diff -Nru monit-4.8.1/aclocal.m4 monit-5.0.3/aclocal.m4 --- monit-4.8.1/aclocal.m4 2006-05-16 20:16:22.000000000 +0100 +++ monit-5.0.3/aclocal.m4 2009-08-24 16:12:09.000000000 +0100 @@ -1,7 +1,7 @@ -# generated automatically by aclocal 1.7.9 -*- Autoconf -*- +# generated automatically by aclocal 1.9.6 -*- Autoconf -*- -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +# 2005 Free Software Foundation, Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -11,148 +11,4 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -#serial 6 - -dnl This macro is intended to be used solely in this file. -dnl These are the prerequisite macros for GNU's strftime.c replacement. -dnl FIXME: the list is far from complete -AC_DEFUN([_jm_STRFTIME_PREREQS], -[ - dnl strftime.c uses localtime_r if it exists. Check for it. - AC_CHECK_FUNCS(localtime_r) - dnl FIXME: add tests for everything in strftime.c: e.g., HAVE_BCOPY, - dnl HAVE_TZNAME, HAVE_TZSET, HAVE_TM_ZONE, etc. -]) - -dnl Determine if the strftime function has all the features of the GNU one. -dnl -dnl From Jim Meyering. -dnl -AC_DEFUN([jm_FUNC_GNU_STRFTIME], -[AC_REQUIRE([AC_HEADER_TIME])dnl - - _jm_STRFTIME_PREREQS - - AC_REQUIRE([AC_C_CONST])dnl - AC_REQUIRE([AC_HEADER_STDC])dnl - AC_CHECK_HEADERS(sys/time.h) - AC_CACHE_CHECK([for working GNU strftime], jm_cv_func_working_gnu_strftime, - [AC_TRY_RUN( -changequote(<<, >>)dnl -<< /* Ulrich Drepper provided parts of the test program. */ -#if STDC_HEADERS -# include -#endif - -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -static int -compare (const char *fmt, const struct tm *tm, const char *expected) -{ - char buf[99]; - strftime (buf, 99, fmt, tm); - if (strcmp (buf, expected)) - { -#ifdef SHOW_FAILURES - printf ("fmt: \"%s\", expected \"%s\", got \"%s\"\n", - fmt, expected, buf); -#endif - return 1; - } - return 0; -} - -int -main () -{ - int n_fail = 0; - struct tm *tm; - time_t t = 738367; /* Fri Jan 9 13:06:07 1970 */ - tm = gmtime (&t); - - /* This is necessary to make strftime give consistent zone strings and - e.g., seconds since the epoch (%s). */ - putenv ("TZ=GMT0"); - -#undef CMP -#define CMP(Fmt, Expected) n_fail += compare ((Fmt), tm, (Expected)) - - CMP ("%-m", "1"); /* GNU */ - CMP ("%A", "Friday"); - CMP ("%^A", "FRIDAY"); /* The ^ is a GNU extension. */ - CMP ("%B", "January"); - CMP ("%^B", "JANUARY"); - CMP ("%C", "19"); /* POSIX.2 */ - CMP ("%D", "01/09/70"); /* POSIX.2 */ - CMP ("%F", "1970-01-09"); - CMP ("%G", "1970"); /* GNU */ - CMP ("%H", "13"); - CMP ("%I", "01"); - CMP ("%M", "06"); - CMP ("%M", "06"); - CMP ("%R", "13:06"); /* POSIX.2 */ - CMP ("%S", "07"); - CMP ("%T", "13:06:07"); /* POSIX.2 */ - CMP ("%U", "01"); - CMP ("%V", "02"); - CMP ("%W", "01"); - CMP ("%X", "13:06:07"); - CMP ("%Y", "1970"); - CMP ("%Z", "GMT"); - CMP ("%_m", " 1"); /* GNU */ - CMP ("%a", "Fri"); - CMP ("%^a", "FRI"); - CMP ("%b", "Jan"); - CMP ("%^b", "JAN"); - CMP ("%c", "Fri Jan 9 13:06:07 1970"); - CMP ("%^c", "FRI JAN 9 13:06:07 1970"); - CMP ("%d", "09"); - CMP ("%e", " 9"); /* POSIX.2 */ - CMP ("%g", "70"); /* GNU */ - CMP ("%h", "Jan"); /* POSIX.2 */ - CMP ("%^h", "JAN"); - CMP ("%j", "009"); - CMP ("%k", "13"); /* GNU */ - CMP ("%l", " 1"); /* GNU */ - CMP ("%m", "01"); - CMP ("%n", "\n"); /* POSIX.2 */ - CMP ("%p", "PM"); - CMP ("%r", "01:06:07 PM"); /* POSIX.2 */ - CMP ("%s", "738367"); /* GNU */ - CMP ("%t", "\t"); /* POSIX.2 */ - CMP ("%u", "5"); /* POSIX.2 */ - CMP ("%w", "5"); - CMP ("%x", "01/09/70"); - CMP ("%y", "70"); - CMP ("%z", "+0000"); /* GNU */ - - exit (n_fail ? 1 : 0); -} - >>, -changequote([, ])dnl - jm_cv_func_working_gnu_strftime=yes, - jm_cv_func_working_gnu_strftime=no, - dnl When crosscompiling, assume strftime is missing or broken. - jm_cv_func_working_gnu_strftime=no) - ]) - if test $jm_cv_func_working_gnu_strftime = no; then - AC_DEFINE_UNQUOTED(strftime, gnu_strftime, - [Define to gnu_strftime if the replacement function should be used.]) - fi -]) - -AC_DEFUN([jm_FUNC_STRFTIME], -[ - _jm_STRFTIME_PREREQS - AC_REPLACE_FUNCS(strftime) -]) - +m4_include([m4/strftime.m4]) diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/alert.c /tmp/QeMlhPoI46/monit-5.0.3/alert.c --- monit-4.8.1/alert.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/alert.c 2009-03-26 06:27:03.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -56,7 +66,7 @@ * @author Martin Pala * @author Christian Hopp * - * @version \$Id: alert.c,v 1.53 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: alert.c,v 1.65 2009/03/24 19:49:05 martinp Exp $ * @file */ @@ -75,12 +85,11 @@ /** * Notify registred users about the event * @param E An Event object - * @return If failed, return HANDLER_ALERT flag or HANDLER_PASSED if passed + * @return If failed, return HANDLER_ALERT flag or HANDLER_SUCCEEDED if succeeded */ int handle_alert(Event_T E) { - Service_T s; - int rv = HANDLER_PASSED; + int rv = HANDLER_SUCCEEDED; ASSERT(E); @@ -93,9 +102,7 @@ if(s->maillist || Run.maillist) { Mail_T m; Mail_T n; - sigset_t ns, os; Mail_T list= NULL; - set_signal_block(&ns, &os); /* * Build a mail-list with local recipients that has registered interest * for this event. @@ -106,19 +113,14 @@ /* particular event notification type is allowed for given recipient */ IS_EVENT_SET(m->events, Event_get_id(E)) && ( - /* 'changed/matched' event types are sent always */ - E->id == EVENT_CHANGED || E->id == EVENT_MATCH || /* state change notification is sent always */ E->state_changed || /* in the case that the state is failed for more cycles we check * whether we should send the reminder */ - ( - E->state && m->reminder && E->count % m->reminder == 0 - ) + (E->state && m->reminder && E->count % m->reminder == 0) ) ) { - Mail_T tmp= NULL; NEW(tmp); @@ -140,7 +142,6 @@ * overrides the same recipient events which are registered globaly. */ for(m= Run.maillist; m; m= m->next) { - int skip= FALSE; for(n= s->maillist; n; n= n->next) { @@ -156,15 +157,11 @@ /* particular event notification type is allowed for given recipient */ IS_EVENT_SET(m->events, Event_get_id(E)) && ( - /* 'changed' event type is sent always */ - E->id == EVENT_CHANGED || E->id == EVENT_MATCH || /* state change notification is sent always */ E->state_changed || /* in the case that the state is failed for more cycles we check * whether we should send the reminder */ - ( - E->state && m->reminder && E->count % m->reminder == 0 - ) + (E->state && m->reminder && E->count % m->reminder == 0) ) ) { @@ -186,15 +183,12 @@ if(list) { - if(!sendmail(list)) { + if(!sendmail(list)) rv = HANDLER_ALERT; - } gc_mail_list(&list); } - unset_signal_block(&os); - } return rv; @@ -203,7 +197,6 @@ static void substitute(Mail_T *m, Event_T e) { - char timestamp[STRLEN]; ASSERT(m && e); @@ -212,7 +205,7 @@ Util_replaceString(&(*m)->subject, "$HOST", Run.localhostname); Util_replaceString(&(*m)->message, "$HOST", Run.localhostname); - Util_getRFC822Date(&e->collected, timestamp, STRLEN); + Util_getRFC822Date((time_t *)&e->collected.tv_sec, timestamp, STRLEN); Util_replaceString(&(*m)->subject, "$DATE", timestamp); Util_replaceString(&(*m)->message, "$DATE", timestamp); @@ -231,7 +224,6 @@ static void copy_mail(Mail_T n, Mail_T o) { - ASSERT(n && o); n->to= xstrdup(o->to); @@ -257,7 +249,6 @@ static void replace_bare_linefeed(Mail_T *m) { - Util_replaceString(&(*m)->message, "\r\n", "\n"); Util_replaceString(&(*m)->message, "\n", "\r\n"); } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/alert.h /tmp/QeMlhPoI46/monit-5.0.3/alert.h --- monit-4.8.1/alert.h 2006-01-01 22:44:01.000000000 +0000 +++ monit-5.0.3/alert.h 2009-02-13 13:06:31.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -53,7 +63,7 @@ * @author Martin Pala * @author Christian Hopp * - * @version \$Id: alert.h,v 1.22 2006/01/01 22:44:01 martinp Exp $ + * @version \$Id: alert.h,v 1.29 2009/02/13 09:18:05 hauk Exp $ * @file */ @@ -61,7 +71,7 @@ /** * Notify registred users about the event * @param E An Event object - * @return If failed, return HANDLER_ALERT flag or HANDLER_PASSED flag if passed + * @return If failed, return HANDLER_ALERT flag or HANDLER_SUCCEEDED flag if succeeded */ int handle_alert(Event_T E); diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/CHANGES.txt /tmp/QeMlhPoI46/monit-5.0.3/CHANGES.txt --- monit-4.8.1/CHANGES.txt 2006-05-10 21:29:00.000000000 +0100 +++ monit-5.0.3/CHANGES.txt 2009-05-25 21:53:02.000000000 +0100 @@ -1,6 +1,602 @@ - CHANGES version 4.8.1 + CHANGES version 5.0.3 + + This file summarizes changes made since 3.0 + + Bug fixes may refer to an auto-generated id in our + bug-tracking system, which can be found here + https://savannah.nongnu.org/bugs/?group=monit + + +Version 5.0.3 + +NEW FEATURES AND FUNCTIONS: + +* Fixed #26664: crash on service timeout or unmonitor action + (introduced in 5.0.2). Thanks to Bretislav Kubesa and + Michael Shigorin for report. + +* Removed the configure --without-resource option. If the user + who is running Monit doesn't have permissions to check the + processes state, the related checks are disabled dynamically. + + +Version 5.0.2 + +BUGFIXES: + +* 35 improvements based on code scan with Klockwork + (http://www.klocwork.com/) which we were evaluating. + Huge thanks to Klocwork for their great product. + +* Fixed #26382: if start or stop script for some service didn't + exist, monit logged error during configuration file parsing and + refused to start. Monit now just logs warning and continues. + + +Version 5.0.1 + +BUGFIXES: + +* Fixed a bug where Monit did not stop logging succeeded events. + This bug occurred if PID, PPID, timestamp or size change tests + were used and failed and then succeeded again. + + +Version 5.0 + +NEW FEATURES AND FUNCTIONS: + +* M/Monit support added. If you run Monit on more than one + server, you can use M/Monit to manage and control all your + Monit enabled servers from one simple Web Interface. See + http://mmonit.com/ for details. + +* Support use of symbolic links in filesystem check. Thanks to + Aleksander Kamenik for suggestion. Example: + check filesystem rootfs path + /dev/disk/by-uuid/4ef973f7-67d1-4bb0-8223-cb1c692b72e4 + if space usage > 95% then alert + if inode usage > 95% then alert + +* If no 'set mailserver' was defined in monitrc, Monit tried to + fallback to localhost:25 SMTP server. This fallback was removed + since it may be confusing. If you want to deliver mail alerts + from Monit, the 'set mailserver' option is necessary. In case + it is missing, Monit will log appropriate error and hint to add + it. + +* The generic send/expect protocol test limited the expect input + to 256 bytes. It's possible to set the input buffer for expect + globally - for example: set expectbuffer 20 kb Thanks to Asil + Carlin for suggestion. + +* The following event types were added CONTENT, FSFLAGS, PID and + PPID and the following generic event types CHANGED and MATCH were + removed and replaced by the above types and with the existing SIZE, + CHECKSUM, TIMESTAMP events so the information is more specific + The event types are internal to Monit and unless you have used + either CHANGED or MATCH event in your alert filters, no change + is necessary (alerts are delivered as usual, the tests just use + different types internally). + +* Monit now generates a unique id on first start and store the id + in a permanent file. This id is used in protocol communication + between Monit and M/Monit to pair a Monit instance with it's + host entry in M/Monit. By default the id file is placed in + $HOME/.monit.id. The location can be changed by using the set + idfile statement, for example: + set idfile /var/monit.id + +* Monit now keep its service monitoring state even on Monit + restart. Previously Monit dropped the state when it was stopped + correctly. Services in manual monitoring mode will remember the + monitoring state across Monit restarts. If Monit is used in a + cluster, it is recommended to place the state file in a + temporary filesystem incase the primary machine will crash and + the the spare machine takeover, the state will be dropped on + reboot for the crashed machine and the services in manual + monitoring mode won't be started on reboot. For example the + "set statefile /tmp/monit.state" can be used to place the state + file in the /tmp/ filesystem. + +* Added a protocol test for testing the LMTP protocol. Thanks + to Fco. Javier Felix for patch. + +* Added the start delay option for daemon statement which allows + to pause Monit on its startup for a while. If monitored + services are started by init scripts in parallel on system + boot, Monit may be too fast and detect that the service is not + running (yet) and restart the service. Note that it's still + recommended Monit is setup to be responsible for service + startup (that is, don't use init to start Monit controlled + services, instead use Monit). This will ensure correct startup + without need for a start delay since Monit will have full + control of service startup. Many users start services from init + on boot anyway, so in such cases this option will solve their + problems. Default start delay is 0 which corresponds to the + current behavior. Example syntax which will make Monit wait one + minute before starting its first monitoring cycle: + --8<-- + set daemon 5 with start delay 60 + --8<-- + Thanks to Fco. Javier Felix for patch. + +* Added PAM support for Monit http interface authentication. Note + that PAM is not supported on all platforms - currently works on + Linux, Mac OS X, FreeBSD, NetBSD. Monit uses the PAM service "monit". + Here is a Monit PAM service example for Mac OS X which is able + to authenticate system users for Monit access - + /etc/pam.d/monit: + --8<-- + # monit: auth account password session + auth sufficient pam_securityserver.so + auth sufficient pam_unix.so + auth required pam_deny.so + account required pam_permit.so + --8<-- + And configuration for monitrc which allows only group admins + to access the http interface: + --8<-- + set httpd port 2812 allow @admin + --8<-- + See the PAM manual page for details on how to configure the PAM + service on your system and the available PAM plugins. Thanks to + Wilhelm Meier for patch. + +* Added more detailed reports for Monit resource tests on service + recovery. Thanks to Lars Kotthoff for patch. + +* Set locale to C. + +* Added a protocol test for testing the SIP protocol which is + used by popular communication servers such as Asterisk and + FreeSWITCH. We received two patches for this protocol and have + taken code from both and merged them. Many thanks to Bret + McDanel and to Pierrick Grasland for supplying the patches. + +* Added MONIT_DESCRIPTION to the list of environment variables + available to programs started by monit. Thanks to Morten + Bressendorff Schmidt for patch. + +* If a service group is specified for Monit CLI action, + Monit no longer requires the "all" verb, so the following + command is possible: + monit -g web stop + If group is not specified (i.e. the -g option is omitted), the + service name or "all" is still required as a safeguard. + +* Added an option to the 'set mailserver' statement so it is + possible to override the hostname used in SMTP EHLO/HELO and in + the Message-ID header when sending mail. Monit defaults to use + the localhost name. I.e. what you get when executing this + command 'uname -n'. Overriding the host name can be useful if + the host does not have a DNS entry and if the receiving + mailserver uses DNS verification as spam protection. The new + override option is: + set mailserver foo.bar.baz using hostname "my.monit.host" + +* A new EVENT_ACTION type was added which reports actions + performed on Monit's administrator request (either via web + interface or CLI). If you don't want to received these events, + you can set the mail-filter for "action" event type. + +* NOTA BENE: Monit start action is synchronous now. This improves + the startup sequence for dependent services, since Monit will + wait for parent service to start before trying to start the + child. + +* It is now possible to define execution timeout for start and + stop commands. That is, how long Monit will wait after + executing a command before it assume execution failed. If the + timeout option is omitted, Monit defaults to 30 seconds. You + can override the timeout for example for services which are + starting slower. + Example syntax: + start program = "/bin/foo start" with timeout 60 seconds + +* The event passed state is renamed to succeeded as this name + more reflects the state of things. + +* The device service test is renamed to filesystem. + +BUGFIXES: + +* Some linux virtualization platforms report CPU count as 0. + Monit then dynamically disabled CPU usage monitoring. In such + case we now override the CPU count from 0 to 1 so resource + usage monitoring can continue. Thanks to Jenny Hopkins for + report. + +* Increased the server socket backlog queue which will make Monit + able to handle more services. Thanks to Jochen Kramer. + +* Fixed #24866: Email messages such as: cpu wait usage check + succeeded [current cpu wait usage=17.4%] were displayed as + "...usage.4%". The problem was incorrect transfer + encoding header in the email (the body itself was OK). Thanks + to Dave Cheney for report. + +* When a Monit shutdown requested was issued while Monit were + working and testing services, Monit did not shutdown until all + work were done, i.e. until all services were tested. Monit will + now shutdown faster - as soon as it finish testing the current + service. + +* Monit blocked/unblocked SIGTERM, SIGINT SIGHUP and SIGUSR1 + signals during operation to protect certain code sections. When + a signal was sent during such a time, for example to stop + Monit, it was dropped and had to be retried in order to stop + Monit. This limitation is now removed and signals will be + processed at any time. Thanks to Nicola Tiling for report. + +* If the Monit httpd allow option did not include a + user:password, Monit CLI logged the following error (even if + the action was performed anyway): + Cleartext credentials needed for basic authorization! + This error was false - even access restriction based on + host/net is sufficient - user and password is just one of + possible options (not requirement). Thanks to Gilad Benjamini + for report. + +* Allow localhost as a value for the host header in the http + protocol test instead of setting an empty host header and let + the http server decide + +* The 'if changed checksum ...' test can now be used even if a + monitored file doesn't exist at Monit startup. Thanks to Joe + Shang for report. + +* If both event handlers (M/Monit and mail alerts) temporarily + failed at once and event queue was enabled, events will be + stored in the queue and delivered in the next cycle. However, a + bug caused delivery to be retried for every cycle for both + handlers if just one of them was recovered. Monit could then + deliver the same message multiple times until both handlers + recovered. The problem is now fixed and only one copy of the + event is sent even if only one handler did recover. + +* Make unit in size test optional and default to byte unless + specified. So it is possible to write, if size > 1000 then .. + +* Fixed handling of invalid input files in event queue handler. + Thanks to Fco.Javier Felix for patch. + +* Set the content type to text/html for Monit web interface POST + responses. Thanks to Rich Drummond for patch. + +* Fixed #23530: configure script will return error if bison, + byacc or yacc are not found at Monit compile time. + +* Fix CPU and memory monitoring on Solaris (it was disabled on + Monit start) + +* AIX fixes and extensions, Monit should run on AIX without + problems, including cpu, memory and filesystem monitoring + (tested with AIX 5.3). Thanks to Brian Downey for support + and help. + +* HP-UX fixes and extensions, Monit should run on HP-UX without + problems, including cpu, memory and filesystem monitoring. + Thanks to Brian Downey for support and help. + +* Fixed #23467: Don't exit, only issue a warning if the "include" + statement did not find any files to include. + +* Fixed #23530: Event queue did not work with the default + unlimited slots. + +* Fixed #23617: The process cpu usage is initializing in the + first cycle so the value is set to 0% - if the 'cpu usage < + xyz%' test was used to check that the process usage is higher + then given level, it was always true. Monit now skips the + process cpu usage check in the first cycle. + +* Make sure Monit alerts has a unique message id. Thanks to Steve + Purcell for report + +* Fixed possible crash when Monit is watching VPS environment on + Linux which reports number of CPUs as 0. Thanks to Marius + Schmidt for report. + +* Cleanup event states during a service stop/unmonitor so old + events are not sent when the service is started/monitored again. + +* Fixed #21989: Monit could start two instances of the process + when service restart is performed and the process is starting + slowly. Thanks to Nick Upson, Aaron Scamehorn and David Greaves + for report. + +* Fixed #21550: Fix crash when Monit event queue contained an + empty file. Thanks to Douglas J Hunley for report. + +* Fixed possible crash when the 'if changed checksum' test was + used along with restart action. Thanks to Brian Candler for + report. + +* Fixed #22075: Allow using a mail address as username when using + SMTP authentication. + +* Fixed #22191 and #19823: If the file content test does not match + anymore, reset the service error state. (Previous versions did + not clear the error state and kept showing a match in the status + listing and in the http interface). + +* The 'if changed size ...' test can now be used even if the + monitored file does not exist on monit's start. + +* If a htpasswd file is used to control Monit http interface + access and the hash type is set to MD5 but the file contains + wrong format (non-MD5), report the error and keep running. + Formerly Monit exited with an assert exception. Thanks to + Adrian Bridgett for report. + +BACKWARD INCOMPATIBLE CHANGES: +* The current CPU usage test which checked the cpu usage of the + process itself plus the cpu usage of child processes was + renamed to TOTALCPU (otherwise it works the same). The new CPU + usage test checks the CPU usage of the process itself only. + This change was introduced to align the syntax with MEMORY and + TOTALMEMORY tests and to allow to test the CPU usage of + processes which fork child processes but the user don't want to + include children (such as Mythtv). Users who are using the CPU + check for services like Apache webserver to watch total cpu + utilization (including children) should rename the CPU + statement in their configuration to TOTALCPU. + + +Version 4.10.1 + +BUGFIXES: +* Monit reported wrongly that an alert handler failed. This bug + was introduced in monit-4.10. + +* Fixed memory usage report on machines with more then 4GB + physical memory running Mac OS X. Thanks to Dave Cheney for + patch. + + +Version 4.10 + +NEW FEATURES AND FUNCTIONS: +* Monit from this version on is licensed under GPL version 3 + +* Added support for SMTP authentication and SSL for sending alerts. + Example syntax: + - plain authentication: + set mailserver + smtp.foo.bar username "user" password "secret" + - plain authentication with ssl: + set mailserver + smtp.foo.bar username "user" password "secret" using sslv3 + - plain authentication with tls: + set mailserver + smtp.foo.bar username "user" password "secret" using tlsv1 + Thanks to Thomas Lohmueller for patch. + +* Allow to set the location of monitrc using the 'configure --sysconfdir' + option during Monit compilation. Thanks to Klaus Heinz for patch. + +* Monit now log user action, requested via monit's http interface. + +* Monit http interface now use POST method for forms + (This change is transparent from the users point of view). + +* Monit ICMP echo/ping test now supports 20 echo requests per cycle at + maximum. + +* When Monit identifies a process as zombie, it continue monitoring + the process (formerly Monit disabled monitoring of the given service + and sent an alert since it was considered unmanageable). + +* Fixed #21447: Monit now adds a (dummy) Message-id header in alert + mails to prevent spam checkers to accidentally filter out Monit + alerts based on missing message-id. + +* Removed C99 particulars from Monit code to support non-C99 compilers. + +REMOVED FEATURE +* Removed support for local redirects in the HTTP protocol test. Users + must provide the correct path for the resource they want to test. + +BUGFIXES: +* Fixed a possible Monit crash on exit if a match rule was used and + referred a file containing multiple expressions. Thanks to Stephen + Dowdy for report. + +* Added patch from Klaus Heinz which fix a problem in the Log module + that had Monit using an uninitialized mutex after a monitrc reload. + +* Fixed a possible crash on Monit start when the Monit control file + contained exec action with argument longer then 256 bytes. Thanks + to Stevan Bajic for report. + +* Fixed linux 32-bit system CPU usage statistics (the fix in 4.9 was + incomplete). If a server had a long/large uptime and high load, the + reported CPU usage could be incorrect. Thanks to Aleksander for report. + +* Fixed a problem where Monit would incorrect display an error in the + web interface status page. This could occur if a service had failed, + Monit had reload and the state of the service had succeeded just after the + reload (for example due to changes of the configuration rules). Thanks to + Claus Klein for report and help with the patch. + +* Avoid filling the log with "pidfile does not contain a valid pidnumber" + entries during debug + +* Added patch from Dave Cheney, which fix and reactivate resource testing + for Mac OS X Tiger (Darwin 10.4.x). + +* Fix memory leak when regular expression is used in Monit configuration + and Monit is reloaded. Thanks to Josh Kelley for patch. + +* Allow the "if changed timestamp" test to refer to a non-existing file. + This could be useful if the service is monitored in non-active mode + and the file is expected to be created later. + +* When 'if match' statement was used with the path to the regex file + containing more then one line and the exec action was used for this + rule, then Monit failed to parse the configuration and refused to start. + Thanks to Nathan for report. + +* contrib/wap.php updated. Thanks to David Fletcher. + +* Fixed #21354: Usage of the IMAP Protocol test was impossible due to a small + typo in the control file parser and the test would fall back to DEFAULT. + Thanks to Wolfgang Breyha for reporting the bug. + + +Version 4.9 + +NEW FEATURES AND FUNCTIONS: +* The NOALERT statement added, which allows to disable the + alerts local for particular recipient and service. Useful + for example when you have alert recipient set globaly + but don't want to receive alerts for some part of services. + Syntax: + noalert + +* The ALERT statement was extended by the possibility to + negate the optional event filter. + Syntax: + [set] alert not '{' ... '}' + Example: + set alert user1@domain but not on { restart } + Will send all alerts to user1@domain for all services and + events except the restart event. Note that noise words + 'but' and 'on' are optional. + +* Report the optional arguments uid, gid, method timeout as + configured in Monit control file for start, stop programs + and exec action. + +* Monit will display just warning and will continue its + startup in the case that some hostname which is configured + in Monit control file is not resolvable during control + file parsing. + +* Reverse proxy support on Monit http interface added. Thanks + to Josh Kelley for patch. Sample proxy configuration for + Apache: + --8<-- + ProxyPass /monit/ http://localhost:2812/ + ProxyPassReverse /monit/ http://localhost:2812/ + + AllowOverride None + AuthType Basic + AuthName sysadmin + AuthUserFile /etc/httpd/passwd + require valid-user + + --8<-- + +* When the filesystem doesn't support inodes, then the + related information is not displayed in Monit http + interface in red font anymore (it highlighted this + informational state inappropriately). Thanks to + Aleksander for suggestion. + +BUGFIXES: +* Fix the unmonitor action, which didn't work when used in + Monit control file rules. Thanks to Jeffrey Gelens for report. + +* Fix the extra restart action which was called by monit + in addition to user requested start action of stopped + process. This didn't occurred in the case that the 'every' + statement was used on the service definition as well. Thanks + to Aaron Scamehorn for help. + +* Fix the possible crash when event queue was used and some + non-event file appeared the event queue. Thanks to Michal + Cihar for report. + +* Fix the -l command line option which was broken. Thanks to + Aaron Scamehorn for report. + +* Fix the linux 32-bit system CPU usage statistics. When + the server has big uptime and load, the reported cpu usage + may be incorrect. Thanks to Ron Avriel for patch, Matt + Corks and Aleksander for report. + +* Fix the Mac OS X CPU usage statistics. + +* Fix the Linux space usage statistics - the NFS volumes + space usage statistic was wrong. Thanks to Aaron Scamehorn + for help. + +* The UDP port test for all nondefault protocols, such as NTP, + DNS now measures the response time without extra 2 seconds + delay, which was added by generic check for UDP socket + readiness. When the non-default protocol is used in port test, + (i.e. 'protocol' option is used) this check is not needed. + When you will use the UDP port test without specifying the + protocol, the 2 seconds delay is still present, since when + Monit don't know how to speak to the server, it's hard to + test the UDP other way. + +* Fix the possible crash for Mac OS X Monit CLI commands such + as 'monit start service'. + +* Fix possible crash on Monit quit when Monit http thread was + configured in control file without the ACL. Thanks to Adam + Greene for report. + +* Fix the Monit crash when byacc was used for compiling 32-bit + Monit with large files support on linux. This issue didn't + happened when Monit was compiled with 64-bit support, or + recommended bison was used as parser generator during + compilation, or largefiles support was disabled. + +* Don't ask clients for certificate when certificate based + authentication was not enabled in Monit http interface. + Thanks to Guillaume Chaussy for report. + +* Fix minor memory leaks. + +* Don't print the 'via (UDP|TCP|TCPSSL)' for unix socket test + trace. + + +Version 4.8.2 + +NEW FEATURES AND FUNCTIONS: +* Added a filesystem flags change test. This test is implicit + for the 'device' service type and Monit will now send an + alert by default if flags were changed. This is useful for + example, if the filesystem has been remounted read-only, if + there are disk errors or if mount flags (e.g. nosuid) were + changed. It is possible to override the default (alert) + action by using this test: + if changed fsflags [ratio] then + +* Added Clamav protocol test by Debrard Sebastien + (sebastien debrard at strange-garden com) + +BUGFIXES: +* Improved the Monit http interface responsiveness on action + scheduling. + +* The SMTP protocol test now sends EHLO or HELO first when + testing the SMTP protocol as per RFC 2821. Thanks to Kevin + Maguire for bug report. + +* Fixed the Mac OS X 10.4.x / Darwin 8.x build and implemented + 'process memory usage' monitoring on this platform. + +* Fixed build on NetBSD 3.x + +* Fixed cpu usage statistics on Linux. + +* Fixed warnings logged on solaris when the ssh protocol test + was used to test Sun's version of sshd. + +* Fixed handling of >2GB files by using the Large File Support + API on platforms supporting this API. Thanks to Will Bryant + (will bryant at ecosm com) for providing a patch. + +* Fixed the possible monitoring state amnesia when Monit was + reloading just after the the service monitoring state was + changed. Thanks to Morten Laursen for report. - This file summarizes changes made since 3.0 Version 4.8.1 @@ -13,7 +609,7 @@ platforms as well. * Don't stop if there is no space on the filesystem where - the monit state file is placed. Thanks to Pavel Urban + the Monit state file is placed. Thanks to Pavel Urban (urbanp at mlp ,cz> for report. * Remove the false warning about TOTALMEMORY statement on @@ -28,7 +624,7 @@ (nonotats at asahi email ne jp) * Removed a feature introduced in 4.7 which tested that a - check-file, check-directory or check-fifo actually refered + check-file, check-directory or check-fifo actually refereed to an existing object of that type. Monit should not require these file objects to exist at startup. @@ -75,7 +671,7 @@ problem. * Ignore the process PID or PPID change when the service restart was - performed under monit control (the pid change is expected). + performed under Monit control (the pid change is expected). * Fix the support for PID and PPID change test custom event rate needed to trigger the action. Thanks to ( root at l8r net ) for report. @@ -114,18 +710,18 @@ if failed port 1521 protocol tns then alert * If the alert handler failed, e.g. because the mail server is down, - monit can optionally add events to a queue and try to deliver pending + Monit can optionally add events to a queue and try to deliver pending events at the next cycle or continue to try so until succeeded. To enable the event queue, use the 'set eventqueue' statement. Example: set eventqueue basedir /var/monit slots 5000 -* Send alerts when the monit agent stopped, started or reloaded. +* Send alerts when the Monit agent stopped, started or reloaded. * Monit now supports the event description macro $DESCRIPTION in the MAIL-FORMAT statement. It expands to the description - of the error condition, which was originaly placed under + of the error condition, which was originally placed under the default message body. The default message body now includes the new macro: --8<-- @@ -140,7 +736,7 @@ monit --8<-- -* Cleanup of items obsoleted since monit 4.0: +* Cleanup of items obsoleted since Monit 4.0: - monit -i option was removed - $PROGRAM mail-format macro was removed (use $SERVICE macro) - CPUUSAGE statement was removed (use CPU statement). @@ -154,8 +750,8 @@ support a directed acyclic graph (dag) structure of dependencies. Thanks to Philipp Berndt for the patch. -* If a file content test evaluate to true, monit will now send an - alert each time. In previous versions, monit only sent one alert +* If a file content test evaluate to true, Monit will now send an + alert each time. In previous versions, Monit only sent one alert on the first occurrence. Thanks to Peter Holik (peter AT holik!at) for reporting the problem. @@ -170,7 +766,7 @@ This should improve the speed and stability when reading from a network connection. -* Improved speed of several protocol tests. Previously monit would +* Improved speed of several protocol tests. Previously Monit would hang on read until timeout seconds when testing some protocols. Say thanks to Artyom Khafizov < afk at inbox!ru >. @@ -214,7 +810,7 @@ # You can also collect regexs in a file if match /etc/monit/active.regex then alert As shown, regex can be written directly in the control file or - collected in a separat file which monit will use. This feature + collected in a separate file which Monit will use. This feature depends on regex(7) and if not installed on the system, monit reverts to plain substring matching. The matching engine is fast and on par with more specialized log-scanning tools. @@ -229,7 +825,7 @@ * Support for optional error notification reminders. For those who wants to be notified several times that the service is still down, it is possible to specify the count of service failed cycles - after which monit will send another notification. The 'reminder' + after which Monit will send another notification. The 'reminder' option was added to both local and global alert definitions - example: set alert foo@bar with reminder on 10 cycles will send error notification each tenth cycle when the service @@ -237,20 +833,20 @@ on 1 cycle. Thanks to Pavel Urban for suggesting the feature. -* It is now possible to use the 'passed' keyword as alternative to the +* It is now possible to use the 'succeeded' keyword as alternative to the 'recovered' keyword in a recovery action section. * Support for fault tolerant monitoring added. You can now specify the event frequency before an action is conducted by monit. In some cases you will want to allow a certain level of events to occur before an error is raised. This feature is optional and if - not used, monit defaults to act on the first event as usual. Both - failed and passed actions may be restricted this way. Here's an + not used, Monit defaults to act on the first event as usual. Both + failed and succeeded actions may be restricted this way. Here's an example: check host foo.bar with address 192.168.1.1 if failed port 80 for 5 times within 8 cycles then exec '/my/script' - else if passed for 10 cycles then alert + else if succeeded for 10 cycles then alert BUGFIXES: * If kvm access on FreeBSD failed (for example because of environment @@ -264,7 +860,7 @@ to read all the data provided by the server. Thanks to Ben Hartshorne for reporting the problem. -* Fixed CIDR notation of monit http interface net allow option on +* Fixed CIDR notation of Monit http interface net allow option on little endian architectures. Thanks to Ben Hartshorne for reporting the problem. @@ -275,7 +871,7 @@ for reporting the problem. * Close included config files after parsing. Previous versions of - monit kept parsed include files open, which could create a problem + Monit kept parsed include files open, which could create a problem with unmount or removal of such files. Thanks to Martin Rueegg for reporting the problem. @@ -284,7 +880,7 @@ * Wait for complete SMTP server greeting in SMTP protocol test before sending QUIT to the server. Exim4 is sensible on the client-server - synchronization and the protocol test failed because monit was faster + synchronization and the protocol test failed because Monit was faster then expected. Thanks to Tadas Zelionis < tm at equs ! home ! lt > for reporting the bug. @@ -296,7 +892,7 @@ test. Thanks to Sebastien Debrard for reporting the problem. -* Readded the icmp ping vs. connection tests support. Now, if a ping test +* Re-added the icmp ping vs. connection tests support. Now, if a ping test is defined for the host and it fails we simply do not continue with testing any port connection tests because we assume the line is down. @@ -320,7 +916,7 @@ * Status summary support added. The 'monit summary' command can be used to obtain a quick overview of services handled by monit. Example output: - The monit daemon 4.5.1 uptime: 15m + The Monit daemon 4.5.1 uptime: 15m System 'foo' [0.16] [0.14] [0.09] Process 'slapd' running File 'slapd_bin' accessible @@ -351,11 +947,11 @@ and content == 'action="j_security_check"' then ... -* Added monit daemon incarnation identification to monit status. - It is a unique number based on the monit startup time and used - for identifying monit instances. +* Added Monit daemon incarnation identification to Monit status. + It is a unique number based on the Monit startup time and used + for identifying Monit instances. -* Added wap interface to monit (available in contrib/wap.php). +* Added wap interface to Monit (available in contrib/wap.php). Thanks to David Fletcher for contributing the PHP-script. @@ -369,13 +965,13 @@ allow 192.168.1.0/255.255.255.0 allow 10.0.0.0/8 -* Added process PID change test. The test is implicit and monit will +* Added process PID change test. The test is implicit and Monit will send an alert by default if the pid was changed. It is possible to override the default (alert) action by using this test; if changed pid then * Added a process PPID (parent pid) change test. The test is implicit - and monit will send an alert by default. It is possible to override + and Monit will send an alert by default. It is possible to override this default action by using this statement: if changed ppid then @@ -392,10 +988,10 @@ * Added NTP version 3 protocol test contributed by Michel Marti . -* Added support for monit daemon wakeup via its http interface. This +* Added support for Monit daemon wake-up via its http interface. This allows to remotely force a validation cycle start. The monit - daemon wakeup may be called by using the "/_validate" url (there is - also a button for this action on the monit http interface runtime page). + daemon wake-up may be called by using the "/_validate" url (there is + also a button for this action on the Monit http interface runtime page). Thanks to Leen Besselink for suggesting the feature. @@ -409,7 +1005,7 @@ problem and providing the patch. * Remove --without-accurate-mem-calcs and make it the default - behaviour. It appears that some of the info in the Linux 2.4 + behavior. It appears that some of the info in the Linux 2.4 kernel was suspect, and it's outright bogus in 2.6. * Fix process total memory usage (i.e process itself + children) @@ -438,11 +1034,11 @@ possible to set a mail servers port number specifically. If not used, the default port number is 25. -* Refactoring of monit HTTP interface's service state reporting. +* Refactoring of Monit HTTP interface's service state reporting. The state of any service's parameter is now reported by a red font in case of errors. -* The monit http server now presents data collected by the main +* The Monit http server now presents data collected by the main thread's last check cycle - it will not anymore gather the data itself. This makes the http request's response much faster and consistent with what the main thread thinks about the services @@ -452,7 +1048,7 @@ * Monitoring status now shows a 'initializing' value for services until data actually is collected. You can typically see this state before the first test cycle is finished and after monitoring was - enabled for given the service or immediately after monit startup. + enabled for given the service or immediately after Monit startup. * Display actual response time for ICMP Echo test in monit HTTP interface. @@ -484,7 +1080,7 @@ * Fixed assert in parser when using IF SIZE. Thanks to Andy for reporting the problem. -* Fixed race condition between threads during monit reload. +* Fixed race condition between threads during Monit reload. When a service stop was issued from the http interface during monit reload, a race condition and crash could occur. Monit will now not anymore accept connections to its http interface during reload. @@ -492,10 +1088,10 @@ reporting the problem. * Fixed double free of memory in http engine which can lead to - monit stack corruption and freeze or crash of monit during + Monit stack corruption and freeze or crash of Monit during reload. -* Fixed possible monit crash on opteron based systems. Thanks to Hans +* Fixed possible Monit crash on opteron based systems. Thanks to Hans Rauch for reporting the problem. * Return the base status page URL in case an action was called @@ -510,7 +1106,7 @@ * If a checksum test was specified for file, display the actual checksum for the monitored file in monit's HTTP interface. - If a checksum failure occures, highligth the bad value by red font + If a checksum failed event occures, highlight the bad value by red font and display a warning message in the service status field. Thanks to Vlada Macek for reporting the problem. @@ -531,18 +1127,18 @@ * Fixes for Sun Forte C compiler support. -* Fixed compile-time warning for the 64-bit monit version. Thanks +* Fixed compile-time warning for the 64-bit Monit version. Thanks to Pavel Urban for reporting the problem. * Minor simplification of internal service control interface. -* Log the start of monit http thread each time. During monit +* Log the start of Monit http thread each time. During monit reload this was not the message related to the http start log entry. -* In the case that monit was reloaded and some service was in failed +* In the case that Monit was reloaded and some service was in failed state in the same moment, reset the error flag as soon as the service will recover after reload. Previous version kept the error flag though - the service recovered until another failed&passed pair occured. + the service recovered until another failed&succeeded pair occurred. * If a service is not monitored, or if a monitored object doesn't exist or the data gathering failed, display the state description in @@ -562,10 +1158,10 @@ HTTP interface. * Event messages were consolidated to contain the related service name on - the beggining of the message. + the beginning of the message. * Process resource engine was partly rewritten. It includes code clean up - and seperation of output data and data gathering. + and separation of output data and data gathering. * Fixed width of html output in monit's http interface. @@ -579,17 +1175,17 @@ NEW FEATURES AND FUNCTIONS: * Event engine was refactored. Monit now supports events of - FAILED and PASSED types, thus it is able to handle any state + FAILED and SUCCEEDED types, thus it is able to handle any state change. Monit will send alert on recovery by default for all event types, except the case, when the monitored service doesn't exist or the type of service is invalid - in such case - will monit involve service restart by default. Alerts are sent - once (on state change only). It is possible to optionaly select + will Monit involve service restart by default. Alerts are sent + once (on state change only). It is possible to optional select the action on recovery. General syntax: IF rule THEN action [ELSE IF RECOVERED THEN action] * Monit now supports variable and constant tests. Constant - tests are related to failed/passed state. Variable tests beggins + tests are related to failed/succeeded state. Variable tests begins with 'IF CHANGED' statement and serves for monitoring of object changes. You can use it just for alert or to involve some automatic action, as for example to reload monitored process after its @@ -606,12 +1202,12 @@ CHANGED, DATA, EXEC, INVALID, NONEXIST, CHECKSUM, ... } For example in the case that monitored process is not running, - monit will generate NONEXIST event. In the case that it is not - possible to access process' data, monit will generate DATA event. + Monit will generate NONEXIST event. In the case that it is not + possible to access process' data, Monit will generate DATA event. In the case that the execution of start or stop program failed, - monit will generate EXEC event. In the case that monitored file - is not regular file, monit will generate INVALID event. CHANGED - event is generated in the case that monit is configured to watch + Monit will generate EXEC event. In the case that monitored file + is not regular file, Monit will generate INVALID event. CHANGED + event is generated in the case that Monit is configured to watch variable object changes (for example configuration file timestamp). * Monit now reports action in addition to the event description in @@ -646,13 +1242,13 @@ It affects following construct: CHECK FILE httpd.conf WITH PATH /usr/local/apache/conf/httpd.conf IF FAILED CHECKSUM THEN EXEC "/usr/local/apache/bin/apachectl graceful" - In previous monit version this configuration caused the apache reload + In previous Monit version this configuration caused the apache reload on monitored configuration file change. Then the value was reseted so - the test passed next cycles until the file was changed again. Refactored + the test succeeded next cycles until the file was changed again. Refactored event engine monitors for checksum value recovery, i.e whether it changed to the original value - in such case it will evaluate recovery action, otherwise the test keeps failed state. Because the value in this - usage context will not correspond to the original, monit will evaluate + usage context will not correspond to the original, Monit will evaluate action (reload apache) each cycle until the checksum will recover (which is unlikely for configuration file). New syntax have to be used for the same result: @@ -681,7 +1277,7 @@ interface output. Thanks to Peter Holdaway for reporting the problem. -* Using CRLF in the monit control file created problems during +* Using CRLF in the Monit control file created problems during parsing. Carriage Return (\r) is now ignored in the monitrc control file. Thanks to Michael Shigorin for reporting and demonstrating the problem. @@ -693,16 +1289,16 @@ reported by "Matthew Murphy" : Error: Possible off-By-One write when handling HTTP POST body Vulnerability: Possible buffer overflow in Basic Auth. handling - The vulnerability exist in previous monit releases down to the 1.4 - release. This issue affect previous monit releases if monit is + The vulnerability exist in previous Monit releases down to the 1.4 + release. This issue affect previous Monit releases if Monit is started with http server support. * This release also patch a thread race condition that could lead to an assert exception. Reported by Peter Holdaway. The problem - manifested when monit was asked to start a program that did not - start (for some reason) and a monit reload or a monit exit was + manifested when Monit was asked to start a program that did not + start (for some reason) and a Monit reload or a Monit exit was issued before Poll time had elapsed. This problem will not occur - during normal usage of monit, where monit is started and left to + during normal usage of monit, where Monit is started and left to run by itself. @@ -712,16 +1308,16 @@ * Support for file inclusion in the control file (monitrc). Syntax: include globstring - This function allows for the monit control file to be split up into + This function allows for the Monit control file to be split up into several fragments and (for example) collected into a monitrc.d directory. A proof of the concept can be found here: http://people.altlinux.ru/~homyakov/packages/monit/ -* monit now prints its status in text and in xml format via this URL: +* Monit now prints its status in text and in xml format via this URL: http://localhost:2812/_status?format=xml and http://localhost:2812/_status?format=text -* In addition to MD5 checksums monit now supports SHA1 checksums for +* In addition to MD5 checksums Monit now supports SHA1 checksums for files and HTTP requests. * Services not monitored does not have their status displayed in the @@ -729,7 +1325,7 @@ * Support for httpd server version signature hiding. Syntax: signature [enable|disable] - By default the monit httpd server will show its version in the + By default the Monit httpd server will show its version in the header. BACKWARD INCOMPATIBLE CHANGES: @@ -737,11 +1333,11 @@ is defunct and replaced with the new URL described above. * The 'monit status' command reports general status overview only and - status is only available if the monit daemon runs. + status is only available if the Monit daemon runs. * Service names in the .monitrc control file is not allowed to start with a slash '/', because such service names cannot be viewed - properly in the monit web interface. + properly in the Monit web interface. BUGFIXES: * Ring move protection added to process tree code. There was a rare loop @@ -758,8 +1354,8 @@ * Also fixed a problem with locked mutex across a fork on Solaris (and probably other OS other than Linux v. 2.4 with a "real" thread implementation). The problem manifest itself (infrequently) by - monit not beeing able to start a requested program and the forked - monit process hanging on a mutex. Thanks to Peter Holdaway + Monit not being able to start a requested program and the forked + Monit process hanging on a mutex. Thanks to Peter Holdaway for discovering the problem and for providing a patch that fixed the problem. @@ -784,9 +1380,9 @@ word on the beginning of this standalone statement. The simplest example: set alert sysadmin@bar -* monit now print error and log messages to the standard file +* Monit now print error and log messages to the standard file descriptors (1,2) even if they do not referee to a tty. This change - allows output to be redirected to a non-tty at monit startup. For + allows output to be redirected to a non-tty at Monit startup. For instance: monit 1>/dev/null 2>/path/monit.err BUGFIXES: @@ -802,9 +1398,9 @@ by Evgeny Legerov : Vulnerability 1: Long http method stack overflow Vulnerability 2: Denial of Service via negative Content-Length field - These vulnerabilities exist in previous monit releases down to the - 1.4 release. This issue only affect previous monit releases if - monit is started with http server support. + These vulnerabilities exist in previous Monit releases down to the + 1.4 release. This issue only affect previous Monit releases if + Monit is started with http server support. Version 4.1 @@ -822,12 +1418,12 @@ Crypt, MD5 and cleartext passwords are supported. * From this release on, it is possible to define more than one SMTP - server monit should use for sending alert messages. If monit cannot + server Monit should use for sending alert messages. If Monit cannot connect to the first SMTP server it will try the second in the list and so on. * Added SMTP server connect and read timeout. Monit has a default 5 - seconds timeout and if the SMTP server is slow, monit could timeout + seconds timeout and if the SMTP server is slow, Monit could timeout when connecting or reading from the server. It's is now possible to explicit set the timeout to a higher value. @@ -840,28 +1436,28 @@ * Support for read-only user access added to web interface -* PHP "proxy" script for accessing the monit web pages via port 80 +* PHP "proxy" script for accessing the Monit web pages via port 80 using a regular http server, such as apache httpd. Contributed by David Fletcher . See the contrib/ directory. BUGFIXES: * Alert limitation implemented; Monit will only raise one alert when an error situation occurs and *not* repeatedly send error messages - for the same problem. When the error has gone, monit resets and + for the same problem. When the error has gone, Monit resets and will raise a new alert if the error should reoccur. Consider: if cpu > 50% then alert Monit will now only raise one alert if the cpu usage goes beyond 50% and, as long as the process uses more than 50% cpu no more - error alerts are sent. When usage drops below 50% monit will reset + error alerts are sent. When usage drops below 50% Monit will reset and again send a new alert if usage should raise above 50% again. - Previous versions of monit did not have this feature and + Previous versions of Monit did not have this feature and continuously sent alerts as long as the test validated to true. This change does not only applies to cpu test but also to memory tests, size and space tests and timestamp tests. The bottom line is that you will no longer get many duplicate alerts for the same problem. -* Don't print html tags to the console on shutdown when monit runs in +* Don't print html tags to the console on shutdown when Monit runs in init mode (-I). * Monit now supports logging via multilog when running via @@ -872,7 +1468,7 @@ to a parse error if this alert statement was used, 'alert on { resource }' -* Fixed the bug that caused monit not to unmonitor all depending +* Fixed the bug that caused Monit not to unmonitor all depending services when a unmonitor action was executed. Thanks to Marco Bisioli for providing the bugfix. @@ -881,7 +1477,7 @@ * Fixed a bug that allowed duplicate entries under certain circumstances in the control file. -* In the case that SSL client certificate is not defined, monit will +* In the case that SSL client certificate is not defined, Monit will not print error message @@ -936,7 +1532,7 @@ * A new 'exec' action was added for all service test types (such as the timestamp, resource, checksum, space, etc.) The exec statement is used to execute an arbitrary program as an action if the test - validates to true. It is possible to run this program optionaly as + validates to true. It is possible to run this program optionally as a specified user and with a specified group id. See manual for the new syntax. For instance to reload apache if the httpd.conf file was changed: @@ -957,7 +1553,7 @@ starting monitoring of this service. You can also enable or disable service monitoring from the console or from the web interface. -* It is possible to set message facility in the case that monit logs +* It is possible to set message facility in the case that Monit logs via syslog. * This release supports a native RDATE test. Thanks to Francois @@ -966,7 +1562,7 @@ * This release supports a native RSYNC test. Thanks to Igor Homyakov -* Programs executed by monit, now has several monit specific +* Programs executed by monit, now has several Monit specific environment variables available, which they may utilize for various purposes. A list of the available variables can be found in the documentation. @@ -984,7 +1580,7 @@ * Resource monitoring can be turned off in the configure stage of compilation. -* Fixed monit rc script and monit.spec +* Fixed Monit rc script and monit.spec * This release introduces AIX and OpenBSD support and generic support for unknown operating systems. Thanks to Richard @@ -994,13 +1590,13 @@ * HP/UX support brought to the same state like all other operating systems. -* The monit httpd server now logs denied client connections. If a +* The Monit httpd server now logs denied client connections. If a client is not allowed to connect to the server the connect attempt will be logged including the client's ip-address. A failed attempt to log in via basic authentication is also logged with the clients ip-address. -* The monit httpd server is rewritten to use non-blocking i/o. +* The Monit httpd server is rewritten to use non-blocking i/o. BACKWARD INCOMPATIBLE CHANGES: * The service names are no longer restricted by reserved names. @@ -1057,7 +1653,7 @@ of $SERVICE is highly recommended because it is more relevant. * The option -i was removed because it was useless. Note: option - -I which is used for monit starting under init's control is not + -I which is used for Monit starting under init's control is not affected by this change. BUGFIXES: @@ -1089,8 +1685,8 @@ first 31 characters of 32 possible. * This release utilize a state file to save significant process data. - This allows data to be persistent and survive a monit reload and - let monit recover from a crash and pick up without losing the + This allows data to be persistent and survive a Monit reload and + let Monit recover from a crash and pick up without losing the process state. * The network code was rewritten to use a more modern non-blocing @@ -1102,32 +1698,32 @@ fixed and cleaned up by introducing (more) thread blocks in the code, thus making the code more reentrant. -* Fixed the problem, where monit identified a running process as non- +* Fixed the problem, where Monit identified a running process as non- running. Thanks to Shannon E. Reall for reporting the problem. * Monit does not use /proc/kcore on Linux anymore. This makes it - possible to use monit on a 2.4 kernel with the grsecurity patch and + possible to use Monit on a 2.4 kernel with the grsecurity patch and on a 2.6 kernel with architectures such as ARM. Thanks to Arkadiusz Miskiewicz for reporting the problem and providing the patch. -* Fixed race condition related to monit httpd server stop. Monit now +* Fixed race condition related to Monit httpd server stop. Monit now waits for its httpd to terminate gracefully before freeing memory and closing filedescriptors. * Fixed race condition related to SIGINT and SIGTERM signals which - if catched during monit exit phase can cause recurrent exit handler + if catched during Monit exit phase can cause recurrent exit handler call. -* Don't try to stop monit httpd and close daemon related files if monit +* Don't try to stop Monit httpd and close daemon related files if monit was not started in daemon mode and received SIGTERM or SIGINT. Version 3.2 * This release include documentation on how to setup a simple - failsafe cluster with monit and Heartbeat, see also: + failsafe cluster with Monit and Heartbeat, see also: http://www.tildeslash.com/monit/monit.html#monit%20with%20heartbeat Thanks to Oliver Jehle . @@ -1135,22 +1731,22 @@ Automatic reload based on monit's control file timestamp is now defunct. -* New monit command 'reload' is added. If used, it will reinitialize - a running monit daemon (send it the SIGHUP signal). +* New Monit command 'reload' is added. If used, it will reinitialize + a running Monit daemon (send it the SIGHUP signal). -* A new monit option '-t' is added. If used, monit will run a syntax +* A new Monit option '-t' is added. If used, Monit will run a syntax check for the control file and exit with the status. * The ssl version for TCPSSL tests can now explicitly be set if auto- detection should fail. (Thanks to Mark Foster for - the bugreport) + the bug report) * This release supports a native LDAPv2 and LDAPv3 tests. Both tests are based on anonymous bind. * This release supports a native DWP (database wire protocol) test. -* Restart method added to monit httpd cervlet +* Restart method added to Monit httpd cervlet * HP/UX support was added. Thanks to Joe Bryant . @@ -1182,7 +1778,7 @@ * Three monitoring modes are now supported. In addition to the standard active mode (equals obsolete autostart=yes) and passive mode (equals obsolete autostart=no) there is a new manual mode, - which allows monit to work as a simple process monitor in a + which allows Monit to work as a simple process monitor in a clustered environment. Thanks to Oliver Jehle for the proposal and helping with the patch. @@ -1196,16 +1792,16 @@ * This release supports timestamp monitoring for files and for directories. -* If start and/or stop programs are not defined, monit will act as in - passive mode, that is, monit will send alert message in case of +* If start and/or stop programs are not defined, Monit will act as in + passive mode, that is, Monit will send alert message in case of service failure. Previous release did nothing in such cases. -* This release reloads monit httpd if the interface where monit httpd +* This release reloads Monit httpd if the interface where Monit httpd listens for connection was changed in monitrc (don't require monit's restart) -* If a SIGHUP signal is sent to a monit daemon it will reload - itself. This is useful if you use a monit log file and need to +* If a SIGHUP signal is sent to a Monit daemon it will reload + itself. This is useful if you use a Monit log file and need to rotate the log, for instance with the logrotate program. @@ -1213,9 +1809,9 @@ * A new feature to check and utilize systems and process information is introduced with this release. With this feature you can get an - alert or monit will stop or restart programs based on their process - characteristic. E.g. if a process is using to much memory you can - get an alert, or if a process is using to much CPU monit can auto- + alert or Monit will stop or restart programs based on their process + characteristic. E.g. if a process is using too much memory you can + get an alert, or if a process is using too much CPU Monit can auto- matically restart the program. Please have a look in the document- ation to learn more about this new feature. @@ -1225,13 +1821,13 @@ * To protect the security of your control file and passwords the control file must have permissions no more than 0700 (u=xrw,g=,o=); - monit will complain and exit otherwise. + Monit will complain and exit otherwise. * This release support up to 64 arguments for the start and stop programs. Previous versions supported only 2 arguments. -* If monit fails to execute a start or stop program, monit will now - send an alert message. Previously, monit only logged a message if +* If Monit fails to execute a start or stop program, Monit will now + send an alert message. Previously, Monit only logged a message if it failed to execute a program. * This release makes use of autoheader and config.h. Thanks to Mark diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/collector.c /tmp/QeMlhPoI46/monit-5.0.3/collector.c --- monit-4.8.1/collector.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/collector.c 2009-04-20 20:39:36.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -42,11 +52,11 @@ /** - * Connect to a data collector server and send event or status message. + * Connect to a data collector servlet and send event or status message. * * @author Martin Pala, * - * @version \$Id: collector.c,v 1.12 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: collector.c,v 1.30 2009/04/17 16:20:00 martinp Exp $ * * @file */ @@ -55,79 +65,64 @@ /* -------------------------------------------------------------- Prototypes */ -static int data_send(Collector_T, char *); -static int data_check(Collector_T); +static int data_send(Mmonit_T, char *); +static int data_check(Mmonit_T); /* ------------------------------------------------------------------ Public */ /** - * Post event or status data message to the collector + * Post event or status data message to mmonit * @param E An event object or NULL for status data - * @return If failed, return HANDLER_COLLECTOR flag or HANDLER_PASSED flag if passed + * @return If failed, return HANDLER_MMONIT flag or HANDLER_SUCCEEDED flag if succeeded */ -int handle_collector(Event_T E) { - +int handle_mmonit(Event_T E) { char *D = NULL; - Collector_T C = Run.collectors; - sigset_t ns; - sigset_t os; - int rv = HANDLER_PASSED; - - /* The event is send to the collector just once - only in the case - * that the state changed/matched */ - if(!C || (!E->state_changed && (E->id != EVENT_CHANGED || E->id != EVENT_MATCH))) - { + Mmonit_T C = Run.mmonits; + int rv = HANDLER_SUCCEEDED; + + /* The event is sent to mmonit just once - only in the case that the state changed */ + if(!C || (E && !E->state_changed)) return rv; - } - set_signal_block(&ns, &os); + while(!(C->socket = socket_create_t(C->url->hostname, C->url->port, SOCKET_TCP, C->ssl, C->timeout))) { + LogError("M/Monit: cannot open a connection to %s -- %s\n", C->url->url, STRERROR); - while(!(C->socket= - socket_create_t(C->url->hostname, C->url->port, SOCKET_TCP, C->ssl, C->timeout) - )) - { - LogError("Collector: cannot open a connection to %s -- %s\n", - C->url->url, STRERROR); - - if((C= C->next)) - { - LogInfo("Collector: trying next server %s\n", C->url->url); + if((C = C->next)) { + LogInfo("M/Monit: trying next server %s\n", C->url->url); continue; - } - else - { - LogError("Collector: no server available\n"); - rv = HANDLER_COLLECTOR; + } else { + LogError("M/Monit: no server available\n"); + rv = HANDLER_MMONIT; goto exit2; } } D = status_xml(E, LEVEL_FULL); - if(!data_send(C, D)) - { - LogError("Collector: communication failure\n"); - rv = HANDLER_COLLECTOR; + if(!data_send(C, D)) { + LogError("M/Monit: communication failed\n"); + rv = HANDLER_MMONIT; goto exit1; } - if(!data_check(C)) - { - LogError("Collector: communication failure\n"); - rv = HANDLER_COLLECTOR; + + /* Close write part of socket to indicate to M/Monit that message was sent + and stop M/Monit XML parser from waiting for more data */ + socket_shutdown_write(C->socket); + + if(!data_check(C)) { + LogError("M/Monit: communication failed (%s message)\n", E ? "event" : "status"); + rv = HANDLER_MMONIT; goto exit1; } - DEBUG("Collector: %s message send to %s\n", E?"event":"status", C->url->url); + DEBUG("M/Monit: %s message sent to %s\n", E ? "event" : "status", C->url->url); exit1: FREE(D); if(C->socket) - { socket_free(&C->socket); - } exit2: - unset_signal_block(&os); return rv; } @@ -137,16 +132,15 @@ /** * Send message to the server - * @param C An collector object + * @param C An mmonit object * @param D Data to send * @return TRUE if the message sending succeeded otherwise FALSE */ -static int data_send(Collector_T C, char *D) { - +static int data_send(Mmonit_T C, char *D) { int rv; char *auth; - auth = Util_getBasicAuthHeader(); + auth = Util_getBasicAuthHeader(C->url->user, C->url->password); rv = socket_print(C->socket, "POST %s HTTP/1.1\r\n" "Host: %s:%d\r\n" @@ -166,10 +160,8 @@ auth?auth:"", D); FREE(auth); - if(rv <0) - { - LogError("Collector: error sending data to %s -- %s\n", - C->url->url, STRERROR); + if(rv <0) { + LogError("M/Monit: error sending data to %s -- %s\n", C->url->url, STRERROR); return FALSE; } return TRUE; @@ -178,25 +170,22 @@ /** * Check that the server returns a valid HTTP response - * @param C An collector object + * @param C An mmonit object * @return TRUE if the response is valid otherwise FALSE */ -static int data_check(Collector_T C) { - +static int data_check(Mmonit_T C) { int n; int status; char buf[STRLEN]; if(!socket_readln(C->socket, buf, sizeof(buf))) { - LogError("Collector: error receiving data from %s -- %s\n", - C->url->url, STRERROR); + LogError("M/Monit: error receiving data from %s -- %s\n", C->url->url, STRERROR); return FALSE; } Util_chomp(buf); n = sscanf(buf, "%*s %d", &status); if(n != 1 || (status >= 400)) { - LogError("Collector: message sending failed to %s -- %s\n", - C->url->url, buf); + LogError("M/Monit: message sending failed to %s -- %s\n", C->url->url, buf); return FALSE; } return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/config.h.in /tmp/QeMlhPoI46/monit-5.0.3/config.h.in --- monit-4.8.1/config.h.in 2006-05-16 20:16:24.000000000 +0100 +++ monit-5.0.3/config.h.in 2009-05-28 22:48:01.000000000 +0100 @@ -28,6 +28,9 @@ /* Define to 1 if CPU wait information is available. */ #undef HAVE_CPU_WAIT +/* Define to 1 if you have the header file. */ +#undef HAVE_CRT_EXTERNS_H + /* Define to 1 if you have the header file. */ #undef HAVE_CRYPT_H @@ -85,6 +88,12 @@ /* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL +/* Define to 1 if you have the `pam' library (-lpam). */ +#undef HAVE_LIBPAM + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIBPERFSTAT_H + /* Define to 1 if you have the `resolv' library (-lresolv). */ #undef HAVE_LIBRESOLV @@ -158,6 +167,9 @@ /* Define to 1 if you have openssl. */ #undef HAVE_OPENSSL +/* Define to 1 if you have the header file. */ +#undef HAVE_PAM_PAM_APPL_H + /* Define to 1 if you have the header file. */ #undef HAVE_PROCFS_H @@ -176,6 +188,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_REGEX_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SECURITY_PAM_APPL_H + /* Define to 1 if you have the header file. */ #undef HAVE_SETJMP_H @@ -228,6 +243,9 @@ /* Define to 1 if `tm_gmtoff' is member of `struct tm'. */ #undef HAVE_STRUCT_TM_TM_GMTOFF +/* Define to 1 if you have the `syslog' function. */ +#undef HAVE_SYSLOG + /* Define to 1 if you have the header file. */ #undef HAVE_SYSLOG_H @@ -240,6 +258,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_DKSTAT_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_DK_H + /* Define to 1 if you have the header file. */ #undef HAVE_SYS_FILIO_H @@ -285,6 +306,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SOCKET_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STATFS_H + /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STATVFS_H @@ -294,6 +318,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SYSCTL_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_SYSTEMCFG_H + /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TIME_H @@ -309,6 +336,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_USER_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_UTSNAME_H + /* Define to 1 if you have the header file. */ #undef HAVE_SYS_VFS_H @@ -357,6 +387,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_VM_VM_OBJECT_H +/* Define to 1 if you have the `vsyslog' function. */ +#undef HAVE_VSYSLOG + /* Define to 1 if `fork' works. */ #undef HAVE_WORKING_FORK @@ -422,6 +455,12 @@ `char[]'. */ #undef YYTEXT_POINTER +/* Number of bits in a file offset, on hosts where this is settable. */ +#undef _FILE_OFFSET_BITS + +/* Define for large files, on AIX-style hosts. */ +#undef _LARGE_FILES + /* Define to empty if `const' does not conform to ANSI C. */ #undef const diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/configure /tmp/QeMlhPoI46/monit-5.0.3/configure --- monit-4.8.1/configure 2006-05-16 20:16:25.000000000 +0100 +++ monit-5.0.3/configure 2009-05-28 22:48:01.000000000 +0100 @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.ac Revision: 1.137 . +# From configure.ac Revision: 1.194 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59d for monit 4.8.1. +# Generated by GNU Autoconf 2.61 for monit 5.0.3. # # Report bugs to . # @@ -13,7 +13,8 @@ ## M4sh Initialization. ## ## --------------------- ## -# Be Bourne compatible +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: @@ -22,10 +23,13 @@ alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac + case `(set -o) 2>/dev/null` in + *posix*) set -o posix ;; +esac + fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh + + # PATH needs CR @@ -218,7 +222,7 @@ else as_candidate_shells= as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in /usr/bin/posix$PATH_SEPARATOR/bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. @@ -233,10 +237,9 @@ for as_shell in $as_candidate_shells $SHELL; do - # Try only shells which exist, to save several forks. - if test -f $as_shell && - { ($as_shell) 2> /dev/null <<\_ASEOF -# Be Bourne compatible + # Try only shells that exist, to save several forks. + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { ("$as_shell") 2> /dev/null <<\_ASEOF if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: @@ -245,18 +248,19 @@ alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac + case `(set -o) 2>/dev/null` in + *posix*) set -o posix ;; +esac + fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh + : _ASEOF }; then CONFIG_SHELL=$as_shell as_have_required=yes - if { $as_shell 2> /dev/null <<\_ASEOF -# Be Bourne compatible + if { "$as_shell" 2> /dev/null <<\_ASEOF if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: @@ -265,10 +269,12 @@ alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac + case `(set -o) 2>/dev/null` in + *posix*) set -o posix ;; +esac + fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh + : (as_func_return () { @@ -460,7 +466,7 @@ } -if (dirname -- /) >/dev/null 2>&1; then +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false @@ -515,19 +521,28 @@ as_mkdir_p=false fi -# Find out whether ``test -x'' works. Don't use a zero-byte file, as -# systems may use methods other than mode bits to determine executability. -cat >conf$$.file <<_ASEOF -#! /bin/sh -exit 0 -_ASEOF -chmod +x conf$$.file -if test -x conf$$.file >/dev/null 2>&1; then - as_executable_p="test -x" +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' else - as_executable_p=: + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' fi -rm -f conf$$.file +as_executable_p=$as_test_x # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -560,44 +575,44 @@ # Identity of this package. PACKAGE_NAME='monit' PACKAGE_TARNAME='monit' -PACKAGE_VERSION='4.8.1' -PACKAGE_STRING='monit 4.8.1' +PACKAGE_VERSION='5.0.3' +PACKAGE_STRING='monit 5.0.3' PACKAGE_BUGREPORT='monit-general@nongnu.org' ac_unique_file="monitor.c" # Factoring default headers for most tests. ac_includes_default="\ #include -#if HAVE_SYS_TYPES_H +#ifdef HAVE_SYS_TYPES_H # include #endif -#if HAVE_SYS_STAT_H +#ifdef HAVE_SYS_STAT_H # include #endif -#if STDC_HEADERS +#ifdef STDC_HEADERS # include # include #else -# if HAVE_STDLIB_H +# ifdef HAVE_STDLIB_H # include # endif #endif -#if HAVE_STRING_H -# if !STDC_HEADERS && HAVE_MEMORY_H +#ifdef HAVE_STRING_H +# if !defined STDC_HEADERS && defined HAVE_MEMORY_H # include # endif # include #endif -#if HAVE_STRINGS_H +#ifdef HAVE_STRINGS_H # include #endif -#if HAVE_INTTYPES_H +#ifdef HAVE_INTTYPES_H # include #endif -#if HAVE_STDINT_H +#ifdef HAVE_STDINT_H # include #endif -#if HAVE_UNISTD_H +#ifdef HAVE_UNISTD_H # include #endif" @@ -653,17 +668,15 @@ INSTALL_DATA SET_MAKE LEX -LEXLIB LEX_OUTPUT_ROOT +LEXLIB YACC -YFLAGS LIBOBJS NEED_SETGID KMEM_GROUP GETLOADAVG_LIBS EXTERNALS ARCH -PROCARCH sslincldir ssllibdir LTLIBOBJS' @@ -674,10 +687,9 @@ CC CFLAGS LDFLAGS +LIBS CPPFLAGS -CPP -YACC -YFLAGS' +CPP' # Initialize some variables set by options. @@ -783,10 +795,10 @@ -disable-* | --disable-*) ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null && + expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid feature name: $ac_feature" >&2 { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/-/_/g'` + ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` eval enable_$ac_feature=no ;; -docdir | --docdir | --docdi | --doc | --do) @@ -802,10 +814,10 @@ -enable-* | --enable-*) ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null && + expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid feature name: $ac_feature" >&2 { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/-/_/g'` + ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` eval enable_$ac_feature=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ @@ -999,19 +1011,19 @@ -with-* | --with-*) ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null && + expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid package name: $ac_package" >&2 { (exit 1); exit 1; }; } - ac_package=`echo $ac_package| sed 's/-/_/g'` + ac_package=`echo $ac_package | sed 's/[-.]/_/g'` eval with_$ac_package=\$ac_optarg ;; -without-* | --without-*) ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null && + expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid package name: $ac_package" >&2 { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/-/_/g'` + ac_package=`echo $ac_package | sed 's/[-.]/_/g'` eval with_$ac_package=no ;; --x) @@ -1180,7 +1192,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures monit 4.8.1 to adapt to many kinds of systems. +\`configure' configures monit 5.0.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1241,14 +1253,19 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of monit 4.8.1:";; + short | recursive ) echo "Configuration of monit 5.0.3:";; esac cat <<\_ACEOF +Optional Features: + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --disable-largefile omit support for large files + Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --without-resource disable resouce monitoring (default: enabled) + --without-largefiles disable large files support (default: enabled) --without-ssl disable the use of ssl (default: enabled) --with-ssl-dir=DIR location of SSL installation --with-ssl-incl-dir=DIR location of installed SSL include files @@ -1259,14 +1276,10 @@ CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory + LIBS libraries to pass to the linker, e.g. -l CPPFLAGS C/C++/Objective C preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor - YACC The `Yet Another C Compiler' implementation to use. Defaults to - the first program found out of: `bison -y', `byacc', `yacc'. - YFLAGS The list of arguments that will be passed by default to $YACC. - This script will default YFLAGS to the empty string to avoid a - default value of `-d' given by some make applications. Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. @@ -1279,7 +1292,7 @@ if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue - test -d $ac_dir || continue + test -d "$ac_dir" || continue ac_builddir=. case "$ac_dir" in @@ -1316,12 +1329,12 @@ cd "$ac_dir" || { ac_status=$?; continue; } # Check for guested configure. - if test -f $ac_srcdir/configure.gnu; then + if test -f "$ac_srcdir/configure.gnu"; then echo && - $SHELL $ac_srcdir/configure.gnu --help=recursive - elif test -f $ac_srcdir/configure; then + $SHELL "$ac_srcdir/configure.gnu" --help=recursive + elif test -f "$ac_srcdir/configure"; then echo && - $SHELL $ac_srcdir/configure --help=recursive + $SHELL "$ac_srcdir/configure" --help=recursive else echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? @@ -1332,8 +1345,8 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -monit configure 4.8.1 -generated by GNU Autoconf 2.59d +monit configure 5.0.3 +generated by GNU Autoconf 2.61 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. @@ -1346,8 +1359,8 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by monit $as_me 4.8.1, which was -generated by GNU Autoconf 2.59d. Invocation command line was +It was created by monit $as_me 5.0.3, which was +generated by GNU Autoconf 2.61. Invocation command line was $ $0 $@ @@ -1407,7 +1420,6 @@ ac_configure_args= ac_configure_args0= ac_configure_args1= -ac_sep= ac_must_keep_next=false for ac_pass in 1 2 do @@ -1440,9 +1452,7 @@ -* ) ac_must_keep_next=true ;; esac fi - ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'" - # Get rid of the leading space. - ac_sep=" " + ac_configure_args="$ac_configure_args '$ac_arg'" ;; esac done @@ -1506,6 +1516,9 @@ for ac_var in $ac_subst_vars do eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac echo "$ac_var='\''$ac_val'\''" done | sort echo @@ -1520,6 +1533,9 @@ for ac_var in $ac_subst_files do eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac echo "$ac_var='\''$ac_val'\''" done | sort echo @@ -1606,8 +1622,8 @@ { echo "$as_me:$LINENO: loading cache $cache_file" >&5 echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in - [\\/]* | ?:[\\/]* ) . $cache_file;; - *) . ./$cache_file;; + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; esac fi else @@ -1727,7 +1743,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="${ac_tool_prefix}gcc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -1767,7 +1783,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_ac_ct_CC="gcc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -1824,7 +1840,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="${ac_tool_prefix}cc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -1865,7 +1881,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -1923,7 +1939,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -1967,7 +1983,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_ac_ct_CC="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2020,36 +2036,37 @@ # Provide some information about the compiler. echo "$as_me:$LINENO: checking for C compiler version" >&5 ac_compiler=`set X $ac_compile; echo $2` -{ (eval echo "$as_me:$LINENO: \"$ac_compiler --version >&5\"") >&5 - (eval $ac_compiler --version >&5) 2>&5 +{ (ac_try="$ac_compiler --version >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compiler --version >&5") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } -{ (eval echo "$as_me:$LINENO: \"$ac_compiler -v >&5\"") >&5 - (eval $ac_compiler -v >&5) 2>&5 +{ (ac_try="$ac_compiler -v >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compiler -v >&5") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } -{ (eval echo "$as_me:$LINENO: \"$ac_compiler -V >&5\"") >&5 - (eval $ac_compiler -V >&5) 2>&5 +{ (ac_try="$ac_compiler -V >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compiler -V >&5") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } - -# List of possible output files. We want to start from the most likely, -# but we have to check foo.exe before foo, because Cygwin `test -f' looks -# also for foo.exe. b.out is created by i960 compilers. -# As a last resort, we also try wildcards: `conftest.*' and `a.*'. -# But we are not allowed to rm a.*, and we do not want always remove -# conftest.*, so we will list them literally, when appropriate. -ac_outfiles="a_out.exe a.out conftest.exe conftest a.exe b.out" - -# The IRIX 6 linker writes into existing files which may not be -# executable, retaining their permissions. Remove them first so a -# subsequent execution test works. -rm -f $ac_outfiles conftest.* - cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF @@ -2065,41 +2082,82 @@ return 0; } _ACEOF - ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files $ac_outfiles" - -# The following tests should remove their output except files matching conftest.