I have the latest version of thruk installed with naemon and livestatus. I want to be able to post commands from a python script to cmd.cgi from the same server without the interference of authentication. I have tried the settings of:
use_authentication=0
default_user_name=thrukadmin
but it doesn't seem to work in the thruk gui. When trying to post to the cgi from the thruk gui I get the error, "I'm sorry Dave......"
Any thoughts on why this not working right? The apache server on that system uses ldap to authenticate to the gui, could this be an issue?
Other thoughts?
It's much easier, you don't even need Thruk in the middle. You can simply write to Naemons command_file.
The external command list at https://www.naemon.org/documentation/developer/externalcommands/ contains an example for every possible command.
Here is a shell snippet which schedules a host downtime:
printf "[%lu] SCHEDULE_HOST_DOWNTIME;host1;1478648441;1478638441;1;0;3600;naemonadmin;This is an example comment.\n" `date +%s` > /var/lib/naemon/naemon.cmd
When using Thruk, you can use thruks cli script to send commands:
thruk r -d comment_data=test /hosts/localhost/cmd/schedule_host_downtime
Authentication is only required if you want to send commands by HTTP.
Related
I'm working on an apache module that can check the libipset API to test if an IP is in a list. This is being used as a backup firewall for proxied connections.
I've managed to get everything working up until the C script calls type = ipset_type_get(session, cmd);. After testing, I believe the main problem is that libipset requires higher permissions. I'm not getting a permission error, just a null value. However, when I run the C script directly using apache as the user, I can get it to work when I grant sudo privileges to apache for the script.
I've tried 1 and 2 in the answers here and they've both failed. Is there any other way to force root for the ipset API call?
This action might need cap_net_admin.
If using systemd to control the process, you can add it like this:
[Service]
...
CapabilityBoundingSet=CAP_NET_ADMIN
Another approach would be to set the binary executable's capabilities.
setcap cap_net_admin=ep /usr/sbin/apache2
If using apparmour, you coould instead set up a profile for apache and include the line
capability net_admin,
in the file ( /etc/apparmor.d/usr.sbin.apache2 )
( see here : https://serverfault.com/questions/932410/enabling-apparmor-for-apache2-in-ubuntu-18-04 )
I need to execute a realm-cli command (disable or delete a user) from a mobile application that uses RealmDB, i didn't find any part of the docs that was related to do it.
I thought that i can use mongoClient but i didn't find any methods that allows me to execute raw cli commands.
I need to execute commands like:
realm-cli users disable --app=<Your App ID> --user=<User ID>
Font:
https://docs.mongodb.com/realm/users/delete-or-revoke/
Is there any other way ?
You may need to host the realm-cli and write a HTTP interface middleware to make these call.
I don't believe you can run the application on a mobile application as you would need access to spawning libraries. realm-cli is available open source so it would be possible to port the application to something like C++ (from golang) to make it executable for something like Android or iOS - but it may be cheaper to just buy a VPS somewhere (or even host it locally for a spell) and just pass the arguments to a web route.
I would like to use a custom module for which I require "hostname" so that I can initiate SSH connection from the custom module and run commands. So I pass transport = "local" to the Runner object. However, I find no way to obtain "hostname" information in the custom module.
I am using Ansible 1.9.2 using Python API.
A module only has the information available that was explicitly passed to it. What you might be interested in instead is an action plugin, which by (non-exisiting) definition runs local on the control machine and has access to more (all?) data.
You can see some action plugin code here: https://github.com/ansible/ansible/tree/devel/lib/ansible/plugins/action
PS: Don't you want to upgrade to Ansible 2 before getting started writing custom modules/plugins? The API changed completely and once you upgrade you have to rewrite you module/plugin.
Okay, silly me. It's exactly the same way in the API too. You can extract hostname using {{ inventory_hostname }}.
I'm playing with chimp testing tool. At the moment I can easily run cucumber and mocha tests. The problem is that I don't know how to add DB fixtures. I'd like to have initial data before running some tests (e.g. add test user into system).
BTW that data can be added only by authenticated user and users can be create only by admin or from server level.
Can't find any docs about this for now. Any suggestions?
If you are using Meteor, you can pass the DDP parameter on the command line --DDP=http://localhost:3000 and then use server.execute to run code on the server. This code can then setup data.
If you are not using Meteor, you can use a HTTP call using request.get('http://localhost:8080/addUser').
Through HTTP / DDP you can access the server and create a testing backdoor to setup the data you need.
I'm having issues with using the following format using WinSCP
open sftp://user:password#site.com
vs. this, which works with the console and GUI:
open sftp.site.com.
I would like to automate logging in through the command line but when I try with sftp://user:password#site.com I get a timeout.
Any ideas?
It works fine for me both ways. Is the problem that you are using site.com instead of sftp.site.com in your first example?
Just because you specify the protocol sftp, doesn't mean it will attempt to connect to sftp.site.com when you provide site.com as the host. You still need the full hostname, the sftp:// just tells it what protocol you want to speak once connected.