Re: Wishlist for sysmon - with patch

From: Jared Mauch (jared@sysmon.org)
Date: Mon Jul 08 2002 - 15:03:24 EDT


On Fri, Jul 05, 2002 at 05:04:17PM +0200, Martin Schulze wrote:
> Hi Jared,
>
> I'm not sure if the list sysmon-help@puck.nether.net is supposed to
> carry development stuff and wishlists. If so, I'd be glad if you

        It can.

        lots of comments inline.

> could just bounce this mail to that list. If not, please add the
> wishlist items to your own (hopefully existing) list and review plus
> apply the patch at the end.
>
> . Working examples that don't make the program complain
>
> [patch] e.g. set foo = "bar" ; <-- the semicolon seems to be important
>
> . Documentation that describes how the system works and especially
> how it really works.

        i've not had a chance to write this up yet.

> . [patch] testing pop accounts without actually transmitting a real
> username and password, i.e. making that optional.
>
> . Description of all test types
>
> . Migration of contents from config.html into sysmon.conf.man
>
> . Using consitent version numbers, e.g. sysmon.conf.man says 0.83,
> sysmon.man (which is actually sysmond.man and sysmon.man is
> missing) says 0.90.12, the last source tarball I found says
> 0.91.11.

        These are all manually updated currently. i agree, they should
be done automagically but i've not done a lot of releases in the
past year that haven't concentrated on bugfixes so i sometimes
miss things.

> If version strings should be used all over, please make them
> consitent, e.g. by encoding the version into a makefile and use
> @@version@@ which gets auto-replaced by a small sed-snipped from
> the main makefile.
>
> . A manpage for sysmon, and the current manpage for sysmon renamed to
> sysmond.man
>
> . Implement a help screen for sysmon. It says "h = help", but you
> don't get a help screen.

        yeah.. the curses client is inherently defective. it was
one of the things that has been ignored as the daemon backend has been
developed. most people use the html/webpage to view down hosts.

> . [patch] When nothing went wrong, sysmon draws an empty screen,
> containing a headline, a footer and "^@". Firstly I thought
> something went wrong, then, after a while and actually testing a
> service which is down, it displayed something useful. Hence,
> there's documentation missing that says what's up. Still, I guess
> displaying that character is wrong.

        thanks. yeah, i've been meaning to fix this for awhile.

> . Using the descr="" setting. Both sysmon and the mail notification
> basically use the hostname and not the description. This can lead
> to confusion when several services on one host are tested, and at
> the first glance I only see the hostname.

        actually.

        this is highly configurable currently.

        check out PESG and subject config directives. they can
use a wide range of replacements (%m %w, etc..) to customize what
is printed.

> . Also, when testing a tcp service, sysmon only says 'type tcp', it
> doesn't reveal which port is affected, whether it is 22 (ssh) or 23
> (telnet) is up to me guessing.

        i assume you mean in the curses client?

> . The documentation doesn't say if it is ok to specify the port
> number as text or if it needs to be the real number for that port.

        this should be updated. it is the numerical port as i don't
do any getprotoent();

> . The documentation doesn't say how the dep="" dependencies are
> supposed to work. If host_a means ping that host and host_a_dns
> means to test the bind on that host, does it have to be
> host_a::dep=host_a_dns or vice versa? It seems to work with both
> directions, but it should probably be stated clearly which
> direction is the proper one.

        object foo {
                ip "1.2.3.4";
                type ping;
                descr "foo-ping";
        }

        object foo-dns {
                ip "1.2.3.4";
                type udp;
                port 53;
                dep "foo";
                descr "foo-dns";
        }

> . One can only specify one root. That's too bad if you have a local
> network with n machines and m services (n <= m) and the machines
> don't depend on each other, so all dep lines would probably be
> wrong. However, in such a case, you'd have to pick one host and
> define it as root and let all others depend on this one. That's a
> strange abstraction of reality... it's confusing for people who
> used to think in graphs and dependencies...

        my suggestion for these poeple is this:

        define a "localhost" entry.

        ping your loopback and let everything depend on that in
this case.

> . It's not clear from the documentation whether sysmond needs to run
> as root. If ping is the only service that needs root permissions,
> this service should proably be moved into a small setuid program,
> so the server can remain running under a non-privileged user id.

        i think this can be done so it revokes root i've not had
time to code this.

> . The documentation lacks a description of each test (i.e. what
> exactly is tested with the smtp-type, or with the pop3-type etc.)

        yes, this should be written.

> . The copyright file should mention the files which aren't (c) by
> Jared using GPLv1 (I guess, it's v1, no?)

        yeah.

> . When sysmon is started but no sysmond is running or if sysmond is
> stopped during operation on the respective host, the program dies
> abnormally, leaving the terminal in an undefined state (i.e. on
> this system there is no cursor, LF is not working properly, `reset`
> fixes this, but instead sysmon shouldn't mess up the terminal).

        stty sane

        yeah, i agree. the curses client is not tested and needs much
development.

> . Extending the tcp test to provide a string or regular rexpression
> which needs to be read from the remote port (maybe even some kind
> of chat script) would be nice and would make the tcp test
> extendable for any protocol.

        this has been suggested but not done yet. i need to spend
some time completing the few things i've got pending (native dns)
before i'll undertake this.

> Apart from that, sysmon seems to be a nice tool and it seems to have a
> potential to become really useful. However, it seems to me that one
> has to grok the code if one plans to work with it.

        ideally that will change as i (or others) write more docs
for the program.

> Oh, btw. providing anonymous CVS access for use mere humans would be a
> nice gift as well.

        I only work on the code about once a month right now when
someone finds a bug as i've been very busy with other things ...

        other than one thing i did last night the codebase
is unchanged from the latest release.

> The attached patch does:
>
> 1. Add a semicolon to the manpage where sysmond otherwise complains
> about a missing semicolon.
>
> 2. Add a note to the configuration that the DEBUGGING section needs
> to be written, so it's no dangling cross reference anymore.
>
> 3. Don't display ^@ (0x00) anymore when no problems occurred, instead
> display a space (0x20).
>
> 4. Allow to not specify a username and/or password for the pop3 test
> type.
>
> 5. Make the pop3 check type more flexible, i.e. take care of the case
> when no username or no password was specified
>
> Interestingly, the numbers refer to the patched file in the patch.
>
> Regards,

        Thanks for the patch and comments. it's always nice to hear from
the users.

        - Jared

-- 
Jared Mauch  | pgp key available via finger from jared@puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:14:07 EDT