*. +ac_clean_files="$ac_clean_files a.out a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. { echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6; } ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` +# +# List of possible output files, starting from the most likely. +# The algorithm is not robust to junk in `.', hence go to wildcards (a.*) +# only as a last resort. b.out is created by i960 compilers. +ac_files='a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out' +# +# The IRIX 6 linker writes into existing files which may not be +# executable, retaining their permissions. Remove them first so a +# subsequent execution test works. +ac_rmfiles= +for ac_file in $ac_files +do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; + * ) ac_rmfiles="$ac_rmfiles $ac_file";; + esac +done +rm -f $ac_rmfiles -if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5 - (eval $ac_link_default) 2>&5 +if { (ac_try="$ac_link_default" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link_default") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then - for ac_file in $ac_outfiles a.* conftest.* NO + # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. +# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' +# in a Makefile. We should not override ac_cv_exeext if it was cached, +# so that the user can short-circuit this test for compilers unknown to +# Autoconf. +for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; - * ) break;; + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + then :; else + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + fi + # We set ac_cv_exeext here because the later test for it is not + # safe: cross compilers may not add the suffix if given an `-o' + # argument, so we may need to know it at that point already. + # Even if this section looks crufty: it has the advantage of + # actually working. + break;; + * ) + break;; esac done -if test "$ac_file" = NO; then - { { echo "$as_me:$LINENO: error: no output file found -See \`config.log' for more details." >&5 -echo "$as_me: error: no output file found -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - +test "$ac_cv_exeext" = no && ac_cv_exeext= else + ac_file='' +fi + +{ echo "$as_me:$LINENO: result: $ac_file" >&5 +echo "${ECHO_T}$ac_file" >&6; } +if test -z "$ac_file"; then echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 @@ -2110,8 +2168,8 @@ { (exit 77); exit 77; }; } fi -{ echo "$as_me:$LINENO: result: $ac_file" >&5 -echo "${ECHO_T}$ac_file" >&6; } +ac_exeext=$ac_cv_exeext + # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. { echo "$as_me:$LINENO: checking whether the C compiler works" >&5 @@ -2120,8 +2178,12 @@ # If not cross compiling, check that we can run a simple program. if test "$cross_compiling" != yes; then if { ac_try='./$ac_file' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -2143,9 +2205,10 @@ { echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6; } -# Clean up; list also $ac_file, in case it matched a wildcard entry. -rm -f $ac_outfiles $ac_file - +rm -f a.out a.exe conftest$ac_cv_exeext b.out +ac_clean_files=$ac_clean_files_save +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. { echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6; } { echo "$as_me:$LINENO: result: $cross_compiling" >&5 @@ -2153,64 +2216,72 @@ { echo "$as_me:$LINENO: checking for suffix of executables" >&5 echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6; } -if test "${ac_cv_exeext+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then - # If both `conftest.exe' and `conftest' are `present' (well, observable), - # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will - # work properly (i.e., refer to `conftest.exe'), while it won't with `rm'. - for ac_file in conftest.exe conftest conftest.* NO; do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; - *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - break;; - * ) break;; - esac - done - if test "$ac_file" = NO; then - { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: no output file found -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of executables: no output file found -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - - # Clean up; list also $ac_file, in case it matched conftest.*. - rm -f $ac_outfiles $ac_file - + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + break;; + * ) break;; + esac +done else { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link See \`config.log' for more details." >&5 echo "$as_me: error: cannot compute suffix of executables: cannot compile and link See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } - fi - -fi +rm -f conftest$ac_cv_exeext { echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 echo "${ECHO_T}$ac_cv_exeext" >&6; } + +rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT - - -ac_clean_files=$ac_clean_files_save - { echo "$as_me:$LINENO: checking for suffix of object files" >&5 echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6; } if test "${ac_cv_objext+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - rm -f conftest.o conftest.obj -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.o conftest.obj +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then @@ -2233,14 +2304,12 @@ { (exit 1); exit 1; }; } fi +rm -f conftest.$ac_cv_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 echo "${ECHO_T}$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT - - -rm -f conftest.* { echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; } if test "${ac_cv_c_compiler_gnu+set}" = set; then @@ -2265,26 +2334,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_compiler_gnu=yes else echo "$as_me: failed program was:" >&5 @@ -2293,7 +2358,7 @@ ac_compiler_gnu=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi @@ -2327,26 +2392,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_prog_cc_g=yes else echo "$as_me: failed program was:" >&5 @@ -2369,26 +2430,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : else echo "$as_me: failed program was:" >&5 @@ -2412,26 +2469,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_prog_cc_g=yes else echo "$as_me: failed program was:" >&5 @@ -2440,13 +2493,13 @@ fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 @@ -2511,6 +2564,11 @@ that's true only with -std. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) 'x' +int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; + int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; @@ -2530,26 +2588,22 @@ do CC="$ac_save_CC $ac_arg" rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_prog_cc_c89=$ac_arg else echo "$as_me: failed program was:" >&5 @@ -2558,7 +2612,7 @@ fi -rm -f conftest.err conftest.$ac_objext +rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext @@ -2627,24 +2681,22 @@ #endif Syntax error _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then : else echo "$as_me: failed program was:" >&5 @@ -2666,24 +2718,22 @@ /* end confdefs.h. */ #include _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then # Broken: success on invalid input. continue else @@ -2736,24 +2786,22 @@ #endif Syntax error _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then : else echo "$as_me: failed program was:" >&5 @@ -2775,24 +2823,22 @@ /* end confdefs.h. */ #include _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then # Broken: success on invalid input. continue else @@ -2847,7 +2893,7 @@ for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_executable_p "$ac_path_GREP"; } || continue + { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in @@ -2873,7 +2919,7 @@ # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done - rm -f conftest.*;; + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac @@ -2929,7 +2975,7 @@ for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_executable_p "$ac_path_EGREP"; } || continue + { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in @@ -2955,7 +3001,7 @@ # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done - rm -f conftest.*;; + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac @@ -3039,29 +3085,35 @@ fi ac_aux_dir= -for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do - if test -f $ac_dir/install-sh; then +for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do + if test -f "$ac_dir/install-sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break - elif test -f $ac_dir/install.sh; then + elif test -f "$ac_dir/install.sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break - elif test -f $ac_dir/shtool; then + elif test -f "$ac_dir/shtool"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/shtool install -c" break fi done if test -z "$ac_aux_dir"; then - { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5 -echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;} + { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" >&5 +echo "$as_me: error: cannot find install-sh or install.sh in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" >&2;} { (exit 1); exit 1; }; } fi -ac_config_guess="$SHELL $ac_aux_dir/config.guess" -ac_config_sub="$SHELL $ac_aux_dir/config.sub" -ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure. + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or @@ -3099,7 +3151,7 @@ # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. @@ -3145,25 +3197,25 @@ { echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5 echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6; } -set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y,:./+-,___p_,'` +set x ${MAKE-make}; ac_make=`echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: - @echo 'ac_maketemp=X"$(MAKE)"' + @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF # GNU make sometimes prints "make[1]: Entering...", which would confuse us. -eval `${MAKE-make} -f conftest.make 2>/dev/null | grep temp=` -if test "$ac_maketemp" != X ; then - eval ac_cv_prog_make_${ac_make}_set=yes -else - eval ac_cv_prog_make_${ac_make}_set=no -fi +case `${MAKE-make} -f conftest.make 2>/dev/null` in + *@@@%%%=?*=@@@%%%*) + eval ac_cv_prog_make_${ac_make}_set=yes;; + *) + eval ac_cv_prog_make_${ac_make}_set=no;; +esac rm -f conftest.make fi -if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then +if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6; } SET_MAKE= @@ -3191,7 +3243,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_LEX="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3216,178 +3268,108 @@ done test -n "$LEX" || LEX=":" -if test -z "$LEXLIB" -then - { echo "$as_me:$LINENO: checking for yywrap in -lfl" >&5 -echo $ECHO_N "checking for yywrap in -lfl... $ECHO_C" >&6; } -if test "${ac_cv_lib_fl_yywrap+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lfl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" +if test "x$LEX" != "x:"; then + cat >conftest.l <<_ACEOF +%% +a { ECHO; } +b { REJECT; } +c { yymore (); } +d { yyless (1); } +e { yyless (input () != 0); } +f { unput (yytext[0]); } +. { BEGIN INITIAL; } +%% +#ifdef YYTEXT_POINTER +extern char *yytext; #endif -char yywrap (); int -main () +main (void) { -return yywrap (); - ; - return 0; + return ! yylex () + ! yywrap (); } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 +{ (ac_try="$LEX conftest.l" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$LEX conftest.l") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_lib_fl_yywrap=yes + (exit $ac_status); } +{ echo "$as_me:$LINENO: checking lex output file root" >&5 +echo $ECHO_N "checking lex output file root... $ECHO_C" >&6; } +if test "${ac_cv_prog_lex_root+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_lib_fl_yywrap=no +if test -f lex.yy.c; then + ac_cv_prog_lex_root=lex.yy +elif test -f lexyy.c; then + ac_cv_prog_lex_root=lexyy +else + { { echo "$as_me:$LINENO: error: cannot find output from $LEX; giving up" >&5 +echo "$as_me: error: cannot find output from $LEX; giving up" >&2;} + { (exit 1); exit 1; }; } fi - -rm -f conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_fl_yywrap" >&5 -echo "${ECHO_T}$ac_cv_lib_fl_yywrap" >&6; } -if test $ac_cv_lib_fl_yywrap = yes; then - LEXLIB="-lfl" -else - { echo "$as_me:$LINENO: checking for yywrap in -ll" >&5 -echo $ECHO_N "checking for yywrap in -ll... $ECHO_C" >&6; } -if test "${ac_cv_lib_l_yywrap+set}" = set; then +{ echo "$as_me:$LINENO: result: $ac_cv_prog_lex_root" >&5 +echo "${ECHO_T}$ac_cv_prog_lex_root" >&6; } +LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root + +if test -z "${LEXLIB+set}"; then + { echo "$as_me:$LINENO: checking lex library" >&5 +echo $ECHO_N "checking lex library... $ECHO_C" >&6; } +if test "${ac_cv_lib_lex+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ll $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char yywrap (); -int -main () -{ -return yywrap (); - ; - return 0; -} + ac_save_LIBS=$LIBS + ac_cv_lib_lex='none needed' + for ac_lib in '' -lfl -ll; do + LIBS="$ac_lib $ac_save_LIBS" + cat >conftest.$ac_ext <<_ACEOF +`cat $LEX_OUTPUT_ROOT.c` _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_lib_l_yywrap=yes + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_lex=$ac_lib else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_lib_l_yywrap=no + fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS + test "$ac_cv_lib_lex" != 'none needed' && break + done + LIBS=$ac_save_LIBS + fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_l_yywrap" >&5 -echo "${ECHO_T}$ac_cv_lib_l_yywrap" >&6; } -if test $ac_cv_lib_l_yywrap = yes; then - LEXLIB="-ll" +{ echo "$as_me:$LINENO: result: $ac_cv_lib_lex" >&5 +echo "${ECHO_T}$ac_cv_lib_lex" >&6; } + test "$ac_cv_lib_lex" != 'none needed' && LEXLIB=$ac_cv_lib_lex fi -fi - -fi - -if test "x$LEX" != "x:"; then - { echo "$as_me:$LINENO: checking lex output file root" >&5 -echo $ECHO_N "checking lex output file root... $ECHO_C" >&6; } -if test "${ac_cv_prog_lex_root+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # The minimal lex program is just a single line: %%. But some broken lexes -# (Solaris, I think it was) want two %% lines, so accommodate them. -cat >conftest.l <<_ACEOF -%% -%% -_ACEOF -{ (eval echo "$as_me:$LINENO: \"$LEX conftest.l\"") >&5 - (eval $LEX conftest.l) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -if test -f lex.yy.c; then - ac_cv_prog_lex_root=lex.yy -elif test -f lexyy.c; then - ac_cv_prog_lex_root=lexyy -else - { { echo "$as_me:$LINENO: error: cannot find output from $LEX; giving up" >&5 -echo "$as_me: error: cannot find output from $LEX; giving up" >&2;} - { (exit 1); exit 1; }; } -fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_lex_root" >&5 -echo "${ECHO_T}$ac_cv_prog_lex_root" >&6; } -rm -f conftest.l -LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root { echo "$as_me:$LINENO: checking whether yytext is a pointer" >&5 echo $ECHO_N "checking whether yytext is a pointer... $ECHO_C" >&6; } @@ -3395,36 +3377,33 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else # POSIX says lex can declare yytext either as a pointer or an array; the -# default is implementation-dependent. Figure out which it is, since +# default is implementation-dependent. Figure out which it is, since # not all implementations provide the %pointer and %array declarations. ac_cv_prog_lex_yytext_pointer=no -echo 'extern char *yytext;' >>$LEX_OUTPUT_ROOT.c ac_save_LIBS=$LIBS -LIBS="$LIBS $LEXLIB" +LIBS="$LEXLIB $ac_save_LIBS" cat >conftest.$ac_ext <<_ACEOF +#define YYTEXT_POINTER 1 `cat $LEX_OUTPUT_ROOT.c` _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_prog_lex_yytext_pointer=yes else echo "$as_me: failed program was:" >&5 @@ -3433,10 +3412,9 @@ fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_save_LIBS -rm -f "${LEX_OUTPUT_ROOT}.c" fi { echo "$as_me:$LINENO: result: $ac_cv_prog_lex_yytext_pointer" >&5 @@ -3448,6 +3426,7 @@ _ACEOF fi +rm -f conftest.l $LEX_OUTPUT_ROOT.c fi if test "$LEX" != flex; then @@ -3455,7 +3434,7 @@ echo "$as_me: error: monit requires flex, not lex" >&2;} { (exit 1); exit 1; }; } fi -for ac_prog in 'bison -y' byacc +for ac_prog in 'bison -y' byacc yacc do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 @@ -3473,7 +3452,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; }; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_YACC="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3496,8 +3475,12 @@ test -n "$YACC" && break done -test -n "$YACC" || YACC="yacc" +if test "x$YACC" = "x"; then + { { echo "$as_me:$LINENO: error: monit requires bison, byacc or yacc" >&5 +echo "$as_me: error: monit requires bison, byacc or yacc" >&2;} + { (exit 1); exit 1; }; } +fi # ------------------------------------------------------------------------ # Libraries @@ -3535,26 +3518,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_socket_socket=yes else echo "$as_me: failed program was:" >&5 @@ -3563,7 +3543,7 @@ ac_cv_lib_socket_socket=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -3609,26 +3589,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_inet_socket=yes else echo "$as_me: failed program was:" >&5 @@ -3637,7 +3614,7 @@ ac_cv_lib_inet_socket=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -3683,26 +3660,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_nsl_inet_addr=yes else echo "$as_me: failed program was:" >&5 @@ -3711,7 +3685,7 @@ ac_cv_lib_nsl_inet_addr=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -3757,26 +3731,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_resolv_inet_aton=yes else echo "$as_me: failed program was:" >&5 @@ -3785,7 +3756,7 @@ ac_cv_lib_resolv_inet_aton=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -3831,26 +3802,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_crypt_crypt=yes else echo "$as_me: failed program was:" >&5 @@ -3859,7 +3827,7 @@ ac_cv_lib_crypt_crypt=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -3875,6 +3843,77 @@ fi +{ echo "$as_me:$LINENO: checking for pam_start in -lpam" >&5 +echo $ECHO_N "checking for pam_start in -lpam... $ECHO_C" >&6; } +if test "${ac_cv_lib_pam_pam_start+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpam $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pam_start (); +int +main () +{ +return pam_start (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_pam_pam_start=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_pam_pam_start=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_pam_pam_start" >&5 +echo "${ECHO_T}$ac_cv_lib_pam_pam_start" >&6; } +if test $ac_cv_lib_pam_pam_start = yes; then + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBPAM 1 +_ACEOF + + LIBS="-lpam $LIBS" + +fi + + # Wacky pthread madness pthread_libs="" { echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5 @@ -3907,26 +3946,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_pthread_pthread_create=yes else echo "$as_me: failed program was:" >&5 @@ -3935,7 +3971,7 @@ ac_cv_lib_pthread_pthread_create=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -3975,26 +4011,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_c_r_pthread_create=yes else echo "$as_me: failed program was:" >&5 @@ -4003,7 +4036,7 @@ ac_cv_lib_c_r_pthread_create=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -4048,26 +4081,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_header_stdc=yes else echo "$as_me: failed program was:" >&5 @@ -4076,7 +4105,7 @@ ac_cv_header_stdc=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. @@ -4157,13 +4186,22 @@ } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -4223,26 +4261,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_header_sys_wait_h=yes else echo "$as_me: failed program was:" >&5 @@ -4251,7 +4285,7 @@ ac_cv_header_sys_wait_h=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_header_sys_wait_h" >&5 echo "${ECHO_T}$ac_cv_header_sys_wait_h" >&6; } @@ -4278,38 +4312,48 @@ #include #if defined S_ISBLK && defined S_IFDIR -# if S_ISBLK (S_IFDIR) -You lose. -# endif +extern char c1[S_ISBLK (S_IFDIR) ? -1 : 1]; #endif #if defined S_ISBLK && defined S_IFCHR -# if S_ISBLK (S_IFCHR) -You lose. -# endif +extern char c2[S_ISBLK (S_IFCHR) ? -1 : 1]; #endif #if defined S_ISLNK && defined S_IFREG -# if S_ISLNK (S_IFREG) -You lose. -# endif +extern char c3[S_ISLNK (S_IFREG) ? -1 : 1]; #endif #if defined S_ISSOCK && defined S_IFREG -# if S_ISSOCK (S_IFREG) -You lose. -# endif +extern char c4[S_ISSOCK (S_IFREG) ? -1 : 1]; #endif _ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "You lose" >/dev/null 2>&1; then - ac_cv_header_stat_broken=yes -else +rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_header_stat_broken=no +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_header_stat_broken=yes fi -rm -f conftest* +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_header_stat_broken" >&5 echo "${ECHO_T}$ac_cv_header_stat_broken" >&6; } @@ -4346,26 +4390,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_header_time=yes else echo "$as_me: failed program was:" >&5 @@ -4374,7 +4414,7 @@ ac_cv_header_time=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 echo "${ECHO_T}$ac_cv_header_time" >&6; } @@ -4417,26 +4457,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 @@ -4445,7 +4481,7 @@ eval "$as_ac_Header=no" fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_Header'}'` { echo "$as_me:$LINENO: result: $ac_res" >&5 @@ -4524,12 +4560,22 @@ + + + + + + + + + for ac_header in \ alloca.h \ arpa/inet.h \ asm/page.h \ asm/param.h \ cf.h \ + crt_externs.h \ ctype.h \ crypt.h \ dirent.h \ @@ -4540,10 +4586,12 @@ grp.h \ kvm.h \ kstat.h \ + libperfstat.h \ limits.h \ loadavg.h \ locale.h \ mach/host_info.h \ + mach/mach.h \ mach/mach_host.h \ memory.h \ mntent.h \ @@ -4551,11 +4599,13 @@ sys/socket.h \ netinet/in.h \ netinet/in_systm.h \ + pam/pam_appl.h \ procfs.h \ procinfo.h \ pthread.h \ pwd.h \ regex.h \ + security/pam_appl.h \ setjmp.h \ signal.h \ stdarg.h \ @@ -4565,6 +4615,7 @@ stropts.h \ sys/cfgodm.h \ sys/cfgdb.h \ + sys/dk.h \ sys/dkstat.h \ sys/filio.h \ sys/ioctl.h \ @@ -4577,11 +4628,14 @@ sys/pstat.h \ sys/queue.h \ sys/resource.h \ + sys/statfs.h \ sys/statvfs.h \ + sys/systemcfg.h \ sys/time.h \ sys/tree.h \ sys/types.h \ sys/un.h \ + sys/utsname.h \ sys/vmmeter.h \ sys/vfs.h \ syslog.h \ @@ -4615,26 +4669,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -4643,7 +4693,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -4658,24 +4708,22 @@ /* end confdefs.h. */ #include <$ac_header> _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -4772,26 +4820,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 @@ -4800,7 +4844,7 @@ eval "$as_ac_Header=no" fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_Header'}'` { echo "$as_me:$LINENO: result: $ac_res" >&5 @@ -4855,26 +4899,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 @@ -4883,7 +4923,7 @@ eval "$as_ac_Header=no" fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_Header'}'` { echo "$as_me:$LINENO: result: $ac_res" >&5 @@ -4930,26 +4970,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 @@ -4958,7 +4994,7 @@ eval "$as_ac_Header=no" fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_Header'}'` { echo "$as_me:$LINENO: result: $ac_res" >&5 @@ -5022,26 +5058,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 @@ -5050,7 +5082,7 @@ eval "$as_ac_Header=no" fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_Header'}'` { echo "$as_me:$LINENO: result: $ac_res" >&5 @@ -5094,26 +5126,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 @@ -5122,7 +5150,7 @@ eval "$as_ac_Header=no" fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_Header'}'` { echo "$as_me:$LINENO: result: $ac_res" >&5 @@ -5176,26 +5204,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 @@ -5204,7 +5228,7 @@ eval "$as_ac_Header=no" fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_Header'}'` { echo "$as_me:$LINENO: result: $ac_res" >&5 @@ -5245,26 +5269,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_type_mode_t=yes else echo "$as_me: failed program was:" >&5 @@ -5273,7 +5293,7 @@ ac_cv_type_mode_t=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_type_mode_t" >&5 echo "${ECHO_T}$ac_cv_type_mode_t" >&6; } @@ -5312,26 +5332,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_type_pid_t=yes else echo "$as_me: failed program was:" >&5 @@ -5340,7 +5356,7 @@ ac_cv_type_pid_t=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_type_pid_t" >&5 echo "${ECHO_T}$ac_cv_type_pid_t" >&6; } @@ -5379,26 +5395,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_type_size_t=yes else echo "$as_me: failed program was:" >&5 @@ -5407,7 +5419,7 @@ ac_cv_type_size_t=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5 echo "${ECHO_T}$ac_cv_type_size_t" >&6; } @@ -5446,26 +5458,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_type_pid_t=yes else echo "$as_me: failed program was:" >&5 @@ -5474,7 +5482,7 @@ ac_cv_type_pid_t=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_type_pid_t" >&5 echo "${ECHO_T}$ac_cv_type_pid_t" >&6; } @@ -5511,26 +5519,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_type_signal=int else echo "$as_me: failed program was:" >&5 @@ -5539,7 +5543,7 @@ ac_cv_type_signal=void fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_type_signal" >&5 echo "${ECHO_T}$ac_cv_type_signal" >&6; } @@ -5568,32 +5572,30 @@ int main () { -struct tm *tp; tp->tm_sec; +struct tm tm; + int *p = &tm.tm_sec; + return !p; ; return 0; } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_struct_tm=time.h else echo "$as_me: failed program was:" >&5 @@ -5602,7 +5604,7 @@ ac_cv_struct_tm=sys/time.h fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_struct_tm" >&5 echo "${ECHO_T}$ac_cv_struct_tm" >&6; } @@ -5637,26 +5639,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_member_struct_tm_tm_gmtoff=yes else echo "$as_me: failed program was:" >&5 @@ -5680,26 +5678,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_member_struct_tm_tm_gmtoff=yes else echo "$as_me: failed program was:" >&5 @@ -5708,10 +5702,10 @@ ac_cv_member_struct_tm_tm_gmtoff=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_member_struct_tm_tm_gmtoff" >&5 echo "${ECHO_T}$ac_cv_member_struct_tm_tm_gmtoff" >&6; } @@ -5749,10 +5743,10 @@ #ifndef __cplusplus /* Ultrix mips cc rejects this. */ typedef int charset[2]; - const charset x; + const charset cs; /* SunOS 4.1.1 cc rejects this. */ - char const *const *ccp; - char **p; + char const *const *pcpcc; + char **ppc; /* NEC SVR4.0.2 mips cc rejects this. */ struct point {int x, y;}; static struct point const zero = {0,0}; @@ -5761,11 +5755,11 @@ an arm of an if-expression whose if-part is not a constant expression */ const char *g = "string"; - ccp = &g + (g ? g-g : 0); + pcpcc = &g + (g ? g-g : 0); /* HPUX 7.0 cc rejects these. */ - ++ccp; - p = (char**) ccp; - ccp = (char const *const *) p; + ++pcpcc; + ppc = (char**) pcpcc; + pcpcc = (char const *const *) ppc; { /* SCO 3.2v4 cc rejects this. */ char *t; char const *s = 0 ? (char *) 0 : (char const *) 0; @@ -5792,7 +5786,7 @@ const int foo = 10; if (!foo) return 0; } - return !x[0] && !zero.x; + return !cs[0] && !zero.x; #endif ; @@ -5800,26 +5794,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_c_const=yes else echo "$as_me: failed program was:" >&5 @@ -5828,7 +5818,7 @@ ac_cv_c_const=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5 echo "${ECHO_T}$ac_cv_c_const" >&6; } @@ -5858,7 +5848,8 @@ int main () { -#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN +#if ! (defined BYTE_ORDER && defined BIG_ENDIAN && defined LITTLE_ENDIAN \ + && BYTE_ORDER && BIG_ENDIAN && LITTLE_ENDIAN) bogus endian macros #endif @@ -5867,26 +5858,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then # It does; now see whether it defined to BIG_ENDIAN or not. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ @@ -5909,26 +5896,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_c_bigendian=yes else echo "$as_me: failed program was:" >&5 @@ -5937,7 +5920,7 @@ ac_cv_c_bigendian=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 @@ -5967,26 +5950,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then ac_cv_c_bigendian=yes fi @@ -6005,7 +5984,7 @@ fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ @@ -6032,13 +6011,22 @@ } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -6057,7 +6045,7 @@ fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5 echo "${ECHO_T}$ac_cv_c_bigendian" >&6; } @@ -6102,36 +6090,33 @@ cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ -$ac_includes_default +#include int main () { -error_at_line (0, 0, "", 0, ""); +error_at_line (0, 0, "", 0, "an error occurred"); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_error_at_line=yes else echo "$as_me: failed program was:" >&5 @@ -6140,7 +6125,7 @@ ac_cv_lib_error_at_line=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_lib_error_at_line" >&5 @@ -6181,26 +6166,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -6209,7 +6190,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -6224,24 +6205,22 @@ /* end confdefs.h. */ #include <$ac_header> _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -6361,26 +6340,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -6389,7 +6365,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -6431,13 +6407,22 @@ } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -6493,7 +6478,7 @@ /* Thanks to Paul Eggert for this test. */ $ac_includes_default #include -#if HAVE_VFORK_H +#ifdef HAVE_VFORK_H # include #endif /* On some sparc systems, changes by the child to local and incoming @@ -6581,13 +6566,22 @@ } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -6663,26 +6657,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -6691,7 +6681,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -6706,24 +6696,22 @@ /* end confdefs.h. */ #include <$ac_header> _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -6801,7 +6789,7 @@ cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ -#if STDC_HEADERS || HAVE_STDLIB_H +#if defined STDC_HEADERS || defined HAVE_STDLIB_H # include #else char *malloc (); @@ -6816,13 +6804,22 @@ } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -6893,19 +6890,28 @@ /* Linux will dereference the symlink and fail. That is better in the sense that it means we will not have to compile and use the lstat wrapper. */ - return lstat ("conftest.sym/", &sbuf) != 0; + return lstat ("conftest.sym/", &sbuf) == 0; ; return 0; } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -6974,13 +6980,22 @@ } _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -7069,26 +7084,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -7097,7 +7109,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -7140,26 +7152,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_intl_strftime=yes else echo "$as_me: failed program was:" >&5 @@ -7168,7 +7177,7 @@ ac_cv_lib_intl_strftime=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -7240,26 +7249,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -7268,7 +7274,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -7337,26 +7343,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -7365,7 +7368,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -7434,26 +7437,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -7462,7 +7462,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -7531,26 +7531,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -7559,7 +7556,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -7574,22 +7571,12 @@ done - -# Check if we do need external GNU replacements -ac_have_func=no # yes means we've found a way to get the load average. - -# Make sure getloadavg.c is where it belongs, at configure-time. -test -f "$srcdir/$ac_config_libobj_dir/getloadavg.c" || - { { echo "$as_me:$LINENO: error: $srcdir/$ac_config_libobj_dir/getloadavg.c is missing" >&5 -echo "$as_me: error: $srcdir/$ac_config_libobj_dir/getloadavg.c is missing" >&2;} - { (exit 1); exit 1; }; } - -ac_save_LIBS=$LIBS - -# Check for getloadavg, but be sure not to touch the cache variable. -({ echo "$as_me:$LINENO: checking for getloadavg" >&5 -echo $ECHO_N "checking for getloadavg... $ECHO_C" >&6; } -if test "${ac_cv_func_getloadavg+set}" = set; then +for ac_func in syslog +do +as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` +{ echo "$as_me:$LINENO: checking for $ac_func" >&5 +echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } +if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF @@ -7598,12 +7585,12 @@ cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ -/* Define getloadavg to an innocuous variant, in case declares getloadavg. +/* Define $ac_func to an innocuous variant, in case declares $ac_func. For example, HP-UX 11i declares gettimeofday. */ -#define getloadavg innocuous_getloadavg +#define $ac_func innocuous_$ac_func /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getloadavg (); below. + which can conflict with char $ac_func (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ @@ -7613,7 +7600,7 @@ # include #endif -#undef getloadavg +#undef $ac_func /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC @@ -7621,66 +7608,64 @@ #ifdef __cplusplus extern "C" #endif -char getloadavg (); +char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ -#if defined __stub_getloadavg || defined __stub___getloadavg +#if defined __stub_$ac_func || defined __stub___$ac_func choke me #endif int main () { -return getloadavg (); +return $ac_func (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_getloadavg=yes + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_func_getloadavg=no + eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getloadavg" >&5 -echo "${ECHO_T}$ac_cv_func_getloadavg" >&6; } -if test $ac_cv_func_getloadavg = yes; then - exit 0 -else - exit 1 +ac_res=`eval echo '${'$as_ac_var'}'` + { echo "$as_me:$LINENO: result: $ac_res" >&5 +echo "${ECHO_T}$ac_res" >&6; } +if test `eval echo '${'$as_ac_var'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + fi -) && ac_have_func=yes +done -# On HPUX9, an unprivileged user can get load averages through this function. -for ac_func in pstat_getdynamic +for ac_func in vsyslog do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` { echo "$as_me:$LINENO: checking for $ac_func" >&5 @@ -7734,26 +7719,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -7762,7 +7744,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -7777,21 +7759,45 @@ done -# Solaris has libkstat which does not require root. +# Check if we do need external GNU replacements +ac_have_func=no # yes means we've found a way to get the load average. -{ echo "$as_me:$LINENO: checking for kstat_open in -lkstat" >&5 -echo $ECHO_N "checking for kstat_open in -lkstat... $ECHO_C" >&6; } -if test "${ac_cv_lib_kstat_kstat_open+set}" = set; then +# Make sure getloadavg.c is where it belongs, at configure-time. +test -f "$srcdir/$ac_config_libobj_dir/getloadavg.c" || + { { echo "$as_me:$LINENO: error: $srcdir/$ac_config_libobj_dir/getloadavg.c is missing" >&5 +echo "$as_me: error: $srcdir/$ac_config_libobj_dir/getloadavg.c is missing" >&2;} + { (exit 1); exit 1; }; } + +ac_save_LIBS=$LIBS + +# Check for getloadavg, but be sure not to touch the cache variable. +({ echo "$as_me:$LINENO: checking for getloadavg" >&5 +echo $ECHO_N "checking for getloadavg... $ECHO_C" >&6; } +if test "${ac_cv_func_getloadavg+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lkstat $LIBS" -cat >conftest.$ac_ext <<_ACEOF + cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ +/* Define getloadavg to an innocuous variant, in case declares getloadavg. + For example, HP-UX 11i declares gettimeofday. */ +#define getloadavg innocuous_getloadavg + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char getloadavg (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef getloadavg /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC @@ -7799,52 +7805,221 @@ #ifdef __cplusplus extern "C" #endif -char kstat_open (); +char getloadavg (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_getloadavg || defined __stub___getloadavg +choke me +#endif + int main () { -return kstat_open (); +return getloadavg (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_lib_kstat_kstat_open=yes + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_func_getloadavg=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_lib_kstat_kstat_open=no + ac_cv_func_getloadavg=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_kstat_kstat_open" >&5 -echo "${ECHO_T}$ac_cv_lib_kstat_kstat_open" >&6; } -if test $ac_cv_lib_kstat_kstat_open = yes; then - cat >>confdefs.h <<_ACEOF +{ echo "$as_me:$LINENO: result: $ac_cv_func_getloadavg" >&5 +echo "${ECHO_T}$ac_cv_func_getloadavg" >&6; } +if test $ac_cv_func_getloadavg = yes; then + exit 0 +else + exit 1 +fi +) && ac_have_func=yes + +# On HPUX9, an unprivileged user can get load averages through this function. + +for ac_func in pstat_getdynamic +do +as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` +{ echo "$as_me:$LINENO: checking for $ac_func" >&5 +echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } +if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $ac_func (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$ac_func || defined __stub___$ac_func +choke me +#endif + +int +main () +{ +return $ac_func (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + eval "$as_ac_var=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + eval "$as_ac_var=no" +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +fi +ac_res=`eval echo '${'$as_ac_var'}'` + { echo "$as_me:$LINENO: result: $ac_res" >&5 +echo "${ECHO_T}$ac_res" >&6; } +if test `eval echo '${'$as_ac_var'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + +# Solaris has libkstat which does not require root. + +{ echo "$as_me:$LINENO: checking for kstat_open in -lkstat" >&5 +echo $ECHO_N "checking for kstat_open in -lkstat... $ECHO_C" >&6; } +if test "${ac_cv_lib_kstat_kstat_open+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lkstat $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char kstat_open (); +int +main () +{ +return kstat_open (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_kstat_kstat_open=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_kstat_kstat_open=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_kstat_kstat_open" >&5 +echo "${ECHO_T}$ac_cv_lib_kstat_kstat_open" >&6; } +if test $ac_cv_lib_kstat_kstat_open = yes; then + cat >>confdefs.h <<_ACEOF #define HAVE_LIBKSTAT 1 _ACEOF @@ -7889,26 +8064,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_elf_elf_begin=yes else echo "$as_me: failed program was:" >&5 @@ -7917,7 +8089,7 @@ ac_cv_lib_elf_elf_begin=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -7959,26 +8131,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_kvm_kvm_open=yes else echo "$as_me: failed program was:" >&5 @@ -7987,7 +8156,7 @@ ac_cv_lib_kvm_kvm_open=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -8028,26 +8197,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_util_getloadavg=yes else echo "$as_me: failed program was:" >&5 @@ -8056,7 +8222,7 @@ ac_cv_lib_util_getloadavg=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -8103,26 +8269,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_getloadavg_getloadavg=yes else echo "$as_me: failed program was:" >&5 @@ -8131,7 +8294,7 @@ ac_cv_lib_getloadavg_getloadavg=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -8202,26 +8365,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -8230,7 +8390,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -8277,26 +8437,22 @@ #include _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -8305,7 +8461,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -8320,24 +8476,22 @@ /* end confdefs.h. */ #include _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -8429,26 +8583,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_dgc_dg_sys_info=yes else echo "$as_me: failed program was:" >&5 @@ -8457,7 +8608,7 @@ ac_cv_lib_dgc_dg_sys_info=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -8498,26 +8649,22 @@ #include _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -8526,7 +8673,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -8541,24 +8688,22 @@ /* end confdefs.h. */ #include _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -8669,26 +8814,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -8697,7 +8839,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -8747,26 +8889,22 @@ #include _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -8775,7 +8913,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -8790,24 +8928,22 @@ /* end confdefs.h. */ #include _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -8901,26 +9037,22 @@ #include _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -8929,7 +9061,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -8944,24 +9076,22 @@ /* end confdefs.h. */ #include _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -9053,26 +9183,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -9081,7 +9207,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -9096,24 +9222,22 @@ /* end confdefs.h. */ #include <$ac_header> _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -9206,26 +9330,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -9234,7 +9354,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -9249,24 +9369,22 @@ /* end confdefs.h. */ #include <$ac_header> _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -9349,26 +9467,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_member_struct_nlist_n_un_n_name=yes else echo "$as_me: failed program was:" >&5 @@ -9393,26 +9507,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_cv_member_struct_nlist_n_un_n_name=yes else echo "$as_me: failed program was:" >&5 @@ -9421,10 +9531,10 @@ ac_cv_member_struct_nlist_n_un_n_name=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { echo "$as_me:$LINENO: result: $ac_cv_member_struct_nlist_n_un_n_name" >&5 echo "${ECHO_T}$ac_cv_member_struct_nlist_n_un_n_name" >&6; } @@ -9575,26 +9685,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 @@ -9603,7 +9710,7 @@ eval "$as_ac_var=no" fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext fi ac_res=`eval echo '${'$as_ac_var'}'` @@ -9646,26 +9753,22 @@ #include <$ac_header> _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 @@ -9674,7 +9777,7 @@ ac_header_compiler=no fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6; } @@ -9689,24 +9792,22 @@ /* end confdefs.h. */ #include <$ac_header> _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - ac_cpp_err=$ac_cpp_err$ac_c_werror_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 @@ -9885,13 +9986,22 @@ _ACEOF rm -f conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then @@ -9953,26 +10063,22 @@ } _ACEOF rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>conftest.er1 +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then { echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6; } @@ -9992,7 +10098,7 @@ fi -rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { echo "$as_me:$LINENO: checking for va_copy" >&5 echo $ECHO_N "checking for va_copy... $ECHO_C" >&6; } @@ -10018,26 +10124,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then { echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6; } @@ -10057,7 +10160,7 @@ fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext # ------------------------------------------------------------------------ @@ -10130,6 +10233,11 @@ then ARCH="HPUX" CFLAGS="$CFLAGS -D _REENTRANT" + +cat >>confdefs.h <<\_ACEOF +#define HAVE_CPU_WAIT 1 +_ACEOF + elif test `uname` = "OpenBSD" then ARCH="OPENBSD" @@ -10158,52 +10266,29 @@ LIBS="$LIBS -lodm" # AIX v. 5.2 LIBS="$LIBS -lcfg" -else - { echo "$as_me:$LINENO: WARNING: Architecture not supported: \`uname\`." >&5 -echo "$as_me: WARNING: Architecture not supported: \`uname\`." >&2;} - CFLAGS="$CFLAGS -D _REENTRANT" - ARCH="UNKNOWN" -fi - - -# ------------------------------------------------------------------------ -# Resource code -# ------------------------------------------------------------------------ - -# Check if we want to have resource support -{ echo "$as_me:$LINENO: checking for resource support" >&5 -echo $ECHO_N "checking for resource support... $ECHO_C" >&6; } - -# Check whether --with-resource was given. -if test "${with_resource+set}" = set; then - withval=$with_resource; - if test "x$withval" = "xno" ; then - use_resource=0 - { echo "$as_me:$LINENO: result: disabled" >&5 -echo "${ECHO_T}disabled" >&6; } - fi - if test "x$withval" = "xyes" ; then - use_resource=1 - { echo "$as_me:$LINENO: result: enabled" >&5 -echo "${ECHO_T}enabled" >&6; } - fi - -else - - use_resource=1 - { echo "$as_me:$LINENO: result: enabled" >&5 -echo "${ECHO_T}enabled" >&6; } + # AIX v. 5.3 + LIBS="$LIBS -lperfstat" +cat >>confdefs.h <<\_ACEOF +#define HAVE_CPU_WAIT 1 +_ACEOF +else + { echo "$as_me:$LINENO: WARNING: Architecture not supported: \`uname\`." >&5 +echo "$as_me: WARNING: Architecture not supported: \`uname\`." >&2;} + CFLAGS="$CFLAGS -D _REENTRANT" + ARCH="UNKNOWN" fi -# Settings for resource support -if test "$use_resource" = 1; then - # Test for kvm libs - kvm_libs="" - if test "$test_kvm"; then - { echo "$as_me:$LINENO: checking for kvm_open in -lkvm" >&5 +# ------------------------------------------------------------------------ +# Resource code +# ------------------------------------------------------------------------ + +# Test for kvm libs +kvm_libs="" +if test "$test_kvm"; then + { echo "$as_me:$LINENO: checking for kvm_open in -lkvm" >&5 echo $ECHO_N "checking for kvm_open in -lkvm... $ECHO_C" >&6; } if test "${ac_cv_lib_kvm_kvm_open+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -10233,26 +10318,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_kvm_kvm_open=yes else echo "$as_me: failed program was:" >&5 @@ -10261,7 +10343,7 @@ ac_cv_lib_kvm_kvm_open=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -10271,14 +10353,14 @@ kvm_libs="-lkvm" fi - if test "$kvm_libs" - then - LIBS="$LIBS $kvm_libs" - fi - fi - kstat_libs="" - if test "$test_kstat"; then - { echo "$as_me:$LINENO: checking for kstat_open in -lkstat" >&5 + if test "$kvm_libs" + then + LIBS="$LIBS $kvm_libs" + fi +fi +kstat_libs="" +if test "$test_kstat"; then + { echo "$as_me:$LINENO: checking for kstat_open in -lkstat" >&5 echo $ECHO_N "checking for kstat_open in -lkstat... $ECHO_C" >&6; } if test "${ac_cv_lib_kstat_kstat_open+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 @@ -10308,26 +10390,23 @@ } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>conftest.er1 +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then ac_cv_lib_kstat_kstat_open=yes else echo "$as_me: failed program was:" >&5 @@ -10336,7 +10415,7 @@ ac_cv_lib_kstat_kstat_open=no fi -rm -f conftest.err conftest.$ac_objext \ +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi @@ -10346,16 +10425,418 @@ kstat_libs="-lkstat" fi - if test "$kstat_libs" - then - LIBS="$LIBS $kstat_libs" - fi + if test "$kstat_libs" + then + LIBS="$LIBS $kstat_libs" + fi +fi + + +# ------------------------------------------------------------------------ +# Large files code +# ------------------------------------------------------------------------ + +# Check if we want to have large files support +{ echo "$as_me:$LINENO: checking for large files support" >&5 +echo $ECHO_N "checking for large files support... $ECHO_C" >&6; } + +# Check whether --with-largefiles was given. +if test "${with_largefiles+set}" = set; then + withval=$with_largefiles; + if test "x$withval" = "xno" ; then + use_largefiles=0 + { echo "$as_me:$LINENO: result: disabled" >&5 +echo "${ECHO_T}disabled" >&6; } + fi + if test "x$withval" = "xyes" ; then + use_largefiles=1 + { echo "$as_me:$LINENO: result: enabled" >&5 +echo "${ECHO_T}enabled" >&6; } + fi + +else + + if test `uname` = "AIX" + then + use_largefiles=0 + { echo "$as_me:$LINENO: result: disabled" >&5 +echo "${ECHO_T}disabled" >&6; } + else + use_largefiles=1 + { echo "$as_me:$LINENO: result: enabled" >&5 +echo "${ECHO_T}enabled" >&6; } fi - PROCARCH="$ARCH" + + +fi + + +# Settings for largefiles support +if test "$use_largefiles" = 1; then + if test "$ARCH" = "SOLARIS"; then + if ! ( echo $CFLAGS | egrep '(64|v9)' >/dev/null 2>&1); then + echo "###############################################################################" + echo "### Solaris requires 64-bit support for large files and resource monitoring ###" + echo "### enabled. ###" + echo "### ###" + echo "### Compile monit with 64-bit support (see PLATFORMS file for details) ###" + echo "###############################################################################" + { { echo "$as_me:$LINENO: error: Solaris requires 64-bit support for large files and resource monitoring enabled" >&5 +echo "$as_me: error: Solaris requires 64-bit support for large files and resource monitoring enabled" >&2;} + { (exit 1); exit 1; }; } + fi + fi + # Check whether --enable-largefile was given. +if test "${enable_largefile+set}" = set; then + enableval=$enable_largefile; +fi + +if test "$enable_largefile" != no; then + + { echo "$as_me:$LINENO: checking for special C compiler options needed for large files" >&5 +echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6; } +if test "${ac_cv_sys_largefile_CC+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_sys_largefile_CC=no + if test "$GCC" != yes; then + ac_save_CC=$CC + while :; do + # IRIX 6.2 and later do not support large files by default, + # so use the C compiler's -n32 option if that helps. + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF + rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +fi + +rm -f core conftest.err conftest.$ac_objext + CC="$CC -n32" + rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + ac_cv_sys_largefile_CC=' -n32'; break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +fi + +rm -f core conftest.err conftest.$ac_objext + break + done + CC=$ac_save_CC + rm -f conftest.$ac_ext + fi +fi +{ echo "$as_me:$LINENO: result: $ac_cv_sys_largefile_CC" >&5 +echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6; } + if test "$ac_cv_sys_largefile_CC" != no; then + CC=$CC$ac_cv_sys_largefile_CC + fi + + { echo "$as_me:$LINENO: checking for _FILE_OFFSET_BITS value needed for large files" >&5 +echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6; } +if test "${ac_cv_sys_file_offset_bits+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + while :; do + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + ac_cv_sys_file_offset_bits=no; break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +fi + +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#define _FILE_OFFSET_BITS 64 +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + ac_cv_sys_file_offset_bits=64; break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +fi + +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_cv_sys_file_offset_bits=unknown + break +done +fi +{ echo "$as_me:$LINENO: result: $ac_cv_sys_file_offset_bits" >&5 +echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6; } +case $ac_cv_sys_file_offset_bits in #( + no | unknown) ;; + *) +cat >>confdefs.h <<_ACEOF +#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits +_ACEOF +;; +esac +rm -f conftest* + if test $ac_cv_sys_file_offset_bits = unknown; then + { echo "$as_me:$LINENO: checking for _LARGE_FILES value needed for large files" >&5 +echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6; } +if test "${ac_cv_sys_large_files+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + while :; do + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + ac_cv_sys_large_files=no; break else - PROCARCH="UNKNOWN" + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +fi + +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#define _LARGE_FILES 1 +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + ac_cv_sys_large_files=1; break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +fi + +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_cv_sys_large_files=unknown + break +done +fi +{ echo "$as_me:$LINENO: result: $ac_cv_sys_large_files" >&5 +echo "${ECHO_T}$ac_cv_sys_large_files" >&6; } +case $ac_cv_sys_large_files in #( + no | unknown) ;; + *) +cat >>confdefs.h <<_ACEOF +#define _LARGE_FILES $ac_cv_sys_large_files +_ACEOF +;; +esac +rm -f conftest* + fi fi +fi # ------------------------------------------------------------------------ @@ -10439,7 +10920,7 @@ else if test -z "$sslincldir"; then - for maindir in /usr /usr/local /usr/lib /usr/pkg /var /opt; do + for maindir in /usr /usr/local /usr/lib /usr/pkg /var /opt /usr/sfw; do for dir in "$maindir/include"\ "$maindir/include/openssl"\ "$maindir/include/ssl"\ @@ -10479,10 +10960,26 @@ else if test -z "$ssllibdir"; then - for maindir in /usr /usr/local /usr/pkg /var /opt; do - for dir in $maindir $maindir/openssl $maindir/ssl \ - $maindir/lib $maindir/lib/openssl \ - $maindir/lib/ssl $maindir/ssl/lib; do + for maindir in /usr \ + /usr/local \ + /usr/pkg \ + /var /opt \ + /usr/sfw; do + for dir in $maindir \ + $maindir/openssl \ + $maindir/ssl \ + $maindir/lib \ + $maindir/lib/openssl \ + $maindir/lib/ssl \ + $maindir/ssl/lib \ + $maindir/lib/64 \ + $maindir/lib/64/openssl \ + $maindir/lib/64/ssl \ + $maindir/ssl/lib/64 \ + $maindir/lib64 \ + $maindir/lib64/openssl \ + $maindir/lib64/ssl \ + $maindir/ssl/lib64; do checkssllibdir $dir && break 2 done done @@ -10600,8 +11097,8 @@ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache -if diff $cache_file confcache >/dev/null 2>&1; then :; else - if test -w $cache_file; then +if diff "$cache_file" confcache >/dev/null 2>&1; then :; else + if test -w "$cache_file"; then test "x$cache_file" != "x/dev/null" && { echo "$as_me:$LINENO: updating cache $cache_file" >&5 echo "$as_me: updating cache $cache_file" >&6;} @@ -10659,7 +11156,8 @@ ## M4sh Initialization. ## ## --------------------- ## -# Be Bourne compatible +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: @@ -10668,10 +11166,13 @@ alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac + case `(set -o) 2>/dev/null` in + *posix*) set -o posix ;; +esac + fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh + + # PATH needs CR @@ -10840,7 +11341,7 @@ } -if (dirname -- /) >/dev/null 2>&1; then +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false @@ -10895,19 +11396,28 @@ as_mkdir_p=false fi -# Find out whether ``test -x'' works. Don't use a zero-byte file, as -# systems may use methods other than mode bits to determine executability. -cat >conf$$.file <<_ASEOF -#! /bin/sh -exit 0 -_ASEOF -chmod +x conf$$.file -if test -x conf$$.file >/dev/null 2>&1; then - as_executable_p="test -x" +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' else - as_executable_p=: + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' fi -rm -f conf$$.file +as_executable_p=$as_test_x # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -10922,8 +11432,8 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by monit $as_me 4.8.1, which was -generated by GNU Autoconf 2.59d. Invocation command line was +This file was extended by monit $as_me 5.0.3, which was +generated by GNU Autoconf 2.61. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -10951,7 +11461,7 @@ Usage: $0 [OPTIONS] [FILE]... -h, --help print this help, then exit - -V, --version print version number, then exit + -V, --version print version number and configuration settings, then exit -q, --quiet do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions @@ -10971,9 +11481,9 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -monit config.status 4.8.1 -configured by $0, generated by GNU Autoconf 2.59d, - with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" +monit config.status 5.0.3 +configured by $0, generated by GNU Autoconf 2.61, + with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" Copyright (C) 2006 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation @@ -11052,10 +11562,10 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF if \$ac_cs_recheck; then - echo "running CONFIG_SHELL=$SHELL $SHELL $0 " $ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 + echo "running CONFIG_SHELL=$SHELL $SHELL $0 "$ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 CONFIG_SHELL=$SHELL export CONFIG_SHELL - exec $SHELL "$0" $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + exec $SHELL "$0"$ac_configure_args \$ac_configure_extra_args --no-create --no-recursion fi _ACEOF @@ -11194,23 +11704,21 @@ INSTALL_DATA!$INSTALL_DATA$ac_delim SET_MAKE!$SET_MAKE$ac_delim LEX!$LEX$ac_delim -LEXLIB!$LEXLIB$ac_delim LEX_OUTPUT_ROOT!$LEX_OUTPUT_ROOT$ac_delim +LEXLIB!$LEXLIB$ac_delim YACC!$YACC$ac_delim -YFLAGS!$YFLAGS$ac_delim LIBOBJS!$LIBOBJS$ac_delim NEED_SETGID!$NEED_SETGID$ac_delim KMEM_GROUP!$KMEM_GROUP$ac_delim GETLOADAVG_LIBS!$GETLOADAVG_LIBS$ac_delim EXTERNALS!$EXTERNALS$ac_delim ARCH!$ARCH$ac_delim -PROCARCH!$PROCARCH$ac_delim sslincldir!$sslincldir$ac_delim ssllibdir!$ssllibdir$ac_delim LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `grep -c "$ac_delim\$" conf$$subs.sed` = 66; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 64; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 @@ -11221,10 +11729,10 @@ fi done -ac_eof= -if grep '^CEOF$' conf$$subs.sed >/dev/null; then - ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF//p' conf$$subs.sed | sort -nru | sed 1q` - ac_eof=`expr 0$ac_eof + 1` +ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` +if test -n "$ac_eof"; then + ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` + ac_eof=`expr $ac_eof + 1` fi cat >>$CONFIG_STATUS <<_ACEOF @@ -11442,7 +11950,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. -ac_datarootdir_hack= +ac_datarootdir_hack=; ac_datarootdir_seen= case `sed -n '/datarootdir/ { p @@ -11454,7 +11962,7 @@ /@localedir@/p /@mandir@/p ' $ac_file_inputs` in -*datarootdir*) ;; +*datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) { echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} @@ -11493,6 +12001,14 @@ $ac_datarootdir_hack " $ac_file_inputs | sed -f "$tmp/subs-1.sed" >$tmp/out +test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && + { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && + { echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined." >&5 +echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined." >&2;} + rm -f "$tmp/stdin" case $ac_file in -) cat "$tmp/out"; rm -f "$tmp/out";; @@ -11503,18 +12019,6 @@ # # CONFIG_HEADER # - - # These sed commands are passed to sed as "A NAME B PARAMS C VALUE D", where - # NAME is the cpp macro being defined, VALUE is the value it is being given. - # PARAMS is the parameter list in the macro definition--in most cases, it's - # just an empty string. - # - ac_dA='s,^\([ ]*#[ ]*\)[^ ]*\([ ][ ]*' - ac_dB='\)[ (].*$,\1define\2' - ac_dC=' ' - ac_dD=' ,' - - ac_word_regexp=[_$as_cr_Letters][_$as_cr_alnum]* _ACEOF # Transform confdefs.h into a sed script `conftest.defines', that @@ -11528,6 +12032,15 @@ # symbol, which is useless. But do not sort them, since the last # AC_DEFINE must be honored. ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* +# These sed commands are passed to sed as "A NAME B PARAMS C VALUE D", where +# NAME is the cpp macro being defined, VALUE is the value it is being given. +# PARAMS is the parameter list in the macro definition--in most cases, it's +# just an empty string. +ac_dA='s,^\\([ #]*\\)[^ ]*\\([ ]*' +ac_dB='\\)[ (].*,\\1define\\2' +ac_dC=' ' +ac_dD=' ,' + uniq confdefs.h | sed -n ' t rset @@ -11537,9 +12050,8 @@ d :ok s/[\\&,]/\\&/g - s/[\\$`]/\\&/g - s/^\('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/${ac_dA}\1$ac_dB\2${ac_dC}\3$ac_dD/p - s/^\('"$ac_word_re"'\)[ ]*\(.*\)/${ac_dA}\1$ac_dB${ac_dC}\2$ac_dD/p + s/^\('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/ '"$ac_dA"'\1'"$ac_dB"'\2'"${ac_dC}"'\3'"$ac_dD"'/p + s/^\('"$ac_word_re"'\)[ ]*\(.*\)/'"$ac_dA"'\1'"$ac_dB$ac_dC"'\2'"$ac_dD"'/p ' >>conftest.defines # Remove the space that was appended to ease matching. @@ -11551,7 +12063,7 @@ s,^[ #]*u.*,/* & */,' >>conftest.defines # Break up conftest.defines: -ac_max_sed_lines=96 +ac_max_sed_lines=50 # First sed command is: sed -f defines.sed $ac_file_inputs >"$tmp/out1" # Second one is: sed -f defines.sed "$tmp/out1" >"$tmp/out2" @@ -11564,12 +12076,14 @@ while : do # Write a here document: - echo ' # First, check the format of the line: - cat >"$tmp/defines.sed" <>$CONFIG_STATUS <<_ACEOF + # First, check the format of the line: + cat >"\$tmp/defines.sed" <<\\CEOF +/^[ ]*#[ ]*undef[ ][ ]*$ac_word_re[ ]*\$/b def +/^[ ]*#[ ]*define[ ][ ]*$ac_word_re[( ]/b def b -:def' >>$CONFIG_STATUS +:def +_ACEOF sed ${ac_max_sed_lines}q conftest.defines >>$CONFIG_STATUS echo 'CEOF sed -f "$tmp/defines.sed"' "$ac_in >$ac_out" >>$CONFIG_STATUS @@ -11645,12 +12159,11 @@ else echo " SSL support: disabled" fi -if test "$use_resource" = "1"; then - echo " resource monitoring: enabled" +if test "$use_largefiles" = "1"; then + echo " large files support: enabled" else - echo " resource monitoring: disabled" + echo " large files support: disabled" fi -echo " resource code: sysdep_$PROCARCH.c" echo " Compiler flags: ${CFLAGS}" echo " Linker flags: ${LIBS}" echo " pid file location: ${piddir}" diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/configure.ac /tmp/QeMlhPoI46/monit-5.0.3/configure.ac --- monit-4.8.1/configure.ac 2006-05-05 00:50:03.000000000 +0100 +++ monit-5.0.3/configure.ac 2009-05-25 20:02:56.000000000 +0100 @@ -1,16 +1,20 @@ # Process this file with autoconf to produce a configure script. # Mark Ferlatte, # -# $Id: configure.ac,v 1.137 2006/05/04 23:50:03 martinp Exp $ +# $Id: configure.ac,v 1.194 2009/05/09 10:18:31 martinp Exp $ # autoconf requirement AC_PREREQ([2.53]) # Init autoconf and automake -AC_INIT([monit], [4.8.1], [monit-general@nongnu.org]) + +# Note: in case of beta subversion, use underscore "_" rather then dash "-" +# since RPM doesn't allow dash in Version +# Example: 5.0_beta2 +AC_INIT([monit], [5.0.3], [monit-general@nongnu.org]) # Package info -AC_REVISION([$Revision: 1.137 $]) +AC_REVISION([$Revision: 1.194 $]) AC_CONFIG_SRCDIR([monitor.c]) # ------------------------------------------------------------------------ @@ -25,7 +29,10 @@ if test "$LEX" != flex; then AC_MSG_ERROR([monit requires flex, not lex]) fi -AC_PROG_YACC +AC_CHECK_PROGS(YACC, 'bison -y' byacc yacc) +if test "x$YACC" = "x"; then + AC_MSG_ERROR([monit requires bison, byacc or yacc]) +fi # ------------------------------------------------------------------------ # Libraries @@ -33,10 +40,11 @@ # Check for libraries AC_CHECK_LIB([socket], [socket]) -AC_CHECK_LIB([inet], [socket]) -AC_CHECK_LIB([nsl], [inet_addr]) +AC_CHECK_LIB([inet], [socket]) +AC_CHECK_LIB([nsl], [inet_addr]) AC_CHECK_LIB([resolv], [inet_aton]) -AC_CHECK_LIB([crypt], [crypt]) +AC_CHECK_LIB([crypt], [crypt]) +AC_CHECK_LIB([pam], [pam_start]) # Wacky pthread madness pthread_libs="" @@ -67,6 +75,7 @@ asm/page.h \ asm/param.h \ cf.h \ + crt_externs.h \ ctype.h \ crypt.h \ dirent.h \ @@ -77,10 +86,12 @@ grp.h \ kvm.h \ kstat.h \ + libperfstat.h \ limits.h \ loadavg.h \ locale.h \ mach/host_info.h \ + mach/mach.h \ mach/mach_host.h \ memory.h \ mntent.h \ @@ -88,11 +99,13 @@ sys/socket.h \ netinet/in.h \ netinet/in_systm.h \ + pam/pam_appl.h \ procfs.h \ procinfo.h \ pthread.h \ pwd.h \ regex.h \ + security/pam_appl.h \ setjmp.h \ signal.h \ stdarg.h \ @@ -102,6 +115,7 @@ stropts.h \ sys/cfgodm.h \ sys/cfgdb.h \ + sys/dk.h \ sys/dkstat.h \ sys/filio.h \ sys/ioctl.h \ @@ -114,11 +128,14 @@ sys/pstat.h \ sys/queue.h \ sys/resource.h \ + sys/statfs.h \ sys/statvfs.h \ + sys/systemcfg.h \ sys/time.h \ sys/tree.h \ sys/types.h \ sys/un.h \ + sys/utsname.h \ sys/vmmeter.h \ sys/vfs.h \ syslog.h \ @@ -289,7 +306,8 @@ AC_CHECK_FUNCS(statvfs) AC_CHECK_FUNCS(setlocale) AC_CHECK_FUNCS(getaddrinfo) - +AC_CHECK_FUNCS(syslog) +AC_CHECK_FUNCS(vsyslog) # Check if we do need external GNU replacements AC_FUNC_GETLOADAVG @@ -381,6 +399,7 @@ then ARCH="HPUX" CFLAGS="$CFLAGS -D _REENTRANT" + AC_DEFINE([HAVE_CPU_WAIT], [1], [Define to 1 if CPU wait information is available.]) elif test `uname` = "OpenBSD" then ARCH="OPENBSD" @@ -409,6 +428,9 @@ LIBS="$LIBS -lodm" # AIX v. 5.2 LIBS="$LIBS -lcfg" + # AIX v. 5.3 + LIBS="$LIBS -lperfstat" + AC_DEFINE([HAVE_CPU_WAIT], [1], [Define to 1 if CPU wait information is available.]) else AC_MSG_WARN([Architecture not supported: `uname`.]) CFLAGS="$CFLAGS -D _REENTRANT" @@ -420,56 +442,76 @@ # Resource code # ------------------------------------------------------------------------ -# Check if we want to have resource support -AC_MSG_CHECKING([for resource support]) -AC_ARG_WITH(resource, - [ --without-resource disable resouce monitoring (default: enabled)], +# Test for kvm libs +kvm_libs="" +if test "$test_kvm"; then + AC_CHECK_LIB([kvm], + [kvm_open], + [kvm_libs="-lkvm"]) + if test "$kvm_libs" + then + LIBS="$LIBS $kvm_libs" + fi +fi +kstat_libs="" +if test "$test_kstat"; then + AC_CHECK_LIB([kstat], + [kstat_open], + [kstat_libs="-lkstat"]) + if test "$kstat_libs" + then + LIBS="$LIBS $kstat_libs" + fi +fi + + +# ------------------------------------------------------------------------ +# Large files code +# ------------------------------------------------------------------------ + +# Check if we want to have large files support +AC_MSG_CHECKING([for large files support]) +AC_ARG_WITH(largefiles, + [ --without-largefiles disable large files support (default: enabled)], [ dnl Check the withvalue if test "x$withval" = "xno" ; then - use_resource=0 + use_largefiles=0 AC_MSG_RESULT([disabled]) fi if test "x$withval" = "xyes" ; then - use_resource=1 + use_largefiles=1 AC_MSG_RESULT([enabled]) fi ], [ - use_resource=1 - AC_MSG_RESULT([enabled]) + if test `uname` = "AIX" + then + use_largefiles=0 + AC_MSG_RESULT([disabled]) + else + use_largefiles=1 + AC_MSG_RESULT([enabled]) + fi ] ) -# Settings for resource support -if test "$use_resource" = 1; then - # Test for kvm libs - kvm_libs="" - if test "$test_kvm"; then - AC_CHECK_LIB([kvm], - [kvm_open], - [kvm_libs="-lkvm"]) - if test "$kvm_libs" - then - LIBS="$LIBS $kvm_libs" - fi - fi - kstat_libs="" - if test "$test_kstat"; then - AC_CHECK_LIB([kstat], - [kstat_open], - [kstat_libs="-lkstat"]) - if test "$kstat_libs" - then - LIBS="$LIBS $kstat_libs" - fi - fi - PROCARCH="$ARCH" -else - PROCARCH="UNKNOWN" +# Settings for largefiles support +if test "$use_largefiles" = 1; then + if test "$ARCH" = "SOLARIS"; then + if ! ( echo $CFLAGS | egrep '(64|v9)' >/dev/null 2>&1); then + echo "###############################################################################" + echo "### Solaris requires 64-bit support for large files and resource monitoring ###" + echo "### enabled. ###" + echo "### ###" + echo "### Compile monit with 64-bit support (see PLATFORMS file for details) ###" + echo "###############################################################################" + AC_MSG_ERROR([Solaris requires 64-bit support for large files and resource monitoring enabled]) + fi + fi + AC_SYS_LARGEFILE fi -AC_SUBST(PROCARCH) # ------------------------------------------------------------------------ # SSL Code @@ -542,7 +584,7 @@ [ if test -z "$sslincldir"; then dnl Search default locations of SSL includes - for maindir in /usr /usr/local /usr/lib /usr/pkg /var /opt; do + for maindir in /usr /usr/local /usr/lib /usr/pkg /var /opt /usr/sfw; do for dir in "$maindir/include"\ "$maindir/include/openssl"\ "$maindir/include/ssl"\ @@ -577,10 +619,26 @@ [ if test -z "$ssllibdir"; then dnl Search default locations of SSL libraries - for maindir in /usr /usr/local /usr/pkg /var /opt; do - for dir in $maindir $maindir/openssl $maindir/ssl \ - $maindir/lib $maindir/lib/openssl \ - $maindir/lib/ssl $maindir/ssl/lib; do + for maindir in /usr \ + /usr/local \ + /usr/pkg \ + /var /opt \ + /usr/sfw; do + for dir in $maindir \ + $maindir/openssl \ + $maindir/ssl \ + $maindir/lib \ + $maindir/lib/openssl \ + $maindir/lib/ssl \ + $maindir/ssl/lib \ + $maindir/lib/64 \ + $maindir/lib/64/openssl \ + $maindir/lib/64/ssl \ + $maindir/ssl/lib/64 \ + $maindir/lib64 \ + $maindir/lib64/openssl \ + $maindir/lib64/ssl \ + $maindir/ssl/lib64; do checkssllibdir $dir && break 2 done done @@ -640,12 +698,11 @@ else echo " SSL support: disabled" fi -if test "$use_resource" = "1"; then - echo " resource monitoring: enabled" +if test "$use_largefiles" = "1"; then + echo " large files support: enabled" else - echo " resource monitoring: disabled" + echo " large files support: disabled" fi -echo " resource code: sysdep_$PROCARCH.c" echo " Compiler flags: ${CFLAGS}" echo " Linker flags: ${LIBS}" echo " pid file location: ${piddir}" diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/contrib/monit.php /tmp/QeMlhPoI46/monit-5.0.3/contrib/monit.php --- monit-4.8.1/contrib/monit.php 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/contrib/monit.php 2008-03-31 22:13:31.000000000 +0100 @@ -3,7 +3,7 @@ // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License as -// published by the Free Software Foundation; either version 2 of the +// published by the Free Software Foundation; either version 3 of the // License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, but @@ -29,7 +29,7 @@ // // Requires PHP, and a working webserver! // @author Author David Fletcher, -// @version \$Id: monit.php,v 1.2 2004/11/20 23:53:42 hauk Exp $ +// @version \$Id: monit.php,v 1.3 2007/07/25 12:54:30 hauk Exp $ //Configuration - set this to match the information in /etc/monitrc diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/contrib/monitrc-gentoo /tmp/QeMlhPoI46/monit-5.0.3/contrib/monitrc-gentoo --- monit-4.8.1/contrib/monitrc-gentoo 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/contrib/monitrc-gentoo 2008-11-26 06:42:49.000000000 +0000 @@ -0,0 +1,328 @@ +############################################################################### +## Monit control file +############################################################################### +## +## Comments begin with a '#' and extend through the end of the line. Keywords +## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. +## +## Bellow is the example of some frequently used statements. For information +## about the control file, a complete list of statements and options please +## have a look in the monit manual. +## +## +############################################################################### +## Global section +############################################################################### +## +## Start monit in background (run as daemon) and check the services at 2-minute +## intervals. +# +set daemon 120 +# +# +## Set syslog logging with the 'daemon' facility. If the FACILITY option is +## omited, monit will use 'user' facility by default. You can specify the +## path to the file for monit native logging. +# +# set logfile syslog facility log_daemon +# +# +## Set list of mailservers for alert delivery. Multiple servers may be +## specified using comma separator. By default monit uses port 25 - it is +## possible to override it with the PORT option. +# +# set mailserver mail.bar.baz, # primary mailserver +# backup.bar.baz port 10025, # backup mailserver on port 10025 +# localhost # fallback relay +# +# +## By default monit will drop the event alert, in the case that there is no +## mailserver available. In the case that you want to keep the events for +## later delivery retry, you can use the EVENTQUEUE statement. The base +## directory where undelivered events will be stored is specified by the +## BASEDIR option. You can limit the maximal queue size using the SLOTS +## option (if omited then the queue is limited just by the backend filesystem). +# +# set eventqueue +# basedir /var/monit # set the base directory where events will be stored +# slots 100 # optionaly limit the queue size +# +# +## Monit by default uses the following alert mail format: +## +## --8<-- +## From: monit@$HOST # sender +## Subject: monit alert -- $EVENT $SERVICE # subject +## +## $EVENT Service $SERVICE # +## # +## Date: $DATE # +## Action: $ACTION # +## Host: $HOST # body +## Description: $DESCRIPTION # +## # +## Your faithful employee, # +## monit # +## --8<-- +## +## You can override the alert message format or its parts such as subject +## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc. +## are expanded on runtime. For example to override the sender: +# +# set mail-format { from: monit@foo.bar } +# +# +## You can set the alert recipients here, which will receive the alert for +## each service. The event alerts may be restricted using the list. +# +# set alert sysadm@foo.bar # receive all alerts +# set alert manager@foo.bar only on { timeout } # receive just service- +# # timeout alert +# +# +## Monit has an embedded webserver, which can be used to view the +## configuration, actual services parameters or manage the services using the +## web interface. +# +set httpd port 2812 and + use address localhost # only accept connection from localhost + allow localhost # allow localhost to connect to the server and +# allow admin:monit # require user 'admin' with password 'monit' +# +# +############################################################################### +## Services +############################################################################### +## +## Check the general system resources such as load average, cpu and memory +## usage. Each rule specifies the tested resource, the limit and the action +## which will be performed in the case that the test failed. +# +check system localhost +# if loadavg (1min) > 4 then alert +# if loadavg (5min) > 2 then alert +# if memory usage > 75% then alert +# if cpu usage (user) > 70% then alert +# if cpu usage (system) > 30% then alert +# if cpu usage (wait) > 20% then alert +# +# + +# vixie cron +check process cron with pidfile /var/run/cron.pid + group system + start program = "/etc/init.d/vixie-cron start" + stop program = "/etc/init.d/vixie-cron stop" + if 5 restarts within 5 cycles then timeout + depends on cron_rc + +check file cron_rc with path /etc/init.d/vixie-cron + group system + if failed checksum then unmonitor + if failed permission 755 then unmonitor + if failed uid root then unmonitor + if failed gid root then unmonitor + +check process syslogd with pidfile /var/run/syslog-ng.pid + start program = "/etc/init.d/syslog-ng start" + stop program = "/etc/init.d/syslog-ng stop" + if 5 restarts within 5 cycles then timeout + +check file syslogd_file with path /var/log/messages + if timestamp > 65 minutes then alert # Have you seen "-- MARK --"? + + +# vsftp +check process vsftpd with pidfile /var/run/vsftpd.pid + start program = "/etc/init.d/vsftpd start" + stop program = "/etc/init.d/vsftpd stop" + if failed port 21 protocol ftp then restart + if 5 restarts within 5 cycles then timeout + +check process sshd with pidfile /var/run/sshd.pid + start program "/etc/init.d/sshd start" + stop program "/etc/init.d/sshd stop" + if failed port 22 protocol ssh then restart + if 5 restarts within 5 cycles then timeout + +# apache2 +check process apache with pidfile /var/run/apache2.pid + group www + start program = "/etc/init.d/apache2 start" + stop program = "/etc/init.d/apache2 stop" + if failed port 80 protocol http then restart + if 5 restarts within 5 cycles then timeout + +# postfix +check process postfix with pidfile /var/spool/postfix/pid/master.pid + group mail + start program = "/etc/init.d/postfix start" + stop program = "/etc/init.d/postfix stop" + if failed port 25 protocol smtp then restart + if 5 restarts within 5 cycles then timeout + depends on postfix_rc + +check file postfix_rc with path /etc/init.d/postfix + group mail + if failed checksum then unmonitor + if failed permission 755 then unmonitor + if failed uid root then unmonitor + if failed gid root then unmonitor + +# postgresql +check process postgresql with pidfile /var/postgresql/data/postmaster.pid + group database + start program = "/etc/init.d/postgresql start" + stop program = "/etc/init.d/postgresql stop" + +# slapd +check process slapd with pidfile /var/run/openldap/slapd.pid + group database + start program = "/etc/init.d/slapd start" + stop program = "/etc/init.d/slapd stop" +# if failed port 389 protocol ldap3 then restart +# if 5 restarts within 5 cycles then timeout + +check process smbd with pidfile /var/run/samba/smbd.pid + group samba + start program = "/etc/init.d/samba start" + stop program = "/etc/init.d/samba stop" + if failed port 139 type TCP then restart + if 5 restarts within 5 cycles then timeout + depends on smbd_bin + +check file smbd_bin with path /usr/sbin/smbd + group samba + if failed checksum then unmonitor + if failed permission 755 then unmonitor + if failed uid root then unmonitor + if failed gid root then unmonitor + +check process nmbd with pidfile /var/run/samba/nmbd.pid + group samba + start program = "/etc/init.d/samba start" + stop program = "/etc/init.d/samba stop" + if failed port 138 type UDP then restart + if failed port 137 type UDP then restart + if 5 restarts within 5 cycles then timeout + depends on nmbd_bin + +check file nmbd_bin with path /usr/sbin/nmbd + group samba + if failed checksum then unmonitor + if failed permission 755 then unmonitor + if failed uid root then unmonitor + if failed gid root then unmonitor + +check process ddclient with pidfile /var/run/ddclient.pid + group other + start program = "/etc/init.d/ddclient start" + stop program = "/etc/init.d/ddclient stop" + +## Check a file for existence, checksum, permissions, uid and gid. In addition +## to the recipients in the global section, customized alert will be send to +## the additional recipient. The service may be grouped using the GROUP option. +# +# check file apache_bin with path /usr/local/apache/bin/httpd +# if failed checksum and +# expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor +# if failed permission 755 then unmonitor +# if failed uid root then unmonitor +# if failed gid root then unmonitor +# alert security@foo.bar on { +# checksum, permission, uid, gid, unmonitor +# } with the mail-format { subject: Alarm! } +# group server +# +# +## Check that a process is running, responding on the HTTP and HTTPS request, +## check its resource usage such as cpu and memory, number of children. +## In the case that the process is not running, monit will restart it by +## default. In the case that the service was restarted very often and the +## problem remains, it is possible to disable the monitoring using the +## TIMEOUT statement. The service depends on another service (apache_bin) which +## is defined in the monit control file as well. +# +# check process apache with pidfile /usr/local/apache/logs/httpd.pid +# start program = "/etc/init.d/httpd start" +# stop program = "/etc/init.d/httpd stop" +# if cpu > 60% for 2 cycles then alert +# if cpu > 80% for 5 cycles then restart +# if totalmem > 200.0 MB for 5 cycles then restart +# if children > 250 then restart +# if loadavg(5min) greater than 10 for 8 cycles then stop +# if failed host www.tildeslash.com port 80 protocol http +# and request "/monit/doc/next.php" +# then restart +# if failed port 443 type tcpssl protocol http +# with timeout 15 seconds +# then restart +# if 3 restarts within 5 cycles then timeout +# depends on apache_bin +# group server +# +# +## Check the filesystem permissions, uid, gid, space and inode usage. Other +## services such as databases may depend on this resource and automatical +## graceful stop may be cascaded to them before the filesystem will become +## full and the data will be lost. +# +# check filesystem datafs with path /dev/sdb1 +# start program = "/bin/mount /data" +# stop program = "/bin/umount /data" +# if failed permission 660 then unmonitor +# if failed uid root then unmonitor +# if failed gid disk then unmonitor +# if space usage > 80% for 5 times within 15 cycles then alert +# if space usage > 99% then stop +# if inode usage > 30000 then alert +# if inode usage > 99% then stop +# group server +# +# +## Check a file's timestamp: when it becomes older then 15 minutes, the +## file is not updated and something is wrong. In the case that the size +## of the file exceeded given limit, perform the script. +# +# check file database with path /data/mydatabase.db +# if failed permission 700 then alert +# if failed uid data then alert +# if failed gid data then alert +# if timestamp > 15 minutes then alert +# if size > 100 MB then exec "/my/cleanup/script" +# +# +## Check the directory permission, uid and gid. An event is triggered +## if the directory does not belong to the user with the uid 0 and +## the gid 0. In the addition the permissions have to match the octal +## description of 755 (see chmod(1)). +# +# check directory bin with path /bin +# if failed permission 755 then unmonitor +# if failed uid 0 then unmonitor +# if failed gid 0 then unmonitor +# +# +## Check the remote host network services availability and the response +## content. One of three pings, a successfull connection to a port and +## application level network check is performed. +# +# check host myserver with address 192.168.1.1 +# if failed icmp type echo count 3 with timeout 3 seconds then alert +# if failed port 3306 protocol mysql with timeout 15 seconds then alert +# if failed url +# http://user:password@www.foo.bar:8080/?querystring +# and content == 'action="j_security_check"' +# then alert +# +# +############################################################################### +## Includes +############################################################################### +## +## It is possible to include the configuration or its parts from other files or +## directories. +# +# include /etc/monit.d/* +# +# diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/contrib/monit.upstart /tmp/QeMlhPoI46/monit-5.0.3/contrib/monit.upstart --- monit-4.8.1/contrib/monit.upstart 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/contrib/monit.upstart 2008-03-31 22:13:31.000000000 +0100 @@ -0,0 +1,26 @@ +# This is an event.d (upstart) script to keep monit running +# To install disable the old way of doing things: +# +# /etc/init.d/monit stop && update-rc.d -f monit remove +# +# then put this script here: /etc/event.d/monit +# +# You can manually start and stop monit like this: +# +# start monit +# stop monit +# +# Michael Hale (http://halethegeek.com) + +start on runlevel 2 +start on runlevel 3 +start on runlevel 4 +start on runlevel 5 + +stop on runlevel 0 +stop on runlevel 6 + +exec /usr/sbin/monit -Ic /etc/monit/monitrc +instance +respawn + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/contrib/rc.monit /tmp/QeMlhPoI46/monit-5.0.3/contrib/rc.monit --- monit-4.8.1/contrib/rc.monit 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/contrib/rc.monit 2008-04-10 20:06:31.000000000 +0100 @@ -6,7 +6,7 @@ # # chkconfig: 2345 98 02 # description: Monit is a utility for managing and monitoring processes, -# files, directories and devices on a Unix system. +# files, directories and filesystems on a Unix system. # processname: monit # pidfile: /var/run/monit.pid # config: /etc/monitrc diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/contrib/wap.php /tmp/QeMlhPoI46/monit-5.0.3/contrib/wap.php --- monit-4.8.1/contrib/wap.php 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/contrib/wap.php 2008-03-31 22:13:31.000000000 +0100 @@ -3,7 +3,7 @@ // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License as -// published by the Free Software Foundation; either version 2 of the +// published by the Free Software Foundation; either version 3 of the // License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, but @@ -47,7 +47,7 @@ // This script requires PHP, and a working webserver! Tested on PHP4. // // @author Author David Fletcher, -// @version \$Id: wap.php,v 1.2 2004/11/20 23:49:19 hauk Exp $ +// @version \$Id: wap.php,v 1.4 2007/10/05 21:32:42 martinp Exp $ //Configuration data $addr = 'localhost'; @@ -136,6 +136,11 @@ // Make sure we can access the path array global $ary_path,$service_no; + //Service type 5 is system information, not a standard service + if(isset($attrs['TYPE']) && $attrs['TYPE'] == 5){ + $name = 'SYSTEM'; + } + // Push the tag into the array array_push($ary_path, $name); @@ -235,7 +240,7 @@ //Do outputs linked to the machine, not to a specific service echo '

