[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: file permissions

From: Martin Pala
Subject: Re: file permissions
Date: Wed, 24 Aug 2011 11:05:08 +0200

I think changing the default access won't be safe … i'd recommend to use sudo to delegate the rights to edit certain configuration file and reload monit.

If you want to, you can modify monit source code in the "p.y" file to allow access (see stat.h for the S_ flags):

   * Secure check the monitrc file. The run control file must have the
   * same uid as the REAL uid of this process, it must have permissions
   * no greater than 700 and it must not be a symbolic link.
  if (! file_checkStat(controlfile, "control file", S_IRUSR | S_IWUSR | S_IXUSR))
    return FALSE;

We plan to add support for configuration of Monit agents to M/Monit … it will allow to define roles where non-privileged users will be able to see or manage only individual hosts or services.


On Aug 23, 2011, at 1:52 PM, Nick Upson wrote:

if there is no way to do it at present, please consider this a feature request. perhaps an item in the config file of max file permissions which defaults to 700 (as now) but can be changed for my case where I would probably use 777

On 22 August 2011 16:21, Nick Upson <address@hidden> wrote:
Is there any way I can remove the restriction on file permissions for monit configurations.

Some of the systems I'm concerned with already have tightly controled access and I need to allow non-root users to change some file in /etc/monit.d

Nick Upson (01799 533252)

Nick Upson (01799 533252)

To unsubscribe:

reply via email to

[Prev in Thread] Current Thread [Next in Thread]