Re: statement changes suggestions

[Jan-Henrik Haukeland]

Martin Pala <address@hidden> writes:

> Yes :) My +1 for it.

Thanks Christan and Martin, I'll add the extension to the PORT
statement tonight then. For the checksum statement see below.

> What about to move FAILED behind the target specification, as it is in
*
> IF host www.sol.no port 80 protocol http FAILED 
> THEN [ALERT | STOP | RESTART | EXEC]

Okay, it does look more natural :-)

> IF checksum /usr/bin/httpd and expect the sum
> 4e5309d1956f003bcdff168748bea647 FAILED THEN [ALERT | STOP | RESTART | EXEC]

I have a few thoughts about the checksum statement. Thinking about it,
the checksum was originally a security thingy and for catching
unwanted changes. In this case it could be dangerous to run the STOP
or RESTART program (i.e. monit may execute a possible cracked program,
this may be dangerous, especially if monit is running as root). The
function today, will upon a checksum event send an alert and *not*
monitor the program anymore (to avoid executing the program). This
behavior is reasonable.

On the other hand, and also mentioned in the monit-general list, if
checksum is used to watch a configuration file, for instance,
httpd.conf, it could also be reasonable to do both a RESTART and EXEC.

One solution could be that if the ALERT action was used the old
behavior is used (i.e. alert + not monitor anymore) but for the other
action choices the behavior is; alert, do STOP, RESTART or EXEC *and*
keep on monitoring. Do you see the difference? What do you think, will
it be to complicated to understand for regular users?

Anyway, I want to know what you guys think about this before I
eventually change the checksum statement:

 1) Do not change checksum and keep it as is
 2) Change it as outlined above

-- 
Jan-Henrik Haukeland