'.date('H:i j-M-y').'

'; -echo '

Hostname: '.$data_parsed['SYSTEM']['HOSTNAME'].'
'; +echo '

Hostname: '.$data_parsed['SYSTEM']['NAME'].'
'; $days = floor($data_parsed['SERVER']['UPTIME']/60/60/24); $hours = $data_parsed['SERVER']['UPTIME']/60/60%24; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/CONTRIBUTORS /tmp/QeMlhPoI46/monit-5.0.3/CONTRIBUTORS --- monit-4.8.1/CONTRIBUTORS 2006-01-22 22:13:09.000000000 +0000 +++ monit-5.0.3/CONTRIBUTORS 2008-10-04 19:50:13.000000000 +0100 @@ -1,30 +1,27 @@ The Monit Project - http://www.tildeslash.com/monit/ + http://mmonit.com/monit/ ============================================================================ The monit project group: - Jan-Henrik Haukeland (hauk@tildeslash.com) - The Project Manager and prime mover - Martin Pala (martinp@tildeslash.com) - Specialist for planning, strategy and mixing drinks + The Project Manager and overhead projector maintainer + Jan-Henrik Haukeland (hauk@tildeslash.com) + Whiteboard and coffee machine operator + +Monit Emeritae (old team members now off doing other things): + Rory Toma (rory@digeo.com) VP of Run Level 9 - + Christian Hopp (chopp@iei.tu-clausthal.de) Research exotic stuff and brews interesting tea - -Old group members now off doing other things: - Thomas "Leppo" Oppel (oppel at kbis de) - Created Suse Packages for monit and managed monit packages - at savannah.gnu.org Other major contributors: @@ -40,22 +37,32 @@ Contributors in alphabetical order: - Michael Amster (mamster@webeasy.com) - Philipp Berndt (philipp.berndt@gmx.net) - Olivier Beyssac (ob@r14.freenix.org) - Marco Bisioli (bisioli@adriacom.it) - Joe Bryant (JBryant@RiteAid.com) - David Fletcher (david@megapico.co.uk) - Peter Holdaway - Mostafa Hosseini (mostafah@oeone.com) - Francois Isabelle (Francois.Isabelle@ca.kontron.com) - Oliver Jehle (oliver.jehle@monex.li) - Artyom Khafizov (afk@inbox.ru) - Kianusch Sayah Karadji (kianusch.sayah.karadji@sk-tech.net) - Vlada Macek (tuttle@bbs.fsik.cvut.cz) - Michel Marti (michel.marti@objectxp.com) - Arkadiusz Miskiewicz (arekm@pld-linux.org) - Tatsuya Nonogaki (nonotats@asahi.email.ne.jp) - Rick Robino (rrobino@wavedivision.com>) - Richard Schwaninger (risc@vmilch.at) - Margarida Sequeira (margarida@openbsd.org) + Michael Amster + Philipp Berndt + Olivier Beyssac + Marco Bisioli + Joe Bryant + Will Bryant + Dave Cheney + Sébastien Debrard + Fco.Javier Felix + David Fletcher + Pierrick Grasland + Klaus Heinz + Peter Holdaway + Mostafa Hosseini + Francois Isabelle + Oliver Jehle + Artyom Khafizov + Bret McDanel + Kianusch Sayah Karadji + Thomas Lohmueller + Vlada Macek + Michel Marti + Wilhelm Meier + Arkadiusz Miskiewicz + Tatsuya Nonogaki + Rick Robino + Richard Schwaninger + Margarida Sequeira + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/control.c /tmp/QeMlhPoI46/monit-5.0.3/control.c --- monit-4.8.1/control.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/control.c 2009-02-13 13:06:31.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -60,7 +70,7 @@ * @author Rory Toma, * @author Martin Pala, * - * @version \$Id: control.c,v 1.103 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: control.c,v 1.121 2009/02/13 09:18:05 hauk Exp $ * * @file */ @@ -69,13 +79,13 @@ /* -------------------------------------------------------------- Prototypes */ -static void do_start(Service_T); -static int do_stop(Service_T); -static void do_monitor(Service_T); -static void do_unmonitor(Service_T); -static void *wait_start(void *); -static int wait_stop(Service_T); -static void do_depend(Service_T, int); +static void do_start(Service_T); +static int do_stop(Service_T); +static void do_monitor(Service_T); +static void do_unmonitor(Service_T); +static void wait_start(Service_T); +static int wait_stop(Service_T); +static void do_depend(Service_T, int); /* ------------------------------------------------------------------ Public */ @@ -89,7 +99,6 @@ void control_service_daemon(const char *S, const char *action) { Socket_T s; - char *auth= Util_getBasicAuthHeader(); ASSERT(S); ASSERT(action); @@ -97,7 +106,7 @@ if(Util_getAction(action) == ACTION_IGNORE) { LogError("%s: Cannot %s service '%s' -- invalid action %s\n", prog, action, S, action); - goto error; + return; } s= socket_new(Run.bind_addr?Run.bind_addr:"localhost", @@ -107,44 +116,71 @@ LogError("%s: Cannot connect to the monit daemon." " Did you start it with http support?\n", prog); - goto error; } else { - - if(socket_print(s, "GET /%s?action=%s HTTP/1.0\r\n%s\r\n", - S, action, auth?auth:"") < 0) + + char *auth = Util_getBasicAuthHeaderMonit(); + + if(socket_print(s, + "POST /%s HTTP/1.0\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: %d\r\n" + "%s" + "\r\n" + "action=%s", + S, + strlen("action=") + strlen(action), + auth?auth:"", + action) < 0) + { LogError("%s: Cannot send the command '%s' to the monit daemon -- %s", prog, action?action:"null", STRERROR); + } + FREE(auth); socket_free(&s); } -error: - FREE(auth); - } /** * Check to see if we should try to start/stop service * @param S A service name as stated in the config file - * @param action A string describing the action to execute - * @return TRUE if the service was handled successfully otherwise FALSE + * @param A A string describing the action to execute */ -void control_service(const char *S, const char *action) { +void control_service_string(const char *S, const char *A) { + + int a; + + ASSERT(S); + ASSERT(A); + + if((a = Util_getAction(A)) == ACTION_IGNORE) { + LogError("%s: service '%s' -- invalid action %s\n", prog, S, A); + return; + } + control_service(S, a); +} + + +/** + * Check to see if we should try to start/stop service + * @param S A service name as stated in the config file + * @param A An action id describing the action to execute + */ +void control_service(const char *S, int A) { Service_T s = NULL; ASSERT(S); - ASSERT(action); if(!(s= Util_getService(S))) { - LogError("%s: Cannot %s service '%s' -- not found in %s\n", - prog, action, S, Run.controlfile); + LogError("%s: service '%s' -- doesn't exist\n", prog, S); return; } - switch(Util_getAction(action)) { + switch(A) { case ACTION_START: if(s->type==TYPE_PROCESS) { @@ -154,7 +190,7 @@ return; } if(!s->start) { - DEBUG("%s: Start method not defined -- process %s\n", prog, S); + LogError("%s: Start method not defined -- process %s\n", prog, S); Util_monitorSet(s); return; } @@ -166,7 +202,7 @@ case ACTION_STOP: if(s->type==TYPE_PROCESS && !s->stop) { - DEBUG("%s: Stop method not defined -- process %s\n", prog, S); + LogError("%s: Stop method not defined -- process %s\n", prog, S); Util_monitorUnset(s); return; } @@ -180,7 +216,7 @@ case ACTION_RESTART: if(s->type==TYPE_PROCESS && (!s->start || !s->stop)) { - DEBUG("%s: Start or stop method not defined -- process %s\n", prog, S); + LogError("%s: Start or stop method not defined -- process %s\n", prog, S); Util_monitorSet(s); return; } @@ -212,8 +248,7 @@ break; default: - LogError("%s: Cannot %s service '%s' -- invalid action %s\n", - prog, action, S, action); + LogError("%s: service '%s' -- invalid action %s\n", prog, S, A); break; } } @@ -266,25 +301,12 @@ } if(s->start && (s->type!=TYPE_PROCESS || !Util_isProcessRunning(s))) { - int status; - pthread_t thread; - LogInfo("'%s' start: %s\n", s->name, s->start->arg[0]); spawn(s, s->start, "Started"); if(s->type==TYPE_PROCESS) { /* We only wait for a process type, other service types does not * have a pid file to watch */ - LOCK(Run.mutex) - Run.wait_start++; - END_LOCK; - status= pthread_create(&thread, NULL, wait_start, s); - if(status != 0) { - LOCK(Run.mutex) - Run.wait_start--; - END_LOCK; - LogError("Warning: Failed to create the start controller thread. " - "Thread error -- %s.\n", strerror(status)); - } + wait_start(s); } } Util_monitorSet(s); @@ -315,7 +337,6 @@ if(s->stop && (s->type!=TYPE_PROCESS || Util_isProcessRunning(s))) { LogInfo("'%s' stop: %s\n", s->name, s->stop->arg[0]); spawn(s, s->stop, "Stopped"); - if(s->type==TYPE_PROCESS) { /* Only wait for process service types */ if(!wait_stop(s)) @@ -432,35 +453,23 @@ * posted to notify the user. * @param service A Service to wait for */ -static void *wait_start(void *service) { - - Service_T s= service; - int max_tries= Run.polltime; +static void wait_start(Service_T s) { + int max_tries= s->start->timeout; ASSERT(s); - pthread_detach(pthread_self()); - while(max_tries-- && !Run.stopped) { if(Util_isProcessRunning(s)) break; sleep(1); } - if(!Util_isProcessRunning(s)) { - Event_post(s, EVENT_EXEC, STATE_FAILED, s->action_EXEC, - "'%s' failed to start", s->name); - } else { - Event_post(s, EVENT_EXEC, STATE_PASSED, s->action_EXEC, - "'%s' started", s->name); - } + if(!Util_isProcessRunning(s)) + Event_post(s, EVENT_EXEC, STATE_FAILED, s->action_EXEC, "failed to start"); + else + Event_post(s, EVENT_EXEC, STATE_SUCCEEDED, s->action_EXEC, "started"); - LOCK(Run.mutex) - Run.wait_start--; - END_LOCK; - - return NULL; - + return; } @@ -475,7 +484,7 @@ */ static int wait_stop(Service_T s) { - int max_tries= Run.polltime; + int max_tries= s->stop->timeout; ASSERT(s); @@ -486,12 +495,10 @@ } if(Util_isProcessRunning(s)) { - Event_post(s, EVENT_EXEC, STATE_FAILED, s->action_EXEC, - "'%s' failed to stop", s->name); + Event_post(s, EVENT_EXEC, STATE_FAILED, s->action_EXEC, "failed to stop"); return FALSE; } else { - Event_post(s, EVENT_EXEC, STATE_PASSED, s->action_EXEC, - "'%s' stopped", s->name); + Event_post(s, EVENT_EXEC, STATE_SUCCEEDED, s->action_EXEC, "stopped"); } return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/COPYING /tmp/QeMlhPoI46/monit-5.0.3/COPYING --- monit-4.8.1/COPYING 2006-01-01 22:01:02.000000000 +0000 +++ monit-5.0.3/COPYING 2008-03-31 22:13:31.000000000 +0100 @@ -1,285 +1,626 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. - Preamble + Preamble - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of this License. - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it @@ -287,15 +628,15 @@ To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least +state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) - This program is free software; you can redistribute it and/or modify + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, @@ -304,37 +645,47 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - + along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. + + + License Exception + +In addition, as a special exception, the copyright holders give +permission to link the code of portions of this program with the +OpenSSL library under certain conditions as described in each +individual source file, and distribute linked combinations +including the two. + +You must obey the GNU General Public License in all respects +for all of the code used other than OpenSSL. If you modify +file(s) with this exception, you may extend this exception to your +version of the file(s), but you are not obligated to do so. If you +do not wish to do so, delete this exception statement from your +version. If you delete this exception statement from all source +files in the program, then also delete it here. diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/daemonize.c /tmp/QeMlhPoI46/monit-5.0.3/daemonize.c --- monit-4.8.1/daemonize.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/daemonize.c 2009-02-13 13:06:31.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -65,7 +75,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: daemonize.c,v 1.21 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: daemonize.c,v 1.27 2009/02/13 09:18:05 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/changelog /tmp/QeMlhPoI46/monit-5.0.3/debian/changelog --- monit-4.8.1/debian/changelog 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/changelog 2009-08-24 16:12:09.000000000 +0100 @@ -1,3 +1,80 @@ +monit (1:5.0.3-3~blueyedppa1) hardy; urgency=low + + * Backport for Hardy. + + -- Daniel Hahler Mon, 24 Aug 2009 17:02:57 +0200 + +monit (1:5.0.3-3) unstable; urgency=low + + * Daemon poll interval moved to rc-file instead of defaults + (Closes: #541425) + * Package upgraded (Closes: 453248) + * Configuration snippets are included from /etc/monit/conf.d/* + (Closes: #296479) + + -- Stefan Alfredsson Tue, 18 Aug 2009 22:49:13 +0200 + +monit (1:5.0.3-2) unstable; urgency=low + + * inet6 and getaddr() fix (Thanks to Michael Stapelberg!) + (Closes: #541139) + + -- Stefan Alfredsson Wed, 12 Aug 2009 07:46:19 +0200 + +monit (1:5.0.3-1) unstable; urgency=low + + * New upstream release + * CPU-count fix in upstream release (Closes: #517816) + * Full eventqueue bug fixed in upstream release (Closes: #514709) + * Non-md5sum password bug fix by upstream (Closes: #474009) + * Uses unique message id's (Closes: #498346) + * Typo in "monit status" fixed (Closes: #506923) + * New format of debian watch file (Closes: #529128) + * Enabled PAM functionality + + -- Stefan Alfredsson Sat, 08 Aug 2009 10:21:37 +0200 + +monit (1:4.10.1-4) unstable; urgency=low + + * Patch for config file location was not applied (Closes: #479357) + (thanks to DVZ-Team ) + * The relocation patch created an unneccessary "file.c.orig", this + was removed from the patch. + + -- Stefan Alfredsson Sun, 24 Aug 2008 23:44:46 +0000 + +monit (1:4.10.1-3) unstable; urgency=low + + * SSL enabled as upstream provided GPL/OpenSSL + license exception (Closes: #466821) + + -- Stefan Alfredsson Fri, 22 Feb 2008 07:25:01 +0100 + +monit (1:4.10.1-2) unstable; urgency=low + + * Added build-dependency on dpatch (Closes: #463469) + + -- Stefan Alfredsson Thu, 31 Jan 2008 22:22:59 +0100 + +monit (1:4.10.1-1) unstable; urgency=low + + * New upstream release (Closes: #453248) + * Upstream has fixed pid testing since v4.8 (Closes: #364844) + * Event queue segfault problem patched by upstream (Closes: #399027) + * HTTP segfault patched by upstream (Closes: #433164) + * Added LSB formatted dependency to init-script (Closes: #460299) + * Removed bashism echo -e in init-script (Closes: #411886) + + -- Stefan Alfredsson Tue, 29 Jan 2008 21:36:33 +0100 + +monit (1:4.9-1) unstable; urgency=low + + * New upstream release + * Updated init-script to use printf instead of echo -e (Closes: #411886) + * Removed LFS patch because its integrated by upstream + + -- Stefan Alfredsson Wed, 25 Jul 2007 00:05:35 +0200 + monit (1:4.8.1-2.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/control /tmp/QeMlhPoI46/monit-5.0.3/debian/control --- monit-4.8.1/debian/control 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/control 2009-08-24 16:12:09.000000000 +0100 @@ -2,8 +2,8 @@ Section: admin Priority: optional Maintainer: Stefan Alfredsson -Build-Depends: debhelper (>> 3.0.0), byacc, flex, cdbs (>= 0.2.4), libssl-dev, automake1.9 -Standards-Version: 3.6.1 +Build-Depends: debhelper (>> 3.0.0), byacc, flex, cdbs (>= 0.2.4), libssl-dev, automake1.9, dpatch, libpam-dev +Standards-Version: 3.8.2.0 Package: monit Architecture: any diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/copyright /tmp/QeMlhPoI46/monit-5.0.3/debian/copyright --- monit-4.8.1/debian/copyright 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/copyright 2009-08-24 16:12:09.000000000 +0100 @@ -1,26 +1,53 @@ -This package was debianized by Fredrik Steen on -Tue, 21 May 2002 09:52:55 +0200. +This package was originally debianized by Fredrik Steen +on Tue, 21 May 2002 09:52:55 +0200. + +The current Debian maintainser is Stefan Alfredsson It was downloaded from http://www.tildeslash.com/monit/dist/ -Upstream Author: Jan-Henrik Haukeland +Version 5.0.3 of the package was downloaded from http://mmonit.com/monit/dist/ + +Upstream Authors: Jan-Henrik Haukeland and +others according to the CONTRIBUTORS file distributed in the source +archive. + + +Copyright (C) 2000-2009 Tildeslash Ltd. All rights reserved. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. -Copyright: + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . - This package is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 dated June, 1991. - - This package is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this package; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA - 02111-1307, USA. On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL'. +On Tue Feb 19 11:50:18 2008 UTC (2 days, 1 hour ago) by hauk, +the following license exception was given: + +http://cvs.savannah.gnu.org/viewvc/monit/monit/COPYING?revision=1.3&view=markup + + License Exception + +In addition, as a special exception, the copyright holders give +permission to link the code of portions of this program with the +OpenSSL library under certain conditions as described in each +individual source file, and distribute linked combinations +including the two. + +You must obey the GNU General Public License in all respects +for all of the code used other than OpenSSL. If you modify +file(s) with this exception, you may extend this exception to your +version of the file(s), but you are not obligated to do so. If you +do not wish to do so, delete this exception statement from your +version. If you delete this exception statement from all source +files in the program, then also delete it here. diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/monit.default /tmp/QeMlhPoI46/monit-5.0.3/debian/monit.default --- monit-4.8.1/debian/monit.default 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/monit.default 2009-08-24 16:12:09.000000000 +0100 @@ -1,11 +1,11 @@ # Defaults for monit initscript # sourced by /etc/init.d/monit # installed at /etc/default/monit by maintainer scripts -# Fredrik Steen +# Stefan Alfredsson # You must set this variable to for monit to start startup=0 -# To change the intervals which monit should run uncomment -# and change this variable. -# CHECK_INTERVALS=180 +# To change the intervals which monit should run, +# edit the configuration file /etc/monit/monitrc +# It can no longer be configured here. diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/monit.dirs /tmp/QeMlhPoI46/monit-5.0.3/debian/monit.dirs --- monit-4.8.1/debian/monit.dirs 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/monit.dirs 2009-08-24 16:12:09.000000000 +0100 @@ -1,3 +1,4 @@ etc/default etc/monit +etc/monit/conf.d var/lib/monit diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/monit.docs /tmp/QeMlhPoI46/monit-5.0.3/debian/monit.docs --- monit-4.8.1/debian/monit.docs 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/monit.docs 2009-08-24 16:12:09.000000000 +0100 @@ -1,6 +1,8 @@ FAQ.txt README README.SSL -UPGRADE.txt +CHANGES.txt +CONTRIBUTORS doc/monit.html debian/README.Debian +contrib diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/monit.init /tmp/QeMlhPoI46/monit-5.0.3/debian/monit.init --- monit-4.8.1/debian/monit.init 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/monit.init 2009-08-24 16:12:09.000000000 +0100 @@ -1,13 +1,20 @@ #!/bin/sh +### BEGIN INIT INFO +# Provides: monit +# Required-Start: $remote_fs +# Required-Stop: $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: service and resource monitoring daemon +### END INIT INFO # /etc/init.d/monit start and stop monit daemon monitor process. # Fredrik Steen, stone@debian.org -: +# Stefan Alfredsson, alfs@debian.org + PATH=/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/sbin/monit CONFIG="/etc/monit/monitrc" DELAY="/etc/monit/monit_delay" -CHECK_INTERVALS=180 -# We default to 180s (3min) check intervals NAME=monit DESC="daemon monitor" @@ -20,15 +27,15 @@ . /etc/default/monit fi -ARGS="-d $CHECK_INTERVALS -c $CONFIG -s /var/lib/monit/monit.state" +ARGS="-c $CONFIG -s /var/lib/monit/monit.state" monit_not_configured () { - echo -e "monit won't be started/stopped\n\tunless it it's configured" + printf "%b\n" "monit won't be started/stopped\n\tunless it it's configured" if [ "$1" != "stop" ] then - echo -e "\tplease configure monit and then edit /etc/default/monit" - echo -e "\tand set the \"startup\" variable to 1 in order to allow " - echo -e "\tmonit to start" + printf "%b\n" "\tplease configure monit and then edit /etc/default/monit" + printf "%b\n" "\tand set the \"startup\" variable to 1 in order to allow " + printf "%b\n" "\tmonit to start" fi exit 0 } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/monit.pam /tmp/QeMlhPoI46/monit-5.0.3/debian/monit.pam --- monit-4.8.1/debian/monit.pam 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/debian/monit.pam 2009-08-24 16:12:09.000000000 +0100 @@ -0,0 +1,5 @@ +# monit: auth account password session +auth sufficient pam_securityserver.so +auth sufficient pam_unix.so +auth required pam_deny.so +account required pam_permit.so diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/00list /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/00list --- monit-4.8.1/debian/patches/00list 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/debian/patches/00list 2009-08-24 16:12:09.000000000 +0100 @@ -0,0 +1,2 @@ +config_file_relocation +monit.1-debian-path diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/config_file_relocation-2.patch /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/config_file_relocation-2.patch --- monit-4.8.1/debian/patches/config_file_relocation-2.patch 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/patches/config_file_relocation-2.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,50 +0,0 @@ -#!/bin/sh -e -## 50_config_file_relocation.dpatch by Stefan Alfredsson -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -if [ $# -ne 1 ]; then - echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" - exit 1 -fi - -[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -patch_opts="${patch_opts:--f --no-backup-if-mismatch}" - -case "$1" in - -patch) patch $patch_opts -p1 < $0;; - -unpatch) patch $patch_opts -p1 -R < $0;; - *) - echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" - exit 1;; -esac - -exit 0 - -@DPATCH@ ---- file-orig.c Tue Apr 5 16:56:26 2005 -+++ file.c Tue Apr 5 16:58:55 2005 -@@ -155,6 +155,11 @@ - return (rcfile); - } - memset(rcfile, 0, STRLEN); -+ snprintf(rcfile, STRLEN, "/etc/monit/%s", MONITRC); -+ if(File_exist(rcfile)) { -+ return (rcfile); -+ } -+ memset(rcfile, 0, STRLEN); - snprintf(rcfile, STRLEN, "/etc/%s", MONITRC); - if(File_exist(rcfile)) { - return (rcfile); -@@ -170,8 +175,8 @@ - return (rcfile); - } - LogError("%s: Cannot find the control file at " -- "~/.%s, /etc/%s, /usr/local/etc/%s or at ./%s \n", -- prog, MONITRC, MONITRC, MONITRC, MONITRC); -+ "~/.%s, /etc/monit/%s, /etc/%s, /usr/local/etc/%s or at ./%s \n", -+ prog, MONITRC, MONITRC, MONITRC, MONITRC, MONITRC); - exit(1); - - } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/config_file_relocation.dpatch /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/config_file_relocation.dpatch --- monit-4.8.1/debian/patches/config_file_relocation.dpatch 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/debian/patches/config_file_relocation.dpatch 2009-08-24 16:12:09.000000000 +0100 @@ -0,0 +1,33 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## config_file_relocation.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad monit-4.10.1/file.c /tmp/dpep.zWsLpf/monit-4.10.1/file.c +--- monit-4.10.1/file.c Sun Aug 12 20:02:48 2007 ++++ /tmp/dpep.zWsLpf/monit-4.10.1/file.c Tue Jan 29 21:43:29 2008 +@@ -158,6 +158,11 @@ + return (rcfile); + } + memset(rcfile, 0, STRLEN); ++ snprintf(rcfile, STRLEN, "/etc/monit/%s", MONITRC); ++ if(File_exist(rcfile)) { ++ return (rcfile); ++ } ++ memset(rcfile, 0, STRLEN); + snprintf(rcfile, STRLEN, "/etc/%s", MONITRC); + if(File_exist(rcfile)) { + return (rcfile); +@@ -178,8 +183,8 @@ + return (rcfile); + } + LogError("%s: Cannot find the control file at " +- "~/.%s, /etc/%s, %s/%s, /usr/local/etc/%s or at ./%s \n", +- prog, MONITRC, MONITRC, SYSCONFDIR, MONITRC, MONITRC, MONITRC); ++ "~/.%s, /etc/monit/%s, /etc/%s, /usr/local/etc/%s or at ./%s \n", ++ prog, MONITRC, MONITRC, MONITRC, MONITRC, MONITRC); + exit(1); + + } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/config_file_relocation.patch-old /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/config_file_relocation.patch-old --- monit-4.8.1/debian/patches/config_file_relocation.patch-old 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/patches/config_file_relocation.patch-old 1970-01-01 01:00:00.000000000 +0100 @@ -1,63 +0,0 @@ -#!/bin/sh -e -## 50_config_file_relocation.dpatch by Fredrik Steen -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -if [ $# -ne 1 ]; then - echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" - exit 1 -fi - -[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -patch_opts="${patch_opts:--f --no-backup-if-mismatch}" - -case "$1" in - -patch) patch $patch_opts -p1 < $0;; - -unpatch) patch $patch_opts -p1 -R < $0;; - *) - echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" - exit 1;; -esac - -exit 0 - -@DPATCH@ -diff -urNad /home/stone/debian/monit/monit-4.x/monit-4.0/file.c monit-4.0/file.c ---- /home/stone/debian/monit/monit-4.x/monit-4.0/file.c 2003-09-24 16:00:48.000000000 +0200 -+++ monit-4.0/file.c 2003-09-24 16:10:18.000000000 +0200 -@@ -175,6 +175,19 @@ - return (rcfile); - - } -+ -+/** -+ * Added by Fredrik Steen -+ * Debian want's to have configfiles in subdir in /etc -+ */ -+ memset(rcfile, 0, STRLEN); -+ snprintf(rcfile, STRLEN, "/etc/monit/%s", MONITRC); -+ -+ if(exist_file(rcfile)) { -+ -+ return (rcfile); -+ -+ } - - memset(rcfile, 0, STRLEN); - snprintf(rcfile, STRLEN, "/etc/%s", MONITRC); -@@ -194,8 +207,12 @@ - - } - -- log("%s: Cannot find the control file at ~/.%s, /etc/%s or at ./%s \n", -- prog, MONITRC, MONITRC, MONITRC); -+ /** -+ * Changed by Fredrik Steen -+ * Changed the message to match with new location /etc/monit/ -+ */ -+ log("%s: Cannot find the control file at ~/.%s, /etc/%s, /etc/monit/%s or at ./%s \n", -+ prog, MONITRC, MONITRC, MONITRC, MONITRC); - - exit(1); - diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/monit.1-debian-path.dpatch /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/monit.1-debian-path.dpatch --- monit-4.8.1/debian/patches/monit.1-debian-path.dpatch 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/debian/patches/monit.1-debian-path.dpatch 2009-08-24 16:12:09.000000000 +0100 @@ -0,0 +1,49 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## monit.1-debian-path.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad monit-5.0.3~/monit.1 monit-5.0.3/monit.1 +--- monit-5.0.3~/monit.1 2009-08-08 10:47:51.000000000 +0200 ++++ monit-5.0.3/monit.1 2009-08-08 10:48:08.000000000 +0200 +@@ -313,7 +313,7 @@ + .IX Header "HOW TO MONITOR" + Monit is configured and controlled via a control file called + \&\fBmonitrc\fR. The default location for this file is ~/.monitrc. If +-this file does not exist, Monit will try /etc/monitrc, then ++this file does not exist, Monit will try /etc/monit/monitrc, then + \&\f(CW@sysconfdir\fR@/monitrc and finally ./monitrc. + .PP + A Monit control file consists of a series of service entries and +@@ -471,7 +471,7 @@ + .PP + .Vb 2 + \& # Run Monit in standard run\-levels +-\& mo:2345:respawn:/usr/local/bin/Monit \-Ic /etc/monitrc ++\& mo:2345:respawn:/usr/sbin/monit \-Ic /etc/monit/monitrc + .Ve + .PP + After you have modified init's configuration file, you can run +@@ -1757,7 +1757,7 @@ + Example: + .PP + .Vb 2 +-\& check file monit.bin with path "/usr/local/bin/monit" ++\& check file monit.bin with path "/usr/sbin/monit" + \& if failed permission 0555 then unmonitor + .Ve + .PP +@@ -3662,9 +3662,9 @@ + \&\fI~/.monitrc\fR + Default run control file + .PP +-\&\fI/etc/monitrc\fR ++\&\fI/etc/monit/monitrc\fR + If the control file is not found in the default +- location and /etc contains a \fImonitrc\fR file, this ++ location and /etc/monit/ contains a \fImonitrc\fR file, this + file will be used instead. + .PP + \&\fI./monitrc\fR diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/monit.1.path-debian-fix.patch /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/monit.1.path-debian-fix.patch --- monit-4.8.1/debian/patches/monit.1.path-debian-fix.patch 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/patches/monit.1.path-debian-fix.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,79 +0,0 @@ ---- monit-orig.1 Tue Apr 5 17:01:31 2005 -+++ monit.1 Tue Apr 5 17:06:07 2005 -@@ -301,8 +301,8 @@ - .IX Header "HOW TO MONITOR" - monit is configured and controlled via a control file called - \&\fBmonitrc\fR. The default location for this file is ~/.monitrc. If --this file does not exist, monit will try /etc/monitrc, then --/usr/local/etc/monitrc and finally ./monitrc. -+this file does not exist, monit will try /etc/monit/monitrc, then -+/etc/monitrc, then /usr/local/etc/monitrc and finally ./monitrc. - .PP - A monit control file consists of a series of service entries and - global option statements in a free\-format, token-oriented syntax. -@@ -445,7 +445,7 @@ - .PP - .Vb 2 - \& # Run monit in standard run\-levels --\& mo:2345:respawn:/usr/local/bin/monit \-Ic /etc/monitrc -+\& mo:2345:respawn:/usr/sbin/monit \-Ic /etc/monit/monitrc - .Ve - .PP - After you have modified init's configuration file, you can run -@@ -1414,7 +1414,7 @@ - script. Example: - .PP - .Vb 3 --\& check file monit.bin with path "/usr/local/bin/monit" -+\& check file monit.bin with path "/usr/sbin/monit" - \& if failed permission 0555 then unmonitor - \& alert foo@bar - .Ve -@@ -3219,7 +3219,7 @@ - .IX Item "4. monit starts the node group" - .PD - .PP --\&\fBMonit: \f(BI/etc/monitrc\fB\fR -+\&\fBMonit: \f(BI/etc/monit/monitrc\fB\fR - .PP - This example describes a cluster with 2 nodes. Services running - on Node 1 are in the group \fInode1\fR and Node 2 services are in -@@ -3310,7 +3310,7 @@ - .PP - .Vb 2 - \& #/etc/inittab --\& mo:2345:respawn:/usr/local/bin/monit \-d 10 \-c /etc/monitrc \-g local -+\& mo:2345:respawn:/usr/sbin/monit \-d 10 \-c /etc/monit/monitrc \-g local - .Ve - .PP - \&\fBheartbeat: \f(BI/etc/ha.d/haresources\fB\fR -@@ -3333,7 +3333,7 @@ - \& # - \& # sample script for starting/stopping all services on node1 - \& # --\& prog="/usr/local/bin/monit \-g node1" -+\& prog="/usr/sbin/monit \-g node1" - \& start() - \& { - \& echo \-n $"Starting $prog:" -@@ -3386,9 +3386,9 @@ - \&\fI~/.monitrc\fR - Default run control file - .PP --\&\fI/etc/monitrc\fR -+\&\fI/etc/monit/monitrc\fR - If the control file is not found in the default -- location and /etc contains a \fImonitrc\fR file, this -+ location and /etc/monit contains a \fImonitrc\fR file, this - file will be used instead. - .PP - \&\fI./monitrc\fR -@@ -3493,6 +3493,8 @@ - Rory Toma - .PP - See also http://www.tildeslash.com/monit/who.html -++.PP -++Edited by Stefan Alfredsson for the Debian project. - .SH "COPYRIGHT" - .IX Header "COPYRIGHT" - Copyright (C) 2000\-2005 by the monit project group. All Rights diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/monit.1.path-debian-fix.patch-old /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/monit.1.path-debian-fix.patch-old --- monit-4.8.1/debian/patches/monit.1.path-debian-fix.patch-old 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/patches/monit.1.path-debian-fix.patch-old 1970-01-01 01:00:00.000000000 +0100 @@ -1,59 +0,0 @@ ---- monit.1 2004-04-05 08:19:45.000000000 +0200 -+++ monit.2 2004-04-19 16:14:48.000000000 +0200 -@@ -297,7 +297,7 @@ useful to be able to test a remote host - .IX Header "HOW TO MONITOR" - monit is configured and controlled via a control file called - \&\fBmonitrc\fR. The default location for this file is ~/.monitrc. If --this file does not exist, monit will try /etc/monitrc and finally -+this file does not exist, monit will try /etc/monit/monitrc and finally - \&./monitrc. - .PP - A monit control file consists of a series of service entries and -@@ -438,7 +438,7 @@ the command line. Here is a sample /etc/ - .PP - .Vb 2 - \& # Run monit in standard run-levels --\& mo:2345:respawn:/usr/local/bin/monit -Ic /etc/monitrc -+\& mo:2345:respawn:/usr/sbin/monit -Ic /etc/monit/monitrc - .Ve - .PP - After you have modified init's configuration file, you can run -@@ -2897,7 +2897,7 @@ and restart the services there. - .IX Item "4. monit starts the node group" - .PD - .PP --\&\fBMonit: \f(BI/etc/monitrc\fB\fR -+\&\fBMonit: \f(BI/etc/monit/monitrc\fB\fR - .PP - This example describes a cluster with 2 nodes. Services running - on Node 1 are in the group \fInode1\fR and Node 2 services are in -@@ -2988,7 +2988,7 @@ group heartbeat is member of. - .PP - .Vb 2 - \& #/etc/inittab --\& mo:2345:respawn:/usr/local/bin/monit -d 10 -c /etc/monitrc -g local -+\& mo:2345:respawn:/usr/sbin/monit -d 10 -c /etc/monit/monitrc -g local - .Ve - .PP - \&\fBheartbeat: \f(BI/etc/ha.d/haresources\fB\fR -@@ -3064,9 +3064,9 @@ a rc-script called at boot time and befo - \&\fI~/.monitrc\fR - Default run control file - .PP --\&\fI/etc/monitrc\fR -+\&\fI/etc/monit/monitrc\fR - If the control file is not found in the default -- location and /etc contains a \fImonitrc\fR file, this -+ location and /etc/monit contains a \fImonitrc\fR file, this - file will be used instead. - .PP - \&\fI./monitrc\fR -@@ -3171,6 +3171,8 @@ Christian Hopp - .PP - See also http://www.tildeslash.com/monit/who.html -+.PP -+Edited by Fredrik Steen for the Debian project. - .SH "COPYRIGHT" - .IX Header "COPYRIGHT" - Copyright (C) 2000\-2004 by the monit project group. All Rights diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/monit-lfs.patch /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/monit-lfs.patch --- monit-4.8.1/debian/patches/monit-lfs.patch 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/patches/monit-lfs.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,282 +0,0 @@ -=================================================================== -RCS file: /sources/monit/monit/http/cervlet.c,v -retrieving revision 1.205 -retrieving revision 1.206 -diff -u -r1.205 -r1.206 ---- monit/http/cervlet.c 2006/07/04 10:40:17 1.205 -+++ monit/http/cervlet.c 2006/07/05 12:47:49 1.206 -#@@ -146,7 +146,7 @@ -# * @author Martin Pala -# * @author Christian Hopp -# * -#- * @version \$Id: cervlet.c,v 1.205 2006/07/04 10:40:17 martinp Exp $ -#+ * @version \$Id: cervlet.c,v 1.206 2006/07/05 12:47:49 hauk Exp $ -# * -# * @file -# */ -@@ -1060,11 +1060,11 @@ - } else { - - out_print(res, -- "%lu B" -+ "%llu B" - "%o" - "%d" - "%d", -- (unsigned long)s->inf->st_size, -+ (unsigned long long)s->inf->st_size, - s->inf->st_mode & 07777, - s->inf->st_uid, - s->inf->st_gid); -@@ -1675,7 +1675,7 @@ - - out_print(res, - "Associated size" -- "If %s %lu byte(s) %s then %s else if passed %s then %s", -+ "If %s %llu byte(s) %s then %s else if passed %s then %s", - operatornames[sl->operator], sl->size, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); -@@ -2162,9 +2162,9 @@ - } else { - - out_print(res, -- "Size%lu B", -+ "Size%llu B", - (s->error & EVENT_SIZE)?" color='#ff0000'":"", -- (unsigned long) s->inf->st_size); -+ (unsigned long long) s->inf->st_size); - - } - } -@@ -2419,8 +2419,8 @@ - } - if(s->type == TYPE_FILE) { - out_print(res, -- " %-33s %lu B\n", -- "size", (unsigned long) s->inf->st_size); -+ " %-33s %llu B\n", -+ "size", (unsigned long long) s->inf->st_size); - if(s->checksum) { - out_print(res, - " %-33s %s(%s)\n", -=================================================================== -RCS file: /sources/monit/monit/configure.ac,v -retrieving revision 1.142 -retrieving revision 1.143 -diff -u -r1.142 -r1.143 ---- monit/configure.ac 2006/07/03 15:38:59 1.142 -+++ monit/configure.ac 2006/07/05 12:47:49 1.143 -#@@ -1,7 +1,7 @@ -# # Process this file with autoconf to produce a configure script. -# # Mark Ferlatte, -# # -#-# $Id: configure.ac,v 1.142 2006/07/03 15:38:59 martinp Exp $ -#+# $Id: configure.ac,v 1.143 2006/07/05 12:47:49 hauk Exp $ -# -# # autoconf requirement -# AC_PREREQ([2.53]) -#@@ -10,7 +10,7 @@ -# AC_INIT([monit], [4.8.2-cvs], [monit-general@nongnu.org]) -# -# # Package info -#-AC_REVISION([$Revision: 1.142 $]) -#+AC_REVISION([$Revision: 1.143 $]) -# AC_CONFIG_SRCDIR([monitor.c]) -# -# # ------------------------------------------------------------------------ -@@ -291,6 +291,9 @@ - AC_CHECK_FUNCS(setlocale) - AC_CHECK_FUNCS(getaddrinfo) - -+# Turn on large-file support, on those platforms that implement it -+AC_SYS_LARGEFILE -+ - - # Check if we do need external GNU replacements - AC_FUNC_GETLOADAVG -=================================================================== -RCS file: /sources/monit/monit/monitor.h,v -retrieving revision 1.187 -retrieving revision 1.188 -diff -u -r1.187 -r1.188 ---- monit/monitor.h 2006/06/28 09:02:43 1.187 -+++ monit/monitor.h 2006/07/05 12:47:49 1.188 -@@ -493,7 +493,7 @@ - /** Defines size object */ - typedef struct mysize { - int operator; /**< Comparison operator */ -- unsigned long size; /**< Size watermark */ -+ unsigned long long size; /**< Size watermark */ - int test_changes; /**< TRUE if we only should test for changes */ - EventAction_T action; /**< Description of the action upon event occurence */ - -@@ -585,8 +585,8 @@ - long space_total; /**< Used space total blocks */ - - /* File specific */ -- size_t st_size; /**< Size */ -- size_t readpos; /**< Position for regex matching */ -+ off_t st_size; /**< Size */ -+ off_t readpos; /**< Position for regex matching */ - ino_t st_ino_prev; /**< Previous inode for regex matching */ - char *cs_sum; /**< Checksum */ - -=================================================================== -RCS file: /sources/monit/monit/p.y,v -retrieving revision 1.236 -retrieving revision 1.237 -diff -u -r1.236 -r1.237 ---- monit/p.y 2006/06/23 20:38:12 1.236 -+++ monit/p.y 2006/07/05 12:47:49 1.237 -#@@ -30,7 +30,7 @@ -# * @author Martin Pala -# * @author Christian Hopp -# * @author Rory Toma -#- * @version \$Id: p.y,v 1.236 2006/06/23 20:38:12 martinp Exp $ -#+ * @version \$Id: p.y,v 1.237 2006/07/05 12:47:49 hauk Exp $ -# */ -# -# #include -@@ -1448,7 +1448,7 @@ - - size : IF SIZE operator NUMBER unit rate1 THEN action1 recovery { - sizeset.operator= $3; -- sizeset.size= ((unsigned long)$4 * $5); -+ sizeset.size= ((unsigned long long)$4 * $5); - addeventaction(&(sizeset).action, $8, $9); - addsize(&sizeset, FALSE); - } -@@ -2044,7 +2044,7 @@ - s->action= ss->action; - s->test_changes= ss->test_changes; - if(ss->test_changes || nosize) -- s->size= (unsigned long)buf.st_size; -+ s->size= (unsigned long long)buf.st_size; - - s->next= current->sizelist; - current->sizelist= s; -=================================================================== -RCS file: /sources/monit/monit/util.c,v -retrieving revision 1.184 -retrieving revision 1.185 -diff -u -r1.184 -r1.185 ---- monit/util.c 2006/04/27 20:16:03 1.184 -+++ monit/util.c 2006/07/05 12:47:49 1.185 -#@@ -119,7 +119,7 @@ -# * @author Christian Hopp -# * @author Michael Amster, -# * -#- * @version \$Id: util.c,v 1.184 2006/04/27 20:16:03 martinp Exp $ -#+ * @version \$Id: util.c,v 1.185 2006/07/05 12:47:49 hauk Exp $ -# * @file -# */ -# -@@ -862,7 +862,7 @@ - "Size", - ratio1, actionnames[a->failed->id]); - else -- printf(" %-20s = if %s %lu byte(s) %s then %s else if passed %s then %s\n", -+ printf(" %-20s = if %s %llu byte(s) %s then %s else if passed %s then %s\n", - "Size", operatornames[sl->operator], sl->size, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); -@@ -1759,7 +1759,7 @@ - * @param rightExpression rval - * Returns the boolean value of the expression - */ --int Util_evalQExpression(int operator, int left, int right) { -+int Util_evalQExpression(int operator, long long left, long long right) { - - switch(operator) { - case OPERATOR_GREATER: -=================================================================== -RCS file: /sources/monit/monit/util.h,v -retrieving revision 1.15 -retrieving revision 1.16 -diff -u -r1.15 -r1.16 ---- monit/util.h 2006/04/11 23:23:26 1.15 -+++ monit/util.h 2006/07/05 12:47:49 1.16 -#@@ -30,7 +30,7 @@ -# * @author Christian Hopp -# * @author Michael Amster, -# * -#- * @version \$Id: util.h,v 1.15 2006/04/11 23:23:26 hauk Exp $ -#+ * @version \$Id: util.h,v 1.16 2006/07/05 12:47:49 hauk Exp $ -# * @file -# */ -# -@@ -371,7 +371,7 @@ - * @param rightExpression rval - * @return the boolean value of the expression - */ --int Util_evalQExpression(int operator, int left, int right); -+int Util_evalQExpression(int operator, long long left, long long right); - - - /* -=================================================================== -RCS file: /sources/monit/monit/validate.c,v -retrieving revision 1.154 -retrieving revision 1.155 -diff -u -r1.154 -r1.155 ---- monit/validate.c 2006/06/28 09:02:43 1.154 -+++ monit/validate.c 2006/07/05 12:47:49 1.155 -#@@ -90,7 +90,7 @@ -# * @author Martin Pala -# * @author Christian Hopp -# * -#- * @version \$Id: validate.c,v 1.154 2006/06/28 09:02:43 martinp Exp $ -#+ * @version \$Id: validate.c,v 1.155 2006/07/05 12:47:49 hauk Exp $ -# * @file -# */ -# -@@ -1094,7 +1094,7 @@ - /* reset expected value for next cycle */ - sl->size= s->inf->st_size; - } else { -- DEBUG("'%s' size has not changed [current size=%lu B]\n", s->name, -+ DEBUG("'%s' size has not changed [current size=%llu B]\n", s->name, - s->inf->st_size); - Event_post(s, EVENT_CHANGED, STATE_PASSED, sl->action, - "'%s' size was not changed", s->name, s->path); -@@ -1105,10 +1105,10 @@ - /* we are testing constant value for failed or passed state */ - if(Util_evalQExpression(sl->operator, s->inf->st_size, sl->size)) { - Event_post(s, EVENT_SIZE, STATE_FAILED, sl->action, -- "'%s' size test failed for %s -- current size is %lu B", -+ "'%s' size test failed for %s -- current size is %llu B", - s->name, s->path, s->inf->st_size); - } else { -- DEBUG("'%s' file size check passed [current size=%lu B]\n", s->name, -+ DEBUG("'%s' file size check passed [current size=%llu B]\n", s->name, - s->inf->st_size); - Event_post(s, EVENT_SIZE, STATE_PASSED, sl->action, "'%s' size passed", s->name); - } -=================================================================== -RCS file: /sources/monit/monit/xml.c,v -retrieving revision 1.25 -retrieving revision 1.26 -diff -u -r1.25 -r1.26 ---- monit/xml.c 2006/07/04 10:40:17 1.25 -+++ monit/xml.c 2006/07/05 12:47:49 1.26 -#@@ -50,7 +50,7 @@ -# * -# * @author Martin Pala, -# * -#- * @version \$Id: xml.c,v 1.25 2006/07/04 10:40:17 martinp Exp $ -#+ * @version \$Id: xml.c,v 1.26 2006/07/05 12:47:49 hauk Exp $ -# * -# * @file -# */ -@@ -214,8 +214,8 @@ - } - if(S->type == TYPE_FILE) { - buf_print(B, -- "\t\t%lu\r\n", -- (unsigned long) S->inf->st_size); -+ "\t\t%llu\r\n", -+ (unsigned long long) S->inf->st_size); - if(S->checksum) { - buf_print(B, - "\t\t%s\r\n", diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/rcfile.dpatch /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/rcfile.dpatch --- monit-4.8.1/debian/patches/rcfile.dpatch 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/debian/patches/rcfile.dpatch 2009-08-24 16:12:09.000000000 +0100 @@ -0,0 +1,73 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## rcfile.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad monit-5.0.3~/debian/monit.init monit-5.0.3/debian/monit.init +--- monit-5.0.3~/debian/monit.init 2009-08-08 10:21:37.000000000 +0200 ++++ monit-5.0.3/debian/monit.init 2009-08-18 22:50:06.000000000 +0200 +@@ -15,8 +15,6 @@ + DAEMON=/usr/sbin/monit + CONFIG="/etc/monit/monitrc" + DELAY="/etc/monit/monit_delay" +-CHECK_INTERVALS=180 +-# We default to 180s (3min) check intervals + NAME=monit + DESC="daemon monitor" + +@@ -29,7 +27,7 @@ + . /etc/default/monit + fi + +-ARGS="-d $CHECK_INTERVALS -c $CONFIG -s /var/lib/monit/monit.state" ++ARGS="-c $CONFIG -s /var/lib/monit/monit.state" + + monit_not_configured () { + printf "%b\n" "monit won't be started/stopped\n\tunless it it's configured" +diff -urNad monit-5.0.3~/monitrc monit-5.0.3/monitrc +--- monit-5.0.3~/monitrc 2008-11-08 23:10:26.000000000 +0100 ++++ monit-5.0.3/monitrc 2009-08-18 22:50:06.000000000 +0200 +@@ -16,7 +16,8 @@ + ## + ## Start monit in the background (run as a daemon): + # +-# set daemon 120 # check services at 2-minute intervals ++ ++set daemon 180 # check services at 3-minute intervals + # with start delay 240 # optional: delay the first check by 4-minutes + # # (by default check immediately after monit start) + # +@@ -136,7 +137,7 @@ + ## additional recipients by specifying a local alert handler. The service may + ## be grouped using the GROUP option. + # +-# check file apache_bin with path /usr/local/apache/bin/httpd ++# check file apache_bin with path /usr/sbin/apache2 + # if failed checksum and + # expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor + # if failed permission 755 then unmonitor +@@ -156,9 +157,9 @@ + ## statement. This service depends on another service (apache_bin) which + ## is defined above. + # +-# check process apache with pidfile /usr/local/apache/logs/httpd.pid +-# start program = "/etc/init.d/httpd start" with timeout 60 seconds +-# stop program = "/etc/init.d/httpd stop" ++# check process apache with pidfile /var/run/apache2.pid ++# start program = "/etc/init.d/apache2 start" with timeout 60 seconds ++# stop program = "/etc/init.d/apache2 stop" + # if cpu > 60% for 2 cycles then alert + # if cpu > 80% for 5 cycles then restart + # if totalmem > 200.0 MB for 5 cycles then restart +@@ -235,6 +236,6 @@ + ## It is possible to include additional configuration parts from other files or + ## directories. + # +-# include /etc/monit.d/* +-# +-# ++ ++include /etc/monit/conf.d/* ++ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/patches/use-getaddrinfo-instead-of-gethostbyname-to-work-with-ipv6.dpatch /tmp/QeMlhPoI46/monit-5.0.3/debian/patches/use-getaddrinfo-instead-of-gethostbyname-to-work-with-ipv6.dpatch --- monit-4.8.1/debian/patches/use-getaddrinfo-instead-of-gethostbyname-to-work-with-ipv6.dpatch 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/debian/patches/use-getaddrinfo-instead-of-gethostbyname-to-work-with-ipv6.dpatch 2009-08-24 16:12:09.000000000 +0100 @@ -0,0 +1,44 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## use-getaddrinfo-instead-of-gethostbyname-to-work-with-ipv6.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad monit-5.0.3~/net.c monit-5.0.3/net.c +--- monit-5.0.3~/net.c 2009-05-25 21:02:56.000000000 +0200 ++++ monit-5.0.3/net.c 2009-08-12 07:44:20.000000000 +0200 +@@ -240,16 +240,21 @@ + int create_socket(const char *hostname, int port, int type, int timeout) { + + int s; +- struct hostent *hp; ++ int err; + struct sockaddr_in sin; ++ struct sockaddr_in *sa; ++ struct addrinfo hints; ++ struct addrinfo *result; + + ASSERT(hostname); + +- if((hp= gethostbyname(hostname)) == NULL) { ++ memset(&hints, 0, sizeof(struct addrinfo)); ++ hints.ai_family = AF_INET; ++ if((err= getaddrinfo(hostname, NULL, &hints, &result)) != 0) { + return -1; + } + +- endhostent(); ++ sa = (struct sockaddr_in *)result->ai_addr; + + if((s= socket(AF_INET, type, 0)) < 0) { + return -1; +@@ -257,7 +262,7 @@ + + sin.sin_family= AF_INET; + sin.sin_port= htons(port); +- memcpy(&sin.sin_addr, hp->h_addr, hp->h_length); ++ memcpy(&sin.sin_addr, &(sa->sin_addr), result->ai_addrlen); + + if(! set_noblock(s)) { + goto error; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/rules /tmp/QeMlhPoI46/monit-5.0.3/debian/rules --- monit-4.8.1/debian/rules 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/rules 2009-08-24 16:12:09.000000000 +0100 @@ -1,7 +1,7 @@ #!/usr/bin/make -f include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/rules/dpatch.mk include /usr/share/cdbs/1/class/autotools.mk -include /usr/share/cdbs/1/rules/simple-patchsys.mk # This variable adds several arguments to the ./configure invocation, # in *addition* to what autotools.mk does normally. So the end command diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/debian/watch /tmp/QeMlhPoI46/monit-5.0.3/debian/watch --- monit-4.8.1/debian/watch 2009-08-24 16:12:08.000000000 +0100 +++ monit-5.0.3/debian/watch 2009-08-24 16:12:09.000000000 +0100 @@ -1,5 +1,2 @@ -# Example watch control file for uscan -# Rename this file to "watch" and then you can run the "uscan" command -# to check for upstream updates and more. -# Site Directory Pattern Version Scrip -http://www.tildeslash.com /monit/dist/ monit-(.*)\.tar\.gz debian uupdate +version=3 +http://mmonit.com/monit/dist/monit-([\d\.]*).tar.gz diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/device_common.c /tmp/QeMlhPoI46/monit-5.0.3/device/device_common.c --- monit-4.8.1/device/device_common.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/device_common.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,29 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System independent device methods. + * System independent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: device_common.c,v 1.6 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: device_common.c,v 1.14 2009/05/04 19:37:14 martinp Exp $ * * @file */ @@ -67,7 +77,7 @@ /** * This function validates whether given object is valid for filesystem * informations statistics and stores path suitable for it in given - * device information structure for later use. Filesystem must be mounted. + * filesystem information structure for later use. Filesystem must be mounted. * * Valid objects are file or directory that are part of requested * filesystem, block special device or mountpoint. @@ -93,7 +103,8 @@ if(S_ISREG(buf.st_mode) || S_ISDIR(buf.st_mode)) { - return strncpy(inf->mntpath, object, sizeof(inf->mntpath)); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, object, sizeof(inf->mntpath) - 1); } else if(S_ISBLK(buf.st_mode)) { @@ -114,11 +125,11 @@ * given information structure. * * @param inf Information structure where resulting data will be stored - * @param object Identifies requested device - either file, directory, + * @param object Identifies requested filesystem - either file, directory, * block special device or mountpoint * @return TRUE if informations were succesfully read otherwise FALSE */ -int device_usage(Info_T inf, char *object) { +int filesystem_usage(Info_T inf, char *object) { ASSERT(inf); ASSERT(object); @@ -127,7 +138,10 @@ return FALSE; } - return device_usage_sysdep(inf); + /* save the previous filesystem flags */ + inf->_flags= inf->flags; + + return filesystem_usage_sysdep(inf); } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/device.h /tmp/QeMlhPoI46/monit-5.0.3/device/device.h --- monit-4.8.1/device/device.h 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/device/device.h 2009-02-13 13:06:34.000000000 +0000 @@ -1,27 +1,37 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #ifndef MONIT_DEVICE_H #define MONIT_DEVICE_H char *device_path(Info_T, char *); -int device_usage(Info_T, char *); +int filesystem_usage(Info_T, char *); #endif diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/device_sysdep.h /tmp/QeMlhPoI46/monit-5.0.3/device/device_sysdep.h --- monit-4.8.1/device/device_sysdep.h 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/device/device_sysdep.h 2009-02-13 13:06:34.000000000 +0000 @@ -1,27 +1,37 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #ifndef MONIT_DEVICE_SYSDEP_H #define MONIT_DEVICE_SYSDEP_H char *device_mountpoint_sysdep(Info_T, char *); -int device_usage_sysdep(Info_T); +int filesystem_usage_sysdep(Info_T); #endif diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_AIX.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_AIX.c --- monit-4.8.1/device/sysdep_AIX.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_AIX.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,40 +1,76 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: sysdep_AIX.c,v 1.11 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_AIX.c,v 1.20 2009/05/04 19:37:15 martinp Exp $ * * @file */ #include +#ifdef HAVE_STDIO_H +#include +#endif + +#ifdef HAVE_ERRNO_H +#include +#endif + +#ifdef HAVE_STRING_H +#include +#endif + +#ifdef HAVE_STRINGS_H +#include +#endif + +#ifdef HAVE_MNTENT_H +#include +#endif + +#ifdef HAVE_SYS_STATFS_H +#include +#endif + #include "monitor.h" #include "device_sysdep.h" /** - * Unknown OS special block device dummy mountpoint method. + * AIX special block device mountpoint method. Filesystem must be mounted. + * In the case of success, mountpoint is stored in filesystem information + * structure for later use. * * @param inf Information structure * @param blockdev Identifies block special device @@ -42,7 +78,32 @@ */ char *device_mountpoint_sysdep(Info_T inf, char *blockdev) { - LogError("%s: Unsupported mounted filesystem information method", prog); + struct mntent *mnt; + FILE *mntfd; + + ASSERT(inf); + ASSERT(blockdev); + + + if((mntfd= setmntent("/etc/mtab", "r")) == NULL) { + LogError("%s: Cannot open /etc/mtab file\n", prog); + return NULL; + } + + /* Finf->mntpathirst match is significant */ + while((mnt= getmntent(mntfd)) != NULL) { + + if(IS(blockdev, mnt->mnt_fsname)) { + + endmntent(mntfd); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, mnt->mnt_dir, sizeof(inf->mntpath) - 1); + + } + + } + + endmntent(mntfd); return NULL; @@ -50,16 +111,32 @@ /** - * Unknown OS filesystem dummy usage statistics. + * AIX filesystem usage statistics. In the case of success result is stored in + * given information structure. * * @param inf Information structure * @return FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { + + struct statfs usage; + + ASSERT(inf); - LogError("%s: Unsupported filesystem informations gathering method\n", prog); + if(statfs(inf->mntpath, &usage) != 0) { + LogError("%s: Error getting usage statistics for filesystem '%s' -- %s\n", + prog, inf->mntpath, STRERROR); + return FALSE; + } + + inf->f_bsize= usage.f_bsize; + inf->f_blocks= usage.f_blocks; + inf->f_blocksfree= usage.f_bavail; + inf->f_blocksfreetotal= usage.f_bfree; + inf->f_files= usage.f_files; + inf->f_filesfree= usage.f_ffree; - return FALSE; + return TRUE; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_DARWIN.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_DARWIN.c --- monit-4.8.1/device/sysdep_DARWIN.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_DARWIN.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,29 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: sysdep_DARWIN.c,v 1.14 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_DARWIN.c,v 1.22 2009/05/04 19:37:15 martinp Exp $ * * @file */ @@ -55,7 +65,7 @@ /** * MacOS X special block device mountpoint method. Filesystem must be mounted. - * In the case of success, mountpoint is stored in device information + * In the case of success, mountpoint is stored in filesystem information * structure for later use. * * @param inf Information structure where resulting data will be stored @@ -70,12 +80,13 @@ ASSERT(blockdev); if(statfs(blockdev, &usage) != 0) { - LogError("%s: Error getting mountpoint for device '%s' -- %s\n", + LogError("%s: Error getting mountpoint for filesystem '%s' -- %s\n", prog, blockdev, STRERROR); return NULL; } - return strncpy(inf->mntpath, usage.f_mntonname, sizeof(inf->mntpath)); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, usage.f_mntonname, sizeof(inf->mntpath) - 1); } @@ -87,14 +98,14 @@ * @param inf Information structure where resulting data will be stored * @return TRUE if informations were succesfully read otherwise FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { struct statfs usage; ASSERT(inf); if(statfs(inf->mntpath, &usage) != 0) { - LogError("%s: Error getting usage statistics for device '%s' -- %s\n", + LogError("%s: Error getting usage statistics for filesystem '%s' -- %s\n", prog, inf->mntpath, STRERROR); return FALSE; } @@ -105,6 +116,7 @@ inf->f_blocksfreetotal= usage.f_bfree; inf->f_files= usage.f_files; inf->f_filesfree= usage.f_ffree; + inf->flags= usage.f_flags; return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_FREEBSD.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_FREEBSD.c --- monit-4.8.1/device/sysdep_FREEBSD.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_FREEBSD.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,29 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: sysdep_FREEBSD.c,v 1.14 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_FREEBSD.c,v 1.23 2009/05/04 19:37:15 martinp Exp $ * * @file */ @@ -55,7 +65,7 @@ /** * FreeBSD special block device mountpoint method. Filesystem must be mounted. - * In the case of success, mountpoint is stored in device information + * In the case of success, mountpoint is stored in filesystem information * structure for later use. * * @param inf Information structure where resulting data will be stored @@ -70,12 +80,13 @@ ASSERT(blockdev); if(statfs(blockdev, &usage) != 0) { - LogError("%s: Error getting mountpoint for device '%s' -- %s\n", + LogError("%s: Error getting mountpoint for filesystem '%s' -- %s\n", prog, blockdev, STRERROR); return NULL; } - return strncpy(inf->mntpath, usage.f_mntonname, sizeof(inf->mntpath)); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, usage.f_mntonname, sizeof(inf->mntpath) - 1); } @@ -87,14 +98,14 @@ * @param inf Information structure where resulting data will be stored * @return TRUE if informations were succesfully read otherwise FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { struct statfs usage; ASSERT(inf); if(statfs(inf->mntpath, &usage) != 0) { - LogError("%s: Error getting usage statistics for device '%s' -- %s\n", + LogError("%s: Error getting usage statistics for filesystem '%s' -- %s\n", prog, inf->mntpath, STRERROR); return FALSE; } @@ -105,6 +116,7 @@ inf->f_blocksfreetotal= usage.f_bfree; inf->f_files= usage.f_files; inf->f_filesfree= usage.f_ffree; + inf->flags= usage.f_flags; return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_HPUX.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_HPUX.c --- monit-4.8.1/device/sysdep_HPUX.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_HPUX.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,29 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: sysdep_HPUX.c,v 1.14 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_HPUX.c,v 1.23 2009/05/04 19:37:15 martinp Exp $ * * @file */ @@ -60,7 +70,7 @@ /** * HPUX special block device mountpoint method. Filesystem must be mounted. - * In the case of success, mountpoint is stored in device information + * In the case of success, mountpoint is stored in filesystem information * structure for later use. * * @param inf Information structure where resulting data will be stored @@ -77,7 +87,7 @@ if((mntfd= setmntent("/etc/mnttab", "r")) == NULL) { - LogError("%s: Cannot open /etc/mnttab file", prog); + LogError("%s: Cannot open /etc/mnttab file\n", prog); return NULL; } @@ -87,7 +97,8 @@ if(IS(blockdev, mnt->mnt_fsname)) { endmntent(mntfd); - return strncpy(inf->mntpath, mnt->mnt_dir, sizeof(inf->mntpath)); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, mnt->mnt_dir, sizeof(inf->mntpath) - 1); } @@ -107,14 +118,14 @@ * @param inf Information structure where resulting data will be stored * @return TRUE if informations were succesfully read otherwise FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { struct statfs usage; ASSERT(inf); - if(statfsdev(inf->mntpath, &usage) != 0) { - LogError("%s: Error getting usage statistics for device '%s' -- %s\n", + if(statfs(inf->mntpath, &usage) != 0) { + LogError("%s: Error getting usage statistics for filesystem '%s' -- %s\n", prog, inf->mntpath, STRERROR); return FALSE; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_LINUX.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_LINUX.c --- monit-4.8.1/device/sysdep_LINUX.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_LINUX.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,29 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: sysdep_LINUX.c,v 1.13 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_LINUX.c,v 1.24 2009/05/04 19:37:15 martinp Exp $ * * @file */ @@ -46,8 +56,8 @@ #include #endif -#ifdef HAVE_SYS_VFS_H -# include +#ifdef HAVE_SYS_STATVFS_H +# include #endif #ifdef HAVE_MNTENT_H @@ -60,7 +70,7 @@ /** * Linux special block device mountpoint method. Filesystem must be mounted. - * In the case of success, mountpoint is stored in device information + * In the case of success, mountpoint is stored in filesystem information * structure for later use. * * @param inf Information structure where resulting data will be stored @@ -77,7 +87,7 @@ if((mntfd= setmntent("/etc/mtab", "r")) == NULL) { - LogError("%s: Cannot open /etc/mtab file", prog); + LogError("%s: Cannot open /etc/mtab file\n", prog); return NULL; } @@ -87,7 +97,8 @@ if(IS(blockdev, mnt->mnt_fsname)) { endmntent(mntfd); - return strncpy(inf->mntpath, mnt->mnt_dir, sizeof(inf->mntpath)); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, mnt->mnt_dir, sizeof(inf->mntpath) - 1); } @@ -107,14 +118,14 @@ * @param inf Information structure where resulting data will be stored * @return TRUE if informations were succesfully read otherwise FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { - struct statfs usage; + struct statvfs usage; ASSERT(inf); - if(statfs(inf->mntpath, &usage) != 0) { - LogError("%s: Error getting usage statistics for device '%s' -- %s\n", + if(statvfs(inf->mntpath, &usage) != 0) { + LogError("%s: Error getting usage statistics for filesystem '%s' -- %s\n", prog, inf->mntpath, STRERROR); return FALSE; } @@ -125,6 +136,7 @@ inf->f_blocksfreetotal= usage.f_bfree; inf->f_files= usage.f_files; inf->f_filesfree= usage.f_ffree; + inf->flags= usage.f_flag; return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_NETBSD.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_NETBSD.c --- monit-4.8.1/device/sysdep_NETBSD.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_NETBSD.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,28 +1,38 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Martin Pala, * - * @version \$Id: sysdep_NETBSD.c,v 1.4 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_NETBSD.c,v 1.13 2009/05/04 19:37:15 martinp Exp $ * * @file */ @@ -49,12 +59,16 @@ #include #endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif + #include "monitor.h" #include "device_sysdep.h" /** * NetBSD special block device mountpoint method. Filesystem must be mounted. - * In the case of success, mountpoint is stored in device information + * In the case of success, mountpoint is stored in filesystem information * structure for later use. * * @param inf Information structure where resulting data will be stored @@ -63,18 +77,27 @@ */ char *device_mountpoint_sysdep(Info_T inf, char *blockdev) { +#if(__NetBSD_Version__ >= 300000000) + struct statvfs usage; +#else struct statfs usage; +#endif ASSERT(inf); ASSERT(blockdev); +#if(__NetBSD_Version__ >= 300000000) + if(statvfs(blockdev, &usage) != 0) { +#else if(statfs(blockdev, &usage) != 0) { - LogError("%s: Error getting mountpoint for device '%s' -- %s\n", +#endif + LogError("%s: Error getting mountpoint for filesystem '%s' -- %s\n", prog, blockdev, STRERROR); return NULL; } - return strncpy(inf->mntpath, usage.f_mntonname, sizeof(inf->mntpath)); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, usage.f_mntonname, sizeof(inf->mntpath) - 1); } @@ -86,14 +109,22 @@ * @param inf Information structure where resulting data will be stored * @return TRUE if informations were succesfully read otherwise FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { +#if(__NetBSD_Version__ >= 300000000) + struct statvfs usage; +#else struct statfs usage; +#endif ASSERT(inf); +#if(__NetBSD_Version__ >= 300000000) + if(statvfs(inf->mntpath, &usage) != 0) { +#else if(statfs(inf->mntpath, &usage) != 0) { - LogError("%s: Error getting usage statistics for device '%s' -- %s\n", +#endif + LogError("%s: Error getting usage statistics for filesystem '%s' -- %s\n", prog, inf->mntpath, STRERROR); return FALSE; } @@ -104,6 +135,11 @@ inf->f_blocksfreetotal= usage.f_bfree; inf->f_files= usage.f_files; inf->f_filesfree= usage.f_ffree; +#if(__NetBSD_Version__ >= 300000000) + inf->flags= usage.f_flag; +#else + inf->flags= usage.f_flags; +#endif return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_OPENBSD.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_OPENBSD.c --- monit-4.8.1/device/sysdep_OPENBSD.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_OPENBSD.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,29 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: sysdep_OPENBSD.c,v 1.14 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_OPENBSD.c,v 1.22 2009/05/04 19:37:15 martinp Exp $ * * @file */ @@ -55,7 +65,7 @@ /** * OpenBSD special block device mountpoint method. Filesystem must be mounted. - * In the case of success, mountpoint is stored in device information + * In the case of success, mountpoint is stored in filesystem information * structure for later use. * * @param inf Information structure where resulting data will be stored @@ -70,12 +80,13 @@ ASSERT(blockdev); if(statfs(blockdev, &usage) != 0) { - LogError("%s: Error getting mountpoint for device '%s' -- %s\n", + LogError("%s: Error getting mountpoint for filesystem '%s' -- %s\n", prog, blockdev, STRERROR); return NULL; } - return strncpy(inf->mntpath, usage.f_mntonname, sizeof(inf->mntpath)); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, usage.f_mntonname, sizeof(inf->mntpath) - 1); } @@ -87,14 +98,14 @@ * @param inf Information structure where resulting data will be stored * @return TRUE if informations were succesfully read otherwise FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { struct statfs usage; ASSERT(inf); if(statfs(inf->mntpath, &usage) != 0) { - LogError("%s: Error getting usage statistics for device '%s' -- %s\n", + LogError("%s: Error getting usage statistics for filesystem '%s' -- %s\n", prog, inf->mntpath, STRERROR); return FALSE; } @@ -105,6 +116,7 @@ inf->f_blocksfreetotal= usage.f_bfree; inf->f_files= usage.f_files; inf->f_filesfree= usage.f_ffree; + inf->flags= usage.f_flags; return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_SOLARIS.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_SOLARIS.c --- monit-4.8.1/device/sysdep_SOLARIS.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_SOLARIS.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,29 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: sysdep_SOLARIS.c,v 1.13 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_SOLARIS.c,v 1.22 2009/05/04 19:37:15 martinp Exp $ * * @file */ @@ -60,7 +70,7 @@ /** * Solaris special block device mountpoint method. Filesystem must be mounted. - * In the case of success, mountpoint is stored in device information + * In the case of success, mountpoint is stored in filesystem information * structure for later use. * * @param inf Information structure where resulting data will be stored @@ -77,7 +87,7 @@ if((mntfd= fopen("/etc/mnttab", "r")) == NULL) { - LogError("%s: Cannot open /etc/mnttab file", prog); + LogError("%s: Cannot open /etc/mnttab file\n", prog); return NULL; } @@ -87,7 +97,8 @@ if(IS(blockdev, mnt.mnt_special)) { fclose(mntfd); - return strncpy(inf->mntpath, mnt.mnt_mountp, sizeof(inf->mntpath)); + inf->mntpath[sizeof(inf->mntpath) - 1] = 0; + return strncpy(inf->mntpath, mnt.mnt_mountp, sizeof(inf->mntpath) - 1); } @@ -107,14 +118,14 @@ * @param inf Information structure where resulting data will be stored * @return TRUE if informations were succesfully read otherwise FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { struct statvfs usage; ASSERT(inf); if(statvfs(inf->mntpath, &usage) != 0) { - LogError("%s: Error getting usage statistics for device '%s' -- %s\n", + LogError("%s: Error getting usage statistics for filesystem '%s' -- %s\n", prog, inf->mntpath, STRERROR); return FALSE; } @@ -125,6 +136,7 @@ inf->f_blocksfreetotal= usage.f_bfree/(usage.f_frsize?(usage.f_bsize/usage.f_frsize):1); inf->f_files= usage.f_files; inf->f_filesfree= usage.f_ffree; + inf->flags= usage.f_flag; return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/device/sysdep_UNKNOWN.c /tmp/QeMlhPoI46/monit-5.0.3/device/sysdep_UNKNOWN.c --- monit-4.8.1/device/sysdep_UNKNOWN.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/device/sysdep_UNKNOWN.c 2009-02-13 13:06:35.000000000 +0000 @@ -1,29 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** - * System dependent device methods. + * System dependent filesystem methods. * * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: sysdep_UNKNOWN.c,v 1.11 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_UNKNOWN.c,v 1.18 2009/02/13 09:18:14 hauk Exp $ * * @file */ @@ -42,7 +52,7 @@ */ char *device_mountpoint_sysdep(Info_T inf, char *blockdev) { - LogError("%s: Unsupported mounted filesystem information method", prog); + LogError("%s: Unsupported mounted filesystem information method\n", prog); return NULL; @@ -55,7 +65,7 @@ * @param inf Information structure * @return FALSE */ -int device_usage_sysdep(Info_T inf) { +int filesystem_usage_sysdep(Info_T inf) { LogError("%s: Unsupported filesystem informations gathering method\n", prog); diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/doc/examples.html /tmp/QeMlhPoI46/monit-5.0.3/doc/examples.html --- monit-4.8.1/doc/examples.html 2006-05-16 20:16:21.000000000 +0100 +++ monit-5.0.3/doc/examples.html 2009-05-28 22:47:57.000000000 +0100 @@ -1,87 +1,143 @@ - [index.gif] - -Real-world configuration examples - - Here's some real-world configuration examples for monit. It can be - helpful to look at the examples given here to see how a service is - running, where it put its pidfile, how to call the start and stop - methods for a service, etc. - - You are welcome to cut & paste configuration into your own monitrc - control file. NB! please check and edit as needed, some ip-addresses - and paths mentioned here may or will differ from your system. - - You may also want to checkout Christian Hopp's configuration example. - He demonstrate how you can setup a clean and structured configuration - utilizing the monit include statement (which he was responsible for). - Each check for a particular service is written in it's own file and - included in the top-level monit control file. Many of the service - files are also well worth studying in their own rights. Although this - example is for a Linux Debian distribution it is general enough to be - of interest for any platform. - - * System Services - + Cron (program timer) - + Gdm (gnome desktop manager) - + Inetd (internet service manager) - + Syslogd (system logfile daemon) - + Xfs (X font server) - + YPBind (Yellow page bind daemon) - + Net-SNMP (SNMP agent) - + NTP (time server) - + Nscd (name service caching daemon) - * Name Services - + Bind (chrooted) - * FTP Services - + Proftpd - * Login Services - + SSHD - * WWW Services - + Apache (web server) - + Zope (appication server) - + Squid (http/ftp proxy) - + Privoxy (spamfilter proxy) - * Mail Services - + Postfix (mail server) - + sendmail (mail server) - + Qpopper (pop3 server) - + Spamassassin daemon (spam scan daemon) - + Amavis-new (mail virus scanner) - + Policyd (Postfix access policy delegation daemon) - * Virus Scanner - + Sophie (virus scan daemon) - + Trophie (virus scan daemon) - + Clamavd (virus scan daemon) - * Printing Services - + LPRng (printer daemon) - * Database Services - + MySQL Server - + OpenLDAP Server - * File Services - + Samba (windows file/domain server) - * Sun ONE Services - + iPlanetDirectoryServer (Sun ONE) - + iPlanetMessagingServer processes (Sun ONE) - + iPlanetCalendarServer processes (Sun ONE) - * Misc Services - + apcupsd (APC ups daemon) - + Webmin (remote admin service) - + STunnel (SSL tunnel) - * Misc Usage - + Watch and analyze crashdumps (Solaris) - + Watch and analyze crashdumps (Linux) - + Start and stop tcpdump based on condition - + Rotate tcpdump until condition occures - + MySQL event driven process list - -System Services - - Cron (program timer) - - When used with Solaris the init.d script needs a modification. Add the - following line after start of cron according to the Monit FAQ: - /usr/bin/pgrep -x -u 0 -P 1 cron > /var/run/cron.pid +

