Need a way to prevent custom object variables (e.g. password) from going into environment

rouilj+nagiosdev at cs.umb.edu rouilj+nagiosdev at cs.umb.edu
Fri Dec 29 18:36:28 CET 2006

Previous message: error compiling nagios3
Next message: Need a way to prevent custom object variables (e.g. password) from going into environment
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all:

Coming to the party a bit late, but a fast google didn't turn up anything.

In

  http://www.netways.de/uploads/media/Ethan.Galstad_Nagios.3.and.Beyond.pdf

page/slide 15 mentions a couple of use cases for custom object variables:
passwords,  snmp community names.

It also mentions that custom object vars are available as
environmental variables. Is there a way to turn that off? I.E. if the
variable was a password you don't want that being passed in the
environment where it is viewable by everybody.

However you still want it in a custom object variable so that it can
be changed by an external command, or pulled out by a script that has
access to the host object definitions.

My current mechanism for doing this involves using comments in the
object definition for dynamic replacements, which isn't as clean since
the comment isn't associated in any way with the object.

Also this brings up the question of how to supply things like
passwords, and other confidential info to the plugins. One way that I
have done this in the past is to send the needed info on stdin to the
program.

Maybe a net optional parameter for the command object could be added.
E.G. command_input:

define command{
        command_name    check_snmp
        command_line    $USER1$/check_snmp -H $HOSTADDRESS$ -p --community
							 stdin $ARG1$ 
        command_input   $_HOSTSNMPCOMMUNITY$
        }

and whatever is in the command_input line will be sent to the standard
input (with a trailing newline perhaps) of the command line.

This should supply sufficiently secure access to privileged data I
think.

Comments?

				-- rouilj
John Rouillard
===========================================================================
My employers don't acknowledge my existence much less my opinions.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Previous message: error compiling nagios3
Next message: Need a way to prevent custom object variables (e.g. password) from going into environment
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Developers mailing list