daemon restart scripts

[Eric Loyd]

>
> Be cautious with the (future?) support for auto-adding hosts that have 
> services that receive passive check results. Possibly nsca (or the 
> web-user) can be fooled into executing commands on any host through 
> the service restart thingie. 


I think, maybe, you misunderstand.  (And we don't use nsca because of 
firewalls - that's why we wrap in SSH).  The event_handler parameter is 
set to something like "generic_restart.sh" for all services.  The 
service_descriptions for all services are in a format that allows for 
easy parsing to figure out what instance of what service (and maybe what 
sub-instance) it refers to.  The generic_restart.sh script then figures 
out whether it's hard or soft, what failure number it is, and (maybe) 
takes action.

Action simply consists of trying to find a function within 
generic_restart.sh called do_service.  It passes a bunch of arguments to 
this service and the function determines what needs to be done.  This 
does not mean that random code is sent - the function clearly defines 
what steps need to be taken (kill -QUIT, /foo/bar/svc.stop, sleep 10, 
/foo/bar/svc.start, send mail, whatever).  There is no auto-adding of 
hosts.  There is no passing of code.  There is no passive check 
results.  Since the Nagios machine is running active checks remotely via 
SSH, only checks executed by Nagios are considered.

-- 
Eric Loyd
loyd at cyber.kodak.com



-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null