+
+
+ + +

Real-world configuration examples

+ +Here's some real-world configuration examples for monit. It can be +helpful to look at the examples given here to see how a service is +running, where it put its pidfile, how to call the start and stop +methods for a service, etc. + +

You are welcome to cut & paste configuration into your own +monitrc control file. NB! please check and edit as +needed, some ip-addresses and paths mentioned here may or will differ +from your system. + +

You may also want to checkout Christian Hopp's configuration +example. He demonstrate how you can setup a clean and structured +configuration utilizing the monit include statement (which he was +responsible for). Each check for a particular service is written +in it's own file and included in the top-level monit control +file. Many of the service files are also well worth studying in their +own rights. Although this example is for a Linux Debian distribution +it is general enough to be of interest for any platform. + + +


+ +

+ + +

System Services

+

Cron (program timer)

+

+When used with Solaris the init.d script needs a modification. +Add the following line after start of cron according to the +Monit FAQ: +

+
+         /usr/bin/pgrep -x -u 0 -P 1 cron > /var/run/cron.pid 
+
+
  check process cron with pidfile /var/run/cron.pid
    group system
    start program = "/etc/init.d/cron start"
@@ -95,27 +151,29 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+
- Gdm (gnome desktop manager) - +

Gdm (gnome desktop manager)

+
  check process gdm with pidfile /var/run/gdm.pid
    start program = "/etc/init.d/gdm start"
    stop program = "/etc/init.d/gdm stop"
    if 5 restarts within 5 cycles then timeout
+
- Inetd (internet service manager) - +

Inetd (internet service manager)

+
  check process inetd with pidfile /var/run/inetd.pid
    start program = "/etc/init.d/inetd start"
    stop program = "/etc/init.d/inetd stop"
-   if failed host 192.168.1.1 port 25 protocol smtp then restart  # e.g. exim
-   if failed host 192.168.1.1 port 515 then restart               # e.g. cups-l
-pd
+   if failed host 192.168.1.1 port 25 protocol smtp then restart  # e.g. exim 
+   if failed host 192.168.1.1 port 515 then restart               # e.g. cups-lpd
    if failed host 192.168.1.1 port 113 then restart               # e.g. ident
    if 5 restarts within 5 cycles then timeout
+
- Syslogd (system logfile daemon) - +

Syslogd (system logfile daemon)

+
  check process syslogd with pidfile /var/run/syslogd.pid
    start program = "/etc/init.d/sysklogd start"
    stop program = "/etc/init.d/sysklogd stop"
@@ -123,99 +181,109 @@
 
  check file syslogd_file with path /var/log/syslog
    if timestamp > 65 minutes then alert # Have you seen "-- MARK --"?
+
- Xfs (X font server) - +

Xfs (X font server)

+
  check process xfs with pidfile /var/run/xfs.pid
    start program = "/etc/init.d/xfs start"
    stop program = "/etc/init.d/xfs stop"
    if 5 restarts within 5 cycles then timeout
+
- YPBind (Yellow page bind daemon) - +

YPBind (Yellow page bind daemon)

+
  check process ypbind with pidfile /var/run/ypbind.pid
    start program = "/etc/init.d/nis start"
    stop program = "/etc/init.d/nis stop"
    if 5 restarts within 5 cycles then timeout
+
- Net-SNMP (SNMP agent) - +

Net-SNMP (SNMP agent)

+
  check process snmpd with pidfile /var/run/snmpd
    start program = "/etc/init.d/snmpd start"
    stop program = "/etc/init.d/snmpd stop"
    if failed host 192.168.1.1 port 161 type udp then restart
    if failed host 192.168.1.1 port 199 type tcp then restart
    if 5 restarts within 5 cycles then timeout
+
- NTP (time server) - +

NTP (time server)

+
  check process ntpd with pidfile /var/run/ntpd.pid
    start program = "/etc/init.d/ntpd start"
    stop  program = "/etc/init.d/ntpd stop"
    if failed host 127.0.0.1 port 123 type udp then alert
    if 5 restarts within 5 cycles then timeout
+
- Nscd (name service caching daemon) - +

Nscd (name service caching daemon)

+
  check process nscd with pidfile /var/run/nscd/nscd.pid
    start program = "/etc/init.d/nscd start"
    stop  program = "/etc/init.d/nscd stop"
    if 5 restarts within 5 cycles then timeout
+
-Name Services - - Bind (chrooted) - +

Name Services

+

Bind (chrooted)

+
  check process named with pidfile /var/named/chroot/var/run/named/named.pid
    start program = "/etc/init.d/named start"
    stop program = "/etc/init.d/named stop"
    if failed host 127.0.0.1 port 53 type tcp protocol dns then alert
    if failed host 127.0.0.1 port 53 type udp protocol dns then alert
    if 5 restarts within 5 cycles then timeout
+
-FTP Services - - Proftpd - +

FTP Services

+

Proftpd

+
  check process proftpd with pidfile /var/run/proftpd.pid
    start program = "/etc/init.d/proftpd start"
    stop program  = "/etc/init.d/proftpd stop"
    if failed port 21 protocol ftp then restart
    if 5 restarts within 5 cycles then timeout
+
-Login Services - - SSHD - +

Login Services

+

SSHD

+
  check process sshd with pidfile /var/run/sshd.pid
    start program  "/etc/init.d/sshd start"
    stop program  "/etc/init.d/sshd stop"
    if failed port 22 protocol ssh then restart
    if 5 restarts within 5 cycles then timeout
+
-WWW Services - - Apache (web server) - - Hint: It is recommended to use a "token" file (an empty file) for - monit to request. That way, it is easy to filter out all the requests - made by monit in the httpd access log file. Here's a trick shared by - Marco Ermini, place the following in httpd.conf to stop apache from - loggin any requests done by monit: +

WWW Services

+

Apache (web server)

+

+ Hint: It is recommended to use a "token" file (an empty file) + for monit to request. That way, it is easy to filter out all the + requests made by monit in the httpd access log file. Here's a trick + shared by Marco Ermini, place the following in httpd.conf to stop + apache from loggin any requests done by monit: +

+
   SetEnvIf        Request_URI "^\/monit\/token$" dontlog
   CustomLog       logs/access.log common env=!dontlog
+
- In some cases init scripts for apache and apache-ssl are separated, - e.g. Debian Linux. +

+ In some cases init scripts for apache and apache-ssl are separated, e.g. Debian Linux. +

+
  check process apache with pidfile /opt/apache_misc/logs/httpd.pid
    group www
    start program = "/etc/init.d/apache start"
    stop  program = "/etc/init.d/apache stop"
-   if failed host 192.168.1.1 port 80
+   if failed host 192.168.1.1 port 80 
         protocol HTTP request /monit/token then restart
-   if failed host 192.168.1.1 port 443 type TCPSSL
+   if failed host 192.168.1.1 port 443 type TCPSSL 
         certmd5 12-34-56-78-90-AB-CD-EF-12-34-56-78-90-AB-CD-EF
-        protocol HTTP request /monit/token  then restart
+	protocol HTTP request /monit/token  then restart
    if 5 restarts within 5 cycles then timeout
    depends on apache_bin
    depends on apache_rc
@@ -233,9 +301,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+
- Zope (application server) - +

Zope (application server)

+
  check process zope with pidfile /opt/Zope/var/zProcessManager.pid
    start program = "/etc/init.d/zope start"
    stop  program = "/etc/init.d/zope stop"
@@ -243,9 +312,10 @@
    if failed host 192.168.1.1 port 8080 protocol HTTP then restart
    if 5 restarts within 5 cycles then timeout
    every 5
+
- Squid (http/ftp proxy) - +

Squid (http/ftp proxy)

+
  check process squid with pidfile /opt/squid/logs/squid.pid
    group www
    start program = "/etc/init.d/squid start"
@@ -268,9 +338,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+
- Privoxy (spamfilter proxy) - +

Privoxy (spamfilter proxy)

+
  check process privoxy with pidfile /opt/privoxy/var/privoxy.pid
    group www
    start program = "/etc/init.d/privoxy start"
@@ -293,11 +364,12 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+
-Mail Services - - Postfix (mail server) +

Mail Services

+

Postfix (mail server)

+
  check process postfix with pidfile /var/spool/postfix/pid/master.pid
    group mail
    start program = "/etc/init.d/postfix start"
@@ -312,9 +384,36 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+
- Sendmail (mail server) +

Exim (mail server)

+
+ check process exim with pidfile /var/run/exim.pid
+   group mail
+   start program = "/etc/init.d/exim start"
+   stop  program = "/etc/init.d/exim stop"
+   if failed port 25 protocol smtp then restart
+   if 5 restarts within 5 cycles then timeout
+   depends on exim_bin
+   depends on exim_rc
 
+ check file exim_bin with path /usr/sbin/exim
+   group mail
+   if failed checksum then unmonitor
+   if failed permission 4755 then unmonitor
+   if failed uid root then unmonitor
+   if failed gid root then unmonitor
+
+ check file exim_rc with path /etc/init.d/exim
+   group mail
+   if failed checksum then unmonitor
+   if failed permission 755 then unmonitor
+   if failed uid root then unmonitor
+   if failed gid root then unmonitor 
+
+
+
Sendmail (mail server)

+
  check process sendmail with pidfile /var/run/sendmail.pid
    group mail
    start program = "/etc/init.d/sendmail start"
@@ -337,9 +436,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  Qpopper (pop3 server)
-
+
Qpopper (pop3 server)

+
  check process qpopper with pidfile /var/run/popper.pid
    group mail
    start program = "/etc/init.d/qpopper start"
@@ -362,9 +462,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  Spamassassin daemon (spam scan daemon)
-
+
Spamassassin daemon (spam scan daemon)

+
  check process spamd with pidfile /var/run/spamd.pid
    group mail
    start program = "/etc/init.d/spamd start"
@@ -375,7 +476,7 @@
    depends on spamd_bin
    depends on spamd_rc
 
- check file smapd_bin with path /usr/local/bin/spamd
+ check file spamd_bin with path /usr/local/bin/spamd
    group mail
    if failed checksum then unmonitor
    if failed permission 755 then unmonitor
@@ -388,9 +489,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  Amavis-new (mail virus scanner)
-
+
Amavis-new (mail virus scanner)

+
  check process amavisd with pidfile /opt/virus/amavis-new/var/run/amavisd.pid
    group mail
    start program = "/etc/init.d/amavis-new start"
@@ -413,9 +515,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  Policyd (Postfix policy delegation daemon)
-
+
Policyd (Postfix policy delegation daemon)

+
  check process policyd with pidfile /var/run/policyd.pid
    group mail
    start program = "/etc/init.d/policyd start"
@@ -446,23 +549,20 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-Virus Scanner
-
-  Sophie (virus scan daemon)
-
+
Virus Scanner

+
Sophie (virus scan daemon)

+
  check process sophie with pidfile /var/run/sophie.pid
    group virus
    start program = "/etc/init.d/sophie start"
    stop  program = "/etc/init.d/sophie stop"
    if failed unixsocket /var/run/sophie then restart
    if 5 restarts within 5 cycles then timeout
-
-Virus Scanner
-
-
-  Sophie (virus scan daemon)
-
+
Virus Scanner

+
Sophie (virus scan daemon)

+
  check process sophie with pidfile /var/run/sophie.pid
    group virus
    start program = "/etc/init.d/sophie start"
@@ -485,9 +585,11 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  Trophie (virus scan daemon)
 
+
Trophie (virus scan daemon)

+
  check process trophie with pidfile /var/run/trophie.pid
    group virus
    start program = "/etc/init.d/trophie start"
@@ -510,9 +612,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  Clamav (virus scan daemon)
-
+
Clamav (virus scan daemon)

+
  check process clamavd with pidfile /var/run/clamd.pid
    group virus
    start program = "/etc/init.d/clamavd start"
@@ -535,13 +638,15 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-Database Services
-
-  MySQL Server
-
-   The name of the pidfile consists usually of the fully quallified
-   domainname and pidfile as extension.
+
Database Services

+
MySQL Server

+

+  The name of the pidfile consists usually of the fully
+  quallified domainname and pidfile as extension.
+

+
 check process mysql with pidfile /opt/mysql/data/myserver.mydomain.pid
    group database
    start program = "/etc/init.d/mysql start"
@@ -564,9 +669,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  OpenLDAP slapd (Debian package)
-
+
OpenLDAP slapd (Debian package)

+
 check process slapd with pidfile /var/run/slapd.pid
    group database
    start program = "/etc/init.d/slapd start"
@@ -589,14 +695,32 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-File Services
-
-  Samba (windows file/domain server)
 
-   Hint: For enhanced controllability of the service it is handy to split
-   up the samba init file into two pieces, one for smbd (the file
-   service) and one for nmbd (the name service).
+
PostgreSQL

+

+  Generally choosing either the socket or a TCP/IP connect is sufficient.
+

+
+check process postgres with pidfile /var/postgres/postmaster.pid
+   group database
+   start program = "/etc/init.d/postgresql start"
+   stop  program = "/etc/init.d/postgresql stop"
+   if failed unixsocket /var/run/postgresql/.s.PGSQL.5432 protocol pgsql then restart
+   if failed host       192.168.1.1 port 5432             protocol pgsql then restart
+   if 5 restarts within 5 cycles then timeout
+

+
+
+
File Services

+
Samba (windows file/domain server)

+

+   Hint: For enhanced controllability of the service it is
+   handy to split up the samba init file into two pieces, one for smbd
+   (the file service) and one for nmbd (the name service).
+

+
  check process smbd with pidfile /opt/samba2.2/var/locks/smbd.pid
    group samba
    start program = "/etc/init.d/smbd start"
@@ -611,6 +735,9 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

+
+
  check process nmbd with pidfile /opt/samba2.2/var/locks/nmbd.pid
    group samba
    start program = "/etc/init.d/nmbd start"
@@ -626,11 +753,11 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-Printing Services
-
-  LPRng (printer daemon)
-
+
Printing  Services

+
LPRng (printer daemon)

+
  check process lprng with pidfile /var/run/lpd.515
    group printer
    start program = "/etc/init.d/lprng start"
@@ -653,40 +780,43 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-Sun ONE Services
-
-  iPlanetDirectoryServer slapd
-
+
Sun ONE Services

+
iPlanetDirectoryServer slapd

+
  check process ldap-master
   with pidfile /usr/iplanet/ldapmaster/slapd-master-1/logs/pid
    start program  "/usr/iplanet/ldapmaster/slapd-master-1/start-slapd"
    stop program  "/usr/iplanet/ldapmaster/slapd-master-1/stop-slapd"
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.1 port 389 protocol ldap3 then restart
+

 
-  iPlanetMessagingServer MTA dispatcher
-
- check process mta-dispatcher
+
iPlanetMessagingServer MTA dispatcher

+
+ check process mta-dispatcher 
   with pidfile /usr/iplanet/msg-ims-1/config/pidfile.imta_dispatch
    start program  "/usr/iplanet/msg-ims-1/imsimta start dispatcher"
    stop program  "/usr/iplanet/msg-ims-1/imsimta stop dispatcher"
    group messaging
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.1 port 25 protocol smtp then restart
+

 
-  iPlanetMessagingServer MTA job controler
-
- check process mta-job_controller
+
 iPlanetMessagingServer MTA job controler

+
+ check process mta-job_controller 
   with pidfile /usr/iplanet/msg-ims-1/config/pidfile.imta_jbc
    start program  "/usr/iplanet/msg-ims-1/imsimta start job_controller"
    stop program  "/usr/iplanet/msg-ims-1/imsimta stop job_controller"
    group messaging
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.1 port 28442 then restart
+

 
-  iPlanetMessagingServer stored
-
+
 iPlanetMessagingServer stored

+
  check process store with pidfile /usr/iplanet/msg-ims-1/config/pidfile.store
    start program  "/usr/iplanet/msg-ims-1/start-msg store"
    stop program  "/usr/iplanet/msg-ims-1/stop-msg store"
@@ -704,45 +834,49 @@
  check file stored.per with path /usr/iplanet/msg-ims-1/config/stored.per
    if timestamp > 70 minutes then alert
    group messaging
+

 
-  iPlanetMessagingServer mshttpd
-
+
 iPlanetMessagingServer mshttpd

+
  check process webmail with pidfile /usr/iplanet/msg-ims-1/config/pidfile.http
    start program  "/usr/iplanet/msg-ims-1/start-msg http"
    stop program  "/usr/iplanet/msg-ims-1/stop-msg http"
    group messaging
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.1 port 80 protocol http then restart
+

 
-  iPlanetMessagingServer popd
-
+
 iPlanetMessagingServer popd

+
  check process pop3 with pidfile /usr/iplanet/msg-ims-1/config/pidfile.pop
    start program  "/usr/iplanet/msg-ims-1/start-msg pop"
    stop program  "/usr/iplanet/msg-ims-1/stop-msg pop"
    group messaging
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.1 port 110 protocol pop then restart
+

 
-  iPlanetMessagingServer imapd
-
+
 iPlanetMessagingServer imapd

+
  check process imap4 with pidfile /usr/iplanet/msg-ims-1/config/pidfile.imap
    start program  "/usr/iplanet/msg-ims-1/start-msg imap"
    stop program  "/usr/iplanet/msg-ims-1/stop-msg imap"
    group messaging
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.1 port 143 protocol imap then restart
+

 
-  iPlanetMessagingServer madmand (SNMP subagent)
-
- check process snmp-subagent with pidfile /usr/iplanet/msg-ims-1/config/pidfile
-.snmp
+
 iPlanetMessagingServer madmand (SNMP subagent)

+
+ check process snmp-subagent with pidfile /usr/iplanet/msg-ims-1/config/pidfile.snmp
    start program  "/usr/iplanet/msg-ims-1/start-msg snmp"
    stop program  "/usr/iplanet/msg-ims-1/stop-msg snmp"
    group messaging
    if 5 restarts within 5 cycles then timeout
+

 
-  iPlanetMessagingServer MMP (POP3/IMAP4/SMTP proxy)
-
+
 iPlanetMessagingServer MMP (POP3/IMAP4/SMTP proxy)

+
  check process mmp with pidfile /usr/iplanet/mmp-ims2/pidfile
    start program  "/usr/iplanet/mmp-ims2/AService.rc start"
    stop program  "/usr/iplanet/mmp-ims2/AService.rc stop"
@@ -750,60 +884,61 @@
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.2 port 110 protocol pop then restart
    if failed host 192.168.1.2 port 143 protocol imap then restart
+

 
-  iPlanetCalendarServer csadmind
-
- check process calendar-admin with pidfile /usr/iplanet/SUNWics5/cal/bin/config
-/pidfile.admin
+
iPlanetCalendarServer csadmind

+
+ check process calendar-admin with pidfile /usr/iplanet/SUNWics5/cal/bin/config/pidfile.admin
    start program  "/usr/iplanet/SUNWics5/cal/bin/csstart service admin"
    stop program  "/usr/iplanet/SUNWics5/cal/bin/csstop service admin"
    group calendar
    if 5 restarts within 5 cycles then timeout
+

 
-  iPlanetCalendarServer cshttpd
-
- check process calendar-http with pidfile /usr/iplanet/SUNWics5/cal/bin/config/
-pidfile.http
+
 iPlanetCalendarServer cshttpd

+
+ check process calendar-http with pidfile /usr/iplanet/SUNWics5/cal/bin/config/pidfile.http
    start program  "/usr/iplanet/SUNWics5/cal/bin/csstart service http"
    stop program  "/usr/iplanet/SUNWics5/cal/bin/csstop service http"
    group calendar
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.3 port 80 protocol http then restart
+

 
-  iPlanetCalendarServer csdwpd (database wire protocol)
-
- check process calendar-dwp with pidfile /usr/iplanet/SUNWics5/cal/bin/config/p
-idfile.dwp
+
 iPlanetCalendarServer csdwpd (database wire protocol)

+
+ check process calendar-dwp with pidfile /usr/iplanet/SUNWics5/cal/bin/config/pidfile.dwp
    start program  "/usr/iplanet/SUNWics5/cal/bin/csstart service dwp"
    stop program  "/usr/iplanet/SUNWics5/cal/bin/csstop service dwp"
    group calendar
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.3 port 9779 protocol dwp then restart
    if cpu usage > 2% for 5 cycles then restart   # There's a leak in csdwpd
+

 
-  iPlanetCalendarServer csnotifyd
-
- check process calendar-notify with pidfile /usr/iplanet/SUNWics5/cal/bin/confi
-g/pidfile.notify
+
 iPlanetCalendarServer csnotifyd

+
+ check process calendar-notify with pidfile /usr/iplanet/SUNWics5/cal/bin/config/pidfile.notify
    start program  "/usr/iplanet/SUNWics5/cal/bin/csstart service notify"
    stop program  "/usr/iplanet/SUNWics5/cal/bin/csstop service notify"
    group calendar
    if 5 restarts within 5 cycles then timeout
+

 
-  iPlanetCalendarServer enpd (event notification service broker)
-
- check process calendar-ens with pidfile /usr/iplanet/SUNWics5/cal/bin/config/p
-idfile.ens
+
 iPlanetCalendarServer enpd (event notification service broker)

+
+ check process calendar-ens with pidfile /usr/iplanet/SUNWics5/cal/bin/config/pidfile.ens
    start program  "/usr/iplanet/SUNWics5/cal/bin/csstart service ens"
    stop program  "/usr/iplanet/SUNWics5/cal/bin/csstop service ens"
    group calendar
    if 5 restarts within 5 cycles then timeout
    if failed host 192.168.1.3 port 7997 then restart
+

 
-Misc Services
-
-  Apcupsd (APC ups daemon)
 
+
Misc Services

+
Apcupsd (APC ups daemon)

+
  check process apcupsd with pidfile /var/run/apcupsd.pid
    group ups
    start program = "/etc/init.d/apcupsd start"
@@ -826,9 +961,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  Webmin (remote admin service)
-
+
Webmin (remote admin service)

+
  check process webmin with pidfile /var/webmin/miniserv.pid
    group webmin
    start program = "/etc/init.d/webmin start"
@@ -842,9 +978,10 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-  STunnel (SSL tunnel)
-
+
STunnel (SSL tunnel)

+
  check process stunnel_pop3 with pidfile /opt/var/stunnel/stunnel.110.pid
    start program = "/etc/init.d/stunnel start_pop3"
    stop  program = "/etc/init.d/stunnel stop_pop3"
@@ -874,86 +1011,96 @@
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor
+

 
-Misc Usage
-
-  Watch and analyze httpd crashdumps (Solaris)
-
-   Setuid coredump allowed:
+
Misc Usage

+
Watch and analyze httpd crashdumps (Solaris)

+Setuid coredump allowed:
+
 coreadm -e proc-setid
+

 
-   Monit set to watch the core timestamp change and send the backtrace:
+Monit set to watch the core timestamp change and send the backtrace:
+
  check file httpd_core with path /usr/apache/core
    if changed timestamp
-      then exec "/bin/bash -c '/usr/bin/pstack /usr/apache/core | mailx -s http
-d_crash foo@bar'"
-
-  Watch and analyze httpd crashdumps (Linux)
+      then exec "/bin/bash -c '/usr/bin/pstack /usr/apache/core | mailx -s httpd_crash foo@bar'"
+

 
-   Central coredump prepared:
+
Watch and analyze httpd crashdumps (Linux)

+Central coredump prepared:
+
  mkdir -p /var/crash/core
  chmod 1777 /var/crash/core
  sysctl -w kernel.core_pattern = /var/crash/core/core.%e.%t.%p
  sysctl -w kernel.core_setuid_ok = 0
  sysctl -w kernel.core_uses_pid = 1
- echo -e "bt\nquit" > /etc/gdb.batch
- echo "ulimit -c unlimited" >> /etc/sysconfig/httpd
- echo "CoreDumpDirectory /var/crash/core" > /etc/httpd/conf.d/core.conf
+ echo -e "bt\nquit" > /etc/gdb.batch
+ echo "ulimit -c unlimited" >> /etc/sysconfig/httpd
+ echo "CoreDumpDirectory /var/crash/core" > /etc/httpd/conf.d/core.conf
+

 
-   Crontab based core aging:
+Crontab based core aging:
+
  10 1 * * * /usr/bin/find /var/crash/core/ -type f -mtime +1 -exec rm -f {} \;
+

 
-   Monit set to watch the directory timestamp change and send last core
-   backtrace:
+Monit set to watch the directory timestamp change and send last core backtrace:
+
  check directory httpd_core with path /var/crash/core
-   if changed timestamp then exec "/bin/bash -c 'if [ `/bin/cat /tmp/monit_http
-d_core.tmp | head -1` != `/bin/ls /var/crash/core/core.httpd* | tail -1` ]; the
-n /usr/bin/gdb -x /etc/gdb.batch /usr/sbin/httpd `/bin/ls /var/crash/core/core.
-httpd* | tail -1 | tee /tmp/monit_httpd_core.tmp` | mail -s httpd_crash admin@f
-oo.bar webmaster@foo.bar; fi'"
-
-  Start and stop tcpdump based on condition
-
-   As soon as the remote SMTP service of host bar is not available
-   tcpdump is started. When the connection is available again, tcpdump is
-   stopped. Only first ocurrence is catched (noexec flag is created to
-   prevent another outage monitoring).
+   if changed timestamp then exec "/bin/bash -c 'if [ `/bin/cat /tmp/monit_httpd_core.tmp | head -1` != `/bin/ls /var/crash/core/core.httpd* | tail -1` ]; then /usr/bin/gdb -x /etc/gdb.batch /usr/sbin/httpd `/bin/ls /var/crash/core/core.httpd* | tail -1 | tee /tmp/monit_httpd_core.tmp` | mail -s httpd_crash admin@foo.bar webmaster@foo.bar; fi'"
+

+
+
+
Start and stop tcpdump based on condition

+As soon as the remote SMTP service of host bar is not available tcpdump is started.
+When the connection is available again, tcpdump is stopped. Only first
+ocurrence is catched (noexec flag is created to prevent another outage monitoring).
+
  check host bar with address 10.1.1.2
-   if failed port 25 protocol smtp then exec "/bin/bash -c 'if [ ! -f /tmp/noex
-ec ]; then touch /tmp/noexec; tcpdump -w /tmp/foo_bar.dump host bar; fi'" else
-if recovered then exec "killall tcpdump"
-
-  Rotate tcpdump until condition occures
-
-   This allows to let tcpdump write the data to file and rotate it to
-   keep the size of the dump small until network problem occures (we
-   don't need to flood the filesystem with data which are ok). As soon as
-   the problem occures, monit sets noexec flag => the dump contains the
-   data which preceded the problem as well. Script for tcpdump and
-   rotation created (/tmp/dumprotate):
+   if failed port 25 protocol smtp then exec "/bin/bash -c 'if [ ! -f /tmp/noexec ]; then touch /tmp/noexec; tcpdump -w /tmp/foo_bar.dump host bar; fi'" else if recovered then exec "killall tcpdump"
+

+
+
+
Rotate tcpdump until condition occures

+This allows to let tcpdump write the data to file and rotate it to keep the size of
+the dump small until network problem occures (we don't need to flood the filesystem
+with data which are ok). As soon as the problem occures, monit sets noexec flag
+=> the dump contains the data which preceded the problem as well.
+
+Script for tcpdump and rotation created (/tmp/dumprotate):
+
  #!/bin/bash
  killall tcpdump
  if [ ! -f /tmp/noexec ]
  then
    tcpdump -w /tmp/foo_bar.dump host bar
  fi
+

 
-   The script is started from cron each 30 minutes:
+The script is started from cron each 30 minutes:
+
  0,30 * * * * /tmp/dumprotate
+

 
-   Monit watches the host availablity and as soon as it failed, sets
-   noexec flag (with 5 minutes extent):
+Monit watches the host availablity and as soon as it failed, sets noexec flag
+(with 5 minutes extent):
+
  check host bar with address 10.1.1.2
-   if failed port 25 protocol smtp then exec "/bin/bash -c 'sleep 300; touch /t
-mp/noexec'"
+   if failed port 25 protocol smtp then exec "/bin/bash -c 'sleep 300; touch /tmp/noexec'"
+

+
 
-  MySQL event driven process list
+
MySQL event driven process list

+This allows to obtain process list of mysql threads as soon as mysql
+refuses connections. For example we needed to know why mysql
+returned "Too many connections" to clients occasionaly. (note that
+for simplicity in this example is showed mysql root account without
+password - you realy should use restricted account ;)
 
-   This allows to obtain process list of mysql threads as soon as mysql
-   refuses connections. For example we needed to know why mysql returned
-   "Too many connections" to clients occasionaly. (note that for
-   simplicity in this example is showed mysql root account without
-   password - you realy should use restricted account ;)
+
  check process mysqld with pidfile /var/run/mysqld.pid
-   if failed port 3306 protocol mysql then exec "/bin/bash -c '(date && /usr/bi
-n/mysqladmin -u root processlist && echo) >> /tmp/mysql_processlist'"
+   if failed port 3306 protocol mysql then exec "/bin/bash -c '(date && /usr/bin/mysqladmin -u root processlist && echo) >> /tmp/mysql_processlist'"
+

+
+
diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/doc/monit.html /tmp/QeMlhPoI46/monit-5.0.3/doc/monit.html
--- monit-4.8.1/doc/monit.html	2006-05-16 20:16:20.000000000 +0100
+++ monit-5.0.3/doc/monit.html	2009-05-28 22:47:57.000000000 +0100
@@ -2,9 +2,9 @@
 
 
 
-monit - utility for monitoring services on a Unix system
+Monit - utility for monitoring services on a Unix system
 
-
+
 
 
 
@@ -38,7 +38,7 @@
 		
  • Setting a local alert statement
    • 
 		
  • Alert message layout
    • 
 		
  • Setting a global mail format
    • 
-		
  • Setting a error reminder
    • 
+		
  • Setting an error reminder
    • 
 		
  • Setting a mail server for alert messages
    • 
 		
  • Event queue
    • 
 	
@@ -52,6 +52,7 @@
 		
  • TIMESTAMP TESTING
    • 
 		
  • FILE SIZE TESTING
    • 
 		
  • FILE CONTENT TESTING
    • 
+		
  • FILESYSTEM FLAGS TESTING
    • 
 		
  • SPACE TESTING
    • 
 		
  • INODE TESTING
    • 
 		
  • PERMISSION TESTING
    • 
@@ -67,6 +68,7 @@
 				
  • Connection testing using the URL notation
    • 
 				
  • Remote host ping test
    • 
 				
  • Examples
    • 
+				
  • Testing the SIP protocol
    • 
 			
 
 		
@@ -97,12 +99,6 @@
 		
  • CONFIGURATION EXAMPLES
    • 
 	
 
-	
  • MONIT WITH HEARTBEAT
    • 
-	
-
 	
  • FILES
    • 
 	
  • ENVIRONMENT
    • 
 	
  • SIGNALS
    • 
@@ -117,7 +113,7 @@
 
    
 
    
 
    NAME
    
-
    monit - utility for monitoring services on a Unix system
    
+
    Monit - utility for monitoring services on a Unix system
    
 
    
 
    
 
    
@@ -128,25 +124,26 @@
 
    
 
    DESCRIPTION
    
 
    monit is a utility for managing and monitoring processes,
-files, directories and devices on a Unix system. Monit conducts
-automatic maintenance and repair and can execute meaningful
-causal actions in error situations. E.g. monit can start a
-process if it does not run, restart a process if it does not
-respond and stop a process if it uses to much resources. You may
-use monit to monitor files, directories and devices for changes,
-such as timestamps changes, checksum changes or size changes.
    
+files, directories and filesystems on a Unix system. Monit
+conducts automatic maintenance and repair and can execute
+meaningful causal actions in error situations. E.g. Monit can
+start a process if it does not run, restart a process if it does
+not respond and stop a process if it uses too much resources. You
+may use Monit to monitor files, directories and filesystems for
+changes, such as timestamps changes, checksum changes or size
+changes.
    
 
    Monit is controlled via an easy to configure control file based
 on a free-format, token-oriented syntax. Monit logs to syslog or
 to its own log file and notifies you about error conditions via
 customizable alert messages. Monit can perform various TCP/IP
 network checks, protocol checks and can utilize SSL for such
 checks. Monit provides a http(s) interface and you may use a
-browser to access the monit program.
    
+browser to access the Monit program.
    
 
    
 
    
 
    
 
    GENERAL OPERATION
    
-
    The behavior of monit is controlled by command-line options
+
    The behavior of Monit is controlled by command-line options
 and a run control file, ~/.monitrc, the syntax of which we
 describe in a later section. Command-line options override
 .monitrc declarations.
    
@@ -161,7 +158,8 @@
 
    -d n
    Run as a daemon once per n seconds
    
 
    -g 
-   Set group name for start, stop, restart and status
    
+   Set group name for start, stop, restart, monitor and
+   unmonitor.
    
 
    -l logfile
    Print log information to this file
    
 
    -p pidfile
@@ -176,19 +174,20 @@
    Verbose mode, work noisy (diagnostic output)
    
 
    -H [filename]
    Print MD5 and SHA1 hashes of the file or of stdin if the 
-   filename is omitted; monit will exit afterwards
    
+   filename is omitted; Monit will exit afterwards
    
 
    -V
    Print version number and patch level
    
 
    -h
    Print a help text
    
-
    In addition to the options above, monit can be started with one
-of the following action arguments; monit will then execute the
+
    In addition to the options above, Monit can be started with one
+of the following action arguments; Monit will then execute the
 action and exit without transforming itself to a daemon.
    
 
    start all
    Start all services listed in the control file and 
    enable monitoring for them. If the group option is 
    set, only start and enable monitoring of services in
-   the named group.
    
+   the named group (no ``all'' verb is required in this
+   case).
    
 
    start name
    Start the named service and enable monitoring for 
    it. The name is a service entry name from the 
@@ -197,21 +196,24 @@
    Stop all services listed in the control file and 
    disable their monitoring. If the group option is 
    set, only stop and disable monitoring of the services 
-   in the named group.
    
+   in the named group (no ``all'' verb is required in this
+   case).
    
 
    stop name
    Stop the named service and disable its monitoring. 
    The name is a service entry name from the monitrc 
    file.
    
 
    restart all
    Stop and start all services. If the group option 
-   is set, only restart the services in the named group.
    
+   is set, only restart the services in the named group
+   (no ``all'' verb is required in this case).
    
 
    restart name
    Restart the named service. The name is a service entry 
    name from the monitrc file.
    
 
    monitor all     
    Enable monitoring of all services listed in the
    control file. If the group option is set, only start
-   monitoring of services in the named group.
    
+   monitoring of services in the named group (no ``all''
+   verb is required in this case).
    
 
    monitor name
    Enable monitoring of the named service.  The name is
    a service entry name from the monitrc file. Monit will
@@ -220,7 +222,8 @@
 
    unmonitor all     
    Disable monitoring of all services listed in the
    control file. If the group option is set, only disable
-   monitoring of services in the named group.
    
+   monitoring of services in the named group (no ``all''
+   verb is required in this case).
    
 
    unmonitor name
    Disable monitoring of the named service. The name is
    a service entry name from the monitrc file. Monit 
@@ -231,50 +234,50 @@
 
    summary
     Print short status information for each service.
    
 
    reload
-    Reinitialize a running monit daemon, the daemon will
+    Reinitialize a running Monit daemon, the daemon will
     reread its configuration, close and reopen log files.
    
 
    quit
-    Kill a monit daemon process
    
+    Kill a Monit daemon process
    
 
    validate
    Check all services listed in the control file. This 
-   action is also the default behavior when monit runs 
+   action is also the default behavior when Monit runs 
    in daemon mode.
    
 
    
 
    
 
    
 
    WHAT TO MONITOR
    
-
    You may use monit to monitor daemon processes or similar programs
+
    You may use Monit to monitor daemon processes or similar programs
 running on localhost. Monit is particular useful for monitoring
 daemon processes, such as those started at system boot time from
 /etc/init.d/. For instance sendmail, sshd, apache and mysql. In
-difference to many monitoring systems, monit can act if an error
+difference to many monitoring systems, Monit can act if an error
 situation should occur, e.g.; if sendmail is not running, monit
-can start sendmail or if apache is using to much system resources
-(e.g. if a DoS attack is in progress) monit can stop or restart
-apache and send you an alert message. Monit does also monitor
-process characteristics, such as; if a process has become a
-zombie and how much memory or cpu cycles a process is using.
    
-
    You may also use monit to monitor files, directories and devices
-on localhost. Monit can monitor these items for changes, such as
-timestamps changes, checksum changes or size changes. This is
-also useful for security reasons - you can monitor the md5
-checksum of files that should not change.
    
-
    You may even use monit to monitor remote hosts. First and
-foremost monit is a utility for monitoring and mending services
-on localhost, but if a service depends on a remote service,
-e.g. a database server or an application server, it might by
-useful to be able to test a remote host as well.
    
+can start sendmail or if apache is using too much resources (e.g.
+if a DoS attack is in progress) Monit can stop or restart apache
+and send you an alert message. Monit can also monitor process
+characteristics, such as; if a process has become a zombie and
+how much memory or cpu cycles a process is using.
    
+
    You may also use Monit to monitor files, directories and
+filesystems on localhost. Monit can monitor these items for
+changes, such as timestamps changes, checksum changes or size
+changes. This is also useful for security reasons - you can
+monitor the md5 checksum of files that should not change.
    
+
    You may even use Monit to monitor remote hosts. First and
+foremost Monit is a utility for monitoring and mending services
+on localhost, but if a service depends on a remote service, e.g.
+a database server or an application server, it might by useful to
+be able to test a remote host as well.
    
 
    You may monitor the general system-wide resources such as cpu
 usage, memory and load average.
    
 
    
 
    
 
    
 
    HOW TO MONITOR
    
-
    monit is configured and controlled via a control file called
+
    Monit is configured and controlled via a control file called
 monitrc. The default location for this file is ~/.monitrc. If
-this file does not exist, monit will try /etc/monitrc, then
-/usr/local/etc/monitrc and finally ./monitrc.
    
-
    A monit control file consists of a series of service entries and
+this file does not exist, Monit will try /etc/monitrc, then
+@sysconfdir@/monitrc and finally ./monitrc.
    
+
    A Monit control file consists of a series of service entries and
 global option statements in a free-format, token-oriented syntax.
 Comments begin with a # and extend through the end of the line.
 There are three kinds of tokens in the control file: grammar
@@ -298,10 +301,10 @@
 service type.
    
 
 
-
    This is the hello galaxy version of a monit control file:
    
+
    A Monit control file example:
    
 
      #
- # monit control file
+ # Monit control file
  #
    
 
      set daemon 120 # Poll at 2-minute intervals
@@ -309,7 +312,7 @@
  set alert foo@bar.baz
  set httpd port 2812 and use address localhost
      allow localhost   # Allow localhost to connect
-     allow admin:monit # Allow Basic Auth
    
+     allow admin:Monit # Allow Basic Auth
    
 
      check system myhost.mydomain.tld
     if loadavg (1min) > 4 then alert
@@ -321,7 +324,7 @@
 
      check process apache 
     with pidfile "/usr/local/apache/logs/httpd.pid"
-    start program = "/etc/init.d/httpd start"
+    start program = "/etc/init.d/httpd start" with timeout 60 seconds
     stop program = "/etc/init.d/httpd stop"
     if 2 restarts within 3 cycles then timeout
     if totalmem > 100 Mb then alert
@@ -347,49 +350,57 @@
 
      include /etc/monit/mysql.monitrc
  include /etc/monit/mail/*.monitrc
    
-
    This example illustrate a service entry for monitoring the apache
-web server process as well as related files. The meaning of the
-various statements will be explained in the following sections.
    
+
    The above example illustrates a service entry for monitoring the
+apache web server process as well as related files. The meaning
+of the various statements will be explained in the following
+sections.
    
 
    
 
    
 
    
 
    LOGGING
    
-
    monit will log status and error messages to a log file. Use the
+
    Monit will log status and error messages to a log file. Use the
 set logfile statement in the monitrc control file. To setup
-monit to log to its own logfile, use e.g. set logfile
+Monit to log to its own logfile, use e.g. set logfile
 /var/log/monit.log. If syslog is given as a value for the
 -l command-line switch (or the keyword set logfile syslog
-is found in the control file) monit will use the syslog system
-daemon to log messages. The priority is assigned to each message
-based on the context. To turn off logging, simply do not set
-the logfile in the control file (and of course, do not use the -l
+is found in the control file) Monit will use the syslog system
+daemon to log messages with a priority assigned to each message
+based on the context. To turn off logging, simply do not set the
+logfile in the control file (and of course, do not use the -l
 switch)
    
 
    
 
    
 
    
 
    DAEMON MODE
    
-
    The -d interval command-line switch runs monit in daemon
+
    The -d interval command-line switch runs Monit in daemon
 mode. You must specify a numeric argument which is a polling
 interval in seconds.
    
-
    In daemon mode, monit detaches from the console, puts itself in
+
    In daemon mode, Monit detaches from the console, puts itself in
 the background and runs continuously, monitoring each specified
 service and then goes to sleep for the given poll interval.
    
+
    Simply invoking
    
 
    -       Simply invoking
    
-
    -              monit -d 300
    
+              Monit -d 300
    
 
    will poll all services described in your ~/.monitrc file every
 5 minutes.
    
 
    It is strongly recommended to set the poll interval in your
 ~/.monitrc file instead, by using set daemon n, where n
-is an integer number of seconds. If you do this, monit will
+is an integer number of seconds. If you do this, Monit will
 always start in daemon mode (as long as no action arguments are
-given).
    
+given). Example (check every 5 minutes):
    
+
    +  set daemon 300
    
+
    If you need Monit to wait some time at startup before it start
+checking services you can use the delay statement. Example (check
+every 5 minutes, wait 1 minute on start before first monitoring
+cycle):
    
+
    +  set daemon 300 with start delay 60
    
 
    Monit makes a per-instance lock-file in daemon mode. If you need
-more monit instances, you will need more configuration files,
+more Monit instances, you will need more configuration files,
 each pointing to its own lock-file.
    
-
    Calling monit with a monit daemon running in the background
-sends a wake-up signal to the daemon, forcing it to check 
+
    Calling monit with a Monit daemon running in the background
+sends a wake-up signal to the daemon, forcing it to check
 services immediately.
    
 
    The quit argument will kill a running daemon process instead
 of waking it up.
    
@@ -397,21 +408,21 @@
 
    
 
    
 
    INIT SUPPORT
    
-
    Monit can run and be controlled from init. If monit should
-crash, init will re-spawn a new monit process. Using init to
-start monit is probably the best way to run monit if you want to
-be certain that you always have a running monit daemon on your
+
    Monit can run and be controlled from init. If Monit should
+crash, init will re-spawn a new Monit process. Using init to
+start Monit is probably the best way to run Monit if you want to
+be certain that you always have a running Monit daemon on your
 system. (It's obvious, but never the less worth to stress; Make
 sure that the control file does not have any syntax errors before
-you start monit from init. Also, make sure that if you run monit
-from init, that you do not start monit from a startup scripts as
+you start Monit from init. Also, make sure that if you run monit
+from init, that you do not start Monit from a startup scripts as
 well).
    
-
    To setup monit to run from init, you can either use the 'set
+
    To setup Monit to run from init, you can either use the 'set
 init' statement in monit's control file or use the -I option from
 the command line and here is what you must add to /etc/inittab:
    
 
    -  # Run monit in standard run-levels
-  mo:2345:respawn:/usr/local/bin/monit -Ic /etc/monitrc
    
+  # Run Monit in standard run-levels
+  mo:2345:respawn:/usr/local/bin/Monit -Ic /etc/monitrc
    
 
    After you have modified init's configuration file, you can run
 the following command to re-examine /etc/inittab and start monit:
    
 
    @@ -420,10 +431,10 @@
 For systems without telinit:
    
 
       kill -1 1
    
-
    If monit is used to monitor services that are also started at
+
    If Monit is used to monitor services that are also started at
 boot time (e.g. services started via SYSV init rc scripts or via
 inittab) then, in some cases, a race condition could occur. That
-is; if a service is slow to start, monit can assume that the
+is; if a service is slow to start, Monit can assume that the
 service is not running and possibly try to start it and raise an
 alert, while, in fact the service is already about to start or
 already in its startup sequence. Please see the FAQ for solutions
@@ -432,7 +443,7 @@
 
    
 
    
 
    INCLUDE FILES
    
-
    The monit control file, monitrc, can include additional
+
    The Monit control file, monitrc, can include additional
 configuration files. This feature helps to maintain a certain
 structure or to place repeating settings into one file. Include
 statements can be placed at virtually any spot. The syntax is the
@@ -445,7 +456,7 @@
 the globstring need to be embedded into quotes (') or double
 quotes (``). For example,
    
 
    - INCLUDE "/etc/monit/monit configuration files/printer.*.monitrc"
    
+ INCLUDE "/etc/monit/Monit configuration files/printer.*.monitrc"
    
 
    loads any file matching the single globstring.  If the globstring
 matches a directory instead of a file, it is silently ignored.
    
 
    INCLUDE statements in included files are parsed as in the main
@@ -464,17 +475,20 @@
   GROUP groupname

    With this statement it is possible to group similar service entries together and manage them as a whole. Monit provides -functions to start, stop and restart a group of services, like -so:

    +functions to start, stop, restart, monitor and unmonitor a +group of services, like so:

    To start a group of services from the console:

    -  monit -g <groupname> start
    + Monit -g <groupname> start

    To stop a group of services:

    -  monit -g <groupname> stop
    + Monit -g <groupname> stop

    To restart a group of services:

    -  monit -g <groupname> restart
    + Monit -g <groupname> restart +

    Note: +the status and summary commands don't support the -g +option and will print the state of all services.

    @@ -482,30 +496,47 @@

    Monit supports three monitoring modes per service: active, passive and manual. See also the example section below for usage of the mode statement.

    -

    In active mode, monit will monitor a service and in case of -problems monit will act and raise alerts, start, stop or restart +

    In active mode, Monit will monitor a service and in case of +problems Monit will act and raise alerts, start, stop or restart the service. Active mode is the default mode.

    -

    In passive mode, monit will passively monitor a service and +

    In passive mode, Monit will passively monitor a service and specifically not try to fix a problem, but it will still raise alerts in case of a problem.

    For use in clustered environments there is also a manual -mode. In this mode, monit will enter active mode only if a +mode. In this mode, Monit will enter active mode only if a service was brought under monit's control, for example by executing the following command in the console:

    -  monit start sybase 
-  (monit will call sybase's start method and enable monitoring)
    -

    If a service was not started by monit or was stopped or disabled + Monit start sybase + (Monit will call sybase's start method and enable monitoring) +

    If a service was not started by Monit or was stopped or disabled for example by:

    -  monit stop sybase 
-  (monit will call sybase's stop method and disable monitoring)
    -

    monit will not monitor the service. This allows for having -services configured in monitrc and start it with monit only if it + Monit stop sybase + (Monit will call sybase's stop method and disable monitoring) +

    Monit will then not monitor the service. This allows for having +services configured in monitrc and start it with Monit only if it should run. This feature can be used to build a simple failsafe cluster. To see how, read more about how to setup a cluster with -monit using the heartbeat system in the examples sections +Monit using the heartbeat system in the examples sections below.

    +

    A service's monitoring state is persistent across Monit restart. +This means that you probably would like to make certain that +services in manual mode are stopped or in unmonitored mode at +server shutdown. Do for instance the following in a server +shutdown script:

    +
    +  Monit stop sybase
    +

    or

    +
    +  Monit unmonitor sybase
    +

    If you use Monit in a HA-cluster you should place the state file +in a temporary filesystem so if the machine should crash and the +stand-by machine take over services, any manual monitoring mode +services that were started on the crashed machine won't be +started on reboot. Use for example:

    +
    +  set statefile /tmp/monit.state

    @@ -523,9 +554,10 @@ o A file checksum problem o A file size problem o A file/directory timestamp problem - o A file/directory/device permission problem - o A file/directory/device uid problem - o A file/directory/device gid problem + o A file/directory/filesystem permission problem + o A file/directory/filesystem uid problem + o A file/directory/filesystem gid problem + o An action is done per administrator's request

    Monit will send an alert each time a monitored object changed. This involves:

    @@ -533,34 +565,38 @@
  o A file checksum changed
  o A file size changed
  o A file content match
- o A file/directory timestamp changed
    -

    You use the alert statement to notify monit that you want alert + o A file/directory timestamp changed + o A filesystem mount flags changed + o A process PID changed + o A process PPID changed +

    You use the alert statement to notify Monit that you want alert messages sent to an email address. If you do not specify an alert -statement, monit will not send alert messages.

    +statement, Monit will not send alert messages.

    There are two forms of alert statement:

      o Global - common for all services
  o Local  - per service

    In both cases you can use more than one alert statement. In other words, you can send many different emails to many different -addresses. (in case you now got a new business idea; monit is not -really suitable for sending spam).

    +addresses.

    Recipients in the global and in the local lists are alerted when a service failed, recovered or changed. If the same email address -is in the global and in the local list, monit will send only one +is in the global and in the local list, Monit will only send one alert. Local (per service) defined alert email addresses override global addresses in case of a conflict. Finally, you may choose to only use a global alert list (recommended), a local per service list or both.

    +

    It is also possible to disable the global alerts locally for +particular service(s) and recipients.

    Setting a global alert statement

    -

    If a change occurred on a monitored services, monit will send an -alert to all recipients in the global list who have registered +

    If a change occurred on a monitored services, Monit will send an +alert to all recipients in the global list who has registered interest for the event type. Here is the syntax for the global alert statement:

    -
    SET ALERT mail-address [{events}] [MAIL-FORMAT +
    SET ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT {mail-format}] [REMINDER number]
    @@ -569,22 +605,31 @@ set alert foo@bar

    will send a default email to the address foo@bar whenever an event occurred on any service. Such an event may be that a -service timed out, a service was doesn't exist or a service does -exist (on recovery) and so on. If you want to send alert messages -to more email addresses, add a set alert 'email' statement for -each address.

    +service timed out, a service doesn't exist and so on. If you want +to send alert messages to more email addresses, add a set alert +'email' statement for each address.

    For explanations of the events, MAIL-FORMAT and REMINDER keywords above, please see below.

    +

    You can also use the NOT option ahead of the events list which +will reverse the meaning of the list. That is, only send alerts +for events not in the list. This can save you some +configuration bytes if you are interested in most events except a +few.

    Setting a local alert statement

    Each service can also have its own recipient list.

    -
    ALERT mail-address [{events}] [MAIL-FORMAT +
    ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT {mail-format}] [REMINDER number]
    -

    If you only want an alert message sent for certain events for +

    or

    +
    +
    NOALERT mail-address + +
    +

    If you only want an alert message sent for certain events and for certain service(s), for example only for timeout events or only if a service died, then postfix the alert-statement with a filter block:

    @@ -592,12 +637,42 @@ check process myproc with pidfile /var/run/my.pid alert foo@bar only on { timeout, nonexist } ... -

    (only and on are noise keywords, ignored by monit. As a +

    (only and on are noise keywords, ignored by Monit. As a side note; Noise keywords are used in the control file grammar to make an entry resemble English and thus make it easier to read (or, so goes the philosophy). The full set of available noise keywords are listed below in the Control File section).

    -

    Event filtering can be used to send a mail to different email +

    You can also setup to send alerts for all events except some by +putting the word not ahead of the list. For example, if you +want to receive alerts for all events except Monit instance +events, you can write (note that the noise words 'but' and 'on' +are optional):

    +
    + check system myserver
+   alert foo@bar but not on { instance } 
+   ...
    +

    instead of:

    +
    +   alert foo@bar on { action
+                      checksum
+                      content
+                      data
+                      exec
+                      gid
+                      icmp
+                      invalid
+                      fsflags
+                      nonexist
+                      permission
+                      pid
+                      ppid
+                      size
+                      timeout
+                      timestamp }
    +

    This will send alerts for all events to foo@bar, except Monit +instance events. An instance event BTW, is an event fired +whenever the Monit program start or stop.

    +

    Event filtering can be used to send an email to different email addresses depending on the events that occurred. For instance:

      alert foo@bar { nonexist, timeout, resource, icmp, connection }
@@ -608,10 +683,21 @@
 security@bar if a checksum, permission, uid or gid problem
 occurs. And finally, a message to manager@bar whenever any error
 event occurs.
    
-
    This is the list of events you can use in a mail-filter: uid,
+
    Here is the list of events you can use in a mail-filter: uid,
 gid, size, nonexist, data, icmp, instance, invalid, exec,
-changed, timeout, resource, checksum, match, timestamp,
-connection, permission
    
+content, timeout, resource, checksum, fsflags, timestamp,
+connection, permission, pid, ppid, action
    
+
    You can also disable the alerts localy using the NOALERT
+statement. This is useful if you have lots of services monitored
+and are using the global alert statement, but don't want to
+receive alerts for some minor subset of services:
    
+
    + noalert appadmin@bar
    
+
    For example, if you stick the noalert statement in a 'check
+system' entry, you won't receive system related alerts (such as
+Monit instance started/stopped/reloaded alert, system overloaded
+alert, etc.) but will receive alerts for all other monitored
+services.
    
 
    The following example will alert foo@bar on all events on all
 services by default, except the service mybar which will send an
 alert only on timeout. The trick is based on the fact that local
@@ -624,24 +710,15 @@
    ...
  check process mybar with pidfile /var/run/mybar.pid
    alert foo@bar only on { timeout }
    -

    The 'instance' alert type report events related to monit -internals, such as when a monit instance was started, stopped or -reloaded.

    -

    If the MTA (mailserver) for sending alerts is not available, -monit can queue events on the local file-system until the MTA -recover. Monit will then post queued events in order with their -original timestamp so the events are not lost. This feature is -most useful if monit is used together with e.g. m/monit and when -event history is important.

    Alert message layout

    -

    monit provides a default mail message layout that is short and to +

    Monit provides a default mail message layout that is short and to the point. Here's an example of a standard alert mail sent by monit:

      From: monit@tildeslash.com
- Subject: monit alert -- Does not exist apache 
+ Subject: Monit alert -- Does not exist apache 
  To: hauk@tildeslash.com
  Date: Thu, 04 Sep 2003 02:33:03 +0200
    @@ -664,22 +741,22 @@
             Yours sincerely,
             monit
  }
    -

    Where the keyword from: is the email address monit should +

    Where the keyword from: is the email address Monit should pretend it is sending from. It does not have to be a real mail address, but it must be a proper formated mail address, on the form: name@domain. The keyword subject: is for the email subject line. The subject must be on only one line. The message: keyword denotes the mail body. If used, this keyword -should always be the last in a mail-format statement. The mail -body can be as long as you want and must not contain the '}' +should always be the last in a mail-format statement. The mail +body can be as long as you want, but must not contain the '}' character.

    -

    All of these format keywords are optional but you must provide at -least one. Thus if you only want to change the from address monit -is using you can do:

    +

    All of these format keywords are optional, but if used, you must +provide at least one. Thus if you only want to change the from +address Monit is using you can do:

      set alert foo@bar with mail-format { from: bofh@bar.baz }

    From the previous example you will notice that some special $XXX -variables was used. If used, they will be substituted and +variables were used. If used, they will be substituted and expanded into the text with these values:

    • $EVENT @@ -688,25 +765,28 @@ A string describing the event that occurred. The values are fixed and are: 
      - Event:    | Failure state:          | Recovery state:
- ---------------------------------------------------------------
- CHANGED   | "Changed"               | "Changed back"
- CHECKSUM  | "Checksum failed"       | "Checksum passed"
- CONNECTION| "Connection failed"     | "Connection passed"
- DATA      | "Data access error"     | "Data access succeeded"
- EXEC      | "Execution failed"      | "Execution succeeded"
- GID       | "GID failed"            | "GID passed"
- ICMP      | "ICMP failed"           | "ICMP passed"
- INSTANCE  | "Monit instance changed"| "Monit instance changed not"
- INVALID   | "Invalid type"          | "Type passed"
- MATCH     | "Regex match"           | "No regex match"
- NONEXIST  | "Does not exist"        | "Exists"
- PERMISSION| "Permission failed"     | "Permission passed"
- RESOURCE  | "Resource limit matched"| "Resource limit passed"
- SIZE      | "Size failed"           | "Size passed"
- TIMEOUT   | "Timeout"               | "Timeout recovery"
- TIMESTAMP | "Timestamp failed"      | "Timestamp passed"
- UID       | "UID failed"            | "UID passed"
      + Event: | Failure state: | Success state: + ------------------------------------------------------------------- + ACTION | "Action done" | "Action done" + CHECKSUM | "Checksum failed" | "Checksum succeeded" + CONNECTION| "Connection failed" | "Connection succeeded" + CONTENT | "Content failed", | "Content succeeded" + DATA | "Data access error" | "Data access succeeded" + EXEC | "Execution failed" | "Execution succeeded" + FSFLAG | "Filesystem flags failed"| "Filesystem flags succeeded" + GID | "GID failed" | "GID succeeded" + ICMP | "ICMP failed" | "ICMP succeeded" + INSTANCE | "Monit instance changed" | "Monit instance changed not" + INVALID | "Invalid type" | "Type succeeded" + NONEXIST | "Does not exist" | "Exists" + PERMISSION| "Permission failed" | "Permission succeeded" + PID | "PID failed" | "PID succeeded" + PPID | "PPID failed" | "PPID succeeded" + RESOURCE | "Resource limit matched" | "Resource limit succeeded" + SIZE | "Size failed" | "Size succeeded" + TIMEOUT | "Timeout" | "Timeout recovery" + TIMESTAMP | "Timestamp failed" | "Timestamp succeeded" + UID | "UID failed" | "UID succeeded"
    • $SERVICE 
      @@ -718,7 +798,7 @@
 
    • $HOST
 
 
      - The name of the host monit is running on
      
+ The name of the host Monit is running on
    • $ACTION 
      @@ -742,8 +822,8 @@
 
      
 
      
 
      Setting a global mail format
      
-
      It is possible to set a standard mail format with the
-following global set-statement (keywords are in capital):
      
+
      It is possible to set a standard mail format with the following
+global set-statement (keywords are in capital):
      
 
      
 
      SET MAIL-FORMAT {mail-format}
 
@@ -756,90 +836,112 @@
  set mail-format { from: monit@foo.bar.no }

      -

      Setting a error reminder

      -

      Monit by default sends just one error notification when the -service failed and another one when it has recovered. If you want -to be notified more then once in the case that the service -remains failed, you can use the reminder option of alert -statement (keywords are in capital):

      +

      Setting an error reminder

      +

      Monit by default sends just one error notification if a service +failed and another when it recovered. If you want to be notified +more then once if a service remains in a failed state, you can +use the reminder option to the alert statement (keywords are in +capital):

      ALERT ... [WITH] REMINDER [ON] number [CYCLES]
      -

      For example if you want to be notified each tenth cycle when the -service remains failed, you can use:

      +

      For example if you want to be notified each tenth cycle if a +service remains in a failed state, you can use:

         alert foo@bar with reminder on 10 cycles
      -

      If you want to be notified on each failed cycle, you can use:

      +

      Likewise if you want to be notified on each failed cycle, you can +use:

         alert foo@bar with reminder on 1 cycle

      Setting a mail server for alert messages

      -

      The mail server monit should use to send alert messages is +

      The mail server Monit should use to send alert messages is defined with a global set statement (keywords are in capital and optional statements in [brackets]):

      - SET MAILSERVER {host name [PORT port]|ip-address [PORT port]}+ 
-                [with TIMEOUT X SECONDS]
      + SET MAILSERVER {hostname|ip-address [PORT port] + [USERNAME username] [PASSWORD password] + [using SSLV2|SSLV3|TLSV1] [CERTMD5 checksum]}+ + [with TIMEOUT X SECONDS] + [using HOSTNAME hostname]

      The port statement allows to use SMTP servers other then those -listening on port 25. If omitted, port 25 is used for the -connection.

      +listening on port 25. If omitted, port 25 is used unless ssl or +tls is used, in which case port 465 is used by default.

      +

      Monit support plain smtp authentication - you can set a username +and a password using the USERNAME and PASSWORD options.

      +

      To use secure communication, use the SSLV2, SSLV3 or TLSV1 +options, you can also specify the server certificate checksum +using CERTMD5 option.

      As you can see, it is possible to set several SMTP servers. If -monit cannot connect to the first server in the list it will try +Monit cannot connect to the first server in the list it will try the second server and so on. Monit has a default 5 seconds -connection timeout and if the SMTP server is slow, monit could -timeout when connecting or reading from the server. You can use -the optional timeout statement to explicit set the timeout to a -higher value if needed. Here is an example for setting several -mail servers:

      -
      - set mailserver mail.tildeslash.com, mail.foo.bar port 10025, 
-     localhost with timeout 15 seconds
      -

      Here monit will first try to connect to the server -``mail.tildeslash.com'', if this server is down monit will try -``mail.foo.bar'' on port 10025 and finally ``localhost''. We do also -set an explicit connect and read timeout; If monit cannot connect -to the first SMTP server in the list within 15 seconds it will -try the next server and so on. The set mailserver .. statement -is optional and if not defined monit defaults to use localhost as -the SMTP server.

      +connection timeout and if the SMTP server is slow, Monit could +timeout when connecting or reading from the server. If this is +the case, you can use the optional timeout statement to explicit +set the timeout to a higher value if needed. Here is an example +for setting several mail servers:

      +
      + set mailserver mail.tildeslash.com, mail.foo.bar port 10025
+     username "Rabbi" password "Loewe" using tlsv1, localhost
+     with timeout 15 seconds
      +

      Here Monit will first try to connect to the server +``mail.tildeslash.com'', if this server is down Monit will try +``mail.foo.bar'' on port 10025 using the given credentials via tls +and finally ``localhost''. We also set an explicit connect and read +timeout; If Monit cannot connect to the first SMTP server in the +list within 15 seconds it will try the next server and so on. The +set mailserver .. statement is optional and if not defined +Monit will not send email alerts. Not setting a mail server is +recommended only if alert notification is delegated to M/Monit.

      +

      Monit, by default, use the local host name in SMTP HELO/EHLO and +in the Message-ID header. Some mail servers check this +information against DNS for spam protection and can reject the +email if the DNS and the hostname used in the transaction does +not match. If this is the case, you can override the default +local host name by using the HOSTNAME option:

      +
      + set mailserver mail.tildeslash.com using hostname
+     "myhost.example.org"

      Event queue

      -

      Monit provide optionally queueing of event alerts that cannot be -sent. For example, if no mail-server is available at the moment, -monit can store events in a queue and try to reprocess them at -the next cycle. As soon as the mail-server recover, monit will -post the queued events. The queue is persistent across monit -restarts and provided that the back-end filesystem is persistent -too, across system restart as well.

      +

      If the MTA (mail server) for sending alerts is not available, +Monit can queue events on the local file-system until the MTA +recover. Monit will then post queued events in order with their +original timestamp so the events are not lost. This feature is +most useful if Monit is used together with M/Monit and when event +history is important.

