0

I'm trying to use Monit to check the permissions of a particular directory, but I only care that it's readable to all users. I don't care about any other permissions (write, execute) for the owner, group, or all. I also don't care about any special permissions.

Knowing that I can't change the permissions of this directory, and with the possibility of another administrator changing these permissions without affecting my processes that rely on this directory (i.e., granting or revoking write access to the group), is it possible to check for a minimum permission in Monit?

I have this which is currently working:

check directory archive path /var/home/archive/
    if failed perm 0755 then alert

But I would like to have something like tihs:

check directory archive path /var/home/archive/
    if failed perm > 444 then alert

This is failing for me. Is it possible to use comparison operators in Monit's permissions checking? If not, are there any workarounds?

Ian Hunter
  • 207
  • 3
  • 11

1 Answers1

1

You could substitute this type of check, with running a program and checking its exit status.

From the monit manual: (NOTE: myscript.sh has to be minimum 555 permission).

" An example:

 check program myscript with path "/usr/local/bin/myscript.sh" with timeout 1000 seconds
       if status != 0 then alert

Sample script for the above example (/usr/local/bin/myscript.sh):

 #!/bin/bash
 echo test
 exit $?

"

You could construct a program doing the check you want (consider using the find command), or even using the find command as the specific monit program. You could even customize the exit statuses so that different exit codes mean different things.

mdpc
  • 11,698
  • 28
  • 51
  • 65