Process check for a given user and group only
Hello Tildeslash,
the process service check (and all other) allows command statements for a given user and group. But the process service check itself does not accept an additional user and/or group. Therefore I added an additional test in "_match" (in ProcessTree.c) to do this.
START | STOP | RESTART PROGRAM name [AS UID user] [AS GID group] [WITH TIMEOUT number SECONDS]
This allows me to use this (without starting the monitor as root).
CHECK PROCESS name PIDFILE path | MATCHING pattern [UID user] [GID group]
In general this works well for all MATCHING pattern test, because I added the used "userid" and "groupid" to the "matchlist". On the other hand, I can not find the right place to add the additional "userid" and "groupid" to "Service_T" to make the test available for the PIDFILE path test also.
A suggestion where to add this little test enhancement to the code.
My problem is, I use "CHECK PROGRAM" and some scripts to do a process test based on the additional userid and grouped information, but I think the monitor should do this.
This was the reason I add this to "MATCHING pattern", unfortunately I can not find a useful place to do this for "PIDFILE path".
This enhancement make the pattern handling more easy for me, because the right process will be found more easy on larger systems are starting several similar process in a different user context. This is the reason, I would like this enhancement became general available.
Thanks for some suggestions or comments,
Lutz
Comments (5)
-
reporter -
repo owner good idea
-
reporter Hello Tildeslash,
I add a pull request with my code changes, see pull request #115.A happy new year,
with regards,
Lutz -
reporter Hello,
a more detailed explanation of the intention to add the additional test.Sometimes an application will be started several times on a system.
To make the pattern matching of the “matching“ statement more easy it seems to be useful to add an additional test based on the uid/gid to limit the amount of tested command lines.In addition the “pidfile“ statement handling should test the pid similar. Therefore, the pid should be tested based on the uid/gid also.
In a short word,
a process can started based on a given uid/gid.
With the new additional test the process can be tested based on a uid/gid also.The additional test will focus the test to the pids of a given user only.
This could be misleading sometimes, unfortunately. On the other hand, if the content of the command line is similar or equal this is the only way to find the right process.
And if a pid file contain a pid used by an other user, this is not the right process, the process is not started.With regards,
Lutz -
reporter Hello,
I add the suggested changes to the pull request. The most changes depend to the "pidfile" handling only.With regards,
Lutz - Log in to comment
Hello everybody,
I add the following enhancement to my repository and plan to make this available in the future, when tildeslash will do.
Any suggestions or comments,
Lutz
p.s.