thought i should mention this so we
> don't have multiple groups of people doing the same but slightly
> different thing seperately.
>
>
>
> sean
Thanks for the heads-up Sean!
Ethan Galstad,
Nagios Developer
---
Email: [email protected]
Website: http://www.nagios.org
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]