[Patch] Nagios 3.0.3: extinfo.cgi to show hosts custom vars and parents

Andreas Ericsson ae at op5.se
Thu Sep 25 11:37:49 CEST 2008


Marcus Fleige wrote:
> Good morning,
> 
> that's nice suggestions and great feedback, thank you all!
> 
> For a conclusion:
> To make the patch more usable, there should be made two enhancements:
> 
> 1.) "cgi_customvar_blacklist" or similar in cgi.cfg to hide specific 
> custom vars from being blacklisted.
> 

I think a whitelist would make more sense. That way it's a much smaller
chance that one adds a new security sensitive custom variable while
forgetting to update the whitelist.
For extra points, add
cgi_customvar_whitelist_regex
which holds a regular expression to determine which variables are
displayable.

> 2.) "authorized_for_custom_vars" in contact objects to define the 
> contacts allowed to view custom vars, with a default value of false.
> 

Not in contact objects, but in cgi.cfg, similar to the other
authorized_for* variables.

> Some more questions about this:
> - What about the generic switch for display of custom vars?
> - Should the blacklist parameter be able to deal with patterns (like 
> "SNMP_*"or something?)?
> - What about combining both and define "authorized_for_custom_vars" not 
> as a binary, but a string parameter, e.g. 
> "authorized_for_custom_vars=*", "authorized_for_custom_vars=LOCATION_*" etc.
> 
> Did i get this right?
> 

Sort of, yes, except I think it'll be enough to make it a global variable
instead of something else.

> One more generic point: rumours (and Andreas' announcement) say, Ethan 
> "might" be working on some new UI, so do you think it's still useful to 
> invest work and time to this?
> 

He is working on a new UI. He's confirmed it himself at two conferences
now. How useful this is to work on depends on when the new GUI arrives,
and how soon the old CGI's are replaced by it.

> After all, I'm not sure if my copy-and-paste coding skills are 
> appropriate to fulfill your requests, plus i can't make sure when i'll 
> be able to find the time to do this. :-( (BTW: Thanks for your support 
> offer, Hendrik!) First of all i'll give the code a closer look to get a 
> feeling for this whole programming stuff. ;-)
> 

Well, I'll queue what you've got for now and perhaps someone else will
have time to continue work on it later.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/




More information about the Developers mailing list