[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tiger-devel] [RFC] Moving some check_root checks into OS specific c
From: |
Ryan Bradetich |
Subject: |
Re: [Tiger-devel] [RFC] Moving some check_root checks into OS specific checks. |
Date: |
26 Jun 2003 09:17:22 -0600 |
> That's also a nice check, but maybe should be in an check_ssh module. So
> that it will only run if the SSH_CONFIG is available (and define that
> per OS)
This sounds excellent. It also takes care of the problem of locating
the correct sshd_config. I will produce a patch for this today.
> Yes, one of the things I wanted to implement in the main engine is to be
> able to override common checks with local (OS-specific) checks. That's
> in the TODO:
>
> "- Modify Tiger so it can use a system's scripts if it exists and
> substitute the one under scripts/ by introducing a run_script funcion
> (check if the script is under scripts and under systems/$OS/... and run
> it)"
very cool!
> It's understandable that some checks might be fine-tuned for some OS but
> not for others so Tiger could first check, if it is configured to run a
> check, if the check_XXX is available for a specific OS and, if not, to
> run the generic check.
>
> This avoids duplicating too much of the code and provides a failback
> mechanism for those OS you do not much about. Take the
> 'check_listeningprocs' for example (that's when I first started thinking
> about it). There is a generic check (that uses LSOF), a SunOS 5.8
> specific check (which uses PFILES) and a Linux check (which can use
> either LSOF or NETSTAT). Currently Tiger will always run the generic
> check, there's no way to tell it "if I'm running an OS which has
> implemented a more refined check please use it".
>
> In this case, LSOF might not be available in the system you are running
> but probably PFILES (in SunOS) or NETSTAT (in Linux and Solaris also,
> but it does not give all the information it needs) might be. Currently
> the call to any check is just to run it directly, I was thinking on
> adding a wrapper function that would do something akin to what the
> config (line 150 to 183) script does, look for in all the
> $OS/$REL/$REV/$ARCH directories and take the most specific file.
This sounds like what I need :) Let me chew on it for a bit and see
what I can do. Do you have any preferences of where the override files
should exist? Same directory as $OS/$REL/$REV/$ARCH? This makes sense,
but that is also where the check_system check* scripts live as well.
Maybe this is a non-issue, but could be potentially confusing.
Thanks!
- Ryan
> Best regards
>
> Javi
--
Ryan Bradetich <address@hidden>