      +

      The event queue is persistent across monit restarts and provided +that the back-end filesystem is persistent too, across system +restart as well.

      By default, the queue is disabled and if the alert handler fails, -monit will simply drop the alert message. To enable the event -queue, add the following statement to the monit control file:

      +Monit will simply drop the alert message. To enable the event +queue, add the following statement to the Monit control file:

        SET EVENTQUEUE BASEDIR <path> [SLOTS <number>]

      The <path> is the path to the directory where events will be -stored. Optionally if you want to limit the queue size (maximum -events count), use the slots option. If the slots option is not -used, monit will store as many events as the backend filesystem -allows.

      +stored. Optionally if you want to limit the queue size, use the +slots option to only store up to number event messages. If the +slots option is not used, Monit will store as many events as the +backend filesystem allows.

      Example:

         set eventqueue
       basedir /var/monit
       slots 5000
      -

      The events are stored in binary format, one file per event. The -file size is ca. 130 bytes or a bit more (depending on the +

      Events are stored in a binary format, with one file per event. +The file size is ca. 130 bytes or a bit more (depending on the message length). The file name is composed of the unix timestamp, underscore and the service name, for example:

        /var/monit/1131269471_apache
      -

      If you are running more then one monit instance on the same +

      If you are running more then one Monit instance on the same machine, you must use separated event queue directories to avoid sending wrong alerts to the wrong addresses.

      -

      If you want to purge the queue by hand (remove queued -event-files), monit should be stopped before the removal.

      +

      If you want to purge the queue by hand, that is, remove queued +event-files, Monit should be stopped before the removal.

      @@ -847,15 +949,15 @@

      monit provides a service timeout mechanism for situations where a service simply refuses to start or respond over a longer period. In cases like this, and particularly if monit's poll-cycle -is low, monit will simply increase the machine load by trying to +is low, Monit will simply increase the machine load by trying to restart the service.

      -

      The timeout mechanism monit provides is based on two variables, +

      The timeout mechanism Monit provides is based on two variables, i.e. the number the service has been started and the number of poll-cycles. For example, if a service had x restarts within -y poll-cycles (where x <= y) then monit will timeout and -not (re)start the service on the next cycle. If a timeout occurs -monit will send you an alert message if you have register -interest for this event.

      +y poll-cycles (where x <= y) then Monit will timeout and +not (re)start the service on subsequent cycles until the service +is manually re-registered.. If a timeout occurs Monit will send +you an alert message if you have register interest for this event.

      The syntax for the timeout statement is as follows (keywords are in capital):

      @@ -868,11 +970,11 @@ zero. This provides some granularity to catch exceptional cases and do a service timeout, but let occasional service start and restarts happen without having an accumulated timeout.

      -

      Here is an example where monit will timeout (not check the +

      Here is an example where Monit will timeout (not check the service) if the service was restarted 2 times within 3 cycles:

        if 2 restarts within 3 cycles then timeout
      -

      To have monit check the service again after a timeout, run 'monit +

      To have Monit check the service again after a timeout, run 'monit monitor service' from the command line. This will remove the timeout lock in the daemon and make the daemon start and check the service again.

      @@ -881,93 +983,69 @@

      SERVICE TESTS

      Monit provides several tests you may utilize in a service entry -to test a service. Basically here are two classes of tests: -variable and constant object tests.

      -

      Constant object tests are related to failed/passed state. In the -case of error, monit will watch whether the failed parameter will -recover - in such case it will handle recovery related -action. General format:

      +to test a service. There are two classes of tests: variable and +constant tests. That is, the condition we test is either constant +e.g. a number or it can vary.

      +

      A constant test has this general format:

      IF <TEST> [[<X>] [TIMES WITHIN] <Y> CYCLES] THEN ACTION - [ELSE IF PASSED [[<X>] [TIMES WITHIN] <Y> CYCLES] + [ELSE IF SUCCEEDED [[<X>] [TIMES WITHIN] <Y> CYCLES] THEN ACTION]
      -

      For constant object tests if the <TEST> should validate to true, -then the selected action is executed each cycle the condition -remains true. The value for comparison is constant. Recovery -action is evaluated only once (on failed->passed state change -only). The 'ELSE IF PASSED' part is optional - if omitted, -monit will do alert action on recovery by default. The alert is -delivered only once on each state change unless overridden by -'reminder' alert option.

      -

      Variable object tests begins with 'IF CHANGED' statement and -serves for monitoring of object, which property can change legally -- monit watches whether the value will change again. You can use -it just for alert or to involve some automatic action, as for -example to reload monitored process after its configuration file -was changed. Variable tests are supported for 'checksum', -'size', 'pid, 'ppid' and 'timestamp' tests only, if you consider -that other tests can be useful in variable form too, please let -us know.

      +

      If the <TEST> condition should evaluate to true, then the +selected action is executed each cycle the test condition remains +true. The comparison value is constant. Recovery action is +evaluated only once (on a failed to succeeded state change only). +The 'ELSE IF SUCCEEDED' part is optional, if omitted, Monit will +send an alert on recovery. The alert is sent only once on each +state change unless overridden by the 'reminder' alert option.

      +

      A variable test has this general format:

      IF CHANGED <TEST> [[<X>] [TIMES WITHIN] <Y> CYCLES] THEN ACTION
      -

      For variable object tests if the <TEST> should validate to true, -then the selected action is executed once and monit will watch -for another change. The value for comparison is a variable where -the last result becomes the actual value, which is compared in -future cycles. The alert is delivered each time the condition -becomes true.

      -

      You can restrict the event ratio needed to change the state:

      +

      If the <TEST> should evaluate to true, then the selected action +is executed once. The comparison value is a variable where the +last result becomes the new value and is compared in future +cycles. The alert is delivered each time the condition becomes +true.

      +

      You can use this test for alerts or for some automatic action, +for example to reload monitored process after its configuration +file was changed. Variable tests are supported for 'checksum', +'size', 'pid, 'ppid' and 'timestamp' tests only.

      ... [[<X>] [TIMES WITHIN] <Y> CYCLES] ...
      -

      This part is optional and is supported by all testing rules. -It defines how many event occurrences during how many cycles -are needed to trigger the following action. You can use it -in several ways - the core syntax is:

      -
      - [<X>] <Y> CYCLES
      -

      It is possible to use filling words which give the rule better -first-sight sense. You can use any filling words such as: FOR, -TIMES, WITHIN, thus for example:

      +

      If a test match, its action is executed at once. This behaviour +can optionally be changed and you can for instance require that a +test must match over several poll cycles before the action is +executed by using the statement above. You can use this in +several ways. For example:

        if failed port 80 for 3 times within 5 cycles then alert

      or

        if failed port 80 for 10 cycles then unmonitor
      -

      When you don't specify the <X>, it equals to <Y> by default, -thus the rule applies when <Y> consecutive cycles of inverse -event occurred (relatively to the current service state).

      -

      When you omit it at all, monit will by default change state -on first inverse event, which is equivalent to this notation:

      -
      - 1 times within 1 cycles
      -

      It is possible to use this option for failed, passed/recovered -or changed rules. More complex examples:

      -
      - check device rootfs with path /dev/hda1
-  if space usage > 80% 5 times within 15 cycles 
-     then alert 
-     else if passed for 10 cycles then alert
+
      If you don't specify <X> times, it equals <Y> by default, thus
+the test match if it evaluate to true for <Y> consecutive cycles.
      
+
      It is possible to use this option for failed, succeeded,
+recovered or changed rules. Here is a more complex example:
      
+
      + check filesystem rootfs with path /dev/hda1
+  if space usage > 80% for 5 times within 15 cycles 
+     then alert else if succeeded for 10 cycles then alert
   if space usage > 90% for 5 cycles then 
      exec '/try/to/free/the/space'
   if space usage > 99% then exec '/stop/processess'
      
-
      Note that the maximal cycles count which can be used in the rule
-is limited by the size of 'long long' data type on your platform.
-This provides 64 cycles on usual platforms currently. In the case
-that you use unsupported value, the configuration parser will
-tell you the limits during monit startup.
      
-
      You must select an action to be executed from this list:
      
+
      In each test you must select the action to be executed from this
+list:
      
 
        
 
      • 
 
        ALERT sends the user an alert event on each state change (for
-constant object tests) or on each change (for variable object
-tests).
        
+constant tests) or on each change (for variable tests).
        
 
        • 
 
      • 
 
        RESTART restarts the service and sends an alert. Restart is
@@ -980,14 +1058,14 @@
 
        • 
 
      • 
 
        STOP stops the service by calling the service's registered
-stop method and send an alert. If monit stops a service it
-will not be checked by monit anymore nor restarted again
-later. To reactivate monitoring of the service again you must
-explicitly enable monitoring from the web interface or from the
-console, e.g. 'monit monitor apache'.
        
+stop method and send an alert. If Monit stops a service it
+will not be checked by Monit anymore nor restarted again later.
+To reactivate monitoring of the service again you must explicitly
+enable monitoring from the web interface or from the console,
+e.g. 'monit monitor apache'.
        
 
        • 
 
      • 
-
        EXEC may be used to execute an arbitrary program and send
+
        EXEC can be used to execute an arbitrary program and send
 an alert. If you choose this action you must state the program to
 be executed and if the program require arguments you must enclose
 the program and its arguments in a quoted string. You may
@@ -996,11 +1074,12 @@
 
          exec "/usr/local/tomcat/bin/startup.sh"
       as uid nobody and gid nobody
        
-
        This may be useful if the program to be started cannot change to
-a lesser privileged user and group. This is typically needed for
-Java Servers. Remember, if monit is run by the superuser, then
-all programs executed by monit will be started with superuser
-privileges unless the uid and gid extension was used.
        
+
        The uid and gid switch can be useful if the program to be started
+cannot change to a lesser privileged user and group. This is
+typically needed for Java Servers. Remember, if Monit is run by
+the superuser, then all programs executed by Monit will be
+started with superuser privileges unless the uid and gid
+extension was used.
        
 
        • 
 
      • 
 
        MONITOR will enable monitoring of the service and send
@@ -1008,7 +1087,7 @@
 
        • 
 
      • 
 
        UNMONITOR will disable monitoring of the service and send
-an alert. The service will not be checked by monit anymore nor
+an alert. The service will not be checked by Monit anymore nor
 restarted again later.  To reactivate monitoring of the service
 you must explicitly enable monitoring from monit's web interface
 or from the console using the monitor argument.
        
@@ -1017,39 +1096,43 @@
 
        
 
        
 
        RESOURCE TESTING
        
-
        Monit can examine how much system resources a services are
-using. This test may only be used within a system or process
-service entry in the monit control file.
        
-
        Depending on the system or process characteristics, services
-can be stopped or restarted and alerts can be generated. Thus
-it is possible to utilize systems which are idle and to spare
-system under high load.
        
+
        Monit can examine how much system resources a service are using.
+This test can only be used within a system or process service
+entry in the Monit control file.
        
+
        Depending on system or process characteristics, services can be
+stopped or restarted and alerts can be generated. Thus it is
+possible to utilize systems which are idle and to spare system
+under high load.
        
 
        The full syntax for the resource-statements used for resource
 testing is as follows (keywords are in capital and optional
 statements in [brackets]),
        
 
        
 
        IF resource operator value [[<X>] <Y> CYCLES] THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
        
-
        resource is a choice of ``CPU'', ``CPU([user|system|wait])'',
-``MEMORY'', ``CHILDREN'', ``TOTALMEMORY'', ``LOADAVG([1min|5min|15min])''.
-Some resources can be used inside of system service container,
-some in process service container and some in both:
        
+
        resource is a choice of ``CPU'', ``TOTALCPU'',
+``CPU([user|system|wait])'', ``MEMORY'', ``CHILDREN'', ``TOTALMEMORY'',
+``LOADAVG([1min|5min|15min])''. Some resource tests can be used
+inside a check system entry, some in a check process entry and
+some in both:
        
 
        System only resource tests:
        
-
        CPU([user|system|wait]) is the percent of time that the system
-spend in user  or system/kernel space. Some systems such as linux
-2.6 supports 'wait' indicator as well.
        
+
        CPU([user|system|wait]) is the percent of time the system spend
+in user or system/kernel space. Some systems such as linux 2.6
+supports a 'wait' indicator as well.
        
 
        Process only resource tests:
        
-
        CPU is the CPU usage of the process and its children in
-parts of hundred (percent).
        
+
        CPU is the CPU usage of the process itself (percent).
        
+
        TOTALCPU is the total CPU usage of the process and its children
+in (percent). You will want to use TOTALCPU typically for
+services like Apache webserver where one master process forks the
+child processes as workers.
        
 
        CHILDREN is the number of child processes of the process.
        
 
        TOTALMEMORY is the memory usage of the process and its child
 processes in either percent or as an amount (Byte, kB, MB, GB).
        
 
        System and process resource tests:
        
-
        MEMORY is the memory usage of the system or in the process context
-of the process without its child processes in either percent
-(of the systems total) or as an amount (Byte, kB, MB, GB).
        
+
        MEMORY is the memory usage of the system or of a process (without
+children) in either percent (of the systems total) or as an
+amount (Byte, kB, MB, GB).
        
 
        LOADAVG([1min|5min|15min]) refers to the system's load average.
 The load average is the number of processes in the system run
 queue, averaged over the specified time period.
        
@@ -1058,9 +1141,9 @@
 ``less'', ``equal'', ``notequal'' in human readable form (if not
 specified, default is EQUAL).
        
 
        value is either an integer or a real number (except for
-CHILDREN). For CPU, MEMORY and TOTALMEMORY you need to specify a
-unit.  This could be ``%'' or if applicable ``B'' (Byte), ``kB''
-(1024 Byte), ``MB'' (1024 KiloByte) or ``GB'' (1024 MegaByte).
        
+CHILDREN). For CPU, TOTALCPU, MEMORY and TOTALMEMORY you need to
+specify a unit. This could be ``%'' or if applicable ``B'' (Byte),
+``kB'' (1024 Byte), ``MB'' (1024 KiloByte) or ``GB'' (1024 MegaByte).
        
 
        action is a choice of ``ALERT'', ``RESTART'', ``START'', ``STOP'',
 ``EXEC'', ``MONITOR'' or ``UNMONITOR''.
        
 
        To calculate the cycles, a counter is raised whenever the
@@ -1068,7 +1151,7 @@
 (but not below 0). All counters are reset in case of a restart.
        
 
        The following is an example to check that the CPU usage of a
 service is not going beyond 50% during five poll cycles. If it
-does, monit will restart the service:
        
+does, Monit will restart the service:
        
 
          if cpu is greater than 50% for 5 cycles then restart
        
 
        See also the example section below.
        
@@ -1076,14 +1159,14 @@
 
        
 
        FILE CHECKSUM TESTING
        
 
        The checksum statement may only be used in a file service
-entry. If specified in the control file, monit will compute
+entry. If specified in the control file, Monit will compute
 a md5 or sha1 checksum for a file.
        
 
        The checksum test in constant form is used to verify that a
 file does not change. Syntax (keywords are in capital):
        
 
        
 
        IF FAILED [MD5|SHA1] CHECKSUM [EXPECT checksum] 
          [[<X>] <Y> CYCLES] THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
        
 
        The checksum test in variable form is used to watch for
@@ -1094,12 +1177,12 @@

      The choice of MD5 or SHA1 is optional. MD5 features a 256 bit -and SHA1 a 320 bit checksum. If this option is omitted monit +and SHA1 a 320 bit checksum. If this option is omitted Monit tries to guess the method from the EXPECT string or uses MD5 as default.

      expect is optional and if used it specifies a md5 or sha1 -string monit should expect when testing a file's checksum. If -expect is used, monit will not compute an initial checksum for +string Monit should expect when testing a file's checksum. If +expect is used, Monit will not compute an initial checksum for the file, but instead use the string you submit. For example:

        if failed checksum and 
@@ -1111,31 +1194,32 @@
 
      action is a choice of ``ALERT'', ``RESTART'', ``START'', ``STOP'',
 ``EXEC'', ``MONITOR'' or ``UNMONITOR''.
      
 
      The checksum statement in variable form may be used to check a
-file for changes and if changed, do a specified action.  For
+file for changes and if changed, do a specified action. For
 instance to reload a server if its configuration file was
-changed. The following illustrate this for the apache web server:
      
+changed. The following illustrates this for the apache web
+server:
      
 
        check file httpd.conf path /usr/local/apache/conf/httpd.conf
      if changed sha1 checksum 
         then exec "/usr/local/apache/bin/apachectl graceful"
      
 
      If you plan to use the checksum statement for security reasons,
 (a very good idea, by the way) and to monitor a file or files
-which should not change, then please use constant form and also
-read the DEPENDENCY TREE section below to see a detailed example
-on how to do this properly.
      
+which should not change, then please use the constant form and
+also read the DEPENDENCY TREE section below to see a detailed
+example on how to do this properly.
      
 
      Monit can also test the checksum for files on a remote host via
 the HTTP protocol. See the CONNECTION TESTING section below.
      
 
      
 
      
 
      TIMESTAMP TESTING
      
-
      The timestamp statement may only be used in a file, fifo or directory
-service entry.
      
+
      The timestamp statement may only be used in a file, fifo or
+directory service entry.
      
 
      The timestamp test in constant form is used to verify various
 timestamp conditions. Syntax (keywords are in capital):
      
 
      
 
      IF TIMESTAMP [[operator] value [unit]] [[<X>] <Y> CYCLES] 
       THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
      
 
      The timestamp statement in variable form is simply to test an
@@ -1167,7 +1251,7 @@
 
      The constant timestamp version is useful for monitoring systems
 able to report its state by changing the timestamp of certain
 state files. For instance the iPlanet Messaging server stored
-process system updates the timestamp of:
      
+process       system updates the timestamp of the following files:
      
 
        o stored.ckp
  o stored.lcu
@@ -1203,15 +1287,15 @@
 
      
 
      
 
      FILE SIZE TESTING
      
-
      The size statement may only be used in a file service entry.
-If specified in the control file, monit will compute a size
-for a file.
      
-
      The size test in constant form is used to verify various
-size conditions. Syntax (keywords are in capital):
      
+
      The size statement may only be used in a file service entry. If
+specified in the control file, Monit will compute a size for a
+file.
      
+
      The size test in constant form is used to verify various size
+conditions. Syntax (keywords are in capital):
      
 
      
 
      IF SIZE [[operator] value [unit]] [[<X>] <Y> CYCLES] 
       THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
      
 
      The size statement in variable form is simply to test an existing
@@ -1234,9 +1318,9 @@
 
      The variable size test form is useful for checking a file for
 changes and send an alert or execute an action. Monit will
 register the size of the file at startup and monitor the file for
-changes. As soon as the value changed, monit will do specified
-action, reset the registered value to new result and continue to
-monitor, whether the size changed again.
      
+changes. As soon as the value changes, Monit will perform the
+specified action, reset the registered value to the new value and
+continue monitoring and test if the size changes again.
      
 
      One example of use for this statement is to conduct security
 checks, for instance:
      
 
      @@ -1245,16 +1329,16 @@
 
      which will ``cut the cable'' and stop a possible intruder from
 compromising the system further. This test is just one of many
 you may use to increase the security awareness on a system. If
-you plan to use monit for security reasons we recommend that you
+you plan to use Monit for security reasons we recommend that you
 use this test in combination with other supported tests like
 checksum, timestamp, and so on.
      
-
      The constant size test form may be useful in similar or different
-contexts. It can, for instance, be used to test if a certain file
-size was exceeded and then alert you or monit may execute a
-certain action specified by you. An example is to use this
-statement to rotate log files after they have reached a certain
-size or to check that a database file does not grow beyond a
-specified threshold.
      
+
      The constant form of this test can be useful in similar or
+different contexts. It can, for instance, be used to test if a
+certain file size was exceeded and then alert you or Monit may
+execute a certain action specified by you. An example is to use
+this statement to rotate log files after they have reached a
+certain size or to check that a database file does not grow
+beyond a specified threshold.
      
 
      To rotate a log file:
      
 
        check file myapp.log with path /var/log/myapp.log
@@ -1281,12 +1365,12 @@
 
      
 
      
 
      FILE CONTENT TESTING
      
-
      The match statement allows you to test the content of a text 
-file by using regular expressions. This is a great feature if
-you need to periodically test files, such as log files, for 
-certain patterns. If a pattern match, monit defaults to
-raise an alert, other actions are also possible.
      
-
      The syntax (keywords in capital) for using this function is:
      
+
      The match statement allows you to test the content of a text file
+by using regular expressions. This is a great feature if you need
+to periodically test files, such as log files, for certain
+patterns. If a pattern match, Monit defaults to raise an alert,
+other actions are also possible.
      
+
      The syntax (keywords in capital) for using this test is:
      
 
      
 
      IF [NOT] MATCH {regex|path} [[<X>] <Y> CYCLES] THEN action
 
@@ -1301,13 +1385,13 @@
 
      The content is only being checked every cycle. If content is
 being added and removed between two checks they are unnoticed.
      
 
      On startup the read position is set to the end of the file 
-and monit continue to scan to the end of file on each cycle. 
+and Monit continue to scan to the end of file on each cycle. 
 But if the file size should decrease or inode change the read 
 position is set to the start of the file.
      
 
      Only lines ending with a newline character are inspected. Thus,
 lines are being ignored until they have been completed with this
-character. Also note that only the first 511 characters of a 
-line are inspected.
      
+character. Also note that only the first 511 characters of a line
+are inspected.
      
 
      
 
      IGNORE [NOT] MATCH {regex|path}
 
@@ -1329,29 +1413,47 @@
     if match /etc/monit/active.regex then alert
      
 
      
 
      
+
      FILESYSTEM FLAGS TESTING
      
+
      Monit can test the flags of a filesystem for changes. This test
+is implicit and Monit will send alert in case of failure by
+default.
      
+
      This test is useful for detecting changes of the filesystem flags
+such as when the filesystem became read-only based on disk errors
+or the mount flags were changed (such as nosuid). Each platform
+provides different set of flags. POSIX define the RDONLY and
+NOSUID flags which should work on all platforms. Some platforms
+(such as FreeBSD) has additonal flags.
      
+
      The syntax for the fsflags statement is:
      
+
      
+
      IF CHANGED FSFLAGS [[<X>] <Y> CYCLES] THEN action
+
+
      
+
      action is a choice of ``ALERT'', ``RESTART'', ``START'', ``STOP'',
+``EXEC'', ``MONITOR'' or ``UNMONITOR''.
      
+
      Example:
      
+
      + check filesystem rootfs with path /
+       if changed fsflags then exec "/my/script"
+       alert root@localhost
      
+
      
+
      
 
      SPACE TESTING
      
-
      Monit can test devices/file systems and check for space
-usage. This test may only be used within a device service entry
-in the monit control file.
      
-
      Monit will check a device's total space usage. If you only want
-to check available space for non-superuser, you must set the
+
      Monit can test file systems for space usage. This test may only
+be used within a filesystem service entry in the Monit control
+file.
      
+
      Monit will check a filesystem's total space usage. If you only
+want to check available space for non-superuser, you must set the
 watermark appropriately (i.e. total space minus reserved blocks
 for the superuser).
      
 
      You can obtain (and set) the superuser's reserved blocks size,
 for example by using the tune2fs utility on Linux. On Linux 5% of
-available blocks are reserved for the superuser by default. To
-list the reserved blocks for the superuser:
      
-
      - [root@berry monit]# tune2fs -l /dev/hda1| grep "Reserved block"
- Reserved block count:     319994
- Reserved blocks uid:      0 (user root)
- Reserved blocks gid:      0 (group root)
      
-
      On solaris 10% of the blocks are reserved. You can also use
-tunefs on solaris to change values on a live filesystem.
      
+available blocks are reserved for the superuser by default. On
+solaris 10% of the blocks are reserved. You can also use tunefs
+on solaris to change values on a live filesystem.
      
 
      The full syntax for the space statement is:
      
 
      
 
      IF SPACE operator value unit [[<X>] <Y> CYCLES] THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
      
 
      operator is a choice of ``<'',``>'',``!='',``=='' in c notation, ``gt'',
@@ -1366,18 +1468,19 @@
 
      
 
      
 
      INODE TESTING
      
-
      If supported by the file-system, you can use monit to test for
-inodes usage. This test may only be used within a device service
-entry in the monit control file.
      
-
      If the device becomes unavailable, monit will call the entry's
-registered start method, if it is defined and if monit is running
-in active mode. If monit runs in passive mode or the start
-methods is not defined, monit will just send an error alert.
      
+
      If supported by the file-system, you can use Monit to test for
+inodes usage. This test may only be used within a filesystem
+service entry in the Monit control file.
      
+
      If the filesystem becomes unavailable, Monit will call the
+service's registered start method, if it is defined and if Monit
+is running in active mode. If Monit runs in passive mode or the
+start methods is not defined, Monit will just send an error
+alert.
      
 
      The syntax for the inode statement is:
      
 
      
 
      IF INODE(S) operator value [unit] [[<X>] <Y> CYCLES] 
       THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
      
 
      operator is a choice of ``<'',``>'',``!='',``=='' in c notation, ``gt'',
@@ -1392,43 +1495,44 @@
 
      
 
      
 
      PERMISSION TESTING
      
-
      Monit can monitor the permissions. This test may only be used
-within a file, fifo, directory or device service entry in the
-monit control file.
      
+
      Monit can monitor the permission of file objects. This test may
+only be used within a file, fifo, directory or filesystem service
+entry in the Monit control file.
      
 
      The syntax for the permission statement is:
      
 
      
 
      IF FAILED PERM(ISSION) octalnumber [[<X>] <Y> CYCLES] 
       THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
      
 
      octalnumber defines permissions for a file, a directory or a
-device.
      
+filesystem as four octal digits (0-7). Valid range: 0000 - 7777 (you
+can omit the leading zeros, Monit will add the zeros to the left
+thus for example ``640'' is valid value and matches ``0640'').
      
 
      action is a choice of ``ALERT'', ``RESTART'', ``START'', ``STOP'',
 ``EXEC'', ``MONITOR'' or ``UNMONITOR''.
      
 
      The web interface will show a permission warning if the test
 failed.
      
 
      We recommend that you use the UNMONITOR action in a permission
 statement. The rationale for this feature is security and that
-monit does not start a possible cracked program or
-script. Example:
      
+Monit does not start a possible cracked program or script.
+Example:
      
 
        check file monit.bin with path "/usr/local/bin/monit"
-       if failed permission 0555 then unmonitor
-       alert foo@bar
      
-
      If the test fails, monit will simply send an alert and stop
+       if failed permission 0555 then unmonitor
      
+
      If the test fails, Monit will simply send an alert and stop
 monitoring the file and propagate an unmonitor action upward in
 a depend tree.
      
 
      
 
      
 
      UID TESTING
      
-
      monit can monitor the owner user id (uid). This test may only be
-used within a file, fifo, directory or device service entry in
-the monit control file.
      
+
      Monit can monitor the owner user id (uid) of a file object. This
+test may only be used within a file, fifo, directory or
+filesystem service entry in the Monit control file.
      
 
      The syntax for the uid statement is:
      
 
      
 
      IF FAILED UID user [[<X>] <Y> CYCLES] THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
      
 
      user defines a user id either in numeric or in string form.
      
@@ -1438,25 +1542,24 @@
 fail.
      
 
      We recommend that you use the UNMONITOR action in a uid
 statement. The rationale for this feature is security and that
-monit does not start a possible cracked program or
-script. Example:
      
+Monit does not start a possible cracked program or script.
+Example:
      
 
        check file passwd with path /etc/passwd
-       if failed uid root then unmonitor
-       alert root@localhost
      
-
      If the test fails, monit will simply send an alert and stop
+       if failed uid root then unmonitor
      
+
      If the test fails, Monit will simply send an alert and stop
 monitoring the file and propagate an unmonitor action upward in
 a depend tree.
      
 
      
 
      
 
      GID TESTING
      
-
      monit can monitor the owner group id (gid). This test may only
-be used within a file, fifo, directory or device service entry
-in the monit control file.
      
+
      Monit can monitor the owner group id (gid) of file objects. This
+test may only be used within a file, fifo, directory or
+filesystem service entry in the Monit control file.
      
 
      The syntax for the gid statement is:
      
 
      
 
      IF FAILED GID user [[<X>] <Y> CYCLES] THEN action
-      [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
 
 
      
 
      user defines a group id either in numeric or in string form.
      
@@ -1466,24 +1569,20 @@
 fail.
      
 
      We recommend that you use the UNMONITOR action in a gid
 statement. The rationale for this feature is security and that
-monit does not start a possible cracked program or
-script. Example:
      
+Monit does not start a possible cracked program or script.
+Example:
      
 
        check file shadow with path /etc/shadow
-       if failed gid root then unmonitor
-       alert root@localhost
      
-
      If the test fails, monit will simply send an alert and stop
+       if failed gid root then unmonitor
      +

      If the test fails, Monit will simply send an alert and stop monitoring the file and propagate an unmonitor action upward in a depend tree.

      PID TESTING

      -

      monit tests the process id (pid) of processes for change. This -test is implicit and monit will send alert in the case of failure -by default.

      -

      You may override the default action using below rule (it may only -be used within a process service entry in the monit control -file).

      +

      Monit can test the process identification number (pid) of a +process for changes. This test is implicit and Monit will send a +alert in the case of failure by default.

      The syntax for the pid statement is:

      IF CHANGED PID [[<X>] <Y> CYCLES] THEN action @@ -1491,33 +1590,29 @@

      action is a choice of ``ALERT'', ``RESTART'', ``START'', ``STOP'', ``EXEC'', ``MONITOR'' or ``UNMONITOR''.

      -

      This test is useful to detect possible process restarts which -has occurred in the timeframe between two monit testing cycles. -In the case that the restart was fast and the process provides -expected service (i.e. all tests passed) you will be notified +

      This test is useful to detect possible process restarts which has +occurred in the timeframe between two Monit testing cycles. In +the case that the restart was fast and the process provides +expected service (i.e. all tests succeeded) you will be notified that the process was replaced.

      For example sshd daemon can restart very quickly, thus if someone -changes its configuration and do sshd restart outside of monit -control, you will be notified that the process was replaced by +changes its configuration and do sshd restart outside of Monit's +control you will be notified that the process was replaced by a new instance (or you can optionaly do some other action such as preventively stop sshd).

      -

      Another example is MySQL Cluster which has its own watchdog with -process restart ability. You can use monit for redundant -monitoring. Monit will just send alert in the case that the MySQL -cluster restarted the node quickly.

      +

      Another example is a MySQL Cluster which has its own watchdog +with process restart ability. You can use Monit for redundant +monitoring.

      Example:

        check process sshd with pidfile /var/run/sshd.pid
-       if changed pid then exec "/my/script"
-       alert root@localhost
      + if changed pid then exec "/my/script"

      PPID TESTING

      -

      monit tests the process parent id (ppid) of processes for change. -This test is implicit and monit will send alert in the case of -failure by default.

      -

      You may override the default action using below rule (it may only -be used within a process service entry in the monit control file).

      +

      Monit can test the process parent process identification number +(ppid) of a process for changes. This test is implicit and Monit +will send alert in the case of failure by default.

      The syntax for the ppid statement is:

      IF CHANGED PPID [[<X>] <Y> CYCLES] THEN action @@ -1529,22 +1624,20 @@

      Example:

        check process myproc with pidfile /var/run/myproc.pid
-       if changed ppid then exec "/my/script"
-       alert root@localhost
      + if changed ppid then exec "/my/script"

      CONNECTION TESTING

      Monit is able to perform connection testing via networked ports or via Unix sockets. A connection test may only be used within a -process or within a host service entry in the monit control file.

      -

      If a service listens on one or more sockets, monit can connect to +process or within a host service entry in the Monit control file.

      +

      If a service listens on one or more sockets, Monit can connect to the port (using either tcp or udp) and verify that the service will accept a connection and that it is possible to write and read from the socket. If a connection is not accepted or if there -is a problem with socket read/write, monit will assume that -something is wrong and execute a specified action. If monit is -compiled with openssl, then ssl based network services can also -be tested.

      +is a problem with socket i/o, Monit will assume that something is +wrong and execute a specified action. If Monit is compiled with +openssl, then ssl based network services can also be tested.

      The full syntax for the statement used for connection testing is as follows (keywords are in capital and optional statements in [brackets]),

      @@ -1552,7 +1645,7 @@
      IF FAILED [host] port [type] [protocol|{send/expect}+] [timeout] [[<X>] <Y> CYCLES] THEN action - [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action] + [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]

      or for Unix sockets,

      @@ -1560,7 +1653,7 @@
      IF FAILED [unixsocket] [type] [protocol|{send/expect}+] [timeout] [[<X>] <Y> CYCLES] THEN action - [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action] + [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]

      host:HOST hostname. Optionally specify the host to connect to. @@ -1580,10 +1673,10 @@ socket. Servers based on Unix sockets, always runs on the local machine and does not use a port.

      type:TYPE {TCP|UDP|TCPSSL}. Optionally specify the socket type -monit should use when trying to connect to the port. The +Monit should use when trying to connect to the port. The different socket types are; TCP, UDP or TCPSSL, where TCP is a regular stream based socket, UDP is a datagram socket and TCPSSL -specify that monit should use a TCP socket with SSL when +specify that Monit should use a TCP socket with SSL when connecting to a port. The default socket type is TCP. If TCPSSL is used you may optionally specify the SSL/TLS protocol to be used and the md5 sum of the server's certificate. The TCPSSL @@ -1591,16 +1684,18 @@ 

        TCPSSL [SSLAUTO|SSLV2|SSLV3|TLSV1] [CERTMD5 md5sum]

      proto(col):PROTO {protocols}. Optionally specify the protocol -monit should speak when a connection is established. At the -moment monit knows how to speak: +Monit should speak when a connection is established. At the +moment Monit knows how to speak: APACHE-STATUS DNS DWP FTP HTTP IMAP + CLAMAV LDAP2 LDAP3 + LMTP MYSQL NNTP NTP3 @@ -1608,11 +1703,12 @@ POSTFIX-POLICY RDATE RSYNC + SIP SMTP SSH TNS PGSQL -If you have compiled monit with ssl support, monit can also speak +If you have compiled Monit with ssl support, Monit can also speak the SSL variants such as: HTTPS FTPS @@ -1623,8 +1719,8 @@ HTTPS) : TYPE TCPSSL PROTOCOL HTTP If the server's protocol is not found in this list, simply do not -specify the protocol and monit will utilize a default test, -including testing if it is possible to read and write to the +specify the protocol and Monit will utilize a default test, +including test if it is possible to read and write to the port. This default test is in most cases more than good enough to deduce if the server behind the port is up or not.

      The protocol statement is:

      @@ -1678,7 +1774,7 @@

      Obviously, do not use this test unless the httpd server you are testing is Apache Httpd and mod_status is activated on the server.

      -

      send/expect: {SEND|EXPECT} ``string'' .... If monit does not +

      send/expect: {SEND|EXPECT} ``string'' .... If Monit does not support the protocol spoken by the server, you can write your own protocol-test using send and expect strings. The SEND statement sends a string to the server port and the EXPECT @@ -1690,7 +1786,7 @@ the string is used as it is. The send/expect statement is:

        [{SEND|EXPECT} "string"]+
      -

      Note that monit will send a string as it is, and you must +

      Note that Monit will send a string as it is, and you must remember to include CR and LF in the string sent to the server if the protocol expect such characters to terminate a string (most text based protocols used over Internet does). Likewise monit @@ -1699,19 +1795,31 @@ terminated by CRLF, (i.e. ``\r\n'') you may remember to add the same terminating characters to the string you expect from the server.

      -

      You can use non-printable characters in a send string if -needed. Use the hex notation, \0xHEXHEX to send any char in the -range \0x00-\0xFF, that is, 0-255 in decimal. This may be useful -when testing some network protocols, particularly those over -UDP. An example, to test a quake 3 server you can use the -following,

      +

      As mentioned above, Monit limits the expect input to 255 bytes. +You can override the default value by using this set statement at +the top of the Monit configuration file:

      +
      + SET EXPECTBUFFER <number> ["b"|"kb"|"mb"]
      +

      For example, to set the expect buffer to read 10 kilobytes:

      +
      + set expectbuffer 10 kb
      +

      Note, if you want to test the number of bytes returned from the +server you need to work around a bound check limit in POSIX +regex. You cannot use something like expect ``.{5000}'' as the max +number in a boundary check usually is {255}. However this should +work, expect ``(.{250}){20}''

      +

      You can use non-printable characters in a send string if needed. +Use the hex notation, \0xHEXHEX to send any char in the range +\0x00-\0xFF, that is, 0-255 in decimal. This may be useful when +testing some network protocols, particularly those over UDP. For +example, to test a quake 3 server you can use the following,

             send "\0xFF\0xFF\0xFF\0xFFgetstatus"
       expect "sv_floodProtect|sv_maxPing"

      Finally, send/expect can be used with any socket type, such as TCP sockets, UNIX sockets and UDP sockets.

      timeout:with TIMEOUT x SECONDS. Optionally specifies the -connect and read timeout for the connection. If monit cannot +connect and read timeout for the connection. If Monit cannot connect to the server within this time it will assume that the connection failed and execute the specified action. The default connect timeout is 5 seconds.

      @@ -1730,15 +1838,15 @@ [CONTENT {==|!=} "regular-expression"] [TIMEOUT number SECONDS] [[<X>] <Y> CYCLES] THEN action - [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action] + [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]

      Where URL-spec is an URL on the standard form as specified in RFC 2396:

        <protocol>://<authority><path>?<query>
      -

      Here is an example on an URL where all components are used:

      +

      Here is an example of an URL where all components are used:

        http://user:password@www.foo.bar:8080/document/?querystring#ref
      -

      If a username and password is included in the URL monit will +

      If a username and password is included in the URL Monit will attempt to login at the server using Basic Authentication.

      Testing the content returned by the server is optional. If used, you can test if the content match or does not match a @@ -1753,17 +1861,17 @@

      Monit will look at the content-length header returned by the server and download this amount before testing the content. That is, if the content-length is more than 1Mb or this header is not -set by the server monit will default to download up to 1 Mb and +set by the server Monit will default to download up to 1 Mb and not more.

      Only the http(s) protocol is supported in an URL statement. If -the protocol is https monit will use SSL when connecting to +the protocol is https Monit will use SSL when connecting to the server.

      Remote host ping test

      -

      In addition monit can perform ICMP Echo tests in remote host +

      In addition Monit can perform ICMP Echo tests in remote host checks. The icmp test may only be used in a check host entry and -monit must run with super user privileges, that is, the root user +Monit must run with super user privileges, that is, the root user must run monit. The reason is that the icmp test utilize a raw socket to send the icmp packet and only the super user is allowed to create a raw socket.

      @@ -1775,24 +1883,24 @@ [COUNT number] [WITH] [TIMEOUT number SECONDS] [[<X>] <Y> CYCLES] THEN action - [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action] + [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]

      The rules for action and timeout are the same as those mentioned above in the CONNECTION TESTING section. The count parameter specifies how many consecutive echo requests will be send to the host in one cycle. In the case that no reply came within timeout -frame, monit reports error. When at least one reply was received, +frame, Monit reports error. When at least one reply was received, the test will pass. Monit sends by default three echo requests in one cycle to prevent the random packet loss from generating false alarm (i.e. up to 66% packet loss is tolerated). You can set the -count option to different value, which can serve as error ratio. -For example in the case that you require 100% ping success, you -can set the count to 1 (i.e. just one attempt will be send, when -the packet was lost, then error will be reported).

      +count option to a value between 1 and 20, which can serve as an +error ratio. For example if you require 100% ping success, set +the count to 1 (i.e. just one request will be sent, and if the +packet was lost an error will be reported).

      An icmp ping test is useful for testing if a host is up, before testing ports at the host. If an icmp ping test is used in a check host entry, this test is run first and if the ping test should fail we assume that the connection to the host is down and -monit does not continue to test any ports. Here's an example:

      +Monit does not continue to test any ports. Here's an example:

        check host xyzzy with address xyzzy.org
        if failed icmp type echo count 5 with timeout 15 seconds 
@@ -1802,15 +1910,15 @@
        alert foo@bar

      In this case, if the icmp test should fail you will get one alert and only one alert as long as the host is down, and equally -important, monit will not test port 80 and port 443. Likewise -if the icmp ping test should succeed (again) monit will continue +important, Monit will not test port 80 and port 443. Likewise +if the icmp ping test should succeed (again) Monit will continue to test both port 80 and 443.

      Keep in mind though that some firewalls can block icmp packages and thus render the test useless.

      Examples

      -

      To check a port connection and receive an alert if monit cannot +

      To check a port connection and receive an alert if Monit cannot connect to the port, use the following statement:

         if failed port 80 then alert
      @@ -1826,7 +1934,7 @@ assume that the server behind the port is down. You may increase or decrease the connect timeout by explicit add a connection timeout. In the following example the timeout is increased to 15 -seconds and if monit cannot connect to the server within 15 +seconds and if Monit cannot connect to the server within 15 seconds the test will fail and an alert message is sent.

         if failed port 80 with timeout 15 seconds then alert
      @@ -1847,7 +1955,7 @@

      And as mentioned above, if you do not specify a host-statement, localhost or address is assumed.

      Monit also knows how to speak some of the more popular Internet -protocols. So, besides testing for connections, monit can also +protocols. So, besides testing for connections, Monit can also speak with the server in question to verify that the server works. For example, the following is used to test a http server:

      @@ -1862,7 +1970,7 @@
     and request "/data/show.php?a=b&c=d"
  then restart

      The request must contain an URI string specifying a document from -the http server. The string will be URL encoded by monit before +the http server. The string will be URL encoded by Monit before it sends the request to the http server, so it's okay to use URL unsafe characters in the request. If the request statement isn't specified, the default web server page will be requested.

      @@ -1879,11 +1987,11 @@ and request "/page.html" with checksum e428302e260e0832007d82de853aa8edf19cd872 then alert -

      monit will compute a checksum (either MD5 or SHA1 is used, +

      Monit will compute a checksum (either MD5 or SHA1 is used, depending on length of the hash) for the document (in the above case, /page.html) and compare the computed checksum with the expected checksum. If the sums does not match then the if-tests -action is performed, in this case alert. Note that monit will +action is performed, in this case alert. Note that Monit will not test the checksum for a document if the server does not set the HTTP Content-Length header. A HTTP server should set this header when it server a static document (i.e. a file). A @@ -1891,7 +1999,7 @@ serving dynamic content (e.g. a document created by a CGI-script or a Servlet), but to test the checksum for dynamic content is not very useful. There are no limitation on the document size, -but keep in mind that monit will use time to download the +but keep in mind that Monit will use time to download the document over the network so it's probably smart not to ask monit to compute a checksum for documents larger than 1Mb or so, depending on you network connection of course. Tip; If you get a @@ -1899,7 +2007,7 @@ reason may be that the download timed out. In this case, explicit set a longer timeout than the default 5 seconds.

      As mentioned above, if the server protocol is not supported by -monit you can write your own protocol test using send/expect +Monit you can write your own protocol test using send/expect strings. Here we show a protocol test using send/expect for an imaginary ``Ali Baba and the Forty Thieves'' protocol:

      @@ -1920,7 +2028,7 @@
 specific ssl version, as we demonstrate in this example:
      
 
        if failed host shop.sol.no port 443 
-    type TCPSSL SSLV3 # Force monit to use ssl version 3
+    type TCPSSL SSLV3 # Force Monit to use ssl version 3
     # We expect the server to return this  md5 certificate sum
     # as either 12-34-56-78-90-AB-CD-EF-12-34-56-78-90-AB-CD-EF
     # or e.g.   1234567890ABCDEF1234567890ABCDEF
@@ -1950,17 +2058,54 @@
        if failed port 21 and protocol ftp then alert
      
 
      [*] Well, not quite, since we specify an ip-address directly we
 will bypass any DNS round-robin setup, but that's another story.
      
+
      
+
      
+
      Testing the SIP protocol
      
+
      The SIP protocol is used by communication platform servers such
+as Asterisk and FreeSWITCH.
      
+
      The SIP test is similar to the other protocol tests, but in
+addition allows extra optional parameters.
      
+
      
+
      IF FAILED [host] [port] [type] PROTOCOL sip 
+        [AND] [TARGET valid@uri] [AND] [MAXFORWARD n]
+       THEN action
+      [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
+
+
      
+
      TARGET : 
+you may specify an alternative recipient for the message,
+by adding a valid sip uri after this keyword.
      
+
      MAXFORWARD :
+Limit the number of proxies or gateways that can forward the
+request to the next server. It's value is an integer in the range
+0-255, set by default to 70. If max-forward = 0, the next server
+may respond 200 OK (test succeeded) or send a 483 Too Many Hops
+(test failed)
      
+
      SIP examples:
      
+
      + check host openser_all with address 127.0.0.1
+   if failed port 5060 type udp protocol sip 
+      with target "localhost:5060" and maxforward 6
+   then alert
+  
+If sips is supported, that is, sip over ssl, specify tcpssl as
+the connection type.
      
+
      + check host fwd.pulver.com with address fwd.pulver.com
+   if failed port 5060 type tcpssl protocol SIP 
+      and target 613@fwd.pulver.com maxforward 10 
+   then alert
      
 
      For more examples, see the example section below.
      
 
      
 
      
 
      
 
      MONIT HTTPD
      
-
      If specified in the control file, monit will start a monit daemon
+
      If specified in the control file, Monit will start a Monit daemon
 with http support. From a Browser you can then start and stop
 services, disable or enable service monitoring as well as view
-the status of each service. Also, if monit logs to its own file,
+the status of each service. Also, if Monit logs to its own file,
 you can view the content of this logfile in a Browser.
      
-
      The control file statement for starting a monit daemon with http
+
      The control file statement for starting a Monit daemon with http
 support is a global set-statement:
      
 
      
 
      set httpd port 2812
@@ -1969,21 +2114,21 @@
 
      And you can use this URL, http://localhost:2812/, to access
 the daemon from a browser. The port number, in this case 2812,
 can be any number that you are allowed to bind to.
      
-
      If you have compiled monit with openssl, you can also start the
+
      If you have compiled Monit with openssl, you can also start the
 httpd server with ssl support, using the following expression:
      
 
        set httpd port 2812
      ssl enable
      pemfile /etc/certs/monit.pem
      
 
      And you can use this URL, https://localhost:2812/, to access
-the monit web server over an ssl encrypted connection.
      
+the Monit web server over an ssl encrypted connection.
      
 
      The pemfile, in the example above, holds both the server's
 private key and certificate. This file should be stored in a safe
 place on the filesystem and should have strict permissions, that
 is, no more than 0700.
      
 
      In addition, if you want to check for client certificates you can
 use the CLIENTPEMFILE statement. In this case, a connecting
-client has to provided a certificate known by monit in order to
+client has to provided a certificate known by Monit in order to
 connect. This file also needs to have all necessary CA
 certificates. A configuration could look like:
      
 
      @@ -1994,7 +2139,7 @@
 
      By default self signed client certificates are not allowed. If
 you want to use a self signed certificate from a client it has to
 be allowed explicitly with the ALLOWSELFCERTIFICATION statement.
      
-
      For more information on how to use monit with SSL and for more
+
      For more information on how to use Monit with SSL and for more
 information about certificates and generating pem files, please
 consult the README.SSL file accompanying the software.
      
 
      If you only want the http server to accept connect requests to
@@ -2016,42 +2161,29 @@
   set httpd port 2812
     ...
     signature {enable|disable}
      
-
      Use disable to hide the server signature - monit will only
+
      Use disable to hide the server signature - Monit will only
 report its name (e.g. 'monit' instead of for example 'monit
 4.2'). By default the version signature is enabled. It is worth
 to stress that this option provides no security advantage and 
 falls into the ``security through obscurity'' category.
      
 
      If you remove the httpd statement from the config file, monit
 will stop the httpd server on configuration reload. Likewise if
-you change the port number, monit will restart the http server
+you change the port number, Monit will restart the http server
 using the new specified port number.
      
-
      The status page displayed by the monit web server is
+
      The status page displayed by the Monit web server is
 automatically refreshed with the same poll time set for the monit
 daemon.
      
 
      Note:
      
-
      We strongly recommend that you start monit with http support (and
+
      We strongly recommend that you start Monit with http support (and
 bind the server to localhost, only, unless you are behind a
 firewall). The built-in web-server is small and does not use much
-resources, and more importantly, monit can use the http server
-for interprocess communication between a monit client and a monit
+resources, and more importantly, Monit can use the http server
+for interprocess communication between a Monit client and a monit
 daemon.
      
-
      For instance, you must start a monit daemon with http support
-if you want to be able to use the following console commands.
-(That is; most of the available console commands).
      
-
      - 'monit stop all'
- 'monit start all'
- 'monit stop service' 
- 'monit start service' 
- 'monit restart service' 
- 'monit monitor service' 
- 'monit unmonitor service' 
- 'monit -g groupname stop all'
- 'monit -g groupname start all'
- 'monit -g groupname restart all' 
- 'monit -g groupname monitor all' 
- 'monit -g groupname unmonitor all'
      
-
      If a monit daemon is running in the background we will ask the
+
      For instance, you must start a Monit daemon with http support
+if you want to be able to use most of the available console
+commands. I.e. 'Monit stop all', 'Monit start all' etc.
      
+
      If a Monit daemon is running in the background we will ask the
 daemon (via the HTTP protocol) to execute the above commands.
 That is, the daemon is requested to start and stop the services.
 This ensures that a daemon will not restart a service that you
@@ -2060,7 +2192,7 @@
 
      
 
      
 
      Monit HTTPD Authentication
      
-
      monit supports two types of authentication schema's for
+
      Monit supports two types of authentication schema's for
 connecting to the httpd server, (three, if you count SSL client
 certificate validation). Both schema's can be used together or by
 itself. You must choose at least one.
      
@@ -2070,10 +2202,8 @@
 
      The http server maintains an access-control list of hosts and
 networks allowed to connect to the server. You can add as many
 hosts as you want to, but only hosts with a valid domain name or
-its IP address are allowed. If you specify a hostname that does
-not resolve, monit will write an error message in the console and
-not start. Networks require a network IP and a netmask to be
-accepted.
      
+its IP address are allowed. Networks require a network IP and a
+netmask to be accepted.
      
 
      The http server will query a name server to check any hosts
 connecting to the server. If a host (client) is trying to connect
 to the server, but cannot be found in the access list or cannot
@@ -2087,7 +2217,7 @@
       allow 10.1.1.1
       allow 192.168.1.0/255.255.255.0
       allow 10.0.0.0/8
      -

      Clients, not mentioned in the allow list that tries to connect to +

      Clients, not mentioned in the allow list, trying to connect to the server are logged with their ip-address.

      @@ -2101,77 +2231,95 @@

      The biggest weakness with Basic Authentication is that the username and password is sent in clear-text (i.e. base64 encoded) over the network. It is therefor recommended that you do not use -this authentication method unless you run the monit http server +this authentication method unless you run the Monit http server with ssl support. With ssl support it is completely safe to use Basic Authentication since all http data, including Basic Authentication headers will be encrypted.

      -

      monit will use Basic Authentication if an allow statement +

      Monit will use Basic Authentication if an allow statement contains a username and a password separated with a single ':' -character, like so; allow username:password. The username and -password must be written in clear-text.

      +character, like so: allow username:password. The username and +password must be written in clear-text. Special characters +can be used but the password has to be quoted.

      +

      PAM is supported as well on platforms which provide PAM (such +as Linux, Mac OS X, FreeBSD, NetBSD). The syntax is: +allow @mygroup which provides access to the user of group +called mygroup. Monit uses PAM service called monit for +PAM authentication, see PAM manual page for detailed instructions +how to set the PAM service and PAM authentication plugins. +Example Monit PAM for Mac OS X - /etc/pam.d/monit:

      +
      +  # monit: auth account password session
+  auth       sufficient     pam_securityserver.so
+  auth       sufficient     pam_unix.so
+  auth       required       pam_deny.so
+  account    required       pam_permit.so
      +

      And configuration part for monitrc which allows only group admins +authenticated using via PAM to access the http interface:

      +
      +  set httpd port 2812 allow @admin

      Alternatively you can use files in ``htpasswd'' format (one user:passwd entry per line), like so: allow [cleartext|crypt|md5] /path [users]. By default cleartext passwords are read. In case the passwords are digested it is -necessary to specify the cryptographic method. In order to select -the users their names can be added to the allow statement. -Otherwise all users are added.

      -

      Example:

      +necessary to specify the cryptographic method. If you do not want +all users in the password file to have access to Monit you can +specify only those users that should have access, in the allow +statement. Otherwise all users are added.

      +

      Example1:

         set httpd port 2812
       allow hauk:password
       allow md5 /etc/httpd/htpasswd john paul ringo george

      If you use this method together with a host list, then only clients from the listed hosts will be allowed to connect to the -monit http server and each client will be asked to provide a +Monit http server and each client will be asked to provide a username and a password.

      -

      Example:

      +

      Example2:

         set httpd port 2812
       allow localhost
       allow 10.1.1.1
-      allow hauk:password
      + allow hauk:"password"

      If you only want to use Basic Authentication, then just provide -allow entries with username and password, like so:

      -
      -  set httpd port 2812
-      allow hauk:password
-      allow admin:password
      +allow entries with username and password or password files as in +example 1 above.

      Finally it is possible to define some users as read-only. A -read-only user can read the monit web pages but will not get +read-only user can read the Monit web pages but will not get access to push-buttons and cannot change a service from the web interface.

         set httpd port 2812
       allow admin:password
-      allow hauk:password read-only
      + allow hauk:password read-only + allow @admins + allow @users read-only

      A user is set to read-only by using the read-only keyword after username:password. In the above example the user hauk is defined as a read-only user, while the admin user has all access rights.

      -

      NB! a monit client will use the first username:password pair +

      NB! a Monit client will use the first username:password pair in an allow list and you should not define the first user as a -read-only user. If you do, monit console commands will not work.

      +read-only user. If you do, Monit console commands will not work.

      If you use Basic Authentication it is a good idea to set the access permission for the control file (~/.monitrc) to only readable and writable for the user running monit, because the password is written in clear-text. (Use this command, /bin/chmod -600 ~/.monitrc). In fact, since monit version 3.0, monit will +600 ~/.monitrc). In fact, since Monit version 3.0, Monit will complain and exit if the control file is readable by others.

      Clients trying to connect to the server but supply the wrong username and/or password are logged with their ip-address.

      -

      If the monit command line interface is being used at least one -cleartext password is necessary. Otherwise, the monit command -line interface will not be able to connect to the monit daemon +

      If the Monit command line interface is being used, at least one +cleartext password is necessary. Otherwise, the Monit command +line interface will not be able to connect to the Monit daemon server.

      DEPENDENCIES

      -

      If specified in the control file, monit can do dependency +

      If specified in the control file, Monit can do dependency checking before start, stop, monitoring or unmonitoring of services. The dependency statement may be used within any service -entries in the monit control file.

      +entries in the Monit control file.

      The syntax for the depend statement is simply:

      DEPENDS on service[, service [,...]] @@ -2193,7 +2341,7 @@

      Here is an example where we set up an apache service entry to depend on the underlying apache binary. If the binary should change an alert is sent and apache is not monitored anymore. The -rationale is security and that monit should not execute a +rationale is security and that Monit should not execute a possibly cracked apache binary.

        (1) check process apache 
@@ -2231,21 +2379,21 @@
 database depends on the file-system to be mounted before it
 starts. See also the example section below for examples using the
 depend statement.
      
-
      Here we describe how monit will function with the above
+
      Here we describe how Monit will function with the above
 dependencies:
      
 
      
 
      If no servers are running
 
 
      
-
      monit will start the servers in the following order: d, c,
+
      Monit will start the servers in the following order: d, c,
 b, a
      • If all servers are running
      -

      When you run 'monit stop all' this is the stop order: a, b, -c, d. If you run 'monit stop d' then a, b and c +

      When you run 'Monit stop all' this is the stop order: a, b, +c, d. If you run 'Monit stop d' then a, b and c are also stopped because they depend on d and finally d is stopped.

      @@ -2253,27 +2401,27 @@
      If a does not run
      -

      When monit runs it will start a

      +

      When Monit runs it will start a

      If b does not run
      -

      When monit runs it will first stop a then start b and +

      When Monit runs it will first stop a then start b and finally start a again.

      If c does not run
      -

      When monit runs it will first stop a and b then start c +

      When Monit runs it will first stop a and b then start c and finally start b then a.

      If d does not run
      -

      When monit runs it will first stop a, b and c then start +

      When Monit runs it will first stop a, b and c then start d and finally start c, b then a.

      @@ -2283,7 +2431,7 @@

      A depend loop is for example; a->b and b->a or a->b->c->a.

      -

      When monit starts it will check for such loops and complain and +

      When Monit starts it will check for such loops and complain and exit if a loop was found. It will also exit with a complaint if a depend statement was used that does not point to a service in the control file.

      @@ -2294,12 +2442,12 @@

      THE RUN CONTROL FILE

      -

      The preferred way to set up monit is to write a .monitrc file +

      The preferred way to set up Monit is to write a .monitrc file in your home directory. When there is a conflict between the command-line arguments and the arguments in this file, the command-line arguments take precedence. To protect the security of your control file and passwords the control file must have -permissions no more than 0700 (u=xrw,g=,o=); monit will +permissions no more than 0700 (u=xrw,g=,o=); Monit will complain and exit otherwise.

      @@ -2325,8 +2473,9 @@

      Each service entry consists of the keywords `check', followed by the service type. Each entry requires a <unique> descriptive -name. This name is used by monit to refer to the service -internally and in all interactions with the user.

      +name, which may be freely chosen. This name is used by monit +to refer to the service internally and in all interactions +with the user.

      Currently, six types of check statements are supported:

      @@ -2335,50 +2484,50 @@

      <path> is the absolute path to the program's pidfile. If the pidfile does not exist or does not contain the pid number of a -running process, monit will call the entry's start method if -defined, If monit runs in passive mode or the start methods is -not defined, monit will just send alerts on errors.

      +running process, Monit will call the entry's start method if +defined, If Monit runs in passive mode or the start methods is +not defined, Monit will just send alerts on errors.

    • CHECK FILE <unique name> PATH <path>

      <path> is the absolute path to the file. If the file does not -exist or disappeared, monit will call the entry's start method if +exist or disappeared, Monit will call the entry's start method if defined, if <path> does not point to a regular file type (for -instance a directory), monit will disable monitoring of this -entry. If monit runs in passive mode or the start methods is not -defined, monit will just send alerts on errors.

      +instance a directory), Monit will disable monitoring of this +entry. If Monit runs in passive mode or the start methods is not +defined, Monit will just send alerts on errors.

    • CHECK FIFO <unique name> PATH <path>

      <path> is the absolute path to the fifo. If the fifo does not -exist or disappeared, monit will call the entry's start method if +exist or disappeared, Monit will call the entry's start method if defined, if <path> does not point to a fifo type (for -instance a directory), monit will disable monitoring of this -entry. If monit runs in passive mode or the start methods is not -defined, monit will just send alerts on errors.

      +instance a directory), Monit will disable monitoring of this +entry. If Monit runs in passive mode or the start methods is not +defined, Monit will just send alerts on errors.

      • -
    • CHECK DEVICE <unique name> PATH <path> +
    • CHECK FILESYSTEM <unique name> PATH <path> -

      <path> is the path to the device block special file, mount point, +

      <path> is the path to the filesystem block special device, mount point, file or a directory which is part of a filesystem. It is recommended to use a block special file directly (for example /dev/hda1 on Linux or /dev/dsk/c0t0d0s1 on Solaris, etc.) If you use a mount point (for example /data), be careful, because if the -device is unmounted the test will still be true because the mount +filesystem is unmounted the test will still be true because the mount point exist.

      -

      If the device becomes unavailable, monit will call the entry's -start method if defined. if <path> does not point to a device, -monit will disable monitoring of this entry. If monit runs in -passive mode or the start methods is not defined, monit will just +

      If the filesystem becomes unavailable, Monit will call the entry's +start method if defined. if <path> does not point to a filesystem, +Monit will disable monitoring of this entry. If Monit runs in +passive mode or the start methods is not defined, Monit will just send alerts on errors.

    • CHECK DIRECTORY <unique name> PATH <path>

      <path> is the absolute path to the directory. If the directory -does not exist or disappeared, monit will call the entry's start +does not exist or disappeared, Monit will call the entry's start method if defined, if <path> does not point to a directory, monit -will disable monitoring of this entry. If monit runs in passive -mode or the start methods is not defined, monit will just send +will disable monitoring of this entry. If Monit runs in passive +mode or the start methods is not defined, Monit will just send alerts on errors.

    • CHECK HOST <unique name> ADDRESS <host address> @@ -2407,11 +2556,11 @@ Keyword Function ---------------------------------------------------------------- set daemon Set a background poll interval in seconds. - set init Set monit to run from init. monit will not + set init Set Monit to run from init. Monit will not transform itself into a daemon process. set logfile Name of a file to dump error- and status- messages to. If syslog is specified as the - file, monit will utilize the syslog daemon + file, Monit will utilize the syslog daemon to log messages. This can optionally be followed by 'facility <facility>' where facility is 'log_local0' - 'log_local7' or @@ -2419,19 +2568,21 @@ LOG_USER is used. set mailserver The mailserver used for sending alert notifications. If the mailserver is not - defined, monit will try to use 'localhost' + defined, Monit will try to use 'localhost' as the smtp-server for sending mail. You - can add more mail servers, if monit cannot + can add more mail servers, if Monit cannot connect to the first server it will try the next server and so on. set mail-format Set a global mail format for all alert messages emitted by monit. - set pidfile Explicit set the location of the monit lock + set idfile Explicit set the location of the Monit id + file. E.g. set idfile /var/monit/id. + set pidfile Explicit set the location of the Monit lock file. E.g. set pidfile /var/run/xyzmonit.pid. - set statefile Explicit set the location of the file monit + set statefile Explicit set the location of the file Monit will write state data to. If not set, the default is $HOME/.monit.state. - set httpd port Activates monit http server at the given + set httpd port Activates Monit http server at the given port number. ssl enable Enables ssl support for the httpd server. Requires the use of the pemfile statement. @@ -2452,7 +2603,7 @@ optional part of the set httpd statement. read-only Set the user defined in username:password to read only. A read-only user cannot change - a service from the monit web interface. + a service from the Monit web interface. include include a file or files matching the globstring 
        Here are the legal service entry keywords:
      @@ -2460,7 +2611,7 @@ Keyword Function ---------------------------------------------------------------- check Starts an entry and must be followed by the type - of monitored service {device|directory|file|host + of monitored service {filesystem|directory|file|host process|system} and a descriptive name for the service. pidfile Specify the process pidfile. Every @@ -2468,7 +2619,7 @@ current process id. This statement should only be used in a process service entry. path Must be followed by a path to the block - special file for filesystem (device), regular + special file for filesystem, regular file, directory or a process's pidfile. group Specify a groupname for a service entry. start The program used to start the specified @@ -2498,27 +2649,24 @@ is also optional. If this statement is not prefixed with a host-statement, localhost is used as the hostname to test the port at. - type Specifies the socket type monit should use when + type Specifies the socket type Monit should use when testing a connection to a port. If the type keyword is omitted, tcp is used. This keyword must be followed by either tcp, udp or tcpssl. - tcp Specifies that monit should use a TCP + tcp Specifies that Monit should use a TCP socket type (stream) when testing a port. - tcpssl Specifies that monit should use a TCP socket + tcpssl Specifies that Monit should use a TCP socket type (stream) and the secure socket layer (ssl) when testing a port connection. - udp Specifies that monit should use a UDP socket + udp Specifies that Monit should use a UDP socket type (datagram) when testing a port. certmd5 The md5 sum of a certificate a ssl forged server has to deliver. proto(col) This keyword specifies the type of service - found at the port. monit knows at the moment - how to speak HTTP, SMTP, FTP, POP, IMAP, MYSQL, - NNTP, SSH, DWP, LDAP2, LDAP3, RDATE, NTP3, DNS, - POSTFIX-POLICY, APACHE-STATUS, TNS, PGSQL and - RSYNC. + found at the port. See CONNECTION TESTING + for list of supported protocols. You're welcome to write new protocol test - modules. If no protocol is specified monit will + modules. If no protocol is specified Monit will use a default test which in most cases are good enough. request Specifies a server request and must come @@ -2535,10 +2683,10 @@ unix(socket) Specifies a Unix socket file and used like the port statement above to test a Unix domain network socket connection. - URL Specify an URL string which monit will use for + URL Specify an URL string which Monit will use for connection testing. content Optional sub-statement for the URL statement. - Specifies that monit should test the content + Specifies that Monit should test the content returned by the server against a regular expression. timeout x sec. Define a network port connection timeout. Must @@ -2555,6 +2703,9 @@ certain events. See the examples above. More than one alert statement is allowed in an entry. This statement is also optional. + noalert Specifies an email address which don't want + to receive alerts. This statement is also + optional. restart, stop These keywords may be used as actions for unmonitor, various test statements. The exec statement is start and special in that it requires a following string @@ -2565,10 +2716,10 @@ mail-format Specifies a mail format for an alert message This statement is an optional part of the alert statement. - checksum Specify that monit should compute and monitor a + checksum Specify that Monit should compute and monitor a file's md5/sha1 checksum. May only be used in a check file entry. - expect Specifies a md5/sha1 checksum string monit + expect Specifies a md5/sha1 checksum string Monit should expect when testing the checksum. This statement is an optional part of the checksum statement. @@ -2582,13 +2733,13 @@ Useful in daemon mode when the cycle is short and a service takes some time to start. mode Must be followed either by the keyword active, - passive or manual. If active, monit will restart + passive or manual. If active, Monit will restart the service if it is not running (this is the - default behavior). If passive, monit will not + default behavior). If passive, Monit will not (re)start the service if it is not running - it will only monitor and send alerts (resource related restart and stop options are ignored - in this mode also). If manual, monit will enter + in this mode also). If manual, Monit will enter active mode only if a service was started under monit's control otherwise the service isn't monitored. @@ -2634,24 +2785,24 @@ pemfile, allow, read-only, check, init, count, pidfile, statefile, group, start, stop, uid, gid, connection, port(number), unix(socket), type, -proto(col), tcp, tcpssl, udp, alert, icmp, +proto(col), tcp, tcpssl, udp, alert, noalert, mail-format, restart, timeout, checksum, resource, expect, send, mailserver, every, mode, active, passive, manual, depends, host, default, http, -ftp, smtp, pop, ntp3, nntp, imap, ssh, -dwp, ldap2, ldap3, tns, request, cpu, mem, -totalmem, children, loadavg, timestamp, changed, -second(s), minute(s), hour(s), day(s), space, -inode, pid, ppid, perm(ission), process, file, -directory, device, size, unmonitor, rdate, -rsync, data, invalid, exec, nonexist, policy, -reminder, instance, eventqueue, basedir, slot(s), -system and failed

      +ftp, smtp, pop, ntp3, nntp, imap, clamav, +ssh, dwp, ldap2, ldap3, tns, request, cpu, +mem, totalmem, children, loadavg, timestamp, +changed, second(s), minute(s), hour(s), day(s), +space, inode, pid, ppid, perm(ission), icmp, +process, file, directory, filesystem, size, action, +unmonitor, rdate, rsync, data, invalid, exec, +nonexist, policy, reminder, instance, eventqueue, +basedir, slot(s), system, idfile and failed

      And here is a complete list of noise keywords ignored by monit:

      is, as, are, on(ly), with(in), and, has, using, use, the, sum, program(s), than, for, -usage, was.

      +usage, was, but, of.

      Note: If the start or stop programs are shell scripts, then the script must begin with #! and the remainder of the first line must specify an interpreter for the program. E.g. @@ -2668,23 +2819,24 @@ check to see if the server is running and log a message if not:

        check process resin with pidfile /usr/local/resin/srun.pid
      -

      To have monit start the server if it's not running, add a start +

      To have Monit start the server if it's not running, add a start statement:

        check process resin with pidfile /usr/local/resin/srun.pid
        start program = "/usr/local/resin/bin/srun.sh start"

      Here's a more advanced example for monitoring an apache web-server listening on the default port number for HTTP and -HTTPS. In this example monit will restart apache if it's not -accepting connections at the port numbers. The method monit use +HTTPS. In this example Monit will restart apache if it's not +accepting connections at the port numbers. The method Monit use for a process restart is to first execute the stop-program, wait -for the process to stop and then execute the start-program. (If -monit was unable to stop or start the service a failed alert -message will be sent if you have requested alert messages to be -sent).

      +up to 30s for the process to stop and then execute the start-program +and wait up to 30s for it to start. The length of start or stop +timeout can be overriden using the 'timeout' option. If Monit was +unable to stop or start the service a failed alert message will +be sent if you have requested alert messages to be sent.

        check process apache with pidfile /var/run/httpd.pid
-       start program = "/etc/init.d/httpd start"
+       start program = "/etc/init.d/httpd start" with timeout 60 seconds
        stop program  = "/etc/init.d/httpd stop"
        if failed port 80 then restart
        if failed port 443 with timeout 15 seconds then restart
      @@ -2694,9 +2846,9 @@ programs that does not (e.g. Java programs), monit's ability to start a program as a certain user can be very useful. In this example we start the Tomcat Java Servlet Engine as the standard -nobody user and group. Please note that monit will only switch +nobody user and group. Please note that Monit will only switch uid and gid for a program if the super-user is running monit, -otherwise monit will simply ignore the request to change uid and +otherwise Monit will simply ignore the request to change uid and gid.

        check process tomcat with pidfile /var/run/tomcat.pid
@@ -2714,7 +2866,7 @@
        stop program  = "/etc/init.d/named stop"
        if failed port 53 use type udp protocol dns then restart
        if 3 restarts within 5 cycles then timeout
      -

      The following example illustrate how to check if the service +

      The following example illustrates how to check if the service 'sophie' is answering connections on its Unix domain socket:

        check process sophie with pidfile /var/run/sophie.pid
@@ -2732,7 +2884,7 @@
        if failed host shop.sol.no port 443 then alert
        if failed host chat.sol.no port 80 then alert
        if failed host www.tildeslash.com port 80 then alert
      -

      To make sure that monit is communicating with a http server a +

      To make sure that Monit is communicating with a http server a protocol test can be added:

        check process apache with pidfile /var/run/httpd.pid
@@ -2774,7 +2926,7 @@
  check host www.tildeslash.com with address www.tildeslash.com
        if failed icmp type echo count 5 with timeout 15 seconds
           then alert
      -

      In the following example we ask monit to compute and verify the +

      In the following example we ask Monit to compute and verify the checksum for the underlying apache binary used by the start and stop programs. If the the checksum test should fail, monitoring will be disabled to prevent possibly starting a compromised @@ -2788,16 +2940,43 @@ 

        check file apache_bin with path /usr/local/apache/bin/httpd
        if failed checksum then unmonitor
      -

      In this example we ask monit to test the checksum for a document +

      In this example we ask Monit to test the checksum for a document on a remote server. If the checksum was changed we send an alert:

        check host tildeslash with address www.tildeslash.com
        if failed port 80 protocol http 
           and request "/monit/dist/monit-4.0.tar.gz"
               with checksum f9d26b8393736b5dfad837bb13780786
-       then alert
-       alert hauk@tildeslash.com with mail-format {subject: 
-         Aaaalarm! }
      + then alert +

      Here are a couple of tests for some popular communication +servers, using the SIP protocol. First we test a FreeSWITCH +server and then an Asterisk server

      +
      + check process freeswitch 
+    with pidfile /usr/local/freeswitch/log/freeswitch.pid
+  start program = “/usr/local/freeswitch/bin/freeswitch -nc -hp”
+  stop program = “/usr/local/freeswitch/bin/freeswitch -stop”
+  if totalmem > 1000.0 MB for 5 cycles then alert
+  if totalmem > 1500.0 MB for 5 cycles then alert
+  if totalmem > 2000.0 MB for 5 cycles then restart
+  if cpu > 60% for 5 cycles then alert
+  if failed port 5060 type udp protocol SIP 
+     target me@foo.bar and maxforward 10 
+  then restart
+  if 5 restarts within 5 cycles then timeout
      +
      + check process asterisk 
+   with pidfile /var/run/asterisk/asterisk.pid
+   start program = “/usr/sbin/asterisk”
+   stop program = “/usr/sbin/asterisk -r -x ’shutdown now’”
+   if totalmem > 1000.0 MB for 5 cycles then alert
+   if totalmem > 1500.0 MB for 5 cycles then alert
+   if totalmem > 2000.0 MB for 5 cycles then restart
+   if cpu > 60% for 5 cycles then alert
+   if failed port 5060 type udp protocol SIP 
+     and target me@foo.bar maxforward 10 
+   then restart
+   if 5 restarts within 5 cycles then timeout

      Some servers are slow starters, like for example Java based Application Servers. So if we want to keep the poll-cycle low (i.e. < 60 seconds) but allow some services to take its time to @@ -2809,9 +2988,9 @@ if failed port 8840 then alert every 2 cycles

      Here is an example where we group together two database entries -so you can manage them together, e.g.; 'monit -g database start +so you can manage them together, e.g.; 'Monit -g database start all'. The mode statement is also illustrated in the first entry -and have the effect that monit will not try to (re)start this +and have the effect that Monit will not try to (re)start this service if it is not running:

        check process sybase with pidfile /var/run/sybase.pid
@@ -2836,8 +3015,9 @@
  check process apache with pidfile /var/run/httpd.pid
        start program = "/etc/init.d/httpd start"
        stop program  = "/etc/init.d/httpd stop"
-       if cpu > 60% for 2 cycles then alert
-       if cpu > 80% for 5 cycles then restart
+       if cpu > 40% for 2 cycles then alert
+       if totalcpu > 60% for 2 cycles then alert
+       if totalcpu > 80% for 5 cycles then restart
        if mem > 100 MB for 5 cycles then stop
        if loadavg(5min) greater than 10.0 for 8 cycles then stop

      This examples demonstrate the timestamp statement with exec and @@ -2853,7 +3033,6 @@ check process apache with pidfile /var/run/httpd.pid start = "/etc/init.d/httpd start" stop = "/etc/init.d/httpd stop" - if failed host www.tildeslash.com port 80 then restart alert admin@bar on {nonexist, timeout} with mail-format { from: bofh@$HOST @@ -2862,11 +3041,15 @@ Your faithful employee, monit } + if failed host www.tildeslash.com port 80 then restart if 3 restarts within 5 cycles then timeout depend httpd_bin group apache 

        check file httpd_bin with path /usr/local/apache/bin/httpd
+       alert security@bar on {checksum, timestamp, 
+                  permission, uid, gid}
+             with mail-format {subject: Alaaarrm! on $HOST}
        if failed checksum 
           and expect 8f7f419955cefa0b33a2ba316cba3659
               then unmonitor
@@ -2874,9 +3057,6 @@
        if failed uid root then unmonitor
        if failed gid root then unmonitor
        if changed timestamp then alert
-       alert security@bar on {checksum, timestamp, 
-                              permission, uid, gid}
-             with mail-format {subject: Alaaarrm! on $HOST}
        group apache

      In this example, we demonstrate usage of the depend statement. In this case, we want to start oracle and apache. However, we've set @@ -2967,7 +3147,7 @@ alert foo@bar on { checksum, size, timestamp, uid, gid } depends on datafs 

      - check device datafs with path /dev/sdb1
+ check filesystem datafs with path /dev/sdb1
        group server
        start program  = "/bin/mount /data"
        stop program  =  "/bin/umount /data"
@@ -2995,163 +3175,9 @@
        then alert
        alert rms@gnu.org with mail-format {
             subject: The gnu server may be hacked again! }
      -

      Note; only the check type, pidfile/path/address statements -are mandatory, the other statements are optional and the order of -the optional statements is not important.

