|
From: | Martin Pala |
Subject: | Re: file permissions |
Date: | Wed, 24 Aug 2011 11:05:08 +0200 |
I think changing the default access won't be safe … i'd recommend to use sudo to delegate the rights to edit certain configuration file and reload monit. If you want to, you can modify monit source code in the "p.y" file to allow access (see stat.h for the S_ flags): --8<-- /* * Secure check the monitrc file. The run control file must have the * same uid as the REAL uid of this process, it must have permissions * no greater than 700 and it must not be a symbolic link. */ if (! file_checkStat(controlfile, "control file", S_IRUSR | S_IWUSR | S_IXUSR)) return FALSE; --8<-- We plan to add support for configuration of Monit agents to M/Monit … it will allow to define roles where non-privileged users will be able to see or manage only individual hosts or services. Regards, Martin On Aug 23, 2011, at 1:52 PM, Nick Upson wrote: if there is no way to do it at present, please consider this a feature request. perhaps an item in the config file of max file permissions which defaults to 700 (as now) but can be changed for my case where I would probably use 777 |
[Prev in Thread] | Current Thread | [Next in Thread] |