      -

      -

      -
      -

      MONIT WITH HEARTBEAT

      -

      You can download heartbeat from -http://www.linux-ha.org/download/. It might be useful to have a -look at The Heartbeat Getting Started Guide at: -http://www.linux-ha.org/GettingStarted.html

      -

      Starting up a Node

      -

      This is the normal start sequence for a cluster-node. With this -sequence, there should be no error-case, which is not handled -either by heartbeat or by monit. For example, if monit dies, -initd restarts it. If heartbeat dies, monit restarts it. If the -node dies, the heartbeat instance on the other node detects it -and restart the services there.

      -
        -
      1. initd starts monit with group local - -
      2. monit starts heartbeat in local group - -
      3. heartbeat requests monit to start the node group - -
      4. monit starts the node group - -
      -

      Monit: /etc/monitrc

      -

      This example describes a cluster with 2 nodes. Services running -on Node 1 are in the group node1 and Node 2 services are in -the node2 group.

      -

      The local group entries are mode active, the node group -entries are mode manual and controlled by heartbeat.

      -
      - #
- # local services on both hosts
- #
      -
      - check process heartbeat with pidfile /var/run/heartbeat.pid
-       start program = "/etc/init.d/heartbeat start"
-       stop  program = "/etc/init.d/heartbeat start"
-       mode  active
-       alert foo@bar
-       group local
      -
      - check process postfix with pidfile /var/run/postfix/master.pid
-       start program = "/etc/init.d/postfix start"
-       stop program  = "/etc/init.d/postfix stop"
-       mode  active
-       alert foo@bar
-       group local
      -
      - #
- # node1 services
- #
      -
      - check process apache with pidfile /var/apache/logs/httpd.pid
-       start program = "/etc/init.d/apache start"
-       stop program  = "/etc/init.d/apache stop"
-       depends named
-       alert foo@bar
-       mode  manual
-       group node1
      -
      - check process named with pidfile /var/tmp/named.pid
-       start program = "/etc/init.d/named start"
-       stop program  = "/etc/init.d/named stop"
-       alert foo@bar
-       mode  manual
-       group node1
      -
      - #
- # node2 services
- #
      -
      - check process named-slave with pidfile /var/tmp/named-slave.pid
-       start program = "/etc/init.d/named-slave start"
-       stop program  = "/etc/init.d/named-slave stop"
-       mode  manual
-       alert foo@bar
-       group node2
      -
      - check process squid with pidfile /var/squid/logs/squid.pid
-       start program = "/etc/init.d/squid start"
-       stop program  = "/etc/init.d/squid stop"
-       depends named-slave
-       alert foo@bar
-       mode  manual
-       group node2
      -

      initd: /etc/inittab

      -

      Monit is started on both nodes with initd. You will need to add -an entry in /etc/inittab to start monit with the same local -group heartbeat is member of.

      -
      - #/etc/inittab
- mo:2345:respawn:/usr/local/bin/monit -d 10 -c /etc/monitrc -g local
      -

      heartbeat: /etc/ha.d/haresources

      -

      When heartbeat starts, heartbeat looks up the node entry and -start the script /etc/init.d/monit-node1 or -/etc/init.d/monit-node2. The script calls monit to start the -specific group per node.

      -
      - # /etc/ha.d/haresources
- node1 IPaddr::172.16.100.1  monit-node1
- node2 IPaddr::172.16.100.2  monit-node2
      -

      /etc/init.d/monit-node1

      -
      - #!/bin/bash
- #
- # sample script for starting/stopping all services on node1
- #
- prog="/usr/local/bin/monit -g node1"
- start()
- {
-       echo -n $"Starting $prog:"
-       $prog start all
-       echo
- }
      -
      - stop()
- {
-       echo -n $"Stopping $prog:"
-       $prog stop all
-       echo
- }
- 
- case "$1" in
-       start)
-            start;;
-       stop)
-            stop;;
-       *)
-            echo $"Usage: $0 {start|stop}"
-            RETVAL=1
- esac
- exit $RETVAL
      -

      -

      -

      Handling state

      -

      As mentioned elsewhere, monit save its state to a state file. If -the monit process should die, upon restart monit will read its -last known state from this file. This can be a problem if monit -is used in a cluster, as illustrate in this scenario:

      -
        -
      1. -

        The active node fails, the second takes over

        -
        2. -
      2. -

        After a reboot, the failed node comes back, monit read its state -file and start all the services (even manual ones) as they were -running before the failure. This is a problem because services -will now run on both nodes.

        -
        3. -
      -

      The solution to this problem is to remove the monit.state file in -a rc-script called at boot time and before monit is started.

      +

      Note; only the check statement is mandatory, the other +statements are optional and the order of the optional statements +is not important.

      @@ -3167,7 +3193,7 @@ previous two locations, and the current working directory contains a monitrc file, this file is used instead.

      -

      ~/.monitrc.pid +

      ~/.monit.pid Lock file to help prevent concurrent runs (non-root mode).

      /var/run/monit.pid @@ -3177,18 +3203,20 @@ Lock file to help prevent concurrent runs (root mode, systems without /var/run).

      ~/.monit.state - monit save its state to this file and utilize + Monit save its state to this file and utilize information found in this file to recover from a crash. This is a binary file and its content is only of interest to monit. You may set the location - of this file in the monit control file or by using - the -s switch when monit is started.

      + of this file in the Monit control file or by using + the -s switch when Monit is started.

      +

      ~/.monit.id + Monit save its unique id to this file.

      ENVIRONMENT

      -

      No environment variables are used by monit. However, when monit -execute a script or a program monit will set several environment +

      No environment variables are used by Monit. However, when Monit +execute a script or a program Monit will set several environment variables which can be utilized by the executable. The following and only the following environment variables are available:

      @@ -3198,6 +3226,12 @@

      The event that occurred on the service

      • +
      MONIT_DESCRIPTION + +
      +

      A description of the error condition

      +
      +
      MONIT_SERVICE
      @@ -3259,27 +3293,27 @@

      SIGNALS

      -

      If a monit daemon is running, SIGUSR1 wakes it up from its sleep +

      If a Monit daemon is running, SIGUSR1 wakes it up from its sleep phase and forces a poll of all services. SIGTERM and SIGINT will -gracefully terminate a monit daemon. The SIGTERM signal is sent -to a monit daemon if monit is started with the quit action +gracefully terminate a Monit daemon. The SIGTERM signal is sent +to a Monit daemon if Monit is started with the quit action argument.

      -

      Sending a SIGHUP signal to a running monit daemon will force +

      Sending a SIGHUP signal to a running Monit daemon will force the daemon to reinitialize itself, specifically it will reread configuration, close and reopen log files.

      -

      Running monit in foreground while a background monit daemon is +

      Running Monit in foreground while a background Monit daemon is running will wake up the daemon.

      NOTES

      This is a very silent program. Use the -v switch if you want to -see what monit is doing, and tail -f the logfile. Optionally for -testing purposes; you can start monit with the -Iv switch. Monit +see what Monit is doing, and tail -f the logfile. Optionally for +testing purposes; you can start Monit with the -Iv switch. Monit will then print debug information to the console, to stop monit in this mode, simply press CTRL^C (i.e. SIGINT) in the same console.

      -

      The syntax (and parser) of the control file is inspired by Eric +

      The syntax (and parser) of the control file was inspired by Eric S. Raymond et al. excellent fetchmail program. Some portions of this man page does also receive inspiration from the same authors.

      @@ -3291,21 +3325,21 @@ Martin Pala <martinp@tildeslash.com>, Christian Hopp <chopp@iei.tu-clausthal.de>, Rory Toma <rory@digeo.com>

      -

      See also http://www.tildeslash.com/monit/who.html

      +

      See also http://mmonit.com/monit/who/

      COPYRIGHT

      -

      Copyright (C) 2000-2006 by the monit project group. All Rights -Reserved. This product is distributed in the hope that it will be -useful, but WITHOUT any warranty; without even the implied -warranty of MERCHANTABILITY or FITNESS for a particular purpose.

      +

      Copyright (C) 2009 by Tildeslash Ltd. All Rights Reserved. This +product is distributed in the hope that it will be useful, but +WITHOUT any warranty; without even the implied warranty of +MERCHANTABILITY or FITNESS for a particular purpose.

      SEE ALSO

      GNU text utilities; md5sum(1); sha1sum(1); openssl(1); glob(7); -regex(7)

      +regex(7); http://mmonit.com/

      Binary files /tmp/mTIqZj4ofw/monit-4.8.1/doc/presentation.odp and /tmp/QeMlhPoI46/monit-5.0.3/doc/presentation.odp differ Binary files /tmp/mTIqZj4ofw/monit-4.8.1/doc/presentation.sxi and /tmp/QeMlhPoI46/monit-5.0.3/doc/presentation.sxi differ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/env.c /tmp/QeMlhPoI46/monit-5.0.3/env.c --- monit-4.8.1/env.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/env.c 2009-02-13 13:06:31.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -59,12 +69,20 @@ #include #endif +#ifdef HAVE_CRT_EXTERNS_H +#include +#endif + #include "monitor.h" #ifndef MAXPATHLEN #define MAXPATHLEN STRLEN #endif +#ifdef DARWIN +#define environ (*_NSGetEnviron()) +#endif + /* Private prototypes */ static void set_sandbox(void); static void set_environment(void); @@ -75,7 +93,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: env.c,v 1.32 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: env.c,v 1.42 2009/02/13 09:18:06 hauk Exp $ * * @file */ @@ -178,37 +196,27 @@ */ static void set_environment(void) { - char cwd[MAXPATHLEN]; struct passwd *pw; /* Get password struct */ if ( ! (pw= getpwuid(geteuid())) ) { - LogError("%s: You don't exist. Go away.\n", prog); exit(1); - } + Run.Env.home= xstrdup(pw->pw_dir); + Run.Env.user= xstrdup(pw->pw_name); /* Get CWD */ - if ( ! (getcwd(cwd, sizeof(cwd))) ) { - - LogError("%s: Cannot read current directory -- %s\n", - prog, STRERROR); + Run.Env.cwd= xcalloc(sizeof(char), MAXPATHLEN+1); + if ( ! (getcwd(Run.Env.cwd, MAXPATHLEN)) ) { + LogError("%s: Cannot read current directory -- %s\n", prog, STRERROR); exit(1); - } /* * Save and clear the file creation mask */ Run.umask= umask(0); - - /* - * Initialize the runtime environment object - */ - Run.Env.cwd= xstrdup(cwd); - Run.Env.home= xstrdup(pw->pw_dir); - Run.Env.user= xstrdup(pw->pw_name); - + } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/event.c /tmp/QeMlhPoI46/monit-5.0.3/event.c --- monit-4.8.1/event.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/event.c 2009-05-28 22:35:29.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include "config.h" @@ -31,6 +41,15 @@ #include #endif +#ifdef HAVE_SYS_TIME_H +#include +#endif + +#ifdef HAVE_TIME_H +#include +#endif + + #ifdef HAVE_SYS_STAT_H #include #endif @@ -54,7 +73,7 @@ * * @author Jan-Henrik Haukeland, * @author Martin Pala - * @version \$Id: event.c,v 1.61 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: event.c,v 1.99 2009/05/28 21:35:29 martinp Exp $ * @file */ @@ -62,25 +81,29 @@ /* ------------------------------------------------------------- Definitions */ EventTable_T Event_Table[]= { - {EVENT_CHANGED, "Changed", "Changed not"}, - {EVENT_CHECKSUM, "Checksum failed", "Checksum passed"}, - {EVENT_CONNECTION, "Connection failed", "Connection passed"}, - {EVENT_DATA, "Data access error", "Data access succeeded"}, - {EVENT_EXEC, "Execution failed", "Execution succeeded"}, - {EVENT_GID, "GID failed", "GID passed"}, - {EVENT_ICMP, "ICMP failed", "ICMP passed"}, - {EVENT_INSTANCE, "Monit instance changed", "Monit instance changed not"}, - {EVENT_INVALID, "Invalid type", "Type passed"}, - {EVENT_MATCH, "Regex match", "No regex match"}, - {EVENT_NONEXIST, "Does not exist", "Exists"}, - {EVENT_PERMISSION, "Permission failed", "Permission passed"}, - {EVENT_RESOURCE, "Resource limit matched", "Resource limit passed"}, - {EVENT_SIZE, "Size failed", "Size passed"}, - {EVENT_TIMEOUT, "Timeout", "Timeout recovery"}, - {EVENT_TIMESTAMP, "Timestamp failed", "Timestamp passed"}, - {EVENT_UID, "UID failed", "UID passed"}, + {EVENT_ACTION, "Action done", "Action done", "Action done", "Action done"}, + {EVENT_CHECKSUM, "Checksum failed", "Checksum succeeded", "Checksum changed", "Checksum not changed"}, + {EVENT_CONNECTION, "Connection failed", "Connection succeeded", "Connection changed", "Connection not changed"}, + {EVENT_CONTENT, "Content failed", "Content succeeded", "Content match", "Content doesn't match"}, + {EVENT_DATA, "Data access error", "Data access succeeded", "Data access changed", "Data access not changed"}, + {EVENT_EXEC, "Execution failed", "Execution succeeded", "Execution changed", "Execution not changed"}, + {EVENT_FSFLAG, "Filesystem flags failed", "Filesystem flags succeeded", "Filesystem flags changed", "Filesystem flags not changed"}, + {EVENT_GID, "GID failed", "GID succeeded", "GID changed", "GID not changed"}, + {EVENT_HEARTBEAT, "Heartbeat failed", "Heartbeat succeeded", "Heartbeat changed", "Heartbeat not changed"}, + {EVENT_ICMP, "ICMP failed", "ICMP succeeded", "ICMP changed", "ICMP not changed"}, + {EVENT_INSTANCE, "Monit instance failed", "Monit instance succeeded", "Monit instance changed", "Monit instance not changed"}, + {EVENT_INVALID, "Invalid type", "Type succeeded", "Type changed", "Type not changed"}, + {EVENT_NONEXIST, "Does not exist", "Exists", "Existence changed", "Existence not changed"}, + {EVENT_PERMISSION, "Permission failed", "Permission succeeded", "Permission changed", "Permission not changed"}, + {EVENT_PID, "PID failed", "PID succeeded", "PID changed", "PID not changed"}, + {EVENT_PPID, "PPID failed", "PPID succeeded", "PPID changed", "PPID not changed"}, + {EVENT_RESOURCE, "Resource limit matched", "Resource limit succeeded", "Resource limit changed", "Resource limit not changed"}, + {EVENT_SIZE, "Size failed", "Size succeeded", "Size changed", "Size not changed"}, + {EVENT_TIMEOUT, "Timeout", "Timeout recovery", "Timeout changed", "Timeout not changed"}, + {EVENT_TIMESTAMP, "Timestamp failed", "Timestamp succeeded", "Timestamp changed", "Timestamp not changed"}, + {EVENT_UID, "UID failed", "UID succeeded", "UID changed", "UID not changed"}, /* Virtual events */ - {EVENT_NULL, "No Event", "No Event"}, + {EVENT_NULL, "No Event", "No Event", "No Event", "No Event"} }; @@ -88,8 +111,9 @@ static void handle_event(Event_T); -static int handle_action(Event_T, Action_T); +static void handle_action(Event_T, Action_T); static void Event_queue_add(Event_T); +static void Event_queue_update(Event_T, const char *); /* ------------------------------------------------------------------ Public */ @@ -103,23 +127,17 @@ * @param action Description of the event action * @param s Optional message describing the event */ -void Event_post(Service_T service, long id, short state, EventAction_T action, - char *s, ...) { - - Event_T e = service->eventlist; +void Event_post(Service_T service, long id, short state, EventAction_T action, char *s, ...) { + Event_T e; ASSERT(service); ASSERT(action); - ASSERT(state == STATE_FAILED || state == STATE_PASSED); + ASSERT(state == STATE_FAILED || state == STATE_SUCCEEDED || state == STATE_CHANGED || state == STATE_CHANGEDNOT); - if(e == NULL) - { - /* Only first failed event can initialize the queue for given event type, - * thus passed events are ignored until first error. However, in the case - * that the error flag is set for the passed event, we will allow it (i.e. - * event queue was flushed during monit reload and the service was in - * failed state before reload) */ - if(state != STATE_FAILED && !(service->error & id)) + if ((e = service->eventlist) == NULL) { + /* Only first failed/changed event can initialize the queue for given event type, + * thus succeeded events are ignored until first error. */ + if (state == STATE_SUCCEEDED || state == STATE_CHANGEDNOT) return; /* Initialize event list and add first event. The manadatory informations @@ -128,16 +146,15 @@ * persistent and managable across monit restarts */ NEW(e); e->id = id; - e->collected = time(NULL); + gettimeofday(&e->collected, NULL); e->source = xstrdup(service->name); - e->group = service->group?xstrdup(service->group):xstrdup(""); + e->group = service->group ? xstrdup(service->group) : xstrdup(""); e->mode = service->mode; e->type = service->type; e->state = STATE_INIT; - e->state_map = state; + e->state_map = 1; e->action = action; - if(s) - { + if (s) { long l; va_list ap; @@ -145,50 +162,39 @@ e->message = Util_formatString(s, ap, &l); va_end(ap); } - pthread_mutex_init(&e->mutex, NULL); service->eventlist = e; - } - else - { + } else { /* Try to find the event with the same origin and type identification. * Each service and each test have its own custom actions object, so * we share actions object address to identify event source. */ - do - { - if(e->action == action && e->id == id) - { - LOCK(e->mutex) - e->collected = time(NULL); - - /* Shift the existing event flags to the left - * and set the first bit based on actual state */ - e->state_map <<= 1; - e->state_map |= state; - - /* Update the message */ - if(s) - { - long l; - va_list ap; - - FREE(e->message); - va_start(ap, s); - e->message = Util_formatString(s, ap, &l); - va_end(ap); - } - - END_LOCK; + do { + if (e->action == action && e->id == id) { + gettimeofday(&e->collected, NULL); + + /* Shift the existing event flags to the left + * and set the first bit based on actual state */ + e->state_map <<= 1; + e->state_map |= ((state == STATE_SUCCEEDED || state == STATE_CHANGEDNOT) ? 0 : 1); + + /* Update the message */ + if (s) { + long l; + va_list ap; + + FREE(e->message); + va_start(ap, s); + e->message = Util_formatString(s, ap, &l); + va_end(ap); + } break; } e = e->next; - } - while(e); + } while (e); - if(!e) - { - /* Only first failed event can initialize the queue for given event type, - * thus passed events are ignored until first error */ - if(state != STATE_FAILED) + if (!e) { + /* Only first failed/changed event can initialize the queue for given event type, + * thus succeeded events are ignored until first error. */ + if (state == STATE_SUCCEEDED || state == STATE_CHANGEDNOT) return; /* Event was not found in the pending events list, we will add it. @@ -198,16 +204,15 @@ * restarts */ NEW(e); e->id = id; - e->collected = time(NULL); + gettimeofday(&e->collected, NULL); e->source = xstrdup(service->name); - e->group = service->group?xstrdup(service->group):xstrdup(""); + e->group = service->group ? xstrdup(service->group) : xstrdup(""); e->mode = service->mode; e->type = service->type; e->state = STATE_INIT; - e->state_map = state; + e->state_map = 1; e->action = action; - if(s) - { + if (s) { long l; va_list ap; @@ -215,7 +220,6 @@ e->message = Util_formatString(s, ap, &l); va_end(ap); } - pthread_mutex_init(&e->mutex, NULL); e->next = service->eventlist; service->eventlist = e; } @@ -224,20 +228,13 @@ e->state_changed = Event_check_state(e, state); /* In the case that the state changed, update it and reset the counter */ - if(e->state_changed) - { + if (e->state_changed) { e->state = state; e->count = 1; - } - else - { + } else e->count++; - } - - LOCK(e->mutex) - handle_event(e); - END_LOCK; + handle_event(e); } @@ -250,18 +247,14 @@ * @return The Service where the event orginated */ Service_T Event_get_source(Event_T E) { - Service_T s = NULL; ASSERT(E); - if(!(s = Util_getService(E->source))) - { + if (!(s = Util_getService(E->source))) LogError("Service %s not found in monit configuration\n", E->source); - } return s; - } @@ -271,11 +264,8 @@ * @return The Service name where the event orginated */ char *Event_get_source_name(Event_T E) { - ASSERT(E); - return (E->source); - } @@ -285,11 +275,8 @@ * @return The group name of the service where the event orginated */ char *Event_get_source_group(Event_T E) { - ASSERT(E); - return (E->group); - } @@ -299,11 +286,8 @@ * @return The service type of the service where the event orginated */ int Event_get_source_type(Event_T E) { - ASSERT(E); - return (E->type); - } @@ -312,12 +296,9 @@ * @param E An event object * @return The Event timestamp */ -time_t Event_get_collected(Event_T E) { - +struct timeval *Event_get_collected(Event_T E) { ASSERT(E); - - return E->collected; - + return &E->collected; } @@ -327,11 +308,8 @@ * @return The Event raw state */ short Event_get_state(Event_T E) { - ASSERT(E); - return E->state; - } @@ -343,42 +321,39 @@ * @return The Event raw state */ short Event_check_state(Event_T E, short S) { - int i; int count = 0; + short state = (S == STATE_SUCCEEDED || S == STATE_CHANGEDNOT) ? 0 : 1; /* translate to 0/1 class */ Action_T action; + Service_T service; long long flag; ASSERT(E); - /* Only the true failed state condition can change the initial state */ - if(S == STATE_PASSED && E->state == STATE_INIT) - { + if (!(service = Event_get_source(E))) + return TRUE; + + /* Only true failed/changed state condition can change the initial state */ + if (!state && E->state == STATE_INIT && !(service->error & E->id)) return FALSE; - } - action = (S == STATE_PASSED)?E->action->passed:E->action->failed; + action = !state ? E->action->succeeded : E->action->failed; /* Compare as many bits as cycles able to trigger the action */ - for(i = 0; i < action->cycles; i++) - { + for (i = 0; i < action->cycles; i++) { /* Check the state of the particular cycle given by the bit position */ flag = (E->state_map >> i) & 0x1; /* Count occurences of the posted state */ - if(flag == S) - { + if (flag == state) count++; - } } - if(count >= action->count && S != E->state) - { + /* the internal instance and action events are handled as changed any time since we need to deliver alert whenever it occurs */ + if (E->id == EVENT_INSTANCE || E->id == EVENT_ACTION || (count >= action->count && S != E->state)) return TRUE; - } return FALSE; - } @@ -388,11 +363,8 @@ * @return The Event type */ int Event_get_id(Event_T E) { - ASSERT(E); - return E->id; - } @@ -403,40 +375,43 @@ * @return The Event message. May be NULL */ const char *Event_get_message(Event_T E) { - ASSERT(E); - return E->message; - } /** - * Get a textual description of actual event type. For instance if the - * event type is possitive EVENT_TIMESTAMP, the textual description is - * "Timestamp error". Likewise if the event type is negative EVENT_CHECKSUM - * the textual description is "Checksum recovery" and so on. + * Get a textual description of actual event type. * @param E An event object * @return A string describing the event type in clear text. If the * event type is not found NULL is returned. */ const char *Event_get_description(Event_T E) { - EventTable_T *et= Event_Table; ASSERT(E); - while((*et).id) - { - if(E->id == (*et).id) - { - return E->state?(*et).description_failed:(*et).description_passed; + while ((*et).id) { + if (E->id == (*et).id) { + switch (E->state) { + case STATE_SUCCEEDED: + return (*et).description_succeeded; + case STATE_FAILED: + return (*et).description_failed; + case STATE_INIT: + return (*et).description_failed; + case STATE_CHANGED: + return (*et).description_changed; + case STATE_CHANGEDNOT: + return (*et).description_changednot; + default: + break; + } } et++; } return NULL; - } @@ -446,25 +421,32 @@ * @return An action id */ short Event_get_action(Event_T E) { - - short id; Action_T A; ASSERT(E); - A = E->state?E->action->failed:E->action->passed; + A = E->state ? E->action->failed : E->action->succeeded; + switch (E->state) { + case STATE_SUCCEEDED: + case STATE_CHANGEDNOT: + A = E->action->succeeded; + break; + case STATE_FAILED: + case STATE_CHANGED: + case STATE_INIT: + A = E->action->failed; + break; + default: + break; + } + + if (! A) + return ACTION_IGNORE; /* In the case of passive mode we replace the description of start, stop * or restart action for alert action, because these actions are passive in * this mode */ - id= (E->mode == MODE_PASSIVE && - ((A->id == ACTION_START)|| - (A->id == ACTION_STOP) || - (A->id == ACTION_RESTART)) - )?ACTION_ALERT:A->id; - - return id; - + return (E->mode == MODE_PASSIVE && ((A->id == ACTION_START) || (A->id == ACTION_STOP) || (A->id == ACTION_RESTART))) ? ACTION_ALERT : A->id; } @@ -479,19 +461,15 @@ * event type is not found NULL is returned. */ const char *Event_get_action_description(Event_T E) { - ASSERT(E); - return actionnames[Event_get_action(E)]; - } /** - * Reprocess the partialy handled event queue + * Reprocess the partially handled event queue */ void Event_queue_process() { - DIR *dir = NULL; FILE *file = NULL; struct dirent *de = NULL; @@ -499,37 +477,24 @@ Action_T a = NULL; /* return in the case that the eventqueue is not enabled or empty */ - if( !Run.eventlist_dir || - ( - !Run.handler_init && - !Run.handler_queue[HANDLER_ALERT] && - !Run.handler_queue[HANDLER_COLLECTOR] - ) - ) - { + if (! Run.eventlist_dir || (! Run.handler_init && ! Run.handler_queue[HANDLER_ALERT] && ! Run.handler_queue[HANDLER_MMONIT])) return; - } - if(! (dir = opendir(Run.eventlist_dir)) ) - { - if(errno != ENOENT) { - LogError("%s: cannot open the directory %s -- %s\n", - prog, Run.eventlist_dir, STRERROR); - } + if (! (dir = opendir(Run.eventlist_dir)) ) { + if (errno != ENOENT) + LogError("%s: cannot open the directory %s -- %s\n", prog, Run.eventlist_dir, STRERROR); return; } - if((de = readdir(dir))) - { + if ((de = readdir(dir))) DEBUG("Processing postponed events queue\n"); - } NEW(ea); NEW(a); - while(de) - { + while (de) { int size; + int handlers_passed = 0; int *version = NULL; short *action = NULL; Event_T e = NULL; @@ -539,138 +504,123 @@ /* In the case that all handlers failed, skip the further processing in * this cycle. Alert handler is currently defined anytime (either * explicitly or localhost by default) */ - if( (Run.collectors - && - FLAG(Run.handler_flag, HANDLER_COLLECTOR) - && - FLAG(Run.handler_flag, HANDLER_ALERT) - ) - || - FLAG(Run.handler_flag, HANDLER_ALERT)) - { + if ( (Run.mmonits && FLAG(Run.handler_flag, HANDLER_MMONIT) && FLAG(Run.handler_flag, HANDLER_ALERT)) || FLAG(Run.handler_flag, HANDLER_ALERT)) break; - } - - snprintf(file_name, STRLEN, - "%s/%s", - Run.eventlist_dir, de->d_name); - if(!stat(file_name, &st) && S_ISREG(st.st_mode)) - { + snprintf(file_name, STRLEN, "%s/%s", Run.eventlist_dir, de->d_name); + if (!stat(file_name, &st) && S_ISREG(st.st_mode)) { DEBUG("%s: processing queued event %s\n", prog, file_name); - if(! (file = fopen(file_name, "r")) ) - { - LogError("%s: Processing failed - cannot open the event file %s -- %s\n", - prog, file_name, STRERROR); - goto error; + if (! (file = fopen(file_name, "r")) ) { + LogError("%s: Processing failed - cannot open the event file %s -- %s\n", prog, file_name, STRERROR); + goto error1; } /* read event structure version */ - if(!(version = File_readQueue(file, &size)) || size != sizeof(int)) - goto error; - if(*version != EVENT_VERSION) - { - LogError("Aborting event %s - incompatible data format version %d\n", - file_name, *version); - unlink(file_name); - goto error; + if (!(version = File_readQueue(file, &size))) { + LogError("skipping %s - unknown data format\n", file_name); + goto error2; + } + if (size != sizeof(int)) { + LogError("Aborting event %s - invalid size %d\n", file_name, size); + goto error3; + } + if (*version != EVENT_VERSION) { + LogError("Aborting event %s - incompatible data format version %d\n", file_name, *version); + goto error3; } /* read event structure */ - if(!(e = File_readQueue(file, &size)) || size != sizeof(*e)) - goto error; + if (!(e = File_readQueue(file, &size))) + goto error3; + if (size != sizeof(*e)) + goto error4; /* read source */ - if(!(e->source = File_readQueue(file, &size))) - goto error; + if (!(e->source = File_readQueue(file, &size))) + goto error4; /* read group */ - if(!(e->group = File_readQueue(file, &size))) - goto error; + if (!(e->group = File_readQueue(file, &size))) + goto error5; /* read message */ - if(!(e->message = File_readQueue(file, &size))) - goto error; + if (!(e->message = File_readQueue(file, &size))) + goto error6; /* read event action */ - if(!(action = File_readQueue(file, &size)) || size != sizeof(short)) - goto error; + if (!(action = File_readQueue(file, &size))) + goto error7; + if (size != sizeof(short)) + goto error8; a->id = *action; - if(e->state == STATE_FAILED) - { + if (e->state == STATE_FAILED) ea->failed = a; - } else - { - ea->passed = a; - } + ea->succeeded = a; e->action = ea; /* Retry all remaining handlers */ /* alert */ - if(e->flag & HANDLER_ALERT) - { - if(Run.handler_init) - { + if (e->flag & HANDLER_ALERT) { + if (Run.handler_init) Run.handler_queue[HANDLER_ALERT]++; - } - if((Run.handler_flag & HANDLER_ALERT) != HANDLER_ALERT) - { - if( handle_alert(e) != HANDLER_ALERT ) - { + if ((Run.handler_flag & HANDLER_ALERT) != HANDLER_ALERT) { + if ( handle_alert(e) != HANDLER_ALERT ) { e->flag &= ~HANDLER_ALERT; Run.handler_queue[HANDLER_ALERT]--; - } - else - { + handlers_passed++; + } else { LogError("Alert handler failed, retry scheduled for next cycle\n"); Run.handler_flag |= HANDLER_ALERT; } } } - /* collector */ - if(e->flag & HANDLER_COLLECTOR) - { - if(Run.handler_init) - { - Run.handler_queue[HANDLER_COLLECTOR]++; - } - if((Run.handler_flag & HANDLER_COLLECTOR) != HANDLER_COLLECTOR) - { - if( handle_collector(e) != HANDLER_COLLECTOR ) - { - e->flag &= ~HANDLER_COLLECTOR; - Run.handler_queue[HANDLER_COLLECTOR]--; - } - else - { - LogError("Collector handler failed, retry scheduled for next cycle\n"); - Run.handler_flag |= HANDLER_COLLECTOR; + /* mmonit */ + if (e->flag & HANDLER_MMONIT) { + if (Run.handler_init) + Run.handler_queue[HANDLER_MMONIT]++; + if ((Run.handler_flag & HANDLER_MMONIT) != HANDLER_MMONIT) { + if ( handle_mmonit(e) != HANDLER_MMONIT ) { + e->flag &= ~HANDLER_MMONIT; + Run.handler_queue[HANDLER_MMONIT]--; + handlers_passed++; + } else { + LogError("M/Monit handler failed, retry scheduled for next cycle\n"); + Run.handler_flag |= HANDLER_MMONIT; } } } /* If no error persists, remove it from the queue */ - if(e->flag == HANDLER_PASSED) - { - DEBUG("Removing event %s from the queue for later external delivery\n", - file_name); - unlink(file_name); + if (e->flag == HANDLER_SUCCEEDED) { + DEBUG("Removing event %s from the queue for later external delivery\n", file_name); + if (unlink(file_name) < 0) + LogError("Failed to remove queued event file '%s' -- %s\n", file_name, STRERROR); + } else if (handlers_passed > 0) { + DEBUG("Updating queued event %s (some handlers passed)\n", file_name); + Event_queue_update(e, file_name); } - error: - FREE(version); +error8: FREE(action); - FREE(e->source); - FREE(e->group); +error7: FREE(e->message); +error6: + FREE(e->group); +error5: + FREE(e->source); +error4: FREE(e); +error3: + FREE(version); +error2: fclose(file); } +error1: de = readdir(dir); } Run.handler_init = FALSE; @@ -689,151 +639,107 @@ * @param E An event */ static void handle_event(Event_T E) { - Service_T S; ASSERT(E); ASSERT(E->action); ASSERT(E->action->failed); - ASSERT(E->action->passed); + ASSERT(E->action->succeeded); - /* We will handle only first passed event, recurrent passed events - * or insufficient passed events during failed service state are + /* We will handle only first succeeded event, recurrent succeeded events + * or insufficient succeeded events during failed service state are * ignored. Failed events are handled each time. */ - if(!E->state_changed && (E->state == STATE_PASSED || ((E->state_map & 0x1) ^ 0x1))) - { + if (!E->state_changed && (E->state == STATE_SUCCEEDED || E->state == STATE_CHANGEDNOT || ((E->state_map & 0x1) ^ 0x1))) return; - } - - if(E->message) - { - /* In the case that the service state is yet initializing and error - * occured, log it and exit. Passed events in init state are not - * logged. */ - if(E->state != STATE_INIT || E->state_map & 0x1) - { - if(E->id == EVENT_INSTANCE || E->state == STATE_PASSED) { - LogInfo("%s\n", E->message); - } else { - LogError("%s\n", E->message); - } - } - if(E->state == STATE_INIT) - { - return; - } - } S = Event_get_source(E); - if(!S) - { + if (!S) { LogError("Event handling aborted\n"); return; } - if(E->state == STATE_FAILED) - { - S->error |= E->id; - handle_action(E, E->action->failed); + if (E->message) { + /* In the case that the service state is initializing yet and error + * occured, log it and exit. Succeeded events in init state are not + * logged. Instance and action events are logged always with priority + * info. */ + if (E->state != STATE_INIT || E->state_map & 0x1) { + if (E->state == STATE_SUCCEEDED || E->state == STATE_CHANGEDNOT || E->id == EVENT_INSTANCE || E->id == EVENT_ACTION) + LogInfo("'%s' %s\n", S->name, E->message); + else + LogError("'%s' %s\n", S->name, E->message); + } + if (E->state == STATE_INIT) + return; } - else - { + + if (E->state == STATE_FAILED || E->state == STATE_CHANGED) { + if (E->id != EVENT_INSTANCE && E->id != EVENT_ACTION) { // We are not interested in setting error flag for instance and action events + S->error |= E->id; + /* The error hint provides second dimension for error bitmap and differentiates between failed/changed event states (failed=0, chaged=1) */ + if (E->state == STATE_CHANGED) + S->error_hint |= E->id; + else + S->error_hint &= ~E->id; + } + handle_action(E, E->action->failed); + } else { S->error &= ~E->id; - handle_action(E, E->action->passed); + handle_action(E, E->action->succeeded); } /* Possible event state change was handled so we will reset the flag. */ E->state_changed = FALSE; - } -static int handle_action(Event_T E, Action_T A) { - +static void handle_action(Event_T E, Action_T A) { Service_T s; ASSERT(E); ASSERT(A); - E->flag = HANDLER_PASSED; + E->flag = HANDLER_SUCCEEDED; - if(A->id == ACTION_IGNORE) - { - return TRUE; - } + if (A->id == ACTION_IGNORE) + return; - /* Alert and collector event notification are common actions */ + /* Alert and mmonit event notification are common actions */ + E->flag |= handle_mmonit(E); E->flag |= handle_alert(E); - E->flag |= handle_collector(E); /* In the case that some subhandler failed, enqueue the event for * partial reprocessing */ - if(E->flag != HANDLER_PASSED) - { - if(Run.eventlist_dir) - { + if (E->flag != HANDLER_SUCCEEDED) { + if (Run.eventlist_dir) Event_queue_add(E); - } else - { LogError("Aborting event\n"); - } } - s = Event_get_source(E); - if(!s) - { + if (!(s = Event_get_source(E))) { LogError("Event action handling aborted\n"); - return FALSE; + return; } - switch(A->id) - { - case ACTION_ALERT: - /* Already handled. */ - break; - - case ACTION_EXEC: - spawn(s, A->exec, Event_get_description(E)); - break; - - case ACTION_RESTART: - if(s->def_timeout) - s->nstart++; - if((s->mode != MODE_PASSIVE)) - { - control_service(s->name, "restart"); - } - return FALSE; + /* Action event is handled already. For Instance events + * we don't wan't actions like stop to be executed + * to prevent the disabling of system service monitoring */ + if (A->id == ACTION_ALERT || E->id == EVENT_INSTANCE) { + return; + } else if (A->id == ACTION_EXEC) { + LogInfo("'%s' exec: %s\n", s->name, A->exec->arg[0]); + spawn(s, A->exec, Event_get_description(E)); + return; + } else { + if (s->def_timeout && (A->id == ACTION_START || A->id == ACTION_RESTART)) + s->nstart++; - case ACTION_START: - if(s->def_timeout) - s->nstart++; - if((s->mode != MODE_PASSIVE)) - { - control_service(s->name, "start"); - } - return FALSE; - - case ACTION_STOP: - if((s->mode != MODE_PASSIVE)) - { - control_service(s->name, "stop"); - } - return FALSE; - - case ACTION_UNMONITOR: - control_service(s->name, "unmonitor"); - return FALSE; - - default: - LogError("'%s' error -- unknown failure action: [%d]\n", s->name, - A->id); - break; + if (s->mode == MODE_PASSIVE && (A->id == ACTION_START || A->id == ACTION_STOP || A->id == ACTION_RESTART)) + return; + control_service(s->name, A->id); } - - return TRUE; } @@ -842,97 +748,143 @@ * @param E An event object */ static void Event_queue_add(Event_T E) { - FILE *file = NULL; char file_name[STRLEN]; int version = EVENT_VERSION; short action = Event_get_action(E); int rv = FALSE; mode_t mask; - sigset_t ns; - sigset_t os; ASSERT(E); - ASSERT(E->flag != HANDLER_PASSED); + ASSERT(E->flag != HANDLER_SUCCEEDED); - if(!File_checkQueueDirectory(Run.eventlist_dir, 0700)) - { - LogError("%s: Aborting event - cannot access the directory %s\n", - prog, Run.eventlist_dir); + if (!File_checkQueueDirectory(Run.eventlist_dir, 0700)) { + LogError("%s: Aborting event - cannot access the directory %s\n", prog, Run.eventlist_dir); return; } - if(!File_checkQueueLimit(Run.eventlist_dir, Run.eventlist_slots)) - { + if (!File_checkQueueLimit(Run.eventlist_dir, Run.eventlist_slots)) { LogError("%s: Aborting event - queue over quota\n", prog); return; } - set_signal_block(&ns, &os); - /* compose the file name of actual timestamp and service name */ - snprintf(file_name, STRLEN, - "%s/%ld_%s", - Run.eventlist_dir, (long int)time(NULL), E->source); + snprintf(file_name, STRLEN, "%s/%ld_%s", Run.eventlist_dir, (long int)time(NULL), E->source); - DEBUG("%s: Adding event to the queue file %s for later delivery\n", - prog, file_name); + DEBUG("%s: Adding event to the queue file %s for later delivery\n", prog, file_name); mask = umask(QUEUEMASK); file = fopen(file_name, "w"); umask(mask); - if(! file) - { - LogError("%s: Aborting event - cannot open the event file %s -- %s\n", - prog, file_name, STRERROR); + if (! file) { + LogError("%s: Aborting event - cannot open the event file %s -- %s\n", prog, file_name, STRERROR); return; } /* write event structure version */ - if(!(rv = File_writeQueue(file, &version, sizeof(int)))) + if (!(rv = File_writeQueue(file, &version, sizeof(int)))) goto error; /* write event structure */ - if(!(rv = File_writeQueue(file, E, sizeof(*E)))) + if (!(rv = File_writeQueue(file, E, sizeof(*E)))) goto error; /* write source */ - if(!(rv = File_writeQueue(file, E->source, E->source?strlen(E->source)+1:0))) + if (!(rv = File_writeQueue(file, E->source, E->source ? strlen(E->source)+1 : 0))) goto error; /* write group */ - if(!(rv = File_writeQueue(file, E->group, E->group?strlen(E->group)+1:0))) + if (!(rv = File_writeQueue(file, E->group, E->group ? strlen(E->group)+1 : 0))) goto error; /* write message */ - if(!(rv = File_writeQueue(file, E->message, E->message?strlen(E->message)+1:0))) + if (!(rv = File_writeQueue(file, E->message, E->message ? strlen(E->message)+1 : 0))) goto error; /* write event action */ - if(!(rv = File_writeQueue(file, &action, sizeof(short)))) + if (!(rv = File_writeQueue(file, &action, sizeof(short)))) goto error; error: - if(!rv) - { - LogError("%s: Aborting event - unable to save event information to %s\n", - prog, file_name); - unlink(file_name); + fclose(file); + if (!rv) { + LogError("%s: Aborting event - unable to save event information to %s\n", prog, file_name); + if (unlink(file_name) < 0) + LogError("Failed to remove event file '%s' -- %s\n", file_name, STRERROR); + } else { + if (!Run.handler_init && E->flag & HANDLER_ALERT) + Run.handler_queue[HANDLER_ALERT]++; + if (!Run.handler_init && E->flag & HANDLER_MMONIT) + Run.handler_queue[HANDLER_MMONIT]++; } - else + + return; +} + + +/** + * Update the partialy handled event in the global queue + * @param E An event object + * @param file_name File name + */ +static void Event_queue_update(Event_T E, const char *file_name) { + FILE *file = NULL; + int version = EVENT_VERSION; + short action = Event_get_action(E); + int rv = FALSE; + mode_t mask; + + ASSERT(E); + ASSERT(E->flag != HANDLER_SUCCEEDED); + + if (!File_checkQueueDirectory(Run.eventlist_dir, 0700)) { + LogError("%s: Aborting event - cannot access the directory %s\n", prog, Run.eventlist_dir); + return; + } + + DEBUG("%s: Updating event in the queue file %s for later delivery\n", prog, file_name); + + mask = umask(QUEUEMASK); + file = fopen(file_name, "w"); + umask(mask); + if (! file) { - if(!Run.handler_init && E->flag & HANDLER_ALERT) - { - Run.handler_queue[HANDLER_ALERT]++; - } - if(!Run.handler_init && E->flag & HANDLER_COLLECTOR) - { - Run.handler_queue[HANDLER_COLLECTOR]++; - } - fclose(file); + LogError("%s: Aborting event - cannot open the event file %s -- %s\n", prog, file_name, STRERROR); + return; + } + + /* write event structure version */ + if (!(rv = File_writeQueue(file, &version, sizeof(int)))) + goto error; + + /* write event structure */ + if (!(rv = File_writeQueue(file, E, sizeof(*E)))) + goto error; + + /* write source */ + if (!(rv = File_writeQueue(file, E->source, E->source ? strlen(E->source)+1 : 0))) + goto error; + + /* write group */ + if (!(rv = File_writeQueue(file, E->group, E->group ? strlen(E->group)+1 : 0))) + goto error; + + /* write message */ + if (!(rv = File_writeQueue(file, E->message, E->message ? strlen(E->message)+1 : 0))) + goto error; + + /* write event action */ + if (!(rv = File_writeQueue(file, &action, sizeof(short)))) + goto error; + + error: + fclose(file); + if (!rv) { + LogError("%s: Aborting event - unable to update event information to %s\n", prog, file_name); + if (unlink(file_name) < 0) + LogError("Failed to remove event file '%s' -- %s\n", file_name, STRERROR); } - unset_signal_block(&os); return; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/event.h /tmp/QeMlhPoI46/monit-5.0.3/event.h --- monit-4.8.1/event.h 2006-01-01 22:44:01.000000000 +0000 +++ monit-5.0.3/event.h 2009-04-19 21:13:57.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #ifndef MONIT_EVENT_H @@ -36,17 +46,24 @@ #define EVENT_INVALID 0x400 #define EVENT_DATA 0x800 #define EVENT_EXEC 0x1000 -#define EVENT_CHANGED 0x2000 +#define EVENT_FSFLAG 0x2000 #define EVENT_ICMP 0x4000 -#define EVENT_MATCH 0x8000 +#define EVENT_CONTENT 0x8000 #define EVENT_INSTANCE 0x10000 +#define EVENT_ACTION 0x20000 +#define EVENT_PID 0x40000 +#define EVENT_PPID 0x80000 +#define EVENT_HEARTBEAT 0x100000 +#define EVENT_ALL 0xFFFFFFFF #define IS_EVENT_SET(value, mask) ((value & mask) != 0) typedef struct myeventtable { int id; char *description_failed; - char *description_passed; + char *description_succeeded; + char *description_changed; + char *description_changednot; } EventTable_T; extern EventTable_T Event_Table[]; @@ -64,7 +81,7 @@ * * @author Jan-Henrik Haukeland, * @author Martin Pala, - * @version \$Id: event.h,v 1.25 2006/01/01 22:44:01 martinp Exp $ + * @version \$Id: event.h,v 1.37 2009/04/19 20:13:57 martinp Exp $ * @file */ @@ -76,8 +93,7 @@ * @param action Description of the event action * @param s Optional message describing the event */ -void Event_post(Service_T service, long id, short state, EventAction_T action, - char *s, ...); +void Event_post(Service_T service, long id, short state, EventAction_T action, char *s, ...); /** @@ -117,7 +133,7 @@ * @param E An event object * @return The Event timestamp */ -time_t Event_get_collected(Event_T E); +struct timeval *Event_get_collected(Event_T E); /** diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/external/strftime.c /tmp/QeMlhPoI46/monit-5.0.3/external/strftime.c --- monit-4.8.1/external/strftime.c 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/external/strftime.c 2008-03-31 22:13:31.000000000 +0100 @@ -5,7 +5,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the - Free Software Foundation; either version 2, or (at your option) any + Free Software Foundation; either version 3, or (at your option) any later version. This program is distributed in the hope that it will be useful, diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/FAQ.txt /tmp/QeMlhPoI46/monit-5.0.3/FAQ.txt --- monit-4.8.1/FAQ.txt 2006-01-01 22:01:02.000000000 +0000 +++ monit-5.0.3/FAQ.txt 2008-11-19 18:30:20.000000000 +0000 @@ -1,7 +1,7 @@ Short FAQ: ---------- - @version \$Id: FAQ.txt,v 1.21 2005/02/02 18:10:28 martinp Exp $ + @version \$Id: FAQ.txt,v 1.31 2008/11/18 22:00:11 martinp Exp $ 1. Q: Monit watches processes by a pid file, so if a program crashes @@ -162,27 +162,37 @@ mv /etc/rc2.d/S99myprocess /etc/rc2.d/s99myprocess - If monit is started from a rc script, then to stop the service - at systems shutdown, you should add the following line to - monit's rc script: + If monit is started from a rc script, then to start and stop + the service at systems shutdown, you should add the following + lines to monit's rc script: + on start: + /usr/local/bin/monit -c /etc/monitrc start myprocess + + on stop: /usr/local/bin/monit -c /etc/monitrc stop myprocess - or if monit handles more than one service, simply stop all + or if monit handles more than one service, simply start/stop all services by using: + on start: + /usr/local/bin/monit -c /etc/monitrc start all + + on stop: /usr/local/bin/monit -c /etc/monitrc stop all If monit instead is started from init then, add a second line to inittab to stop the service: mo:2345:respawn:/usr/local/bin/monit -Ic /etc/monitrc - m0:06:wait:/usr/local/bin/monit -Ic /etc/monitrc stop myprocess + mon:2345:wait:/usr/local/bin/monit -Ic /etc/monitrc start myprocess + moff:06:wait:/usr/local/bin/monit -Ic /etc/monitrc stop myprocess or to stop all services handled by monit: mo:2345:respawn:/usr/local/bin/monit -Ic /etc/monitrc - m0:06:wait:/usr/local/bin/monit -Ic /etc/monitrc stop all + mon:2345:wait:/usr/local/bin/monit -Ic /etc/monitrc start all + moff:06:wait:/usr/local/bin/monit -Ic /etc/monitrc stop all Services handled by monit I have start and stop methods defined so monit can start and stop a service. For instance: @@ -235,28 +245,13 @@ 8. Q: Why is monit not able to gather process data from a 64bit - applications on Solaris? + applications? A: Most probably monit was compiled as a 32bit application and 32bit applications cannot read /proc data for a 64bit - applications. Furthermore, access to procfs is not supported in - large file environments. Thus, you must compile monit with 64bit - support. You will need a gcc version at least greater or equal - to 3.0. We have successfully tested monit with gcc version 3.1. - Do the following, + applications. Thus, you must compile monit with 64bit + support. Seel PLATFORMS file for platform specifics. - * "configure" monit with 64-bit support: - ./configure LDFLAGS='-m64 -mcpu=v9' CFLAGS='-m64 -mcpu=v9' - * "make" as usual: - make - - Note, in order to successfully link a 64bit application you will - also need all libraries (e.g. libflex, libssl and libcrypto) as - 64bit versions. Thus, it might be necessary to set the library - path pointing to your 64 libraries by adding their location to - make, e.g. "LDFLAGS='-L/usr/local/lib/sparcv9'". This might - apply to other unices, too. - 9. Q: How to set Monit to run from daemontools? @@ -332,7 +327,7 @@ e) Compile without SSL support. Start the configuration process with the "--without-ssl" option. - Points a)-d) do not reduce the functionality of monit. By + Points a)-d) does not reduce the functionality of monit. By applying point e) you loose of course any SSL functionality. On Linux it is possible to get some additional reduction by using @@ -342,9 +337,9 @@ binaries are required these libraries reduce the binary size dramatically. - It is possible to reduce the monit binary to a size of <220kB - dynamically liked with SSL, <850kB statically linked with - SSL and <270kB statically linked without SSL using the plan above. + It is possible to reduce the monit binary to a size of <320kB + dynamically linked with SSL, <850kB statically linked with + SSL and <300kB statically linked without SSL using the plan above. [A] http://www.fefe.de/dietlibc/ [B] http://www.uclibc.org/ @@ -360,13 +355,108 @@ system statistic error -- cannot find process id 1 --8<-- - A: You are most probably running monit on system with security restrictions - which hides process with PID 1. For example LIDS and Linux-VServer - are optionaly able to do so. Monit can run and work in this environment, - but some system or process resource statistics may be not available - (will show zero as value). You can also unhide PID 1 for monit's context - and use for example unkillable protection for PID 1 instead to provide - access to monit to these statistics. + A: You are most probably running monit on system with security + restrictions which hides process with PID 1. For example LIDS + and Linux-VServer are optionaly able to do so. Monit can run and + work in this environment, but some system or process resource + statistics may be not available (will show zero as value). You can + also unhide PID 1 for monit's context and use for example unkillable + protection for PID 1 instead to provide access to monit to these + statistics. + + +13. Q: Is here any support for external testing scripts available? + + A: We plan to add the support for external scripts in the future (see our + TODO list - http://www.tildeslash.com/monit/doc/next.php#33). Until + native support will be available, here are some workarounds: + + 1.) nice workaround contributed by Pavel Urban is based on timestamp + monitoring of file, which is updated by external script, running from + cron. When everything is OK, the script will update (touch) the file. + When the state is false, the script won't update the timestamp and + monit will perform the related action. + + For example script for monitoring the count of files inside /tmp + directory: + --8<-- + #!/bin/bash + if [ `ls -1 /tmp |wc -l` -lt 100 ] + then + touch /var/tmp/monit_flag_tmp + fi + --8<-- + + run this script via cron (for example, every 20 minutes): + --8<-- + 20 * * * * /root/test_tmp_files > /dev/null 2>&1 + --8<-- + + and do timestamp check on /var/tmp/monit_flag_tmp (or any file you decide) + in monit control file: + --8<-- + check file monit_flag_tmp with path /var/tmp/monit_flag_tmp + if timestamp > 25 minutes then alert + --8<-- + + Done :) + + Another Example script: for monitoring the Solaris Volume Manager + metadevices: + --8<-- + #!/usr/bin/bash + /usr/sbin/metastat | /usr/xpg4/bin/grep -q maintenance + if [ $? -ne 0 ]; then + touch /var/tmp/monit_flag_svm + fi + --8<-- + + 2.) alternatively you can use the monit's file content testing to watch + logfiles or status files created similar way as described above. + + Example script: + --8<-- + #!/usr/bin/bash + /usr/sbin/metastat > /var/tmp/monit_svm + --8<-- + + and example monit syntax: + --8<-- + check file svm with path /var/tmp/monit_svm + if match "maintenance" then alert + --8<-- + + +14. Q: How to set Monit to run from upstart? + + A: Use following script (thanks to Michael Hale): + --8<-- + # This is an event.d (upstart) script to keep monit running + # To install disable the old way of doing things: + # + # /etc/init.d/monit stop && update-rc.d -f monit remove + # + # then put this script here: /etc/event.d/monit + # + # You can manually start and stop monit like this: + # + # start monit + # stop monit + # + # Michael Hale (http://halethegeek.com) + + start on runlevel 2 + start on runlevel 3 + start on runlevel 4 + start on runlevel 5 + + stop on runlevel 0 + stop on runlevel 6 + + exec /usr/sbin/monit -Ic /etc/monit/monitrc + respawn + --8<-- + ------------------------------------------------------------------------------- diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/file.c /tmp/QeMlhPoI46/monit-5.0.3/file.c --- monit-4.8.1/file.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/file.c 2009-05-02 21:16:06.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -62,13 +72,13 @@ #include "monitor.h" /** - * Utilities used for managing files used by monit. + * Utilities for managing files used by monit. * * @author Jan-Henrik Haukeland, * @author Christian Hopp, * @author Martin Pala, * - * @version \$Id: file.c,v 1.10 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: file.c,v 1.26 2009/05/02 20:16:06 martinp Exp $ * * @file */ @@ -83,7 +93,7 @@ void File_init() { char pidfile[STRLEN]; - char statefile[STRLEN]; + char buf[STRLEN]; /* Check if the pidfile was already set during configfile parsing */ if(Run.pidfile == NULL) { @@ -95,21 +105,38 @@ } Run.pidfile= xstrdup(pidfile); } - /* Set the location of the programs state file */ + + /* Set the location of monit's id file */ + if(Run.idfile == NULL) { + snprintf(buf, STRLEN, "%s/.%s", Run.Env.home, MYIDFILE); + Run.idfile= xstrdup(buf); + } + Util_monitId(Run.idfile); + + /* Set the location of monit's state file */ if(Run.statefile == NULL) { - snprintf(statefile, STRLEN, "%s/.%s", Run.Env.home, MYSTATEFILE); - Run.statefile= xstrdup(statefile); + snprintf(buf, STRLEN, "%s/.%s", Run.Env.home, MYSTATEFILE); + Run.statefile= xstrdup(buf); } } /** - * Finalize and remove temporary files + * Finalize and remove temporary files and make sure Monit id file exist */ void File_finalize() { unlink(Run.pidfile); - unlink(Run.statefile); + // Make sure that Monit id file exist + if (! File_exist(Run.idfile)) { + FILE *f = fopen(Run.idfile,"w"); + if (! f) { + LogError("%s: Error opening Monit id file '%s' for writing -- %s\n", prog, Run.idfile, STRERROR); + } else { + fprintf(f, "%s\n", Run.id); + fclose(f); + } + } } @@ -145,9 +172,9 @@ /** * Search the system for the monit control file. Try first ~/.monitrc, - * if that fails try /etc/monitrc, then /usr/local/etc/monitrc and - * finally ./monitrc. Exit the application if the control file was - * not found. + * if that fails try /etc/monitrc, then SYSCONFDIR/monitrc (default: + * /usr/local/etc/monitrc) and finally ./monitrc. + * Exit the application if the control file was not found. * @return The location of monits control file (monitrc) */ char *File_findControlFile() { @@ -164,6 +191,11 @@ return (rcfile); } memset(rcfile, 0, STRLEN); + snprintf(rcfile, STRLEN, "%s/%s", SYSCONFDIR, MONITRC); + if(File_exist(rcfile)) { + return (rcfile); + } + memset(rcfile, 0, STRLEN); snprintf(rcfile, STRLEN, "/usr/local/etc/%s", MONITRC); if(File_exist(rcfile)) { return (rcfile); @@ -174,8 +206,8 @@ return (rcfile); } LogError("%s: Cannot find the control file at " - "~/.%s, /etc/%s, /usr/local/etc/%s or at ./%s \n", - prog, MONITRC, MONITRC, MONITRC, MONITRC); + "~/.%s, /etc/%s, %s/%s, /usr/local/etc/%s or at ./%s \n", + prog, MONITRC, MONITRC, SYSCONFDIR, MONITRC, MONITRC, MONITRC); exit(1); } @@ -196,8 +228,7 @@ umask(MYPIDMASK); unlink(pidfile); if ((F= fopen(pidfile,"w")) == (FILE *)NULL) { - LogError("%s: Error opening pidfile '%s' for writing -- %s\n", - prog, pidfile, STRERROR); + LogError("%s: Error opening pidfile '%s' for writing -- %s\n", prog, pidfile, STRERROR); return(FALSE); } fprintf(F, "%d\n", (int)getpid()); @@ -281,7 +312,7 @@ * @param filename The filename of the checked file * @param description The description of the checked file * @param permmask The permission mask for the file - * @return TRUE if the test passed otherwise FALSE + * @return TRUE if the test succeeded otherwise FALSE */ int File_checkStat(char *filename, char *description, int permmask) { @@ -358,7 +389,7 @@ * specified mode. * @param path The fully qualified path to the directory * @param mode The permission for the directory - * @return TRUE if the passed otherwise FALSE + * @return TRUE if the succeeded otherwise FALSE */ int File_checkQueueDirectory(char *path, mode_t mode) { @@ -392,7 +423,7 @@ * Check the queue size limit. * @param path The fully qualified path to the directory * @param limit The queue limit - * @return TRUE if the passed otherwise FALSE + * @return TRUE if the succeeded otherwise FALSE */ int File_checkQueueLimit(char *path, int limit) { @@ -400,10 +431,8 @@ DIR *dir = NULL; struct dirent *de = NULL; - if(limit <= 0) { - LogError("%s: event queue full\n", prog); - return FALSE; - } + if(limit < 0) + return TRUE; if(! (dir = opendir(path)) ) { LogError("%s: cannot open the directory %s -- %s\n", prog, path, STRERROR); @@ -428,7 +457,7 @@ * @param file Filedescriptor to write to * @param data Data to be written * @param size Size of the data to be written - * @return TRUE if the passed otherwise FALSE + * @return TRUE if the succeeded otherwise FALSE */ int File_writeQueue(FILE *file, void *data, int size) { @@ -468,10 +497,11 @@ if(fread(size, 1, sizeof(int), file) != sizeof(int) || ferror(file)) goto error; - /* read data if any */ - if(*size > 0) { + /* read data if any (allow 1MB at maximum to prevent enormous memory allocation) */ + if(*size > 0 && *size < 1048576) { data = xcalloc(1, *size); if(fread(data, 1, *size, file) != *size || ferror(file)) { + FREE(data); goto error; } } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/file.h /tmp/QeMlhPoI46/monit-5.0.3/file.h --- monit-4.8.1/file.h 2006-01-01 22:44:01.000000000 +0000 +++ monit-5.0.3/file.h 2009-02-13 13:06:32.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -29,7 +39,7 @@ * @author Christian Hopp, * @author Martin Pala, * - * @version \$Id: file.h,v 1.7 2006/01/01 22:44:01 martinp Exp $ + * @version \$Id: file.h,v 1.14 2009/02/13 09:18:06 hauk Exp $ * * @file */ @@ -117,7 +127,7 @@ * @param filename The filename of the checked file * @param description The description of the checked file * @param permmask The permission mask for the file - * @return TRUE if the test passed otherwise FALSE + * @return TRUE if the test succeeded otherwise FALSE */ int File_checkStat(char *filename, char *description, int permmask); @@ -127,7 +137,7 @@ * specified mode. * @param path The fully qualified path to the directory * @param mode The permission for the directory - * @return TRUE if the passed otherwise FALSE + * @return TRUE if the succeeded otherwise FALSE */ int File_checkQueueDirectory(char *path, mode_t mode); @@ -136,7 +146,7 @@ * Check the queue size limit. * @param path The fully qualified path to the directory * @param mode The queue limit - * @return TRUE if the passed otherwise FALSE + * @return TRUE if the succeeded otherwise FALSE */ int File_checkQueueLimit(char *path, int limit); @@ -146,7 +156,7 @@ * @param file Filedescriptor to write to * @param data Data to be written * @param size Size of the data to be written - * @return TRUE if the passed otherwise FALSE + * @return TRUE if the succeeded otherwise FALSE */ int File_writeQueue(FILE *file, void *data, int size); diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/gc.c /tmp/QeMlhPoI46/monit-5.0.3/gc.c --- monit-4.8.1/gc.c 2006-01-01 22:44:01.000000000 +0000 +++ monit-5.0.3/gc.c 2009-05-28 22:35:29.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -39,14 +49,12 @@ static void _gc_service(Service_T *); static void _gc_mail_server(MailServer_T *); static void _gcppl(Port_T *); -static void _gcdevice(Device_T *); +static void _gcfilesystem(Filesystem_T *); static void _gcicmp(Icmp_T *); static void _gcpql(Resource_T *); static void _gcptl(Timestamp_T *); -static void _gccmd(Command_T *); static void _gc_action(Action_T *); static void _gc_eventaction(EventAction_T *); -static void _gc_event(Event_T *); static void _gc_inf(Info_T *); static void _gcpdl(Dependant_T *); static void _gcso(Size_T *); @@ -57,7 +65,7 @@ static void _gcgid(Gid_T *); static void _gcgrc(Generic_T *); static void _gcath(Auth_T *); -static void _gc_collector(Collector_T *); +static void _gc_mmonit(Mmonit_T *); static void _gc_url(URL_T *); static void _gc_request(Request_T *); @@ -68,7 +76,7 @@ * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: gc.c,v 1.66 2006/01/01 22:44:01 martinp Exp $ + * @version \$Id: gc.c,v 1.93 2009/05/28 21:35:29 martinp Exp $ * * @file */ @@ -100,11 +108,11 @@ if(Run.mailservers) _gc_mail_server(&Run.mailservers); - if(Run.collectors) - _gc_collector(&Run.collectors); + if(Run.mmonits) + _gc_mmonit(&Run.mmonits); if(Run.eventlist) - _gc_event(&Run.eventlist); + gc_event(&Run.eventlist); FREE(Run.eventlist_dir); FREE(Run.mygroup); @@ -115,6 +123,7 @@ FREE(Run.MailFormat.from); FREE(Run.MailFormat.subject); FREE(Run.MailFormat.message); + FREE(Run.mail_hostname); } @@ -135,6 +144,35 @@ } +void gccmd(Command_T *c) { + + int i; + + ASSERT(c&&*c); + + for(i= 0; (*c)->arg[i]; i++) + FREE((*c)->arg[i]); + FREE(*c); + +} + + +void gc_event(Event_T *e) { + + ASSERT(e&&*e); + + if((*e)->next) + gc_event(&(*e)->next); + + (*e)->action= NULL; + FREE((*e)->source); + FREE((*e)->group); + FREE((*e)->message); + FREE(*e); + +} + + /* ----------------------------------------------------------------- Private */ @@ -157,8 +195,8 @@ if((*s)->portlist) _gcppl(&(*s)->portlist); - if((*s)->devicelist) - _gcdevice(&(*s)->devicelist); + if((*s)->filesystemlist) + _gcfilesystem(&(*s)->filesystemlist); if((*s)->icmplist) _gcicmp(&(*s)->icmplist); @@ -178,7 +216,7 @@ if((*s)->sizelist) _gcso(&(*s)->sizelist); - if((*s)->matchlist) + if((*s)->matchlist) _gcmatch(&(*s)->matchlist); if((*s)->checksum) @@ -197,10 +235,10 @@ _gcpdl(&(*s)->dependantlist); if((*s)->start) - _gccmd(&(*s)->start); + gccmd(&(*s)->start); if((*s)->stop) - _gccmd(&(*s)->stop); + gccmd(&(*s)->stop); if((*s)->action_DATA) _gc_eventaction(&(*s)->action_DATA); @@ -223,6 +261,9 @@ if((*s)->action_PPID) _gc_eventaction(&(*s)->action_PPID); + if((*s)->action_FSFLAG) + _gc_eventaction(&(*s)->action_FSFLAG); + if((*s)->action_MONIT_START) _gc_eventaction(&(*s)->action_MONIT_START); @@ -232,16 +273,20 @@ if((*s)->action_MONIT_RELOAD) _gc_eventaction(&(*s)->action_MONIT_RELOAD); + if((*s)->action_ACTION) + _gc_eventaction(&(*s)->action_ACTION); + if((*s)->eventlist) - _gc_event(&(*s)->eventlist); + gc_event(&(*s)->eventlist); + FREE((*s)->token); FREE((*s)->name); FREE((*s)->group); FREE((*s)->path); (*s)->next= NULL; - pthread_mutex_destroy(&(*s)->mutex); + assert(pthread_mutex_destroy(&(*s)->mutex) == 0); FREE(*s); @@ -281,36 +326,27 @@ static void _gc_mail_server(MailServer_T *s) { - if(!s&&!*s) return; + if (! s || ! *s) + return; - if((*s)->next) + if ((*s)->next) _gc_mail_server(&(*s)->next); FREE((*s)->host); + FREE((*s)->username); + FREE((*s)->password); + FREE((*s)->ssl.certmd5); FREE(*s); } -static void _gccmd(Command_T *c) { - - int i; - - ASSERT(c&&*c); - - for(i= 0; (*c)->arg[i]; i++) - FREE((*c)->arg[i]); - FREE(*c); - -} - - static void _gc_action(Action_T *a) { ASSERT(a&&*a); if((*a)->exec) - _gccmd(&(*a)->exec); + gccmd(&(*a)->exec); FREE(*a); } @@ -321,25 +357,7 @@ ASSERT(e&&*e); _gc_action(&(*e)->failed); - _gc_action(&(*e)->passed); - FREE(*e); - -} - - -static void _gc_event(Event_T *e) { - - ASSERT(e&&*e); - - if((*e)->next) - _gc_event(&(*e)->next); - - pthread_mutex_destroy(&(*e)->mutex); - - (*e)->action= NULL; - FREE((*e)->source); - FREE((*e)->group); - FREE((*e)->message); + _gc_action(&(*e)->succeeded); FREE(*e); } @@ -369,12 +387,12 @@ } -static void _gcdevice(Device_T *d) { +static void _gcfilesystem(Filesystem_T *d) { ASSERT(d&&*d); if((*d)->next) - _gcdevice(&(*d)->next); + _gcfilesystem(&(*d)->next); if((*d)->action) _gc_eventaction(&(*d)->action); @@ -418,9 +436,7 @@ ASSERT(i); - if((*i)->cs_sum) - FREE((*i)->cs_sum); - + FREE((*i)->cs_sum); FREE(*i); } @@ -465,13 +481,14 @@ if((*s)->action) _gc_eventaction(&(*s)->action); - if((*s)->match_path) - FREE((*s)->match_path); - if((*s)->match_string) - FREE((*s)->match_string); + FREE((*s)->match_path); + FREE((*s)->match_string); + #ifdef HAVE_REGEX_H - if((*s)->regex_comp) + if((*s)->regex_comp) { + regfree((*s)->regex_comp); FREE((*s)->regex_comp); + } #endif FREE(*s); @@ -568,17 +585,18 @@ FREE((*c)->uname); FREE((*c)->passwd); + FREE((*c)->groupname); FREE(*c); } -static void _gc_collector(Collector_T *recv) { +static void _gc_mmonit(Mmonit_T *recv) { ASSERT(recv); if((*recv)->next) - _gc_collector(&(*recv)->next); + _gc_mmonit(&(*recv)->next); _gc_url(&(*recv)->url); diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/getloadavg.c /tmp/QeMlhPoI46/monit-5.0.3/getloadavg.c --- monit-4.8.1/getloadavg.c 2006-01-01 22:01:03.000000000 +0000 +++ monit-5.0.3/getloadavg.c 2008-03-31 22:13:31.000000000 +0100 @@ -4,7 +4,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) + the Free Software Foundation; either version 3, or (at your option) any later version. This program is distributed in the hope that it will be useful, diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/base64.c /tmp/QeMlhPoI46/monit-5.0.3/http/base64.c --- monit-4.8.1/http/base64.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/http/base64.c 2009-02-13 13:06:35.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -45,7 +55,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: base64.c,v 1.17 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: base64.c,v 1.23 2009/02/13 09:18:14 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/base64.h /tmp/QeMlhPoI46/monit-5.0.3/http/base64.h --- monit-4.8.1/http/base64.h 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/http/base64.h 2009-02-13 13:06:35.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/cervlet.c /tmp/QeMlhPoI46/monit-5.0.3/http/cervlet.c --- monit-4.8.1/http/cervlet.c 2006-01-08 21:36:42.000000000 +0000 +++ monit-5.0.3/http/cervlet.c 2009-05-28 20:11:58.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -73,15 +83,15 @@ /* URL Commands supported */ #define HOME "/" -#define STOP "/_stop" -#define VALIDATE "/_validate" #define TEST "/_monit" #define ABOUT "/_about" #define PING "/_ping" +#define GETID "/_getid" #define PIXEL "/_pixel" #define STATUS "/_status" #define RUN "/_runtime" #define VIEWLOG "/_viewlog" +#define DOACTION "/_doaction" /* Private prototypes */ static int is_readonly(HttpRequest); @@ -90,7 +100,7 @@ static void doPost(HttpRequest, HttpResponse); static void do_home(HttpRequest, HttpResponse); static void do_home_system(HttpRequest, HttpResponse); -static void do_home_device(HttpRequest, HttpResponse); +static void do_home_filesystem(HttpRequest, HttpResponse); static void do_home_directory(HttpRequest, HttpResponse); static void do_home_file(HttpRequest, HttpResponse); static void do_home_fifo(HttpRequest, HttpResponse); @@ -98,10 +108,12 @@ static void do_home_host(HttpRequest, HttpResponse); static void do_about(HttpRequest, HttpResponse); static void do_ping(HttpRequest, HttpResponse); -static void not_found(HttpRequest, HttpResponse); +static void do_getid(HttpRequest, HttpResponse); static void do_runtime(HttpRequest, HttpResponse); static void do_viewlog(HttpRequest, HttpResponse); static void handle_action(HttpRequest, HttpResponse); +static void handle_do_action(HttpRequest, HttpResponse); +static void handle_run(HttpRequest, HttpResponse); static void is_monit_running(HttpRequest, HttpResponse); static void do_service(HttpRequest, HttpResponse, Service_T); static void print_alerts(HttpResponse, Mail_T); @@ -112,7 +124,7 @@ static void print_service_rules_uid(HttpResponse, Service_T); static void print_service_rules_gid(HttpResponse, Service_T); static void print_service_rules_timestamp(HttpResponse, Service_T); -static void print_service_rules_device(HttpResponse, Service_T); +static void print_service_rules_filesystem(HttpResponse, Service_T); static void print_service_rules_size(HttpResponse, Service_T); static void print_service_rules_match(HttpResponse, Service_T); static void print_service_rules_checksum(HttpResponse, Service_T); @@ -124,7 +136,7 @@ static void print_service_params_uid(HttpResponse, Service_T); static void print_service_params_gid(HttpResponse, Service_T); static void print_service_params_timestamp(HttpResponse, Service_T); -static void print_service_params_device(HttpResponse, Service_T); +static void print_service_params_filesystem(HttpResponse, Service_T); static void print_service_params_size(HttpResponse, Service_T); static void print_service_params_match(HttpResponse, Service_T); static void print_service_params_checksum(HttpResponse, Service_T); @@ -146,7 +158,7 @@ * @author Martin Pala * @author Christian Hopp * - * @version \$Id: cervlet.c,v 1.202 2006/01/08 21:36:42 martinp Exp $ + * @version \$Id: cervlet.c,v 1.260 2009/05/28 07:13:12 hauk Exp $ * * @file */ @@ -161,7 +173,7 @@ */ void init_service() { - add_Impl((void *) doGet, (void *) doPost); + add_Impl(doGet, doPost); } @@ -175,7 +187,15 @@ */ static void doPost(HttpRequest req, HttpResponse res) { - doGet(req, res); + set_content_type(res, "text/html"); + + if(ACTION(RUN)) { + handle_run(req, res); + } else if(ACTION(DOACTION)) { + handle_do_action(req, res); + } else { + handle_action(req, res); + } } @@ -193,9 +213,7 @@ do_home(req, res); END_LOCK; } else if(ACTION(RUN)) { - LOCK(Run.mutex) - do_runtime(req, res); - END_LOCK; + handle_run(req, res); } else if(ACTION(TEST)) { is_monit_running(req, res); } else if(ACTION(VIEWLOG)) { @@ -204,27 +222,14 @@ do_about(req, res); } else if(ACTION(PING)) { do_ping(req, res); - } else if(ACTION(STOP)) { - if(is_readonly(req)) { - send_error(res, SC_FORBIDDEN, - "You do not have sufficent privilegs to access this page"); - } else { - send_error(res, SC_SERVICE_UNAVAILABLE, - "The monit http server is stopped"); - stop_httpd(); - } - } else if(ACTION(VALIDATE)) { - if(is_readonly(req)) { - send_error(res, SC_FORBIDDEN, - "You do not have sufficent privilegs to access this page"); - } else { - do_wakeupcall(); - send_redirect(res, HOME); - } + } else if(ACTION(GETID)) { + do_getid(req, res); } else if(ACTION(PIXEL)) { printPixel(res); } else if(ACTION(STATUS)) { print_status(req, res); + } else if(ACTION(DOACTION)) { + handle_do_action(req, res); } else { handle_action(req, res); } @@ -261,14 +266,14 @@ " " " " "

      Monit Service Manager

      " - "

      Monit is running on %s " + "

      Monit is running on %s " " with uptime, %s and monitoring:


      " " " " " "" "" " " - " " + " " " " "
      \"\"\"\"
      ", Run.localhostname, uptime); @@ -276,7 +281,7 @@ do_home_system(req, res); do_home_process(req, res); - do_home_device(req, res); + do_home_filesystem(req, res); do_home_file(req, res); do_home_fifo(req, res); do_home_directory(req, res); @@ -290,39 +295,33 @@ static void do_about(HttpRequest req, HttpResponse res) { out_print(res, - "about monit" - "

      " - "monit " VERSION "


      "); + "about monit" + "

      " + "monit " VERSION "

      "); out_print(res, ""); - out_print(res, - "" - " " - "
      "); + "Free Software Foundation, Inc.
    "); + out_print(res, "
    "); out_print(res, "

    This program is free software; you can redistribute it and/or " - "modify it under the terms of the GNU General Public License " - "as published by the Free Software Foundation; either version 2 of " - "the License, or (at your option) any later version.

    " - "This program is distributed in the hope that it will be useful, but " + "modify it under the terms of the GNU General Public License version 3

    " + "

    This program is distributed in the hope that it will be useful, but " "WITHOUT ANY WARRANTY; without even the implied warranty of " "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the " "GNU " - "General Public License for more details." - "


    Please consider making a " - "" - "donation and support our continued work with monit.

    "); + "General Public License for more details.

    " + "

    " + "Running Monit on more than one server? Use " + "M/Monit to manage all your Monit instances.

    " + "

    Please consider making a " + "donation to support our work with Monit.

    "); out_print(res, - "


    [Click here to go back to monit]" - "

    "); - - FOOT + "

    [Click here to " + "go back to Monit]

    "); } @@ -332,23 +331,26 @@ } +static void do_getid(HttpRequest req, HttpResponse res) { + out_print(res, "%s", Run.id); +} + static void do_runtime(HttpRequest req, HttpResponse res) { int pid= exist_daemon(); HEAD("_runtime", 1000) out_print(res, - "

    monit runtime status


    "); - out_print(res,"" - "" - ""); - out_print(res, - "", - Run.localhostname); + "

    Monit runtime status


    "); + out_print(res,"
    ParameterValue
    Host%s
    " + "" + ""); + out_print(res, "", Run.id); + out_print(res, "", Run.localhostname); out_print(res, "", pid); out_print(res, - "" + "" "", Run.Env.user); out_print(res, "", Run.controlfile); @@ -380,10 +382,10 @@ Run.eventlist_dir, Run.eventlist_slots); } - if(Run.collectors) { - Collector_T c= Run.collectors; - out_print(res, "%s", @@ -398,14 +400,13 @@ printf("\n"); } - out_print(res, ""); - } else { - out_print(res, "localhost"); } if(Run.MailFormat.from) @@ -422,8 +423,8 @@ Run.MailFormat.message); out_print(res, - "", - Run.polltime); + "", + Run.polltime, Run.startdelay); out_print(res, "", Run.bind_addr?Run.bind_addr:"Any/All"); @@ -475,37 +476,36 @@ ""); out_print(res, "" "", - STOP); + ""); out_print(res, "" "", - VALIDATE); + ""); if(Run.dolog && !Run.use_syslog) { out_print(res, "" "", - VIEWLOG); + ""); } out_print(res, "" @@ -571,11 +571,11 @@ "Cannot view logfile:
    "); if(!Run.dolog) { - out_print(res, "monit was started without logging"); + out_print(res, "Monit was started without logging"); } else { - out_print(res, "monit uses syslog"); + out_print(res, "Monit uses syslog"); } @@ -589,110 +589,120 @@ static void handle_action(HttpRequest req, HttpResponse res) { char *name= req->url; - const char *action= get_parameter(req, "action"); + const char *action; + Service_T s; - if(Util_existService(++name)) { - - Service_T s= Util_getService(name); + if(!(s = Util_getService(++name))) { + send_error(res, SC_NOT_FOUND, "There is no service by that name"); + return; + } + if((action = get_parameter(req, "action"))) { + const char *token = NULL; - if(s == NULL) { - send_error(res, SC_BAD_REQUEST, "There is no service by that name"); + if(is_readonly(req)) { + send_error(res, SC_FORBIDDEN, + "You do not have sufficent privilegs to access this page"); return; } + if((s->doaction = Util_getAction(action)) == ACTION_IGNORE) { + send_error(res, SC_BAD_REQUEST, "Invalid action"); + return; + } + token = get_parameter(req, "token"); + s->token = token?xstrdup(token):NULL; + LogDebug("%s service '%s' on user request\n", action, s->name); + Run.doaction = TRUE; /* set the global flag */ + do_wakeupcall(); + } + do_service(req, res, s); - if(!action) { +} - do_service(req, res, s); - } else { - - if(is_readonly(req)) { - send_error(res, SC_FORBIDDEN, - "You do not have sufficent privilegs to access this page"); - return; - } - - if(IS(action, "start")) { - if(s->start) { - LOCK(s->mutex) - control_service(name, action); - if(s->type==TYPE_PROCESS) { - /* Wait for the service to start (or fail) */ - int max_tries= Run.polltime; - while(max_tries-- && !Run.stopped) { - if(Util_isProcessRunning(s)) - break; - sleep(1); - } - } - END_LOCK; - if(s->type==TYPE_PROCESS && !Util_isProcessRunning(s)) { - send_error(res, SC_INTERNAL_SERVER_ERROR, - "Could not start the service"); - goto quit; - } - } else { - send_error(res, SC_BAD_REQUEST, - "Start method not defined for the service"); - goto quit; - } - } else if(IS(action, "stop")) { - if(s->stop) { - LOCK(s->mutex) - control_service(name, action); - END_LOCK; - } else { - send_error(res, SC_BAD_REQUEST, - "Stop method not defined for the service"); - goto quit; - } - } else if(IS(action, "restart")) { - if(s->start && s->stop) { - LOCK(s->mutex) - control_service(name, action); - if(s->type==TYPE_PROCESS) { - /* Wait for the service to restart (or fail) */ - int max_tries= Run.polltime; - while(max_tries-- && !Run.stopped) { - if(Util_isProcessRunning(s)) - break; - sleep(1); - } - } - END_LOCK; - if(s->type==TYPE_PROCESS && !Util_isProcessRunning(s)) { - send_error(res, SC_INTERNAL_SERVER_ERROR, - "Could not restart the service"); - goto quit; - } - } else { - send_error(res, SC_BAD_REQUEST, - "Start or stop method not defined for the service"); - goto quit; - } - } else if(IS(action, "monitor")) { - LOCK(s->mutex) - control_service(name, action); - END_LOCK; - } else if(IS(action, "unmonitor")) { - LOCK(s->mutex) - control_service(name, action); - END_LOCK; - } +static void handle_do_action(HttpRequest req, HttpResponse res) { - send_redirect(res, req->url); + Service_T s; + int doaction = ACTION_IGNORE; + const char *action = get_parameter(req, "action"); + if(action) { + HttpParameter p; + char *token = NULL; + + if(is_readonly(req)) { + send_error(res, SC_FORBIDDEN, "You do not have sufficent privilegs to access this page"); + return; + } + if((doaction = Util_getAction(action)) == ACTION_IGNORE) { + send_error(res, SC_BAD_REQUEST, "Invalid action"); + return; } - } else { + token = (char*)get_parameter(req, "token"); - not_found(req, res); + for(p= req->params; p; p= p->next) { + if(!strcasecmp(p->name, "service")) { + s = Util_getService(p->value); + + if(!s) { + send_error(res, SC_BAD_REQUEST, "There is no service by that name"); + return; + } + + s->doaction = doaction; + s->token = token; + + LogDebug("%s service '%s' on user request\n", action, s->name); + } + } + + if (token) { + Service_T q = NULL; + /* Make sure only the last service gets the service token */ + for (s = servicelist; s; s= s->next) { + if (s->token) { + s->token = NULL; + q = s; + } + } + if (q) + q->token = xstrdup(token); + } + + Run.doaction = TRUE; + do_wakeupcall(); } - quit: - reset_depend(); +} + +static void handle_run(HttpRequest req, HttpResponse res) { + + const char *action= get_parameter(req, "action"); + + if(action) { + if(is_readonly(req)) { + send_error(res, SC_FORBIDDEN, + "You do not have sufficent privilegs to access this page"); + return; + } + if(IS(action, "validate")) { + LogInfo("The Monit http server woke up on user request\n"); + do_wakeupcall(); + } else if(IS(action, "stop")) { + LogInfo("The Monit http server stopped on user request\n"); + send_error(res, SC_SERVICE_UNAVAILABLE, + "The Monit http server is stopped"); + stop_httpd(); + return; + } + } + + LOCK(Run.mutex) + do_runtime(req, res); + END_LOCK; + } @@ -710,10 +720,10 @@ out_print(res, "


    %s status


    " - "
    ParameterValue
    Monit ID%s
    Host%s
    Process id%d
    Effective user running monit
    Effective user running Monit%s
    Controlfile%s
    Collector server(s)"); - for(c= Run.collectors; c; c= c->next) + if(Run.mmonits) { + Mmonit_T c= Run.mmonits; + out_print(res, "
    M/Monit server(s)"); + for(c= Run.mmonits; c; c= c->next) { out_print(res, "%s with timeout %d seconds%s%s%s%s
    Mail server(s)"); if(Run.mailservers) { + out_print(res, "
    Mail server(s)"); MailServer_T mta= Run.mailservers; for(mta= Run.mailservers; mta; mta= mta->next) - out_print(res, "%s ", mta->host); + out_print(res, "%s:%d%s ", + mta->host, mta->port, mta->ssl.use_ssl?"(ssl)":""); out_print(res, "
    Poll time%d seconds
    Poll time%d seconds with start delay %d seconds
    httpd bind address%s
    " - "Stop monit http server?" + "Stop Monit http server?" "" - "
    " - "" + "" + "" + "" "
    " - "    		" "Force validate now?" "" - "
    " - "" + "" + "" + "" "
    " - "    		" - "View monit logfile?" + "View Monit logfile?" "" - "
    " + "" "" "
    " - "
    " + "
    " "" - "" - "" + "" + "" "" "" "" @@ -759,17 +769,33 @@ if(s->start) { int i= 0; - out_print(res, ""); } if(s->stop) { int i= 0; - out_print(res, ""); } @@ -781,13 +807,15 @@ EventAction_T a= s->action_TIMEOUT; out_print(res, "" - "", - s->to_start, s->to_cycle, actionnames[a->failed->id], - actionnames[a->passed->id]); + s->to_start, + s->to_cycle, + a->failed->description, + a->succeeded->description); } - ctime_r(&s->collected, time); + ctime_r((const time_t *)&s->collected.tv_sec, time); out_print(res, "", time); @@ -799,7 +827,7 @@ print_service_params_uid(res, s); print_service_params_gid(res, s); print_service_params_timestamp(res, s); - print_service_params_device(res, s); + print_service_params_filesystem(res, s); print_service_params_size(res, s); print_service_params_match(res, s); print_service_params_checksum(res, s); @@ -813,7 +841,7 @@ print_service_rules_uid(res, s); print_service_rules_gid(res, s); print_service_rules_timestamp(res, s); - print_service_rules_device(res, s); + print_service_rules_filesystem(res, s); print_service_rules_size(res, s); print_service_rules_match(res, s); print_service_rules_checksum(res, s); @@ -855,14 +883,6 @@ } -static void not_found(HttpRequest req, HttpResponse res) { - - send_error(res, SC_NOT_FOUND, - "The requested URL was not found on this server"); - -} - - static void do_home_system(HttpRequest req, HttpResponse res) { char *status; @@ -887,7 +907,7 @@ out_print(res, "" "" - "" + "" "", s->name, s->name, status); @@ -954,7 +974,7 @@ status= get_service_status_html(s); out_print(res, "" - "" + "" "", on?"bgcolor=\"#EFEFEF\"":"", s->name, s->name, @@ -1004,7 +1024,7 @@ } -static void do_home_device(HttpRequest req, HttpResponse res) { +static void do_home_filesystem(HttpRequest req, HttpResponse res) { Service_T s; char *status; @@ -1013,7 +1033,7 @@ for(s= servicelist_conf; s; s= s->next_conf) { - if(s->type != TYPE_DEVICE) continue; + if(s->type != TYPE_FILESYSTEM) continue; if(header) { @@ -1021,7 +1041,7 @@ "

     

    " "
    ParameterValueParameterValue
    Name
    Start program"); - while(s->start->arg[i]) - out_print(res, "%s ", s->start->arg[i++]); + out_print(res, "
    Start program'"); + while(s->start->arg[i]) { + if(i) out_print(res, " "); + out_print(res, "%s", s->start->arg[i++]); + } + out_print(res, "'"); + if(s->start->has_uid) + out_print(res, " as uid %d", s->start->uid); + if(s->start->has_gid) + out_print(res, " as gid %d", s->start->gid); + out_print(res, " timeout %d second(s)", s->start->timeout); out_print(res, "
    Stop program"); - while(s->stop->arg[i]) - out_print(res, "%s ", s->stop->arg[i++]); + out_print(res, "
    Stop program'"); + while(s->stop->arg[i]) { + if(i) out_print(res, " "); + out_print(res, "%s", s->stop->arg[i++]); + } + out_print(res, "'"); + if(s->stop->has_uid) + out_print(res, " as uid %d", s->stop->uid); + if(s->stop->has_gid) + out_print(res, " as gid %d", s->stop->gid); + out_print(res, " timeout %d second(s)", s->stop->timeout); out_print(res, "
    TimeoutIf %d restart within %d cycles then %s else if passed " + "If %d restart within %d cycles then %s else if succeeded " "then %s
    Data collected%s
    %s%s%s
    %s%s%s
    " "" - "" + "" "" "" "" @@ -1034,7 +1054,7 @@ status= get_service_status_html(s); out_print(res, "" - "" + "" "", on?"bgcolor=\"#EFEFEF\"":"", s->name, s->name, @@ -1064,8 +1084,7 @@ } else { out_print(res, - ""); + ""); } @@ -1115,7 +1134,7 @@ status= get_service_status_html(s); out_print(res, "" - "" + "" "", on?"bgcolor=\"#EFEFEF\"":"", s->name, s->name, @@ -1133,11 +1152,11 @@ } else { out_print(res, - "" - "" + "" + "" "" "", - (unsigned long)s->inf->st_size, + (unsigned long long)s->inf->st_size, s->inf->st_mode & 07777, s->inf->st_uid, s->inf->st_gid); @@ -1187,7 +1206,7 @@ status= get_service_status_html(s); out_print(res, "" - "" + "" "", on?"bgcolor=\"#EFEFEF\"":"", s->name, s->name, @@ -1256,7 +1275,7 @@ status= get_service_status_html(s); out_print(res, "" - "" + "" "", on?"bgcolor=\"#EFEFEF\"":"", s->name, s->name, @@ -1325,7 +1344,7 @@ status= get_service_status_html(s); out_print(res, "" - "" + "" "", on?"bgcolor=\"#EFEFEF\"":"", s->name, s->name, @@ -1394,41 +1413,45 @@ "", r->to?r->to:""); out_print(res, "", s->name); /* Stop program */ if(s->stop) out_print(res, - "", s->name); /* Restart program */ if(s->start && s->stop) out_print(res, - "", s->name); /* (un)monitor */ out_print(res, - "

    Device

    Filesystem

    Status

    Space usage

    Inodes usage

    %s%s%snot supported by filesystem" - "not supported by filesystem
    %s%s%s%lu B%o%llu B%04o%d%d
    %s%s%s
    %s%s%s
    %s%s%s%s
    Alert on"); - if(r->events == (~((unsigned int)0))) { - + if(r->events == EVENT_NULL) { + out_print(res, "No events"); + } else if(r->events == EVENT_ALL) { out_print(res, "All events"); - } else { - if(IS_EVENT_SET(r->events, EVENT_CHANGED)) - out_print(res, "Change "); + if(IS_EVENT_SET(r->events, EVENT_ACTION)) + out_print(res, "Action "); if(IS_EVENT_SET(r->events, EVENT_CHECKSUM)) out_print(res, "Checksum "); if(IS_EVENT_SET(r->events, EVENT_CONNECTION)) out_print(res, "Connection "); + if(IS_EVENT_SET(r->events, EVENT_CONTENT)) + out_print(res, "Content "); if(IS_EVENT_SET(r->events, EVENT_DATA)) out_print(res, "Data "); if(IS_EVENT_SET(r->events, EVENT_EXEC)) out_print(res, "Exec "); + if(IS_EVENT_SET(r->events, EVENT_FSFLAG)) + out_print(res, "Fsflags "); if(IS_EVENT_SET(r->events, EVENT_GID)) out_print(res, "Gid "); if(IS_EVENT_SET(r->events, EVENT_ICMP)) out_print(res, "Icmp "); if(IS_EVENT_SET(r->events, EVENT_INSTANCE)) - out_print(res, "Instance "); + out_print(res, "Instance "); if(IS_EVENT_SET(r->events, EVENT_INVALID)) out_print(res, "Invalid "); - if(IS_EVENT_SET(r->events, EVENT_MATCH)) - out_print(res, "Match "); if(IS_EVENT_SET(r->events, EVENT_NONEXIST)) out_print(res, "Nonexist "); if(IS_EVENT_SET(r->events, EVENT_PERMISSION)) out_print(res, "Permission "); + if(IS_EVENT_SET(r->events, EVENT_PID)) + out_print(res, "PID "); + if(IS_EVENT_SET(r->events, EVENT_PPID)) + out_print(res, "PPID "); if(IS_EVENT_SET(r->events, EVENT_RESOURCE)) out_print(res, "Resource "); if(IS_EVENT_SET(r->events, EVENT_SIZE)) out_print(res, "Size "); - if(IS_EVENT_SET(r->events, EVENT_MATCH)) - out_print(res, "Match "); if(IS_EVENT_SET(r->events, EVENT_TIMEOUT)) out_print(res, "Timeout "); if(IS_EVENT_SET(r->events, EVENT_TIMESTAMP)) @@ -1463,27 +1486,27 @@ /* Start program */ if(s->start) out_print(res, - "
    " + "
    		" "" "
    " + "
    		" "" "
    " + "
    		" "" "
    " + "
    		" "" "" "
    ", @@ -1507,18 +1530,18 @@ a= p->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(p->family == AF_INET) { out_print(res, "Port" "If failed %s:%d%s [%s via %s] with timeout %d seconds %s then %s " - "else if passed %s then %s", + "else if succeeded %s then %s", p->hostname, p->port, p->request?p->request:"", p->protocol->name, Util_portTypeDescription(p), p->timeout, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); if(p->SSL.certmd5 != NULL) out_print(res, "Server certificate md5 sum%s", @@ -1526,11 +1549,11 @@ } else if(p->family == AF_UNIX) { out_print(res, "Unix Socket" - "If failed %s [%s] with timeout %ds %s then %s else if passed %s then %s" + "If failed %s [%s] with timeout %ds %s then %s else if succeeded %s then %s" "", p->pathname, p->protocol->name, p->timeout, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } } @@ -1550,15 +1573,15 @@ a= i->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); out_print(res, "ICMP" - "If failed %s count %d with timeout %d seconds %s then %s else if passed %s then %s" + "If failed %s count %d with timeout %d seconds %s then %s else if succeeded %s then %s" "", icmpnames[i->type], i->count, i->timeout, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } } @@ -1573,13 +1596,13 @@ EventAction_T a= s->perm->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); out_print(res, "Associated permission" - "If failed %o %s then %s else if passed %s then %s", + "If failed %o %s then %s else if succeeded %s then %s", s->perm->perm, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } @@ -1594,13 +1617,13 @@ EventAction_T a= s->uid->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); out_print(res, "Associated UID" - "If failed %d %s then %s else if passed %s then %s", + "If failed %d %s then %s else if succeeded %s then %s", (int)s->uid->uid, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } @@ -1614,13 +1637,13 @@ EventAction_T a= s->gid->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); out_print(res, "Associated GID" - "If failed %d %s then %s else if passed %s then %s", + "If failed %d %s then %s else if succeeded %s then %s", (int)s->gid->gid, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } @@ -1639,62 +1662,71 @@ a= t->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(t->test_changes) { out_print(res, "Associated timestampIf changed %s then %s", - ratio1, actionnames[a->failed->id]); + ratio1, a->failed->description); } else { out_print(res, "Associated timestamp" - "If %s %d second(s) %s then %s else if passed %s then %s", + "If %s %d second(s) %s then %s else if succeeded %s then %s", operatornames[t->operator], t->time, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } } } -static void print_service_rules_device(HttpResponse res, Service_T s) { +static void print_service_rules_filesystem(HttpResponse res, Service_T s) { + + if(s->type == TYPE_FILESYSTEM) { - if(s->devicelist) { + char ratio1[STRLEN]; + + out_print(res, "Filesystem flagsIf changed %s then %s\n", + Util_getEventratio(s->action_FSFLAG->failed, ratio1), + s->action_FSFLAG->failed->description); + } + + if(s->filesystemlist) { char ratio1[STRLEN]; char ratio2[STRLEN]; - Device_T dl; + Filesystem_T dl; EventAction_T a; - for(dl= s->devicelist; dl; dl= dl->next) { + for(dl= s->filesystemlist; dl; dl= dl->next) { a= dl->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(dl->resource == RESOURCE_ID_INODE) { if(dl->limit_absolute > -1) { out_print(res, "Inodes usage limitIf %s %ld %s " - "then %s else if passed %s then %s", + "then %s else if succeeded %s then %s", operatornames[dl->operator], dl->limit_absolute, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } else { out_print(res, "Inodes usage limitIf %s %.1f%% %s " - "then %s else if passed %s then %s", + "then %s else if succeeded %s then %s", operatornames[dl->operator], dl->limit_percent/10., - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } else if(dl->resource == RESOURCE_ID_SPACE) { @@ -1702,19 +1734,19 @@ if(dl->limit_absolute > -1) { out_print(res, "Space usage limitIf %s %ld blocks %s " - "then %s else if passed %s then %s", + "then %s else if succeeded %s then %s", operatornames[dl->operator], dl->limit_absolute, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } else { out_print(res, "Space usage limitIf %s %.1f%% %s " - "then %s else if passed %s then %s", + "then %s else if succeeded %s then %s", operatornames[dl->operator], dl->limit_percent/10., - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } } @@ -1736,22 +1768,22 @@ a= sl->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(sl->test_changes) { out_print(res, "Associated sizeIf changed %s then %s", - ratio1, actionnames[a->failed->id]); + ratio1, a->failed->description); } else { out_print(res, "Associated size" - "If %s %lu byte(s) %s then %s else if passed %s then %s", + "If %s %llu byte(s) %s then %s else if succeeded %s then %s", operatornames[sl->operator], sl->size, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } @@ -1776,7 +1808,7 @@ "Associated regexIf %s match " "\"%s\" %s then %s", ml->not?"not ":"", ml->match_string, - ratio1, actionnames[a->failed->id]); + ratio1, a->failed->description); } } @@ -1793,22 +1825,22 @@ EventAction_T a= cs->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(cs->test_changes) { out_print(res, "Associated checksumif changed %s %s then %s", checksumnames[cs->type], - ratio1, actionnames[a->failed->id]); + ratio1, a->failed->description); } else { out_print(res, "Associated checksum" - "if failed %s(%s) %s then %s else if passed %s then %s", + "if failed %s(%s) %s then %s else if succeeded %s then %s", cs->hash, checksumnames[cs->type], - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } @@ -1823,10 +1855,10 @@ out_print(res, "PidIf changed %s then %s\n", Util_getEventratio(s->action_PID->failed, ratio1), - actionnames[s->action_PID->failed->id]); + s->action_PID->failed->description); out_print(res, "PpidIf changed %s then %s\n", Util_getEventratio(s->action_PPID->failed, ratio1), - actionnames[s->action_PPID->failed->id]); + s->action_PPID->failed->description); } } @@ -1845,7 +1877,7 @@ a= q->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); switch (q->resource_id) { @@ -1853,132 +1885,143 @@ out_print(res,"CPU usage limit" "If %s %.1f%% %s then %s " - "else if passed %s then %s", + "else if succeeded %s then %s", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); + break; + + case RESOURCE_ID_TOTAL_CPU_PERCENT: + + out_print(res,"CPU usage limit (incl. children)" + "If %s %.1f%% %s then %s " + "else if succeeded %s then %s", + operatornames[q->operator], + q->limit/10.0, + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_CPUUSER: out_print(res,"CPU user limit" "If %s %.1f%% %s then %s " - "else if passed %s then %s", + "else if succeeded %s then %s", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_CPUSYSTEM: out_print(res,"CPU system limit" "If %s %.1f%% %s then %s " - "else if passed %s then %s", + "else if succeeded %s then %s", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_CPUWAIT: out_print(res,"CPU wait limit" "If %s %.1f%% %s then %s " - "else if passed %s then %s", + "else if succeeded %s then %s", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_MEM_PERCENT: out_print(res,"Memory usage limit" "If %s %.1f%% %s then %s " - "else if passed %s then %s", + "else if succeeded %s then %s", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_MEM_KBYTE: out_print(res,"Memory amount limit" "If %s %ld %s then %s " - "else if passed %s then %s", + "else if succeeded %s then %s", operatornames[q->operator], q->limit, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_LOAD1: out_print(res,"Load average (1min)" "If %s %.1f %s then %s " - "else if passed %s then %s", + "else if succeeded %s then %s", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_LOAD5: out_print(res,"Load average (5min)" - "If %s %.1f %s then %s else if passed %s " + "If %s %.1f %s then %s else if succeeded %s " "then %s", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_LOAD15: out_print(res,"Load average (15min)" - "If %s %.1f %s then %s else if passed %s " + "If %s %.1f %s then %s else if succeeded %s " "then %s", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_CHILDREN: out_print(res,"Children" - "If %s %d %s then %s else if passed %s " + "If %s %d %s then %s else if succeeded %s " "then %s", operatornames[q->operator], q->limit, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_TOTAL_MEM_KBYTE: out_print(res,"Memory amount limit (incl. children)" - "If %s %d %s then %s else if passed %s then %s" + "If %s %d %s then %s else if succeeded %s then %s" "", operatornames[q->operator], q->limit, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_TOTAL_MEM_PERCENT: out_print(res,"Memory usage limit (incl. children)" - "If %s %.1f%% %s then %s else if passed %s then %s" + "If %s %.1f%% %s then %s else if succeeded %s then %s" "", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; } @@ -2078,7 +2121,7 @@ if(s->type == TYPE_FILE || s->type == TYPE_FIFO || s->type == TYPE_DIRECTORY || - s->type == TYPE_DEVICE) { + s->type == TYPE_FILESYSTEM) { if(!Util_hasServiceStatus(s)) { @@ -2101,7 +2144,7 @@ if(s->type == TYPE_FILE || s->type == TYPE_FIFO || s->type == TYPE_DIRECTORY || - s->type == TYPE_DEVICE) { + s->type == TYPE_FILESYSTEM) { if(!Util_hasServiceStatus(s)) { @@ -2124,7 +2167,7 @@ if(s->type == TYPE_FILE || s->type == TYPE_FIFO || s->type == TYPE_DIRECTORY || - s->type == TYPE_DEVICE) { + s->type == TYPE_FILESYSTEM) { if(!Util_hasServiceStatus(s)) { @@ -2155,7 +2198,7 @@ } else { char time[STRLEN]; - ctime_r(&s->inf->timestamp, time); + ctime_r((const time_t *)&s->inf->timestamp, time); out_print(res, "Timestamp%s", @@ -2166,13 +2209,15 @@ } -static void print_service_params_device(HttpResponse res, Service_T s) { +static void print_service_params_filesystem(HttpResponse res, Service_T s) { - if(s->type == TYPE_DEVICE) { + if(s->type == TYPE_FILESYSTEM) { if(!Util_hasServiceStatus(s)) { out_print(res, + "Filesystem flags-"); + out_print(res, "Blocks total-"); out_print(res, "Blocks free for non superuser-"); @@ -2188,6 +2233,9 @@ } else { out_print(res, + "Filesystem flags%#lx", + s->inf->flags); + out_print(res, "Blocks total%ld [%.1f MB]", s->inf->f_blocks, (float) s->inf->f_blocks/1048576*s->inf->f_bsize); @@ -2235,9 +2283,9 @@ } else { out_print(res, - "Size%lu B", + "Size%llu B", (s->error & EVENT_SIZE)?" color='#ff0000'":"", - (unsigned long) s->inf->st_size); + (unsigned long long) s->inf->st_size); } } @@ -2256,8 +2304,8 @@ out_print(res, "Match regex%s", - (s->error & EVENT_MATCH)?" color='#ff0000'":"", - (s->error & EVENT_MATCH)?"yes":"no"); + (s->error & EVENT_CONTENT)?" color='#ff0000'":"", + (s->error & EVENT_CONTENT)?"yes":"no"); } } } @@ -2427,7 +2475,7 @@ else { char *uptime = Util_getUptime(Util_getProcessUptime(Run.pidfile), " "); - out_print(res, "The monit daemon %s uptime: %s\n\n", VERSION, uptime); + out_print(res, "The Monit daemon %s uptime: %s\n\n", VERSION, uptime); FREE(uptime); for(s= servicelist_conf; s; s= s->next_conf) @@ -2465,7 +2513,7 @@ if(s->type == TYPE_FILE || s->type == TYPE_FIFO || s->type == TYPE_DIRECTORY || - s->type == TYPE_DEVICE) { + s->type == TYPE_FILESYSTEM) { out_print(res, " %-33s %o\n" " %-33s %d\n" @@ -2477,15 +2525,15 @@ if(s->type == TYPE_FILE || s->type == TYPE_FIFO || s->type == TYPE_DIRECTORY) { - ctime_r(&s->inf->timestamp, time); + ctime_r((const time_t *)&s->inf->timestamp, time); out_print(res, " %-33s %s", "timestamp", time); } if(s->type == TYPE_FILE) { out_print(res, - " %-33s %lu B\n", - "size", (unsigned long) s->inf->st_size); + " %-33s %llu B\n", + "size", (unsigned long long) s->inf->st_size); if(s->checksum) { out_print(res, " %-33s %s(%s)\n", @@ -2493,12 +2541,15 @@ checksumnames[s->checksum->type]); } } - if(s->type == TYPE_DEVICE) { + if(s->type == TYPE_FILESYSTEM) { out_print(res, + " %-33s %#lx\n" " %-33s %ld B\n" " %-33s %ld [%.1f MB]\n" " %-33s %ld [%.1f MB] [%.1f%%]\n" " %-33s %ld [%.1f MB] [%.1f%%]\n", + "filesystem flags", + s->inf->flags, "block size", s->inf->f_bsize, "blocks total", @@ -2548,7 +2599,7 @@ " %-33s %.1f%%\n" " %-33s %.1f%%\n" " %-33s %.1f%%\n", - "childrens", s->inf->children, + "children", s->inf->children, "memory kilobytes", s->inf->mem_kbyte, "memory kilobytes total", s->inf->total_mem_kbyte, "memory percent", s->inf->mem_percent/10.0, @@ -2608,7 +2659,7 @@ systeminfo.total_mem_percent/10.); } } - ctime_r(&s->collected, time); + ctime_r((const time_t *)&s->collected.tv_sec, time); out_print(res, " %-33s %s\n", "data collected", time); } FREE(status); @@ -2617,23 +2668,36 @@ static char *get_service_status_html(Service_T s) { - char state[STRLEN]; + char *status= NULL; + char doaction[STRLEN]; EventTable_T *et= Event_Table; ASSERT(s); + memset(doaction, 0, STRLEN); + if(s->doaction) { + snprintf(doaction, STRLEN-1, " - %s pending", actionnames[s->doaction]); + } + + status= xcalloc(sizeof(char), STRLEN); + /* In the case that the service is not monitored, we will return immediately, * because we are not able to describe actual service state */ - if(s->monitor == MONITOR_NOT) - return xstrdup("not monitored"); - else if(s->monitor == MONITOR_INIT) - return xstrdup("initializing"); + if(s->monitor == MONITOR_NOT) { + snprintf(status, STRLEN, "not monitored%s", + doaction); + return status; + } else if(s->monitor == MONITOR_INIT) { + snprintf(status, STRLEN, "initializing%s", + doaction); + return status; + } /* In the case that error is zero, service is up without errors */ if(!s->error) { - snprintf(state, STRLEN-1, "%s", - statusnames[s->type]); - return xstrdup(state); + snprintf(status, STRLEN, "%s%s", + statusnames[s->type], doaction); + return status; } /* In the case that the service has actualy some failure, error @@ -2641,35 +2705,52 @@ * of the first error found */ while((*et).id) { if(s->error & (*et).id) { - snprintf(state, STRLEN-1, "%s", - (*et).description_failed); - return xstrdup(state); + if (s->error_hint & (*et).id) + snprintf(status, STRLEN, "%s%s", (*et).description_changed, doaction); + else + snprintf(status, STRLEN, "%s%s", (*et).description_failed, doaction); + return status; } et++; } /* We should not pass through here */ - return xstrdup("unknown"); + snprintf(status, STRLEN, "unknown%s", + doaction); + return status; } static char *get_service_status_text(Service_T s) { + char *status= NULL; + char doaction[STRLEN]; EventTable_T *et= Event_Table; ASSERT(s); + memset(doaction, 0, STRLEN); + if(s->doaction) { + snprintf(doaction, STRLEN, " - %s pending", actionnames[s->doaction]); + } + + status= xcalloc(sizeof(char), STRLEN); + /* In the case that the service is not monitored, we will return immediately, * because we are not able to describe actual service state */ - if(s->monitor == MONITOR_NOT) - return xstrdup("not monitored"); - else if(s->monitor == MONITOR_INIT) - return xstrdup("initializing"); + if(s->monitor == MONITOR_NOT) { + snprintf(status, STRLEN, "not monitored%s", doaction); + return status; + } else if(s->monitor == MONITOR_INIT) { + snprintf(status, STRLEN, "initializing%s", doaction); + return status; + } /* In the case that error is zero, service is up without errors */ if(!s->error) { - return xstrdup(statusnames[s->type]); + snprintf(status, STRLEN, "%s%s", statusnames[s->type], doaction); + return status; } /* In the case that the service has actualy some failure, error @@ -2677,13 +2758,18 @@ * of the first error found */ while((*et).id) { if(s->error & (*et).id) { - return xstrdup((*et).description_failed); + if (s->error_hint & (*et).id) + snprintf(status, STRLEN, "%s%s", (*et).description_changed, doaction); + else + snprintf(status, STRLEN, "%s%s", (*et).description_failed, doaction); + return status; } et++; } /* We should not pass through here */ - return xstrdup("unknown"); + snprintf(status, STRLEN, "unknown%s", doaction); + return status; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/cervlet.h /tmp/QeMlhPoI46/monit-5.0.3/http/cervlet.h --- monit-4.8.1/http/cervlet.h 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/http/cervlet.h 2009-05-25 20:02:57.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -31,24 +41,28 @@ ""\ " monit: service manager"\ " "\ ""\ ""\ @@ -58,39 +72,36 @@ " alink=\"#000000\" text=\"#000000\">"\ ""\ " "\ -" "\ +" "\ " "\ "
    \"\"\"\"
    "\ ""\ " "\ " "\ " "\ " "\ "
    "\ -" Home>"\ -" %s"\ +" Home>"\ +" %s"\ " "\ "

    "\ -" monit " VERSION ""\ +" monit " VERSION ""\ "

    "\ ""\ " "\ -" "\ +" "\ " "\ "
    \"\"\"\"
    "\ "
    " #define FOOT_HTML "
    "\ -"

     

    "\ -"

     

    "\ -"


    "\ -"

    "\ -"
    "\ -""\ -"© Copyright 2000-2006 by the monit project group."\ -" All Rights Reserved.

    " +"
    "\ +"Copyright © 2000-2009 Tildeslash. All rights reserved. | "\ +"Monit web site | "\ +"Monit Wiki | "\ +"M/Monit"\ +"
    " #define HEAD(location, refresh) \ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/engine.c /tmp/QeMlhPoI46/monit-5.0.3/http/engine.c --- monit-4.8.1/http/engine.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/http/engine.c 2009-02-13 13:06:35.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -107,7 +117,7 @@ * @author Christian Hopp, * @author Martin Pala * - * @version \$Id: engine.c,v 1.72 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: engine.c,v 1.83 2009/02/13 09:18:15 hauk Exp $ * * @file */ @@ -229,72 +239,50 @@ */ int add_host_allow(char *name) { - struct hostent *hp; - struct in_addr *inp; + struct addrinfo hints; + struct addrinfo *res; + struct addrinfo *_res; ASSERT(name); - if(! (hp= gethostbyname(name))) { - - LogError("%s: Error: hostname did not resolve '%s'.\n", - prog, name); - return FALSE; - - } else { - - while(*hp->h_addr_list) { - - HostsAllow h; - - NEW(h); - - inp = (struct in_addr *) *hp->h_addr_list++; - - h->network= inp->s_addr; - h->mask= 0xffffffff; - - LOCK(hostlist_mutex) - - if(hostlist) { - - HostsAllow p, n; - - for(n= p= hostlist; p; n= p, p= p->next) { - - if((p->network == h->network) && ((p->mask == h->mask))) { - DEBUG("%s: Debug: Skipping redundant host '%s' (%s).\n", - prog, name, inet_ntoa(*(struct in_addr *) &h->network)); + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_family = PF_INET; /* we support just IPv4 currently */ - destroy_host_allow(h); - goto done; - - } - - } + if(getaddrinfo(name, NULL, &hints, &res) != 0) + return FALSE; - DEBUG("%s: Debug: Adding host allow '%s' (%s).\n", - prog, name, inet_ntoa(*(struct in_addr *) &h->network)); - - n->next= h; - - } else { - - DEBUG("%s: Debug: Adding host allow '%s' (%s).\n", - prog, name, inet_ntoa(*(struct in_addr *) &h->network)); + for(_res = res; _res; _res = _res->ai_next) { + if(_res->ai_family == AF_INET) { + HostsAllow h; + struct sockaddr_in *sin = (struct sockaddr_in *)_res->ai_addr; + + NEW(h); + memcpy(&h->network, &sin->sin_addr, 4); + h->mask= 0xffffffff; + LOCK(hostlist_mutex) + if(hostlist) { + HostsAllow p, n; + for(n= p= hostlist; p; n= p, p= p->next) { + if((p->network == h->network) && ((p->mask == h->mask))) { + DEBUG("%s: Debug: Skipping redundant host '%s'\n", prog, name); + destroy_host_allow(h); + goto done; + } + } + DEBUG("%s: Debug: Adding host allow '%s'\n", prog, name); + n->next= h; + } else { + DEBUG("%s: Debug: Adding host allow '%s'\n", prog, name); - hostlist= h; - - } - - done: - END_LOCK; - + hostlist= h; + } + done: + END_LOCK; } - } + freeaddrinfo(res); return TRUE; - } /** @@ -642,7 +630,7 @@ int client; struct sockaddr_in in; - unsigned int len= sizeof(struct sockaddr_in); + socklen_t len= sizeof(struct sockaddr_in); if(can_read(server, 1)) { diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/engine.h /tmp/QeMlhPoI46/monit-5.0.3/http/engine.h --- monit-4.8.1/http/engine.h 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/http/engine.h 2009-02-13 13:06:36.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/httpstatus.h /tmp/QeMlhPoI46/monit-5.0.3/http/httpstatus.h --- monit-4.8.1/http/httpstatus.h 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/http/httpstatus.h 2009-02-13 13:06:36.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/processor.c /tmp/QeMlhPoI46/monit-5.0.3/http/processor.c --- monit-4.8.1/http/processor.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/http/processor.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -101,7 +111,7 @@ * @author Jan-Henrik Haukeland, * @author Christian Hopp, * - * @version \$Id: processor.c,v 1.55 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: processor.c,v 1.73 2009/05/09 15:11:39 martinp Exp $ * * @file */ @@ -157,9 +167,9 @@ * @param doGetFunc doGet function * @param doPostFunc doPost function */ -void add_Impl(void *doGetFunc, void *doPostFunc) { - Impl.doGet= doGetFunc; - Impl.doPost= doPostFunc; +void add_Impl(void(*doGet)(HttpRequest, HttpResponse), void(*doPost)(HttpRequest, HttpResponse)) { + Impl.doGet= doGet; + Impl.doPost= doPost; } @@ -182,19 +192,7 @@ "
    %s"\ "\r\n", code, err, err, msg?msg:"", SERVER_URL, get_server(server, STRLEN)); -} - - -/** - * Sends a temporary redirect response to the client using the - * specified redirect Location URL. The url must be absolute. - * @param res HttpResponse object - * @param location An absolute url to redirect to - */ -void send_redirect(HttpResponse res, const char *location) { - reset_response(res); - set_status(res, SC_MOVED_TEMPORARILY); - set_header(res, "Location", location); + DEBUG("HttpRequest error: %s %d %s\n", SERVER_PROTOCOL, code, msg ? msg : err); } @@ -543,7 +541,7 @@ return NULL; } Util_chomp(line); - if(sscanf(line, "%s %s HTTP/%3[1.0]", method, url, protocol) != 3) { + if(sscanf(line, "%1023s %1023s HTTP/%3[1.0]", method, url, protocol) != 3) { internal_error(S, SC_BAD_REQUEST, "Cannot parse request"); return NULL; } @@ -559,8 +557,8 @@ req->protocol= xstrdup(protocol); create_headers(req); if(!create_parameters(req)) { - internal_error(S, SC_BAD_REQUEST, "Cannot parse Request parameters"); destroy_HttpRequest(req); + internal_error(S, SC_BAD_REQUEST, "Cannot parse Request parameters"); return NULL; } return req; @@ -600,7 +598,7 @@ while(1) { if(! socket_readln(S, line, sizeof(line))) break; - if(IS(line, "\r\n") || IS(line, "\n")) + if(!strcasecmp(line, "\r\n") || !strcasecmp(line, "\n")) break; if(NULL != (value= strchr(line, ':'))) { NEW(header); @@ -627,8 +625,9 @@ if(IS(req->method, METHOD_POST) && get_header(req, "Content-Length")) { int n; int len; - Socket_T S= req->S; - if(1 != sscanf(get_header(req, "Content-Length"), "%d", &len)) { + Socket_T S = req->S; + const char *cl = get_header(req, "Content-Length"); + if(! cl || sscanf(cl, "%d", &len) != 1) { return FALSE; } if(len < 0 || len >= REQ_STRLEN) @@ -643,7 +642,8 @@ char *p; if(NULL != (p= strchr(req->url, '?'))) { *p++= 0; - strncpy(query_string, p, REQ_STRLEN); + strncpy(query_string, p, sizeof(query_string) - 1); + query_string[sizeof(query_string) - 1] = 0; } } if(*query_string) { @@ -766,7 +766,8 @@ if(! (credentials && Util_startsWith(credentials, "Basic "))) { return FALSE; } - strncpy(buf, &credentials[6], STRLEN); + strncpy(buf, &credentials[6], sizeof(buf) - 1); + buf[sizeof(buf) - 1] = 0; if((n= decode_base64((unsigned char*)uname, buf))<=0) { return FALSE; } @@ -824,6 +825,7 @@ "\r\n", SERVER_PROTOCOL, status, status_msg, date, server, status_msg, status_msg, msg, SERVER_URL, server); + DEBUG("HttpRequest error: %s %d %s\n", SERVER_PROTOCOL, status, msg ? msg : status_msg); } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http/processor.h /tmp/QeMlhPoI46/monit-5.0.3/http/processor.h --- monit-4.8.1/http/processor.h 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/http/processor.h 2009-02-13 13:06:38.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -32,7 +42,7 @@ /* Server masquerade */ #define SERVER_NAME "monit" #define SERVER_VERSION VERSION -#define SERVER_URL "http://www.tildeslash.com/monit/" +#define SERVER_URL "http://mmonit.com/monit/" #define SERVER_PROTOCOL "HTTP/1.0" #define DATEFMT "%a, %d %b %Y %H:%M:%S GMT" @@ -106,11 +116,10 @@ char *get_headers(HttpResponse res); void set_status(HttpResponse res, int status); const char *get_status_string(int status_code); -void add_Impl(void *doGetFunc, void *doPostFunc); +void add_Impl(void(*doGet)(HttpRequest, HttpResponse), void(*doPost)(HttpRequest, HttpResponse)); void out_print(HttpResponse res, const char *, ...); void set_content_type(HttpResponse res, const char *mime); const char *get_header(HttpRequest req, const char *header_name); -void send_redirect(HttpResponse res, const char *location); void send_error(HttpResponse, int status, const char *message); const char *get_parameter(HttpRequest req, const char *parameter_name); void set_header(HttpResponse res, const char *name, const char *value); diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/http.c /tmp/QeMlhPoI46/monit-5.0.3/http.c --- monit-4.8.1/http.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/http.c 2009-03-18 21:03:16.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -61,6 +71,8 @@ /* The HTTP Thread */ static pthread_t thread; +static volatile int running = FALSE; + /** * Facade functions for the cervlet sub-system. Start/Stop the monit @@ -68,7 +80,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: http.c,v 1.8 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: http.c,v 1.16 2009/03/16 16:58:30 hauk Exp $ * * @file */ @@ -115,6 +127,7 @@ switch(action) { case STOP_HTTP: + if(!running) break; LogInfo("Shutting down %s HTTP server\n", prog); stop_httpd(); if( (status= pthread_join(thread, NULL)) != 0) { @@ -122,6 +135,7 @@ prog, strerror(status)); } else { LogInfo("%s HTTP server stopped\n", prog); + running = FALSE; } break; @@ -133,6 +147,7 @@ prog, strerror(status)); } else { LogInfo("%s HTTP server started\n", prog); + running = TRUE; } break; @@ -157,7 +172,7 @@ /* Block collective signals in the http thread. The http server is * taken down gracefully by signaling the main monit thread */ set_signal_block(&ns, NULL); - start_httpd(Run.httpdport, 10, Run.bind_addr); + start_httpd(Run.httpdport, 1024, Run.bind_addr); return NULL; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/LICENSE /tmp/QeMlhPoI46/monit-5.0.3/LICENSE --- monit-4.8.1/LICENSE 2006-01-01 22:01:02.000000000 +0000 +++ monit-5.0.3/LICENSE 2009-02-13 13:06:30.000000000 +0000 @@ -1,18 +1,29 @@ -Copyright (C), 2000-2006 by the monit project group. -All Rights Reserved. - -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or (at -your option) any later version. In addition, for the avoidance of any -doubt, permission is granted to link this program with OpenSSL. - -This program is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - -You should have received the GNU General Public License along with -this program in a file called COPYING; if not, write to the Free -Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -02111-1307 USA +/* + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. + */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/l.l /tmp/QeMlhPoI46/monit-5.0.3/l.l --- monit-4.8.1/l.l 2006-04-09 21:50:59.000000000 +0100 +++ monit-5.0.3/l.l 2009-05-25 20:02:56.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -34,7 +44,7 @@ * Martin Pala, * * CVS INFO - * $Id: l.l,v 1.110 2006/04/09 20:50:59 martinp Exp $ + * $Id: l.l,v 1.139 2009/05/04 21:51:10 martinp Exp $ */ #include @@ -74,6 +84,7 @@ /* Prototypes */ extern void yyerror(const char*,...); + extern void yywarning(const char *,...); static void steplinenobycr(char *); static void save_arg(void); static void include_file(char *); @@ -133,6 +144,8 @@ usage {/* EMPTY */} was {/* EMPTY */} times {/* EMPTY */} +but {/* EMPTY */} +of {/* EMPTY */} {startarg} { BEGIN(ARGUMENT_COND); return START; } {stoparg} { BEGIN(ARGUMENT_COND); return STOP; } @@ -147,6 +160,7 @@ disable { return DISABLE; } set { return SET; } daemon { return DAEMON; } +delay { return DELAY; } logfile { return LOGFILE; } syslog { return SYSLOG; } facility { return FACILITY; } @@ -160,6 +174,7 @@ allow { return ALLOW; } read[-]?only { return READONLY; } pidfile { return PIDFILE; } +idfile { return IDFILE; } statefile { return STATEFILE; } path { return PATHTOK; } start { return START; } @@ -172,6 +187,7 @@ tcpssl { return TCPSSL; } udp { return UDP; } alert { return ALERT; } +noalert { return NOALERT; } mail-format { return MAILFORMAT; } resource { return RESOURCE; } restart(s)? { return RESTART; } @@ -190,6 +206,7 @@ postfix-policy { return POSTFIXPOLICY; } pop { return POP; } imap { return IMAP; } +clamav { return CLAMAV; } dns { return DNS; } mysql { return MYSQL; } nntp { return NNTP; } @@ -199,9 +216,13 @@ ldap2 { return LDAP2; } ldap3 { return LDAP3; } rdate { return RDATE; } +lmtp { return LMTP; } rsync { return RSYNC; } tns { return TNS; } pgsql { return PGSQL; } +sip { return SIP; } +target { return TARGET; } +maxforward { return MAXFORWARD; } mode { return MODE; } active { return ACTIVE; } passive { return PASSIVE; } @@ -219,12 +240,10 @@ waitlimit { return WAITLIMIT; } gracefullimit { return GRACEFULLIMIT; } cleanuplimit { return CLEANUPLIMIT; } -cpuusage { return CPUUSAGE; } -memusage { return MEMUSAGE; } -memkbyte { return MEMKBYTE; } mem(ory)? { return MEMORY; } totalmem(ory)? { return TOTALMEMORY; } cpu { return CPU; } +totalcpu { return TOTALCPU; } child(ren) { return CHILDREN; } timestamp { return TIMESTAMP; } changed { return CHANGED; } @@ -249,10 +268,12 @@ ignore { return IGNORE; } connection { return CONNECTION; } unmonitor { return UNMONITOR; } +action { return ACTION; } icmp { return ICMP; } echo { return ICMPECHO; } send { return SEND; } expect { return EXPECT; } +expectbuffer { return EXPECTBUFFER; } cleartext { return CLEARTEXT; } md5 { return MD5HASH; } sha1 { return SHA1HASH; } @@ -263,8 +284,9 @@ data { return DATA; } recovered { return RECOVERED; } passed { return PASSED; } +succeeded { return SUCCEEDED; } else { return ELSE; } -collector { return COLLECTOR; } +mmonit { return MMONIT; } url { return URL; } content { return CONTENT; } pid { return PID; } @@ -272,6 +294,10 @@ count { return COUNT; } reminder { return REMINDER; } instance { return INSTANCE; } +hostname { return HOSTNAME; } +username { return USERNAME; } +password { return PASSWORD; } +fsflag(s)? { return FSFLAG; } {byte} { return BYTE; } {kilobyte} { return KILOBYTE; } {megabyte} { return MEGABYTE; } @@ -300,9 +326,14 @@ return CHECKPROC; } -check[ \t]+device { +check[ \t]+device { /* Filesystem alias for backward compatibility */ + BEGIN(SERVICE_COND); + return CHECKFILESYS; + } + +check[ \t]+filesystem { BEGIN(SERVICE_COND); - return CHECKDEV; + return CHECKFILESYS; } check[ \t]+file { @@ -325,11 +356,16 @@ return CHECKSYSTEM; } -check[ \t]+fifo { +check[ \t]+fifo { BEGIN(SERVICE_COND); return CHECKFIFO; } +check[ \t]+status { + BEGIN(SERVICE_COND); + return CHECKSTATUS; + } + group[ \t]+ { BEGIN(STRING_COND); return GROUP; @@ -662,13 +698,13 @@ if ( glob(pattern, GLOB_MARK, NULL, &globbuf) != 0 ) { - yyerror("include files not found"); + yywarning("include files not found"); return; } - for(i=0; i. + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -74,15 +84,15 @@ /** - * Implementation of a logger that appends log messages to a file - * with a preceding timestamp. Methods support both syslog or own - * logfile. - * - * @author Jan-Henrik Haukeland, - * - * @version \$Id: log.c,v 1.30 2006/05/04 23:50:03 martinp Exp $ - * - * @file + * Implementation of a logger that appends log messages to a file + * with a preceding timestamp. Methods support both syslog or own + * logfile. + * + * @author Jan-Henrik Haukeland, + * + * @version \$Id: log.c,v 1.43 2009/05/03 07:48:20 martinp Exp $ + * + * @file */ @@ -90,7 +100,7 @@ static FILE *LOG= NULL; -static pthread_mutex_t log_mutex= PTHREAD_MUTEX_INITIALIZER; +static pthread_mutex_t log_mutex = PTHREAD_MUTEX_INITIALIZER; static struct mylogpriority { @@ -98,14 +108,14 @@ char *description; } logPriority[]= { {LOG_EMERG, "emergency"}, - {LOG_ALERT, "alert"}, - {LOG_CRIT, "critical"}, - {LOG_ERR, "error"}, - {LOG_WARNING, "warning"}, - {LOG_NOTICE, "notice"}, - {LOG_INFO, "info"}, - {LOG_DEBUG, "debug"}, - {-1, NULL} + {LOG_ALERT, "alert"}, + {LOG_CRIT, "critical"}, + {LOG_ERR, "error"}, + {LOG_WARNING, "warning"}, + {LOG_NOTICE, "notice"}, + {LOG_INFO, "info"}, + {LOG_DEBUG, "debug"}, + {-1, NULL} }; @@ -127,20 +137,20 @@ */ int log_init() { - if(!Run.dolog) { + if (!Run.dolog) { return TRUE; } - if(!open_log()) { + if (!open_log()) { return FALSE; } /* Register log_close to be - called at program termination */ - atexit(log_close); + called at program termination */ + atexit(log_close); return TRUE; - + } @@ -268,18 +278,17 @@ * Close the log file or syslog */ void log_close() { - - if(Run.use_syslog) { + + if (Run.use_syslog) { closelog(); } - - if(LOG && (0 != fclose(LOG))) { - LogError("%s: Error closing the log file -- %s\n", - prog, STRERROR); + + if (LOG && (0 != fclose(LOG))) { + LogError("%s: Error closing the log file -- %s\n", prog, STRERROR); } - pthread_mutex_destroy(&log_mutex); + LOG= NULL; - + } @@ -290,14 +299,13 @@ * Open a log file or syslog */ static int open_log() { - - if(Run.use_syslog) { + + if (Run.use_syslog) { openlog(prog, LOG_PID, Run.facility); } else { umask(LOGMASK); - if((LOG= fopen(Run.logfile,"a+")) == (FILE *)NULL) { - LogError("%s: Error opening the log file '%s' for writing -- %s\n", - prog, Run.logfile, STRERROR); + if ((LOG= fopen(Run.logfile,"a+")) == (FILE *)NULL) { + LogError("%s: Error opening the log file '%s' for writing -- %s\n", prog, Run.logfile, STRERROR); return(FALSE); } /* Set logger in unbuffered mode */ @@ -305,7 +313,7 @@ } return TRUE; - + } @@ -314,17 +322,14 @@ * macro in monitor.h */ static char *timefmt(char *t, int size) { - time_t now; struct tm tm; - + time(&now); - if(!strftime(t, size, TIMEFORMAT, localtime_r(&now, &tm))) { - *t= 0; - } - + localtime_r(&now, &tm); + if ( !strftime(t, size, TIMEFORMAT, &tm)) + *t = 0; return t; - } @@ -338,16 +343,16 @@ struct mylogpriority *lp= logPriority; - while((*lp).description) + while ((*lp).description) { - if(p == (*lp).priority) + if (p == (*lp).priority) { return (*lp).description; } lp++; } - return NULL; + return "unknown"; } @@ -364,47 +369,52 @@ #endif ASSERT(s); - + LOCK(log_mutex) + #ifdef HAVE_VA_COPY va_copy(ap_copy, ap); - vfprintf(stderr, s, ap_copy); - va_end(ap_copy); + vfprintf(stderr, s, ap_copy); + va_end(ap_copy); #else - vfprintf(stderr, s, ap); + vfprintf(stderr, s, ap); #endif - fflush(stderr); - END_LOCK; - - if(Run.dolog) { - char datetime[STRLEN]; + fflush(stderr); - if(Run.use_syslog) { - LOCK(log_mutex) + if (Run.dolog) { + if (Run.use_syslog) { #ifdef HAVE_VA_COPY - va_copy(ap_copy, ap); - vsyslog(priority, s, ap_copy); - va_end(ap_copy); + va_copy(ap_copy, ap); + vsyslog(priority, s, ap_copy); + va_end(ap_copy); #else - vsyslog(priority, s, ap); + vsyslog(priority, s, ap); #endif - END_LOCK; - } else if(LOG) { - LOCK(log_mutex) - fprintf(LOG, "[%s] %-8s : ", - timefmt(datetime, STRLEN), - logPriorityDescription(priority)); + } else if (LOG) { + char datetime[STRLEN]; + fprintf(LOG, "[%s] %-8s : ", timefmt(datetime, STRLEN), logPriorityDescription(priority)); #ifdef HAVE_VA_COPY - va_copy(ap_copy, ap); - vfprintf(LOG, s, ap_copy); - va_end(ap_copy); + va_copy(ap_copy, ap); + vfprintf(LOG, s, ap_copy); + va_end(ap_copy); #else - vfprintf(LOG, s, ap); + vfprintf(LOG, s, ap); #endif - END_LOCK; } } + END_LOCK; } +#ifndef HAVE_VSYSLOG +#ifdef HAVE_SYSLOG +void vsyslog (int facility_priority, const char *format, va_list arglist) { + char msg[STRLEN+1]; + + vsnprintf(msg, STRLEN, format, arglist); + syslog(facility_priority, "%s", msg); +} +#endif /* HAVE_SYSLOG */ +#endif /* HAVE_VSYSLOG */ + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/Makefile.in /tmp/QeMlhPoI46/monit-5.0.3/Makefile.in --- monit-4.8.1/Makefile.in 2006-03-05 11:30:53.000000000 +0000 +++ monit-5.0.3/Makefile.in 2009-05-25 20:02:56.000000000 +0100 @@ -1,31 +1,26 @@ -# Copyright (C), 2000-2006 by the monit project group. -# All Rights Reserved. +# Copyright (C) 2009 Tildeslash Ltd. All rights reserved. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 3. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. # -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; either version 2 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software Foundation, -# Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# along with this program. If not, see . # # --------------------------------------------------------------------- # -# SYNOPSIS +# SYNOPSIS # make {all|install|clean|uninstall|distclean|devclean} # # AUTHOR: # Jan-Henrik Haukeland, # # CVS INFO -# $Id: Makefile.in,v 1.24 2006/01/01 22:44:01 martinp Exp $ -# +# $Id: Makefile.in,v 1.39 2009/05/09 10:18:31 martinp Exp $ # Programs (with common options): @@ -37,6 +32,7 @@ # Install modes MODE_PROGS = 555 MODE_FILES = 444 +MODE_CONF = 600 MODE_DIRS = 755 INSTALL = @INSTALL@ @@ -61,7 +57,7 @@ INCDIR = -I. -I./device -I./http -I./process -I./protocols LIB = @LEXLIB@ @LIBS@ -DEFINES = -D@ARCH@ +DEFINES = -D@ARCH@ -DSYSCONFDIR="\"@sysconfdir@\"" # ------------------------------------------------------------------- # @@ -72,7 +68,7 @@ LINKFLAGS = @LDFLAGS@ CFLAGS = $(DEFINES) $(INCDIR) @CFLAGS@ @CPPFLAGS@ LEXFLAGS = -i -YACCFLAGS = -dt +YACCFLAGS = -dvt -o y.tab.c # ------------------------------------------------------------------- # @@ -88,8 +84,8 @@ # Source files SOURCE := $(filter-out $(GRAMMAR) $(FILTER), \ $(wildcard *.c) $(wildcard */*.c)) \ - device/sysdep_@PROCARCH@.c\ - process/sysdep_@PROCARCH@.c\ + device/sysdep_@ARCH@.c\ + process/sysdep_@ARCH@.c\ $(GRAMMAR) $(EXTERNALS) # Object files @@ -129,7 +125,7 @@ $(CC) $(LINKFLAGS) $(OBJECTS) $(LIB) -o $(PROG) clean:: - $(RM) *~ \#* $(PROG) core $(OBJECTS) $(GRAMMAR) tokens.h + $(RM) *.orig *~ \#* $(PROG) core $(OBJECTS) $(GRAMMAR) tokens.h # remove configure files distclean:: clean @@ -169,8 +165,17 @@ # Grammar rules # ------------- +# Byacc prepends banner where it includes the stdlib.h before the p.y +# prologue section. When monit is compiled on linux as 32-bit application +# with largefiles (LFS) support, the _FILE_OFFSET_BITS is not set +# thus the off_t doesn't match and monit will crash. To workaround +# this problem we need to include our config.h ahead of byacc banner. +# Note that bison is not affected and doesn't require this workaround. y.tab.c tokens.h: p.y $(YACC) $(YACCFLAGS) $< + echo "#include " > .y.tab.c + cat y.tab.c >> .y.tab.c + $(MV) .y.tab.c y.tab.c $(MV) y.tab.h tokens.h lex.yy.c: l.l $(LEX) $(LEXFLAGS) $< diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/monit.1 /tmp/QeMlhPoI46/monit-5.0.3/monit.1 --- monit-4.8.1/monit.1 2006-05-16 20:16:21.000000000 +0100 +++ monit-5.0.3/monit.1 2009-05-28 22:47:57.000000000 +0100 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32 +.\" Automatically generated by Pod::Man 2.12 (Pod::Simple 3.05) .\" .\" Standard preamble: .\" ======================================================================== @@ -60,11 +60,6 @@ . rr F .\} .\" -.\" For nroff, turn off justification. Always turn off hyphenation; it makes -.\" way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff @@ -129,33 +124,38 @@ .\" ======================================================================== .\" .IX Title "MONIT 1" -.TH MONIT 1 "www.tildeslash.com" "May 16. 2006" "User Commands" +.TH MONIT 1 "www.tildeslash.com" "May 28. 2009" "User Commands" +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh .SH "NAME" -monit \- utility for monitoring services on a Unix system +Monit \- utility for monitoring services on a Unix system .SH "SYNOPSIS" .IX Header "SYNOPSIS" \&\fBmonit\fR [options] {arguments} .SH "DESCRIPTION" .IX Header "DESCRIPTION" \&\fBmonit\fR is a utility for managing and monitoring processes, -files, directories and devices on a Unix system. Monit conducts -automatic maintenance and repair and can execute meaningful -causal actions in error situations. E.g. monit can start a -process if it does not run, restart a process if it does not -respond and stop a process if it uses to much resources. You may -use monit to monitor files, directories and devices for changes, -such as timestamps changes, checksum changes or size changes. +files, directories and filesystems on a Unix system. Monit +conducts automatic maintenance and repair and can execute +meaningful causal actions in error situations. E.g. Monit can +start a process if it does not run, restart a process if it does +not respond and stop a process if it uses too much resources. You +may use Monit to monitor files, directories and filesystems for +changes, such as timestamps changes, checksum changes or size +changes. .PP Monit is controlled via an easy to configure control file based -on a free\-format, token-oriented syntax. Monit logs to syslog or +on a free-format, token-oriented syntax. Monit logs to syslog or to its own log file and notifies you about error conditions via customizable alert messages. Monit can perform various \s-1TCP/IP\s0 network checks, protocol checks and can utilize \s-1SSL\s0 for such checks. Monit provides a http(s) interface and you may use a -browser to access the monit program. +browser to access the Monit program. .SH "GENERAL OPERATION" .IX Header "GENERAL OPERATION" -The behavior of monit is controlled by command-line options +The behavior of Monit is controlled by command-line options \&\fIand\fR a run control file, \fI~/.monitrc\fR, the syntax of which we describe in a later section. Command-line options override \&\fI.monitrc\fR declarations. @@ -172,10 +172,11 @@ Run as a daemon once per \fIn\fR seconds .PP \&\fB\-g\fR - Set group name for start, stop, restart and status + Set group name for start, stop, restart, monitor and + unmonitor. .PP \&\fB\-l\fR \fIlogfile\fR - Print log information to this file + Print log information to this file .PP \&\fB\-p\fR \fIpidfile\fR Use this lock file in daemon mode @@ -194,7 +195,7 @@ .PP \&\fB\-H\fR \fI[filename]\fR Print \s-1MD5\s0 and \s-1SHA1\s0 hashes of the file or of stdin if the - filename is omitted; monit will exit afterwards + filename is omitted; Monit will exit afterwards .PP \&\fB\-V\fR Print version number and patch level @@ -202,15 +203,16 @@ \&\fB\-h\fR Print a help text .PP -In addition to the options above, monit can be started with one -of the following action arguments; monit will then execute the +In addition to the options above, Monit can be started with one +of the following action arguments; Monit will then execute the action and exit without transforming itself to a daemon. .PP \&\fBstart all\fR Start all services listed in the control file and enable monitoring for them. If the group option is set, only start and enable monitoring of services in - the named group. + the named group (no \*(L"all\*(R" verb is required in this + case). .PP \&\fBstart name\fR Start the named service and enable monitoring for @@ -221,16 +223,18 @@ Stop all services listed in the control file and disable their monitoring. If the group option is set, only stop and disable monitoring of the services - in the named group. + in the named group (no \*(L"all\*(R" verb is required in this + case). .PP \&\fBstop name\fR Stop the named service and disable its monitoring. The name is a service entry name from the monitrc - file. + file. .PP \&\fBrestart all\fR Stop and start \fIall\fR services. If the group option - is set, only restart the services in the named group. + is set, only restart the services in the named group + (no \*(L"all\*(R" verb is required in this case). .PP \&\fBrestart name\fR Restart the named service. The name is a service entry @@ -239,7 +243,8 @@ \&\fBmonitor all\fR Enable monitoring of all services listed in the control file. If the group option is set, only start - monitoring of services in the named group. + monitoring of services in the named group (no \*(L"all\*(R" + verb is required in this case). .PP \&\fBmonitor name\fR Enable monitoring of the named service. The name is @@ -250,7 +255,8 @@ \&\fBunmonitor all\fR Disable monitoring of all services listed in the control file. If the group option is set, only disable - monitoring of services in the named group. + monitoring of services in the named group (no \*(L"all\*(R" + verb is required in this case). .PP \&\fBunmonitor name\fR Disable monitoring of the named service. The name is @@ -265,53 +271,53 @@ Print short status information for each service. .PP \&\fBreload\fR - Reinitialize a running monit daemon, the daemon will + Reinitialize a running Monit daemon, the daemon will reread its configuration, close and reopen log files. .PP \&\fBquit\fR - Kill a monit daemon process + Kill a Monit daemon process .PP \&\fBvalidate\fR Check all services listed in the control file. This - action is also the default behavior when monit runs + action is also the default behavior when Monit runs in daemon mode. .SH "WHAT TO MONITOR" .IX Header "WHAT TO MONITOR" -You may use monit to monitor daemon processes or similar programs +You may use Monit to monitor daemon processes or similar programs running on localhost. Monit is particular useful for monitoring daemon processes, such as those started at system boot time from /etc/init.d/. For instance sendmail, sshd, apache and mysql. In -difference to many monitoring systems, monit can act if an error +difference to many monitoring systems, Monit can act if an error situation should occur, e.g.; if sendmail is not running, monit -can start sendmail or if apache is using to much system resources -(e.g. if a DoS attack is in progress) monit can stop or restart -apache and send you an alert message. Monit does also monitor -process characteristics, such as; if a process has become a -zombie and how much memory or cpu cycles a process is using. -.PP -You may also use monit to monitor files, directories and devices -on localhost. Monit can monitor these items for changes, such as -timestamps changes, checksum changes or size changes. This is -also useful for security reasons \- you can monitor the md5 -checksum of files that should not change. -.PP -You may even use monit to monitor remote hosts. First and -foremost monit is a utility for monitoring and mending services -on localhost, but if a service depends on a remote service, -e.g. a database server or an application server, it might by -useful to be able to test a remote host as well. +can start sendmail or if apache is using too much resources (e.g. +if a DoS attack is in progress) Monit can stop or restart apache +and send you an alert message. Monit can also monitor process +characteristics, such as; if a process has become a zombie and +how much memory or cpu cycles a process is using. +.PP +You may also use Monit to monitor files, directories and +filesystems on localhost. Monit can monitor these items for +changes, such as timestamps changes, checksum changes or size +changes. This is also useful for security reasons \- you can +monitor the md5 checksum of files that should not change. +.PP +You may even use Monit to monitor remote hosts. First and +foremost Monit is a utility for monitoring and mending services +on localhost, but if a service depends on a remote service, e.g. +a database server or an application server, it might by useful to +be able to test a remote host as well. .PP You may monitor the general system-wide resources such as cpu usage, memory and load average. .SH "HOW TO MONITOR" .IX Header "HOW TO MONITOR" -monit is configured and controlled via a control file called +Monit is configured and controlled via a control file called \&\fBmonitrc\fR. The default location for this file is ~/.monitrc. If -this file does not exist, monit will try /etc/monitrc, then -/usr/local/etc/monitrc and finally ./monitrc. +this file does not exist, Monit will try /etc/monitrc, then +\&\f(CW@sysconfdir\fR@/monitrc and finally ./monitrc. .PP -A monit control file consists of a series of service entries and -global option statements in a free\-format, token-oriented syntax. +A Monit control file consists of a series of service entries and +global option statements in a free-format, token-oriented syntax. Comments begin with a # and extend through the end of the line. There are three kinds of tokens in the control file: grammar keywords, numbers and strings. @@ -329,26 +335,22 @@ .IP "3. One or more service entry statements." 4 .IX Item "3. One or more service entry statements." A service entry starts with the keyword \fIcheck\fR followed by the -service type. +service type. .PP -This is the hello galaxy version of a monit control file: +A Monit control file example: .PP .Vb 3 \& # -\& # monit control file -\& # -.Ve -.PP -.Vb 6 +\& # Monit control file +\& # +\& \& set daemon 120 # Poll at 2\-minute intervals \& set logfile syslog facility log_daemon \& set alert foo@bar.baz \& set httpd port 2812 and use address localhost \& allow localhost # Allow localhost to connect -\& allow admin:monit # Allow Basic Auth -.Ve -.PP -.Vb 7 +\& allow admin:Monit # Allow Basic Auth +\& \& check system myhost.mydomain.tld \& if loadavg (1min) > 4 then alert \& if loadavg (5min) > 2 then alert @@ -356,12 +358,10 @@ \& if cpu usage (user) > 70% then alert \& if cpu usage (system) > 30% then alert \& if cpu usage (wait) > 20% then alert -.Ve -.PP -.Vb 11 +\& \& check process apache \& with pidfile "/usr/local/apache/logs/httpd.pid" -\& start program = "/etc/init.d/httpd start" +\& start program = "/etc/init.d/httpd start" with timeout 60 seconds \& stop program = "/etc/init.d/httpd stop" \& if 2 restarts within 3 cycles then timeout \& if totalmem > 100 Mb then alert @@ -370,17 +370,13 @@ \& if failed port 80 protocol http then restart \& group server \& depends on httpd.conf, httpd.bin -.Ve -.PP -.Vb 5 +\& \& check file httpd.conf \& with path /usr/local/apache/conf/httpd.conf \& # Reload apache if the httpd.conf file was changed \& if changed checksum \& then exec "/usr/local/apache/bin/apachectl graceful" -.Ve -.PP -.Vb 7 +\& \& check file httpd.bin \& with path /usr/local/apache/bin/httpd \& # Run /watch/dog in the case that the binary was changed @@ -388,44 +384,41 @@ \& # later \& if failed checksum then exec "/watch/dog" \& else if recovered then alert -.Ve -.PP -.Vb 2 +\& \& include /etc/monit/mysql.monitrc \& include /etc/monit/mail/*.monitrc .Ve .PP -This example illustrate a service entry for monitoring the apache -web server process as well as related files. The meaning of the -various statements will be explained in the following sections. +The above example illustrates a service entry for monitoring the +apache web server process as well as related files. The meaning +of the various statements will be explained in the following +sections. .SH "LOGGING" .IX Header "LOGGING" -monit will log status and error messages to a log file. Use the +Monit will log status and error messages to a log file. Use the \&\fIset logfile\fR statement in the monitrc control file. To setup -monit to log to its own logfile, use e.g. \fIset logfile +Monit to log to its own logfile, use e.g. \fIset logfile /var/log/monit.log\fR. If \fBsyslog\fR is given as a value for the \&\fI\-l\fR command-line switch (or the keyword \fIset logfile syslog\fR -is found in the control file) monit will use the \fBsyslog\fR system -daemon to log messages. The priority is assigned to each message -based on the context. To turn off logging, simply do not set -the logfile in the control file (and of course, do not use the \-l +is found in the control file) Monit will use the \fBsyslog\fR system +daemon to log messages with a priority assigned to each message +based on the context. To turn off logging, simply do not set the +logfile in the control file (and of course, do not use the \-l switch) .SH "DAEMON MODE" .IX Header "DAEMON MODE" -The \fI\-d interval\fR command-line switch runs monit in daemon +The \fI\-d interval\fR command-line switch runs Monit in daemon mode. You must specify a numeric argument which is a polling interval in seconds. .PP -In daemon mode, monit detaches from the console, puts itself in +In daemon mode, Monit detaches from the console, puts itself in the background and runs continuously, monitoring each specified service and then goes to sleep for the given poll interval. .PP -.Vb 1 -\& Simply invoking -.Ve +Simply invoking .PP .Vb 1 -\& monit \-d 300 +\& Monit \-d 300 .Ve .PP will poll all services described in your \fI~/.monitrc\fR file every @@ -433,39 +426,52 @@ .PP It is strongly recommended to set the poll interval in your ~/.monitrc file instead, by using \fIset daemon \f(BIn\fI\fR, where \fBn\fR -is an integer number of seconds. If you do this, monit will +is an integer number of seconds. If you do this, Monit will always start in daemon mode (as long as no action arguments are -given). +given). Example (check every 5 minutes): +.PP +.Vb 1 +\& set daemon 300 +.Ve +.PP +If you need Monit to wait some time at startup before it start +checking services you can use the delay statement. Example (check +every 5 minutes, wait 1 minute on start before first monitoring +cycle): +.PP +.Vb 1 +\& set daemon 300 with start delay 60 +.Ve .PP Monit makes a per-instance lock-file in daemon mode. If you need -more monit instances, you will need more configuration files, -each pointing to its own lock\-file. +more Monit instances, you will need more configuration files, +each pointing to its own lock-file. .PP -Calling \fImonit\fR with a monit daemon running in the background -sends a wake-up signal to the daemon, forcing it to check +Calling \fImonit\fR with a Monit daemon running in the background +sends a wake-up signal to the daemon, forcing it to check services immediately. .PP The \fIquit\fR argument will kill a running daemon process instead of waking it up. .SH "INIT SUPPORT" .IX Header "INIT SUPPORT" -Monit can run and be controlled from \fIinit\fR. If monit should -crash, \fIinit\fR will re-spawn a new monit process. Using init to -start monit is probably the best way to run monit if you want to -be certain that you always have a running monit daemon on your +Monit can run and be controlled from \fIinit\fR. If Monit should +crash, \fIinit\fR will re-spawn a new Monit process. Using init to +start Monit is probably the best way to run Monit if you want to +be certain that you always have a running Monit daemon on your system. (It's obvious, but never the less worth to stress; Make sure that the control file does not have any syntax errors before -you start monit from init. Also, make sure that if you run monit -from init, that you do not start monit from a startup scripts as +you start Monit from init. Also, make sure that if you run monit +from init, that you do not start Monit from a startup scripts as well). .PP -To setup monit to run from init, you can either use the 'set +To setup Monit to run from init, you can either use the 'set init' statement in monit's control file or use the \-I option from the command line and here is what you must add to /etc/inittab: .PP .Vb 2 -\& # Run monit in standard run\-levels -\& mo:2345:respawn:/usr/local/bin/monit \-Ic /etc/monitrc +\& # Run Monit in standard run\-levels +\& mo:2345:respawn:/usr/local/bin/Monit \-Ic /etc/monitrc .Ve .PP After you have modified init's configuration file, you can run @@ -481,17 +487,17 @@ \& kill \-1 1 .Ve .PP -If monit is used to monitor services that are also started at +If Monit is used to monitor services that are also started at boot time (e.g. services started via \s-1SYSV\s0 init rc scripts or via inittab) then, in some cases, a race condition could occur. That -is; if a service is slow to start, monit can assume that the +is; if a service is slow to start, Monit can assume that the service is not running and possibly try to start it and raise an alert, while, in fact the service is already about to start or already in its startup sequence. Please see the \s-1FAQ\s0 for solutions to this problem. .SH "INCLUDE FILES" .IX Header "INCLUDE FILES" -The monit control file, \fImonitrc\fR, can include additional +The Monit control file, \fImonitrc\fR, can include additional configuration files. This feature helps to maintain a certain structure or to place repeating settings into one file. Include statements can be placed at virtually any spot. The syntax is the @@ -508,14 +514,14 @@ quotes ("). For example, .PP .Vb 1 -\& INCLUDE "/etc/monit/monit configuration files/printer.*.monitrc" +\& INCLUDE "/etc/monit/Monit configuration files/printer.*.monitrc" .Ve .PP loads any file matching the single globstring. If the globstring matches a directory instead of a file, it is silently ignored. .PP \&\fI\s-1INCLUDE\s0\fR statements in included files are parsed as in the main -control file. +control file. .PP If the globstring matches several results, the files are included in a non sorted manner. If you need to rely on a certain order, @@ -532,69 +538,99 @@ .PP With this statement it is possible to group similar service entries together and manage them as a whole. Monit provides -functions to start, stop and restart a group of services, like -so: +functions to start, stop, restart, monitor and unmonitor a +group of services, like so: .PP To start a group of services from the console: .PP .Vb 1 -\& monit \-g start +\& Monit \-g start .Ve .PP To stop a group of services: .PP .Vb 1 -\& monit \-g stop +\& Monit \-g stop .Ve .PP To restart a group of services: .PP .Vb 1 -\& monit \-g restart +\& Monit \-g restart .Ve +.PP +Note: +the \fIstatus\fR and \fIsummary\fR commands don't support the \-g +option and will print the state of all services. .SH "MONITORING MODE" .IX Header "MONITORING MODE" Monit supports three monitoring modes per service: \fIactive\fR, \&\fIpassive\fR and \fImanual\fR. See also the example section below for usage of the mode statement. .PP -In \fIactive\fR mode, monit will monitor a service and in case of -problems monit will act and raise alerts, start, stop or restart +In \fIactive\fR mode, Monit will monitor a service and in case of +problems Monit will act and raise alerts, start, stop or restart the service. Active mode is the default mode. .PP -In \fIpassive\fR mode, monit will passively monitor a service and +In \fIpassive\fR mode, Monit will passively monitor a service and specifically \fBnot\fR try to fix a problem, but it will still raise alerts in case of a problem. .PP For use in clustered environments there is also a \fImanual\fR -mode. In this mode, monit will enter \fIactive\fR mode \fBonly\fR if a +mode. In this mode, Monit will enter \fIactive\fR mode \fBonly\fR if a service was brought under monit's control, for example by executing the following command in the console: .PP .Vb 2 -\& monit start sybase -\& (monit will call sybase's start method and enable monitoring) +\& Monit start sybase +\& (Monit will call sybase's start method and enable monitoring) .Ve .PP -If a service was not started by monit or was stopped or disabled +If a service was not started by Monit or was stopped or disabled for example by: .PP .Vb 2 -\& monit stop sybase -\& (monit will call sybase's stop method and disable monitoring) +\& Monit stop sybase +\& (Monit will call sybase's stop method and disable monitoring) .Ve .PP -monit will not monitor the service. This allows for having -services configured in monitrc and start it with monit only if it +Monit will then not monitor the service. This allows for having +services configured in monitrc and start it with Monit only if it should run. This feature can be used to build a simple failsafe cluster. To see how, read more about how to setup a cluster with -monit using the \fIheartbeat\fR system in the examples sections +Monit using the \fIheartbeat\fR system in the examples sections below. +.PP +A service's monitoring state is persistent across Monit restart. +This means that you probably would like to make certain that +services in manual mode are stopped or in unmonitored mode at +server shutdown. Do for instance the following in a server +shutdown script: +.PP +.Vb 1 +\& Monit stop sybase +.Ve +.PP +or +.PP +.Vb 1 +\& Monit unmonitor sybase +.Ve +.PP +If you use Monit in a HA-cluster you should place the state file +in a temporary filesystem so if the machine should crash and the +stand-by machine take over services, any manual monitoring mode +services that were started on the crashed machine won't be +started on reboot. Use for example: +.PP +.Vb 1 +\& set statefile /tmp/monit.state +.Ve .SH "ALERT MESSAGES" .IX Header "ALERT MESSAGES" Monit will raise an email alert in the following situations: .PP -.Vb 14 +.Vb 10 \& o A service timed out \& o A service does not exist \& o A service related data access problem @@ -606,25 +642,29 @@ \& o A file checksum problem \& o A file size problem \& o A file/directory timestamp problem -\& o A file/directory/device permission problem -\& o A file/directory/device uid problem -\& o A file/directory/device gid problem +\& o A file/directory/filesystem permission problem +\& o A file/directory/filesystem uid problem +\& o A file/directory/filesystem gid problem +\& o An action is done per administrator's request .Ve .PP Monit will send an alert each time a monitored object changed. This involves: .PP -.Vb 5 +.Vb 8 \& o Monit started, stopped or reloaded \& o A file checksum changed \& o A file size changed \& o A file content match \& o A file/directory timestamp changed +\& o A filesystem mount flags changed +\& o A process PID changed +\& o A process PPID changed .Ve .PP -You use the alert statement to notify monit that you want alert +You use the alert statement to notify Monit that you want alert messages sent to an email address. If you do not specify an alert -statement, monit will not send alert messages. +statement, Monit will not send alert messages. .PP There are two forms of alert statement: .PP @@ -635,24 +675,26 @@ .PP In both cases you can use more than one alert statement. In other words, you can send many different emails to many different -addresses. (in case you now got a new business idea; monit is not -really suitable for sending spam). +addresses. .PP Recipients in the global and in the local lists are alerted when a service failed, recovered or changed. If the same email address -is in the global and in the local list, monit will send only one +is in the global and in the local list, Monit will only send one alert. Local (per service) defined alert email addresses override global addresses in case of a conflict. Finally, you may choose to only use a global alert list (recommended), a local per service list or both. +.PP +It is also possible to disable the global alerts locally for +particular service(s) and recipients. .Sh "Setting a global alert statement" .IX Subsection "Setting a global alert statement" -If a change occurred on a monitored services, monit will send an -alert to all recipients in the global list who have registered +If a change occurred on a monitored services, Monit will send an +alert to all recipients in the global list who has registered interest for the event type. Here is the syntax for the global alert statement: -.IP "\s-1SET\s0 \s-1ALERT\s0 mail-address [{events}] [\s-1MAIL\-FORMAT\s0 {mail\-format}] [\s-1REMINDER\s0 number]" 4 -.IX Item "SET ALERT mail-address [{events}] [MAIL-FORMAT {mail-format}] [REMINDER number]" +.IP "\s-1SET\s0 \s-1ALERT\s0 mail-address [ [\s-1NOT\s0] {events}] [\s-1MAIL\-FORMAT\s0 {mail\-format}] [\s-1REMINDER\s0 number]" 4 +.IX Item "SET ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT {mail-format}] [REMINDER number]" .PP Simply using the following in the global section of monitrc: .PP @@ -662,20 +704,29 @@ .PP will send a default email to the address foo@bar whenever an event occurred on any service. Such an event may be that a -service timed out, a service was doesn't exist or a service does -exist (on recovery) and so on. If you want to send alert messages -to more email addresses, add a \fIset alert 'email'\fR statement for -each address. +service timed out, a service doesn't exist and so on. If you want +to send alert messages to more email addresses, add a \fIset alert +\&'email'\fR statement for each address. .PP For explanations of the \fIevents, MAIL-FORMAT and \s-1REMINDER\s0\fR keywords above, please see below. +.PP +You can also use the \s-1NOT\s0 option ahead of the events list which +will reverse the meaning of the list. That is, only send alerts +for events \fInot\fR in the list. This can save you some +configuration bytes if you are interested in most events except a +few. .Sh "Setting a local alert statement" .IX Subsection "Setting a local alert statement" Each service can also have its own recipient list. -.IP "\s-1ALERT\s0 mail-address [{events}] [\s-1MAIL\-FORMAT\s0 {mail\-format}] [\s-1REMINDER\s0 number]" 4 -.IX Item "ALERT mail-address [{events}] [MAIL-FORMAT {mail-format}] [REMINDER number]" +.IP "\s-1ALERT\s0 mail-address [ [\s-1NOT\s0] {events}] [\s-1MAIL\-FORMAT\s0 {mail\-format}] [\s-1REMINDER\s0 number]" 4 +.IX Item "ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT {mail-format}] [REMINDER number]" +.PP +or +.IP "\s-1NOALERT\s0 mail-address" 4 +.IX Item "NOALERT mail-address" .PP -If you only want an alert message sent for certain events for +If you only want an alert message sent for certain events and for certain service(s), for example only for timeout events or only if a service died, then postfix the alert-statement with a filter block: @@ -686,13 +737,50 @@ \& ... .Ve .PP -(\fIonly\fR and \fIon\fR are noise keywords, ignored by monit. As a +(\fIonly\fR and \fIon\fR are noise keywords, ignored by Monit. As a side note; Noise keywords are used in the control file grammar to make an entry resemble English and thus make it easier to read (or, so goes the philosophy). The full set of available noise -keywords are listed below in the Control File section). +keywords are listed below in the Control File section). .PP -Event filtering can be used to send a mail to different email +You can also setup to send alerts for all events except some by +putting the word \fInot\fR ahead of the list. For example, if you +want to receive alerts for all events except Monit instance +events, you can write (note that the noise words 'but' and 'on' +are optional): +.PP +.Vb 3 +\& check system myserver +\& alert foo@bar but not on { instance } +\& ... +.Ve +.PP +instead of: +.PP +.Vb 10 +\& alert foo@bar on { action +\& checksum +\& content +\& data +\& exec +\& gid +\& icmp +\& invalid +\& fsflags +\& nonexist +\& permission +\& pid +\& ppid +\& size +\& timeout +\& timestamp } +.Ve +.PP +This will send alerts for all events to foo@bar, except Monit +instance events. An instance event \s-1BTW\s0, is an event fired +whenever the Monit program start or stop. +.PP +Event filtering can be used to send an email to different email addresses depending on the events that occurred. For instance: .PP .Vb 3 @@ -707,10 +795,25 @@ occurs. And finally, a message to manager@bar whenever any error event occurs. .PP -This is the list of events you can use in a mail\-filter: \fIuid, +Here is the list of events you can use in a mail-filter: \fIuid, gid, size, nonexist, data, icmp, instance, invalid, exec, -changed, timeout, resource, checksum, match, timestamp, -connection, permission\fR +content, timeout, resource, checksum, fsflags, timestamp, +connection, permission, pid, ppid, action\fR +.PP +You can also disable the alerts localy using the \s-1NOALERT\s0 +statement. This is useful if you have lots of services monitored +and are using the global alert statement, but don't want to +receive alerts for some minor subset of services: +.PP +.Vb 1 +\& noalert appadmin@bar +.Ve +.PP +For example, if you stick the noalert statement in a 'check +system' entry, you won't receive system related alerts (such as +Monit instance started/stopped/reloaded alert, system overloaded +alert, etc.) but will receive alerts for all other monitored +services. .PP The following example will alert foo@bar on all events on all services by default, except the service mybar which will send an @@ -720,49 +823,30 @@ .PP .Vb 1 \& set alert foo@bar -.Ve -.PP -.Vb 4 +\& \& check process myfoo with pidfile /var/run/myfoo.pid \& ... \& check process mybar with pidfile /var/run/mybar.pid \& alert foo@bar only on { timeout } .Ve -.PP -The 'instance' alert type report events related to monit -internals, such as when a monit instance was started, stopped or -reloaded. -.PP -If the \s-1MTA\s0 (mailserver) for sending alerts is not available, -monit \fIcan\fR queue events on the local file-system until the \s-1MTA\s0 -recover. Monit will then post queued events in order with their -original timestamp so the events are not lost. This feature is -most useful if monit is used together with e.g. m/monit and when -event history is important. .Sh "Alert message layout" .IX Subsection "Alert message layout" -monit provides a default mail message layout that is short and to +Monit provides a default mail message layout that is short and to the point. Here's an example of a standard alert mail sent by monit: .PP .Vb 4 \& From: monit@tildeslash.com -\& Subject: monit alert \-\- Does not exist apache +\& Subject: Monit alert \-\- Does not exist apache \& To: hauk@tildeslash.com \& Date: Thu, 04 Sep 2003 02:33:03 +0200 -.Ve -.PP -.Vb 1 +\& \& Does not exist Service apache -.Ve -.PP -.Vb 3 +\& \& Date: Thu, 04 Sep 2003 02:33:03 +0200 \& Action: restart \& Host: www.tildeslash.com -.Ve -.PP -.Vb 2 +\& \& Your faithful employee, \& monit .Ve @@ -781,78 +865,82 @@ \& } .Ve .PP -Where the keyword \fIfrom:\fR is the email address monit should +Where the keyword \fIfrom:\fR is the email address Monit should pretend it is sending from. It does not have to be a real mail address, but it must be a proper formated mail address, on the form: name@domain. The keyword \fIsubject:\fR is for the email subject line. The subject must be on only \fIone\fR line. The \&\fImessage:\fR keyword denotes the mail body. If used, this keyword -should always be the last in a mail-format statement. The mail -body can be as long as you want and must \fBnot\fR contain the '}' +should always be the last in a mail-format statement. The mail +body can be as long as you want, but must \fBnot\fR contain the '}' character. .PP -All of these format keywords are optional but you must provide at -least one. Thus if you only want to change the from address monit -is using you can do: +All of these format keywords are optional, but if used, you must +provide at least one. Thus if you only want to change the from +address Monit is using you can do: .PP .Vb 1 \& set alert foo@bar with mail\-format { from: bofh@bar.baz } .Ve .PP From the previous example you will notice that some special \f(CW$XXX\fR -variables was used. If used, they will be substituted and +variables were used. If used, they will be substituted and expanded into the text with these values: -.IP "* \fI$EVENT\fR" 4 -.IX Item "$EVENT" +.IP "\(bu" 4 +\&\fI\f(CI$EVENT\fI\fR +.Sp .Vb 2 \& A string describing the event that occurred. The values are \& fixed and are: +\& +\& Event: | Failure state: | Success state: +\& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- +\& ACTION | "Action done" | "Action done" +\& CHECKSUM | "Checksum failed" | "Checksum succeeded" +\& CONNECTION| "Connection failed" | "Connection succeeded" +\& CONTENT | "Content failed", | "Content succeeded" +\& DATA | "Data access error" | "Data access succeeded" +\& EXEC | "Execution failed" | "Execution succeeded" +\& FSFLAG | "Filesystem flags failed"| "Filesystem flags succeeded" +\& GID | "GID failed" | "GID succeeded" +\& ICMP | "ICMP failed" | "ICMP succeeded" +\& INSTANCE | "Monit instance changed" | "Monit instance changed not" +\& INVALID | "Invalid type" | "Type succeeded" +\& NONEXIST | "Does not exist" | "Exists" +\& PERMISSION| "Permission failed" | "Permission succeeded" +\& PID | "PID failed" | "PID succeeded" +\& PPID | "PPID failed" | "PPID succeeded" +\& RESOURCE | "Resource limit matched" | "Resource limit succeeded" +\& SIZE | "Size failed" | "Size succeeded" +\& TIMEOUT | "Timeout" | "Timeout recovery" +\& TIMESTAMP | "Timestamp failed" | "Timestamp succeeded" +\& UID | "UID failed" | "UID succeeded" .Ve +.IP "\(bu" 4 +\&\fI\f(CI$SERVICE\fI\fR .Sp -.Vb 19 -\& Event: | Failure state: | Recovery state: -\& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- -\& CHANGED | "Changed" | "Changed back" -\& CHECKSUM | "Checksum failed" | "Checksum passed" -\& CONNECTION| "Connection failed" | "Connection passed" -\& DATA | "Data access error" | "Data access succeeded" -\& EXEC | "Execution failed" | "Execution succeeded" -\& GID | "GID failed" | "GID passed" -\& ICMP | "ICMP failed" | "ICMP passed" -\& INSTANCE | "Monit instance changed"| "Monit instance changed not" -\& INVALID | "Invalid type" | "Type passed" -\& MATCH | "Regex match" | "No regex match" -\& NONEXIST | "Does not exist" | "Exists" -\& PERMISSION| "Permission failed" | "Permission passed" -\& RESOURCE | "Resource limit matched"| "Resource limit passed" -\& SIZE | "Size failed" | "Size passed" -\& TIMEOUT | "Timeout" | "Timeout recovery" -\& TIMESTAMP | "Timestamp failed" | "Timestamp passed" -\& UID | "UID failed" | "UID passed" -.Ve -.IP "* \fI$SERVICE\fR" 4 -.IX Item "$SERVICE" .Vb 1 \& The service entry name in monitrc .Ve -.IP "* \fI$DATE\fR" 4 -.IX Item "$DATE" +.IP "\(bu" 4 +\&\fI\f(CI$DATE\fI\fR +.Sp .Vb 1 \& The current time and date (RFC 822 date style). .Ve -.IP "* \fI$HOST\fR" 4 -.IX Item "$HOST" +.IP "\(bu" 4 +\&\fI\f(CI$HOST\fI\fR +.Sp .Vb 1 -\& The name of the host monit is running on +\& The name of the host Monit is running on .Ve -.IP "* \fI$ACTION\fR" 4 -.IX Item "$ACTION" +.IP "\(bu" 4 +\&\fI\f(CI$ACTION\fI\fR +.Sp .Vb 2 \& The name of the action which was done. Action names are fixed \& and are: -.Ve -.Sp -.Vb 9 +\& \& Action: | Name: \& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- \& ALERT | "alert" @@ -863,108 +951,137 @@ \& STOP | "stop" \& UNMONITOR| "unmonitor" .Ve -.IP "* \fI$DESCRIPTION\fR" 4 -.IX Item "$DESCRIPTION" +.IP "\(bu" 4 +\&\fI\f(CI$DESCRIPTION\fI\fR +.Sp .Vb 1 \& The description of the error condition .Ve .Sh "Setting a global mail format" .IX Subsection "Setting a global mail format" -It is possible to set a standard mail format with the -following global set-statement (keywords are in capital): +It is possible to set a standard mail format with the following +global set-statement (keywords are in capital): .IP "\s-1SET\s0 MAIL-FORMAT {mail\-format}" 4 .IX Item "SET MAIL-FORMAT {mail-format}" .PP Format set with this statement will apply to every alert -statement that does \fInot\fR have its own specified mail\-format. +statement that does \fInot\fR have its own specified mail-format. This statement is most useful for setting a default from address for messages sent by monit, like so: .PP .Vb 1 \& set mail\-format { from: monit@foo.bar.no } .Ve -.Sh "Setting a error reminder" -.IX Subsection "Setting a error reminder" -Monit by default sends just one error notification when the -service failed and another one when it has recovered. If you want -to be notified more then once in the case that the service -remains failed, you can use the reminder option of alert -statement (keywords are in capital): +.Sh "Setting an error reminder" +.IX Subsection "Setting an error reminder" +Monit by default sends just one error notification if a service +failed and another when it recovered. If you want to be notified +more then once if a service remains in a failed state, you can +use the reminder option to the alert statement (keywords are in +capital): .IP "\s-1ALERT\s0 ... [\s-1WITH\s0] \s-1REMINDER\s0 [\s-1ON\s0] number [\s-1CYCLES\s0]" 4 .IX Item "ALERT ... [WITH] REMINDER [ON] number [CYCLES]" .PP -For example if you want to be notified each tenth cycle when the -service remains failed, you can use: +For example if you want to be notified each tenth cycle if a +service remains in a failed state, you can use: .PP .Vb 1 \& alert foo@bar with reminder on 10 cycles .Ve .PP -If you want to be notified on each failed cycle, you can use: +Likewise if you want to be notified on each failed cycle, you can +use: .PP .Vb 1 \& alert foo@bar with reminder on 1 cycle .Ve .Sh "Setting a mail server for alert messages" .IX Subsection "Setting a mail server for alert messages" -The mail server monit should use to send alert messages is +The mail server Monit should use to send alert messages is defined with a global set statement (keywords are in capital and optional statements in [brackets]): .PP -.Vb 2 -\& SET MAILSERVER {host name [PORT port]|ip\-address [PORT port]}+ +.Vb 5 +\& SET MAILSERVER {hostname|ip\-address [PORT port] +\& [USERNAME username] [PASSWORD password] +\& [using SSLV2|SSLV3|TLSV1] [CERTMD5 checksum]}+ \& [with TIMEOUT X SECONDS] +\& [using HOSTNAME hostname] .Ve .PP The port statement allows to use \s-1SMTP\s0 servers other then those -listening on port 25. If omitted, port 25 is used for the -connection. +listening on port 25. If omitted, port 25 is used unless ssl or +tls is used, in which case port 465 is used by default. +.PP +Monit support plain smtp authentication \- you can set a username +and a password using the \s-1USERNAME\s0 and \s-1PASSWORD\s0 options. +.PP +To use secure communication, use the \s-1SSLV2\s0, \s-1SSLV3\s0 or \s-1TLSV1\s0 +options, you can also specify the server certificate checksum +using \s-1CERTMD5\s0 option. .PP As you can see, it is possible to set several \s-1SMTP\s0 servers. If -monit cannot connect to the first server in the list it will try +Monit cannot connect to the first server in the list it will try the second server and so on. Monit has a default 5 seconds -connection timeout and if the \s-1SMTP\s0 server is slow, monit could -timeout when connecting or reading from the server. You can use -the optional timeout statement to explicit set the timeout to a -higher value if needed. Here is an example for setting several -mail servers: -.PP -.Vb 2 -\& set mailserver mail.tildeslash.com, mail.foo.bar port 10025, -\& localhost with timeout 15 seconds -.Ve -.PP -Here monit will first try to connect to the server -\&\*(L"mail.tildeslash.com\*(R", if this server is down monit will try -\&\*(L"mail.foo.bar\*(R" on port 10025 and finally \*(L"localhost\*(R". We do also -set an explicit connect and read timeout; If monit cannot connect -to the first \s-1SMTP\s0 server in the list within 15 seconds it will -try the next server and so on. The \fIset mailserver ..\fR statement -is optional and if not defined monit defaults to use localhost as -the \s-1SMTP\s0 server. +connection timeout and if the \s-1SMTP\s0 server is slow, Monit could +timeout when connecting or reading from the server. If this is +the case, you can use the optional timeout statement to explicit +set the timeout to a higher value if needed. Here is an example +for setting several mail servers: +.PP +.Vb 3 +\& set mailserver mail.tildeslash.com, mail.foo.bar port 10025 +\& username "Rabbi" password "Loewe" using tlsv1, localhost +\& with timeout 15 seconds +.Ve +.PP +Here Monit will first try to connect to the server +\&\*(L"mail.tildeslash.com\*(R", if this server is down Monit will try +\&\*(L"mail.foo.bar\*(R" on port 10025 using the given credentials via tls +and finally \*(L"localhost\*(R". We also set an explicit connect and read +timeout; If Monit cannot connect to the first \s-1SMTP\s0 server in the +list within 15 seconds it will try the next server and so on. The +\&\fIset mailserver ..\fR statement is optional and if not defined +Monit will not send email alerts. Not setting a mail server is +recommended only if alert notification is delegated to M/Monit. +.PP +Monit, by default, use the local host name in \s-1SMTP\s0 \s-1HELO/EHLO\s0 and +in the Message-ID header. Some mail servers check this +information against \s-1DNS\s0 for spam protection and can reject the +email if the \s-1DNS\s0 and the hostname used in the transaction does +not match. If this is the case, you can override the default +local host name by using the \s-1HOSTNAME\s0 option: +.PP +.Vb 2 +\& set mailserver mail.tildeslash.com using hostname +\& "myhost.example.org" +.Ve .Sh "Event queue" .IX Subsection "Event queue" -Monit provide optionally queueing of event alerts that cannot be -sent. For example, if no mail-server is available at the moment, -monit can store events in a queue and try to reprocess them at -the next cycle. As soon as the mail-server recover, monit will -post the queued events. The queue is persistent across monit -restarts and provided that the back-end filesystem is persistent -too, across system restart as well. +If the \s-1MTA\s0 (mail server) for sending alerts is not available, +Monit \fIcan\fR queue events on the local file-system until the \s-1MTA\s0 +recover. Monit will then post queued events in order with their +original timestamp so the events are not lost. This feature is +most useful if Monit is used together with M/Monit and when event +history is important. +.PP +The event queue is persistent across monit restarts and provided +that the back-end filesystem is persistent too, across system +restart as well. .PP By default, the queue is disabled and if the alert handler fails, -monit will simply drop the alert message. To enable the event -queue, add the following statement to the monit control file: +Monit will simply drop the alert message. To enable the event +queue, add the following statement to the Monit control file: .PP .Vb 1 \& SET EVENTQUEUE BASEDIR [SLOTS ] .Ve .PP The is the path to the directory where events will be -stored. Optionally if you want to limit the queue size (maximum -events count), use the slots option. If the slots option is not -used, monit will store as many events as the backend filesystem -allows. +stored. Optionally if you want to limit the queue size, use the +slots option to only store up to \fInumber\fR event messages. If the +slots option is not used, Monit will store as many events as the +backend filesystem allows. .PP Example: .PP @@ -974,8 +1091,8 @@ \& slots 5000 .Ve .PP -The events are stored in binary format, one file per event. The -file size is ca. 130 bytes or a bit more (depending on the +Events are stored in a binary format, with one file per event. +The file size is ca. 130 bytes or a bit more (depending on the message length). The file name is composed of the unix timestamp, underscore and the service name, for example: .PP @@ -983,27 +1100,27 @@ \& /var/monit/1131269471_apache .Ve .PP -If you are running more then one monit instance on the same +If you are running more then one Monit instance on the same machine, you \fBmust\fR use separated event queue directories to avoid sending wrong alerts to the wrong addresses. .PP -If you want to purge the queue by hand (remove queued -event\-files), monit should be stopped before the removal. +If you want to purge the queue by hand, that is, remove queued +event-files, Monit should be stopped before the removal. .SH "SERVICE TIMEOUT" .IX Header "SERVICE TIMEOUT" \&\fBmonit\fR provides a service timeout mechanism for situations where a service simply refuses to start or respond over a longer period. In cases like this, and particularly if monit's poll-cycle -is low, monit will simply increase the machine load by trying to +is low, Monit will simply increase the machine load by trying to restart the service. .PP -The timeout mechanism monit provides is based on two variables, +The timeout mechanism Monit provides is based on two variables, i.e. the number the service has been started and the number of -poll\-cycles. For example, if a service had \fIx\fR restarts within -\&\fIy\fR poll-cycles (where \fIx\fR <= \fIy\fR) then monit will timeout and -not (re)start the service on the next cycle. If a timeout occurs -monit will send you an alert message if you have register -interest for this event. +poll-cycles. For example, if a service had \fIx\fR restarts within +\&\fIy\fR poll-cycles (where \fIx\fR <= \fIy\fR) then Monit will timeout and +not (re)start the service on subsequent cycles until the service +is manually re-registered.. If a timeout occurs Monit will send +you an alert message if you have register interest for this event. .PP The syntax for the timeout statement is as follows (keywords are in capital): @@ -1011,80 +1128,67 @@ .IX Item "IF NUMBER RESTART NUMBER CYCLE(S) THEN TIMEOUT" .PP Where the first number is the number of service restarts and the -second, the number of poll\-cycles. If the number of cycles was +second, the number of poll-cycles. If the number of cycles was reached without a timeout, the service start-counter is reset to zero. This provides some granularity to catch exceptional cases and do a service timeout, but let occasional service start and restarts happen without having an accumulated timeout. .PP -Here is an example where monit will timeout (not check the +Here is an example where Monit will timeout (not check the service) if the service was restarted 2 times within 3 cycles: .PP .Vb 1 \& if 2 restarts within 3 cycles then timeout .Ve .PP -To have monit check the service again after a timeout, run 'monit +To have Monit check the service again after a timeout, run 'monit monitor service' from the command line. This will remove the timeout lock in the daemon and make the daemon start and check the service again. .SH "SERVICE TESTS" .IX Header "SERVICE TESTS" Monit provides several tests you may utilize in a service entry -to test a service. Basically here are two classes of tests: -variable and constant object tests. -.PP -Constant object tests are related to failed/passed state. In the -case of error, monit will watch whether the failed parameter will -recover \- in such case it will handle recovery related -action. General format: -.IP "\s-1IF\s0 <\s-1TEST\s0> [[] [\s-1TIMES\s0 \s-1WITHIN\s0] \s-1CYCLES\s0] \s-1THEN\s0 \s-1ACTION\s0 [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] [\s-1TIMES\s0 \s-1WITHIN\s0] \s-1CYCLES\s0] \s-1THEN\s0 \s-1ACTION\s0]" 4 -.IX Item "IF [[] [TIMES WITHIN] CYCLES] THEN ACTION [ELSE IF PASSED [[] [TIMES WITHIN] CYCLES] THEN ACTION]" -.PP -For constant object tests if the <\s-1TEST\s0> should validate to true, -then the selected action is executed each cycle the condition -remains true. The value for comparison is constant. Recovery -action is evaluated only once (on failed\->passed state change -only). The '\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0' part is optional \- if omitted, -monit will do alert action on recovery by default. The alert is -delivered only once on each state change unless overridden by -\&'reminder' alert option. -.PP -Variable object tests begins with '\s-1IF\s0 \s-1CHANGED\s0' statement and -serves for monitoring of object, which property can change legally -\&\- monit watches whether the value will change again. You can use -it just for alert or to involve some automatic action, as for -example to reload monitored process after its configuration file -was changed. Variable tests are supported for 'checksum', -\&'size', 'pid, 'ppid' and 'timestamp' tests only, if you consider -that other tests can be useful in variable form too, please let -us know. -.IP "\s-1IF\s0 \s-1CHANGED\s0 <\s-1TEST\s0> [[] [\s-1TIMES\s0 \s-1WITHIN\s0] \s-1CYCLES\s0] \s-1THEN\s0 \s-1ACTION\s0" 4 -.IX Item "IF CHANGED [[] [TIMES WITHIN] CYCLES] THEN ACTION" -.PP -For variable object tests if the <\s-1TEST\s0> should validate to true, -then the selected action is executed once and monit will watch -for another change. The value for comparison is a variable where -the last result becomes the actual value, which is compared in -future cycles. The alert is delivered each time the condition -becomes true. -.PP -You can restrict the event ratio needed to change the state: +to test a service. There are two classes of tests: variable and +constant tests. That is, the condition we test is either constant +e.g. a number or it can vary. +.PP +A constant test has this general format: +.IP "\s-1IF\s0 <\s-1TEST\s0> [[] [\s-1TIMES\s0 \s-1WITHIN\s0] \s-1CYCLES\s0] \s-1THEN\s0 \s-1ACTION\s0 [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] [\s-1TIMES\s0 \s-1WITHIN\s0] \s-1CYCLES\s0] \s-1THEN\s0 \s-1ACTION\s0]" 4 +.IX Item "IF [[] [TIMES WITHIN] CYCLES] THEN ACTION [ELSE IF SUCCEEDED [[] [TIMES WITHIN] CYCLES] THEN ACTION]" +.PP +If the <\s-1TEST\s0> condition should evaluate to true, then the +selected action is executed each cycle the test condition remains +true. The comparison value is constant. Recovery action is +evaluated only once (on a failed to succeeded state change only). +The '\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0' part is optional, if omitted, Monit will +send an alert on recovery. The alert is sent only once on each +state change unless overridden by the 'reminder' alert option. +.Sp +.RS 4 +A variable test has this general format: +.Sp +\&\s-1IF\s0 \s-1CHANGED\s0 <\s-1TEST\s0> [[] [\s-1TIMES\s0 \s-1WITHIN\s0] \s-1CYCLES\s0] + \s-1THEN\s0 \s-1ACTION\s0 +.RE +.PP +If the <\s-1TEST\s0> should evaluate to true, then the selected action +is executed once. The comparison value is a variable where the +last result becomes the new value and is compared in future +cycles. The alert is delivered each time the condition becomes +true. +.PP +You can use this test for alerts or for some automatic action, +for example to reload monitored process after its configuration +file was changed. Variable tests are supported for 'checksum', +\&'size', 'pid, 'ppid' and 'timestamp' tests only. .IP "... [[] [\s-1TIMES\s0 \s-1WITHIN\s0] \s-1CYCLES\s0] ..." 4 .IX Item "... [[] [TIMES WITHIN] CYCLES] ..." .PP -This part is optional and is supported by all testing rules. -It defines how many event occurrences during how many cycles -are needed to trigger the following action. You can use it -in several ways \- the core syntax is: -.PP -.Vb 1 -\& [] CYCLES -.Ve -.PP -It is possible to use filling words which give the rule better -first-sight sense. You can use any filling words such as: \s-1FOR\s0, -\&\s-1TIMES\s0, \s-1WITHIN\s0, thus for example: +If a test match, its action is executed at once. This behaviour +can optionally be changed and you can for instance require that a +test must match over several poll cycles before the action is +executed by using the statement above. You can use this in +several ways. For example: .PP .Vb 1 \& if failed port 80 for 3 times within 5 cycles then alert @@ -1096,41 +1200,26 @@ \& if failed port 80 for 10 cycles then unmonitor .Ve .PP -When you don't specify the , it equals to by default, -thus the rule applies when consecutive cycles of inverse -event occurred (relatively to the current service state). +If you don't specify times, it equals by default, thus +the test match if it evaluate to true for consecutive cycles. .PP -When you omit it at all, monit will by default change state -on first inverse event, which is equivalent to this notation: +It is possible to use this option for failed, succeeded, +recovered or changed rules. Here is a more complex example: .PP -.Vb 1 -\& 1 times within 1 cycles -.Ve -.PP -It is possible to use this option for failed, passed/recovered -or changed rules. More complex examples: -.PP -.Vb 7 -\& check device rootfs with path /dev/hda1 -\& if space usage > 80% 5 times within 15 cycles -\& then alert -\& else if passed for 10 cycles then alert +.Vb 6 +\& check filesystem rootfs with path /dev/hda1 +\& if space usage > 80% for 5 times within 15 cycles +\& then alert else if succeeded for 10 cycles then alert \& if space usage > 90% for 5 cycles then \& exec '/try/to/free/the/space' \& if space usage > 99% then exec '/stop/processess' .Ve .PP -Note that the maximal cycles count which can be used in the rule -is limited by the size of 'long long' data type on your platform. -This provides 64 cycles on usual platforms currently. In the case -that you use unsupported value, the configuration parser will -tell you the limits during monit startup. -.PP -You must select an action to be executed from this list: +In each test you must select the action to be executed from this +list: .IP "\(bu" 4 \&\fB\s-1ALERT\s0\fR sends the user an alert event on each state change (for -constant object tests) or on each change (for variable object -tests). +constant tests) or on each change (for variable tests). .IP "\(bu" 4 \&\fB\s-1RESTART\s0\fR restarts the service \fIand\fR sends an alert. Restart is conducted by first calling the service's registered stop method @@ -1140,13 +1229,13 @@ start method \fIand\fR send an alert. .IP "\(bu" 4 \&\fB\s-1STOP\s0\fR stops the service by calling the service's registered -stop method \fIand\fR send an alert. If monit stops a service it -will not be checked by monit anymore nor restarted again -later. To reactivate monitoring of the service again you must -explicitly enable monitoring from the web interface or from the -console, e.g. 'monit monitor apache'. +stop method \fIand\fR send an alert. If Monit stops a service it +will not be checked by Monit anymore nor restarted again later. +To reactivate monitoring of the service again you must explicitly +enable monitoring from the web interface or from the console, +e.g. 'monit monitor apache'. .IP "\(bu" 4 -\&\fB\s-1EXEC\s0\fR may be used to execute an arbitrary program \fIand\fR send +\&\fB\s-1EXEC\s0\fR can be used to execute an arbitrary program \fIand\fR send an alert. If you choose this action you must state the program to be executed and if the program require arguments you must enclose the program and its arguments in a quoted string. You may @@ -1158,63 +1247,69 @@ \& as uid nobody and gid nobody .Ve .Sp -This may be useful if the program to be started cannot change to -a lesser privileged user and group. This is typically needed for -Java Servers. Remember, if monit is run by the superuser, then -all programs executed by monit will be started with superuser -privileges unless the uid and gid extension was used. +The uid and gid switch can be useful if the program to be started +cannot change to a lesser privileged user and group. This is +typically needed for Java Servers. Remember, if Monit is run by +the superuser, then all programs executed by Monit will be +started with superuser privileges unless the uid and gid +extension was used. .IP "\(bu" 4 \&\fB\s-1MONITOR\s0\fR will enable monitoring of the service \fIand\fR send an alert. .IP "\(bu" 4 \&\fB\s-1UNMONITOR\s0\fR will disable monitoring of the service \fIand\fR send -an alert. The service will not be checked by monit anymore nor +an alert. The service will not be checked by Monit anymore nor restarted again later. To reactivate monitoring of the service you must explicitly enable monitoring from monit's web interface or from the console using the monitor argument. .Sh "\s-1RESOURCE\s0 \s-1TESTING\s0" .IX Subsection "RESOURCE TESTING" -Monit can examine how much system resources a services are -using. This test may only be used within a system or process -service entry in the monit control file. -.PP -Depending on the system or process characteristics, services -can be stopped or restarted and alerts can be generated. Thus -it is possible to utilize systems which are idle and to spare -system under high load. +Monit can examine how much system resources a service are using. +This test can only be used within a system or process service +entry in the Monit control file. +.PP +Depending on system or process characteristics, services can be +stopped or restarted and alerts can be generated. Thus it is +possible to utilize systems which are idle and to spare system +under high load. .PP The full syntax for the resource-statements used for resource testing is as follows (keywords are in capital and optional statements in [brackets]), -.IP "\s-1IF\s0 resource operator value [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF resource operator value [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 resource operator value [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF resource operator value [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP -\&\fIresource\fR is a choice of \*(L"\s-1CPU\s0\*(R", \*(L"\s-1CPU\s0([user|system|wait])\*(R", -\&\*(L"\s-1MEMORY\s0\*(R", \*(L"\s-1CHILDREN\s0\*(R", \*(L"\s-1TOTALMEMORY\s0\*(R", \*(L"\s-1LOADAVG\s0([1min|5min|15min])\*(R". -Some resources can be used inside of system service container, -some in process service container and some in both: +\&\fIresource\fR is a choice of \*(L"\s-1CPU\s0\*(R", \*(L"\s-1TOTALCPU\s0\*(R", +\&\*(L"\s-1CPU\s0([user|system|wait])\*(R", \*(L"\s-1MEMORY\s0\*(R", \*(L"\s-1CHILDREN\s0\*(R", \*(L"\s-1TOTALMEMORY\s0\*(R", +\&\*(L"\s-1LOADAVG\s0([1min|5min|15min])\*(R". Some resource tests can be used +inside a check system entry, some in a check process entry and +some in both: .PP System only resource tests: .PP -\&\s-1CPU\s0([user|system|wait]) is the percent of time that the system -spend in user or system/kernel space. Some systems such as linux -2.6 supports 'wait' indicator as well. +\&\s-1CPU\s0([user|system|wait]) is the percent of time the system spend +in user or system/kernel space. Some systems such as linux 2.6 +supports a 'wait' indicator as well. .PP Process only resource tests: .PP -\&\s-1CPU\s0 is the \s-1CPU\s0 usage of the process and its children in -parts of hundred (percent). +\&\s-1CPU\s0 is the \s-1CPU\s0 usage of the process itself (percent). +.PP +\&\s-1TOTALCPU\s0 is the total \s-1CPU\s0 usage of the process and its children +in (percent). You will want to use \s-1TOTALCPU\s0 typically for +services like Apache webserver where one master process forks the +child processes as workers. .PP -\&\s-1CHILDREN\s0 is the number of child processes of the process. +\&\s-1CHILDREN\s0 is the number of child processes of the process. .PP \&\s-1TOTALMEMORY\s0 is the memory usage of the process and its child processes in either percent or as an amount (Byte, kB, \s-1MB\s0, \s-1GB\s0). .PP System and process resource tests: .PP -\&\s-1MEMORY\s0 is the memory usage of the system or in the process context -of the process without its child processes in either percent -(of the systems total) or as an amount (Byte, kB, \s-1MB\s0, \s-1GB\s0). +\&\s-1MEMORY\s0 is the memory usage of the system or of a process (without +children) in either percent (of the systems total) or as an +amount (Byte, kB, \s-1MB\s0, \s-1GB\s0). .PP \&\s-1LOADAVG\s0([1min|5min|15min]) refers to the system's load average. The load average is the number of processes in the system run @@ -1226,9 +1321,9 @@ specified, default is \s-1EQUAL\s0). .PP \&\fIvalue\fR is either an integer or a real number (except for -\&\s-1CHILDREN\s0). For \s-1CPU\s0, \s-1MEMORY\s0 and \s-1TOTALMEMORY\s0 you need to specify a -\&\fIunit\fR. This could be \*(L"%\*(R" or if applicable \*(L"B\*(R" (Byte), \*(L"kB\*(R" -(1024 Byte), \*(L"\s-1MB\s0\*(R" (1024 KiloByte) or \*(L"\s-1GB\s0\*(R" (1024 MegaByte). +\&\s-1CHILDREN\s0). For \s-1CPU\s0, \s-1TOTALCPU\s0, \s-1MEMORY\s0 and \s-1TOTALMEMORY\s0 you need to +specify a \fIunit\fR. This could be \*(L"%\*(R" or if applicable \*(L"B\*(R" (Byte), +\&\*(L"kB\*(R" (1024 Byte), \*(L"\s-1MB\s0\*(R" (1024 KiloByte) or \*(L"\s-1GB\s0\*(R" (1024 MegaByte). .PP \&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", \&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". @@ -1239,7 +1334,7 @@ .PP The following is an example to check that the \s-1CPU\s0 usage of a service is not going beyond 50% during five poll cycles. If it -does, monit will restart the service: +does, Monit will restart the service: .PP .Vb 1 \& if cpu is greater than 50% for 5 cycles then restart @@ -1249,13 +1344,13 @@ .Sh "\s-1FILE\s0 \s-1CHECKSUM\s0 \s-1TESTING\s0" .IX Subsection "FILE CHECKSUM TESTING" The checksum statement may only be used in a file service -entry. If specified in the control file, monit will compute +entry. If specified in the control file, Monit will compute a md5 or sha1 checksum for a file. .PP The checksum test in constant form is used to verify that a file does not change. Syntax (keywords are in capital): -.IP "\s-1IF\s0 \s-1FAILED\s0 [MD5|SHA1] \s-1CHECKSUM\s0 [\s-1EXPECT\s0 checksum] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF FAILED [MD5|SHA1] CHECKSUM [EXPECT checksum] [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1FAILED\s0 [MD5|SHA1] \s-1CHECKSUM\s0 [\s-1EXPECT\s0 checksum] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF FAILED [MD5|SHA1] CHECKSUM [EXPECT checksum] [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP The checksum test in variable form is used to watch for file changes. Syntax (keywords are in capital): @@ -1263,13 +1358,13 @@ .IX Item "IF CHANGED [MD5|SHA1] CHECKSUM [[] CYCLES] THEN action" .PP The choice of \s-1MD5\s0 or \s-1SHA1\s0 is optional. \s-1MD5\s0 features a 256 bit -and \s-1SHA1\s0 a 320 bit checksum. If this option is omitted monit +and \s-1SHA1\s0 a 320 bit checksum. If this option is omitted Monit tries to guess the method from the \s-1EXPECT\s0 string or uses \s-1MD5\s0 as default. .PP \&\fIexpect\fR is optional and if used it specifies a md5 or sha1 -string monit should expect when testing a file's checksum. If -\&\fIexpect\fR is used, monit will not compute an initial checksum for +string Monit should expect when testing a file's checksum. If +\&\fIexpect\fR is used, Monit will not compute an initial checksum for the file, but instead use the string you submit. For example: .PP .Vb 3 @@ -1280,15 +1375,16 @@ .PP You can, for example, use the \s-1GNU\s0 utility \fI\fImd5sum\fI\|(1)\fR or \&\fI\fIsha1sum\fI\|(1)\fR to create a checksum string for a file and -use this string in the expect\-statement. +use this string in the expect-statement. .PP \&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", \&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". .PP The checksum statement in variable form may be used to check a -file for changes and if changed, do a specified action. For +file for changes and if changed, do a specified action. For instance to reload a server if its configuration file was -changed. The following illustrate this for the apache web server: +changed. The following illustrates this for the apache web +server: .PP .Vb 3 \& check file httpd.conf path /usr/local/apache/conf/httpd.conf @@ -1298,21 +1394,21 @@ .PP If you plan to use the checksum statement for security reasons, (a very good idea, by the way) and to monitor a file or files -which should not change, then please use constant form and also -read the \s-1DEPENDENCY\s0 \s-1TREE\s0 section below to see a detailed example -on how to do this properly. +which should not change, then please use the constant form and +also read the \s-1DEPENDENCY\s0 \s-1TREE\s0 section below to see a detailed +example on how to do this properly. .PP Monit can also test the checksum for files on a remote host via the \s-1HTTP\s0 protocol. See the \s-1CONNECTION\s0 \s-1TESTING\s0 section below. .Sh "\s-1TIMESTAMP\s0 \s-1TESTING\s0" .IX Subsection "TIMESTAMP TESTING" -The timestamp statement may only be used in a file, fifo or directory -service entry. +The timestamp statement may only be used in a file, fifo or +directory service entry. .PP The timestamp test in constant form is used to verify various timestamp conditions. Syntax (keywords are in capital): -.IP "\s-1IF\s0 \s-1TIMESTAMP\s0 [[operator] value [unit]] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF TIMESTAMP [[operator] value [unit]] [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1TIMESTAMP\s0 [[operator] value [unit]] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF TIMESTAMP [[operator] value [unit]] [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP The timestamp statement in variable form is simply to test an existing file or directory for timestamp changes and if changed, @@ -1349,7 +1445,7 @@ The constant timestamp version is useful for monitoring systems able to report its state by changing the timestamp of certain state files. For instance the \fIiPlanet Messaging server stored -process\fR system updates the timestamp of: +process\fR system updates the timestamp of the following files: .PP .Vb 3 \& o stored.ckp @@ -1363,14 +1459,10 @@ .Vb 2 \& check file stored.ckp with path /msg\-foo/config/stored.ckp \& if timestamp > 1 minute then alert -.Ve -.PP -.Vb 2 +\& \& check file stored.lcu with path /msg\-foo/config/stored.lcu \& if timestamp > 5 minutes then alert -.Ve -.PP -.Vb 2 +\& \& check file stored.per with path /msg\-foo/config/stored.per \& if timestamp > 1 hour then alert .Ve @@ -1402,14 +1494,14 @@ .Ve .Sh "\s-1FILE\s0 \s-1SIZE\s0 \s-1TESTING\s0" .IX Subsection "FILE SIZE TESTING" -The size statement may only be used in a file service entry. -If specified in the control file, monit will compute a size -for a file. -.PP -The size test in constant form is used to verify various -size conditions. Syntax (keywords are in capital): -.IP "\s-1IF\s0 \s-1SIZE\s0 [[operator] value [unit]] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF SIZE [[operator] value [unit]] [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +The size statement may only be used in a file service entry. If +specified in the control file, Monit will compute a size for a +file. +.PP +The size test in constant form is used to verify various size +conditions. Syntax (keywords are in capital): +.IP "\s-1IF\s0 \s-1SIZE\s0 [[operator] value [unit]] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF SIZE [[operator] value [unit]] [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP The size statement in variable form is simply to test an existing file for size changes and if changed, execute an action. Syntax @@ -1434,9 +1526,9 @@ The variable size test form is useful for checking a file for changes and send an alert or execute an action. Monit will register the size of the file at startup and monitor the file for -changes. As soon as the value changed, monit will do specified -action, reset the registered value to new result and continue to -monitor, whether the size changed again. +changes. As soon as the value changes, Monit will perform the +specified action, reset the registered value to the new value and +continue monitoring and test if the size changes again. .PP One example of use for this statement is to conduct security checks, for instance: @@ -1449,17 +1541,17 @@ which will \*(L"cut the cable\*(R" and stop a possible intruder from compromising the system further. This test is just one of many you may use to increase the security awareness on a system. If -you plan to use monit for security reasons we recommend that you +you plan to use Monit for security reasons we recommend that you use this test in combination with other supported tests like checksum, timestamp, and so on. .PP -The constant size test form may be useful in similar or different -contexts. It can, for instance, be used to test if a certain file -size was exceeded and then alert you or monit may execute a -certain action specified by you. An example is to use this -statement to rotate log files after they have reached a certain -size or to check that a database file does not grow beyond a -specified threshold. +The constant form of this test can be useful in similar or +different contexts. It can, for instance, be used to test if a +certain file size was exceeded and then alert you or Monit may +execute a certain action specified by you. An example is to use +this statement to rotate log files after they have reached a +certain size or to check that a database file does not grow +beyond a specified threshold. .PP To rotate a log file: .PP @@ -1497,13 +1589,13 @@ .Ve .Sh "\s-1FILE\s0 \s-1CONTENT\s0 \s-1TESTING\s0" .IX Subsection "FILE CONTENT TESTING" -The match statement allows you to test the content of a text -file by using regular expressions. This is a great feature if -you need to periodically test files, such as log files, for -certain patterns. If a pattern match, monit defaults to -raise an alert, other actions are also possible. +The match statement allows you to test the content of a text file +by using regular expressions. This is a great feature if you need +to periodically test files, such as log files, for certain +patterns. If a pattern match, Monit defaults to raise an alert, +other actions are also possible. .PP -The syntax (keywords in capital) for using this function is: +The syntax (keywords in capital) for using this test is: .IP "\s-1IF\s0 [\s-1NOT\s0] \s-1MATCH\s0 {regex|path} [[] \s-1CYCLES\s0] \s-1THEN\s0 action" 4 .IX Item "IF [NOT] MATCH {regex|path} [[] CYCLES] THEN action" .PP @@ -1522,14 +1614,14 @@ being added and removed between two checks they are unnoticed. .PP On startup the read position is set to the end of the file -and monit continue to scan to the end of file on each cycle. +and Monit continue to scan to the end of file on each cycle. But if the file size should decrease or inode change the read position is set to the start of the file. .PP Only lines ending with a newline character are inspected. Thus, lines are being ignored until they have been completed with this -character. Also note that only the first 511 characters of a -line are inspected. +character. Also note that only the first 511 characters of a line +are inspected. .IP "\s-1IGNORE\s0 [\s-1NOT\s0] \s-1MATCH\s0 {regex|path}" 4 .IX Item "IGNORE [NOT] MATCH {regex|path}" .PP @@ -1552,35 +1644,53 @@ \& "^\ew{3} [ :0\-9]{11} [._[:alnum:]\-]+ mrcoffee\e[[0\-9]+\e]:" \& if match /etc/monit/active.regex then alert .Ve +.Sh "\s-1FILESYSTEM\s0 \s-1FLAGS\s0 \s-1TESTING\s0" +.IX Subsection "FILESYSTEM FLAGS TESTING" +Monit can test the flags of a filesystem for changes. This test +is implicit and Monit will send alert in case of failure by +default. +.PP +This test is useful for detecting changes of the filesystem flags +such as when the filesystem became read-only based on disk errors +or the mount flags were changed (such as nosuid). Each platform +provides different set of flags. \s-1POSIX\s0 define the \s-1RDONLY\s0 and +\&\s-1NOSUID\s0 flags which should work on all platforms. Some platforms +(such as FreeBSD) has additonal flags. +.PP +The syntax for the fsflags statement is: +.IP "\s-1IF\s0 \s-1CHANGED\s0 \s-1FSFLAGS\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action" 4 +.IX Item "IF CHANGED FSFLAGS [[] CYCLES] THEN action" +.PP +\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", +\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". +.PP +Example: +.PP +.Vb 3 +\& check filesystem rootfs with path / +\& if changed fsflags then exec "/my/script" +\& alert root@localhost +.Ve .Sh "\s-1SPACE\s0 \s-1TESTING\s0" .IX Subsection "SPACE TESTING" -Monit can test devices/file systems and check for space -usage. This test may only be used within a device service entry -in the monit control file. +Monit can test file systems for space usage. This test may only +be used within a filesystem service entry in the Monit control +file. .PP -Monit will check a device's total space usage. If you only want -to check available space for non\-superuser, you must set the +Monit will check a filesystem's total space usage. If you only +want to check available space for non-superuser, you must set the watermark appropriately (i.e. total space minus reserved blocks for the superuser). .PP You can obtain (and set) the superuser's reserved blocks size, for example by using the tune2fs utility on Linux. On Linux 5% of -available blocks are reserved for the superuser by default. To -list the reserved blocks for the superuser: -.PP -.Vb 4 -\& [root@berry monit]# tune2fs \-l /dev/hda1| grep "Reserved block" -\& Reserved block count: 319994 -\& Reserved blocks uid: 0 (user root) -\& Reserved blocks gid: 0 (group root) -.Ve -.PP -On solaris 10% of the blocks are reserved. You can also use -tunefs on solaris to change values on a live filesystem. +available blocks are reserved for the superuser by default. On +solaris 10% of the blocks are reserved. You can also use tunefs +on solaris to change values on a live filesystem. .PP The full syntax for the space statement is: -.IP "\s-1IF\s0 \s-1SPACE\s0 operator value unit [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF SPACE operator value unit [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1SPACE\s0 operator value unit [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF SPACE operator value unit [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP \&\fIoperator\fR is a choice of \*(L"<\*(R",\*(L">\*(R",\*(L"!=\*(R",\*(L"==\*(R" in c notation, \*(L"gt\*(R", \&\*(L"lt\*(R", \*(L"eq\*(R", \*(L"ne\*(R" in shell sh notation and \*(L"greater\*(R", \*(L"less\*(R", @@ -1595,18 +1705,19 @@ \&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". .Sh "\s-1INODE\s0 \s-1TESTING\s0" .IX Subsection "INODE TESTING" -If supported by the file\-system, you can use monit to test for -inodes usage. This test may only be used within a device service -entry in the monit control file. -.PP -If the device becomes unavailable, monit will call the entry's -registered start method, if it is defined and if monit is running -in active mode. If monit runs in passive mode or the start -methods is not defined, monit will just send an error alert. +If supported by the file-system, you can use Monit to test for +inodes usage. This test may only be used within a filesystem +service entry in the Monit control file. +.PP +If the filesystem becomes unavailable, Monit will call the +service's registered start method, if it is defined and if Monit +is running in active mode. If Monit runs in passive mode or the +start methods is not defined, Monit will just send an error +alert. .PP The syntax for the inode statement is: -.IP "\s-1IF\s0 \s-1INODE\s0(S) operator value [unit] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF INODE(S) operator value [unit] [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1INODE\s0(S) operator value [unit] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF INODE(S) operator value [unit] [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP \&\fIoperator\fR is a choice of \*(L"<\*(R",\*(L">\*(R",\*(L"!=\*(R",\*(L"==\*(R" in c notation, \*(L"gt\*(R", \&\*(L"lt\*(R", \*(L"eq\*(R", \*(L"ne\*(R" in shell sh notation and \*(L"greater\*(R", \*(L"less\*(R", @@ -1621,16 +1732,18 @@ \&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". .Sh "\s-1PERMISSION\s0 \s-1TESTING\s0" .IX Subsection "PERMISSION TESTING" -Monit can monitor the permissions. This test may only be used -within a file, fifo, directory or device service entry in the -monit control file. +Monit can monitor the permission of file objects. This test may +only be used within a file, fifo, directory or filesystem service +entry in the Monit control file. .PP The syntax for the permission statement is: -.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1PERM\s0(\s-1ISSION\s0) octalnumber [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF FAILED PERM(ISSION) octalnumber [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1PERM\s0(\s-1ISSION\s0) octalnumber [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF FAILED PERM(ISSION) octalnumber [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP \&\fIoctalnumber\fR defines permissions for a file, a directory or a -device. +filesystem as four octal digits (0\-7). Valid range: 0000 \- 7777 (you +can omit the leading zeros, Monit will add the zeros to the left +thus for example \*(L"640\*(R" is valid value and matches \*(L"0640\*(R"). .PP \&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", \&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". @@ -1640,27 +1753,26 @@ .PP We recommend that you use the \s-1UNMONITOR\s0 action in a permission statement. The rationale for this feature is security and that -monit does not start a possible cracked program or -script. Example: +Monit does not start a possible cracked program or script. +Example: .PP -.Vb 3 +.Vb 2 \& check file monit.bin with path "/usr/local/bin/monit" \& if failed permission 0555 then unmonitor -\& alert foo@bar .Ve .PP -If the test fails, monit will simply send an alert and stop +If the test fails, Monit will simply send an alert and stop monitoring the file and propagate an unmonitor action upward in a depend tree. .Sh "\s-1UID\s0 \s-1TESTING\s0" .IX Subsection "UID TESTING" -monit can monitor the owner user id (uid). This test may only be -used within a file, fifo, directory or device service entry in -the monit control file. +Monit can monitor the owner user id (uid) of a file object. This +test may only be used within a file, fifo, directory or +filesystem service entry in the Monit control file. .PP The syntax for the uid statement is: -.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1UID\s0 user [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF FAILED UID user [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1UID\s0 user [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF FAILED UID user [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP \&\fIuser\fR defines a user id either in numeric or in string form. .PP @@ -1672,27 +1784,26 @@ .PP We recommend that you use the \s-1UNMONITOR\s0 action in a uid statement. The rationale for this feature is security and that -monit does not start a possible cracked program or -script. Example: +Monit does not start a possible cracked program or script. +Example: .PP -.Vb 3 +.Vb 2 \& check file passwd with path /etc/passwd \& if failed uid root then unmonitor -\& alert root@localhost .Ve .PP -If the test fails, monit will simply send an alert and stop +If the test fails, Monit will simply send an alert and stop monitoring the file and propagate an unmonitor action upward in a depend tree. .Sh "\s-1GID\s0 \s-1TESTING\s0" .IX Subsection "GID TESTING" -monit can monitor the owner group id (gid). This test may only -be used within a file, fifo, directory or device service entry -in the monit control file. +Monit can monitor the owner group id (gid) of file objects. This +test may only be used within a file, fifo, directory or +filesystem service entry in the Monit control file. .PP The syntax for the gid statement is: -.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1GID\s0 user [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF FAILED GID user [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1GID\s0 user [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF FAILED GID user [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP \&\fIuser\fR defines a group id either in numeric or in string form. .PP @@ -1704,27 +1815,22 @@ .PP We recommend that you use the \s-1UNMONITOR\s0 action in a gid statement. The rationale for this feature is security and that -monit does not start a possible cracked program or -script. Example: +Monit does not start a possible cracked program or script. +Example: .PP -.Vb 3 +.Vb 2 \& check file shadow with path /etc/shadow \& if failed gid root then unmonitor -\& alert root@localhost .Ve .PP -If the test fails, monit will simply send an alert and stop +If the test fails, Monit will simply send an alert and stop monitoring the file and propagate an unmonitor action upward in a depend tree. .Sh "\s-1PID\s0 \s-1TESTING\s0" .IX Subsection "PID TESTING" -monit tests the process id (pid) of processes for change. This -test is implicit and monit will send alert in the case of failure -by default. -.PP -You may override the default action using below rule (it may only -be used within a process service entry in the monit control -file). +Monit can test the process identification number (pid) of a +process for changes. This test is implicit and Monit will send a +alert in the case of failure by default. .PP The syntax for the pid statement is: .IP "\s-1IF\s0 \s-1CHANGED\s0 \s-1PID\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action" 4 @@ -1733,38 +1839,33 @@ \&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", \&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". .PP -This test is useful to detect possible process restarts which -has occurred in the timeframe between two monit testing cycles. -In the case that the restart was fast and the process provides -expected service (i.e. all tests passed) you will be notified +This test is useful to detect possible process restarts which has +occurred in the timeframe between two Monit testing cycles. In +the case that the restart was fast and the process provides +expected service (i.e. all tests succeeded) you will be notified that the process was replaced. .PP For example sshd daemon can restart very quickly, thus if someone -changes its configuration and do sshd restart outside of monit -control, you will be notified that the process was replaced by +changes its configuration and do sshd restart outside of Monit's +control you will be notified that the process was replaced by a new instance (or you can optionaly do some other action such as preventively stop sshd). .PP -Another example is MySQL Cluster which has its own watchdog with -process restart ability. You can use monit for redundant -monitoring. Monit will just send alert in the case that the MySQL -cluster restarted the node quickly. +Another example is a MySQL Cluster which has its own watchdog +with process restart ability. You can use Monit for redundant +monitoring. .PP Example: .PP -.Vb 3 +.Vb 2 \& check process sshd with pidfile /var/run/sshd.pid \& if changed pid then exec "/my/script" -\& alert root@localhost .Ve .Sh "\s-1PPID\s0 \s-1TESTING\s0" .IX Subsection "PPID TESTING" -monit tests the process parent id (ppid) of processes for change. -This test is implicit and monit will send alert in the case of -failure by default. -.PP -You may override the default action using below rule (it may only -be used within a process service entry in the monit control file). +Monit can test the process parent process identification number +(ppid) of a process for changes. This test is implicit and Monit +will send alert in the case of failure by default. .PP The syntax for the ppid statement is: .IP "\s-1IF\s0 \s-1CHANGED\s0 \s-1PPID\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action" 4 @@ -1777,35 +1878,33 @@ .PP Example: .PP -.Vb 3 +.Vb 2 \& check process myproc with pidfile /var/run/myproc.pid \& if changed ppid then exec "/my/script" -\& alert root@localhost .Ve .Sh "\s-1CONNECTION\s0 \s-1TESTING\s0" .IX Subsection "CONNECTION TESTING" Monit is able to perform connection testing via networked ports or via Unix sockets. A connection test may only be used within a -process or within a host service entry in the monit control file. +process or within a host service entry in the Monit control file. .PP -If a service listens on one or more sockets, monit can connect to +If a service listens on one or more sockets, Monit can connect to the port (using either tcp or udp) and verify that the service will accept a connection and that it is possible to write and read from the socket. If a connection is not accepted or if there -is a problem with socket read/write, monit will assume that -something is wrong and execute a specified action. If monit is -compiled with openssl, then ssl based network services can also -be tested. +is a problem with socket i/o, Monit will assume that something is +wrong and execute a specified action. If Monit is compiled with +openssl, then ssl based network services can also be tested. .PP The full syntax for the statement used for connection testing is as follows (keywords are in capital and optional statements in [brackets]), -.IP "\s-1IF\s0 \s-1FAILED\s0 [host] port [type] [protocol|{send/expect}+] [timeout] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF FAILED [host] port [type] [protocol|{send/expect}+] [timeout] [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1FAILED\s0 [host] port [type] [protocol|{send/expect}+] [timeout] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF FAILED [host] port [type] [protocol|{send/expect}+] [timeout] [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP or for Unix sockets, -.IP "\s-1IF\s0 \s-1FAILED\s0 [unixsocket] [type] [protocol|{send/expect}+] [timeout] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 -.IX Item "IF FAILED [unixsocket] [type] [protocol|{send/expect}+] [timeout] [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]" +.IP "\s-1IF\s0 \s-1FAILED\s0 [unixsocket] [type] [protocol|{send/expect}+] [timeout] [[] \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF FAILED [unixsocket] [type] [protocol|{send/expect}+] [timeout] [[] CYCLES] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" .PP \&\fBhost:HOST hostname\fR. Optionally specify the host to connect to. If the host is not given then localhost is assumed if this test @@ -1827,10 +1926,10 @@ machine and does not use a port. .PP \&\fBtype:TYPE {TCP|UDP|TCPSSL}\fR. Optionally specify the socket type -monit should use when trying to connect to the port. The +Monit should use when trying to connect to the port. The different socket types are; \s-1TCP\s0, \s-1UDP\s0 or \s-1TCPSSL\s0, where \s-1TCP\s0 is a regular stream based socket, \s-1UDP\s0 is a datagram socket and \s-1TCPSSL\s0 -specify that monit should use a \s-1TCP\s0 socket with \s-1SSL\s0 when +specify that Monit should use a \s-1TCP\s0 socket with \s-1SSL\s0 when connecting to a port. The default socket type is \s-1TCP\s0. If \s-1TCPSSL\s0 is used you may optionally specify the \s-1SSL/TLS\s0 protocol to be used and the md5 sum of the server's certificate. The \s-1TCPSSL\s0 @@ -1841,16 +1940,18 @@ .Ve .PP \&\fBproto(col):PROTO {protocols}\fR. Optionally specify the protocol -monit should speak when a connection is established. At the -moment monit knows how to speak: +Monit should speak when a connection is established. At the +moment Monit knows how to speak: \fIAPACHE-STATUS\fR \fI\s-1DNS\s0\fR \fI\s-1DWP\s0\fR \fI\s-1FTP\s0\fR \fI\s-1HTTP\s0\fR \fI\s-1IMAP\s0\fR + \fI\s-1CLAMAV\s0\fR \fI\s-1LDAP2\s0\fR \fI\s-1LDAP3\s0\fR + \fI\s-1LMTP\s0\fR \fI\s-1MYSQL\s0\fR \fI\s-1NNTP\s0\fR \fI\s-1NTP3\s0\fR @@ -1858,11 +1959,12 @@ \fIPOSTFIX-POLICY\fR \fI\s-1RDATE\s0\fR \fI\s-1RSYNC\s0\fR + \fI\s-1SIP\s0\fR \fI\s-1SMTP\s0\fR \fI\s-1SSH\s0\fR \fI\s-1TNS\s0\fR \fI\s-1PGSQL\s0\fR -If you have compiled monit with ssl support, monit can also speak +If you have compiled Monit with ssl support, Monit can also speak the \s-1SSL\s0 variants such as: \fI\s-1HTTPS\s0\fR \fI\s-1FTPS\s0\fR @@ -1873,8 +1975,8 @@ \&\s-1HTTPS\s0) : \s-1TYPE\s0 \s-1TCPSSL\s0 \s-1PROTOCOL\s0 \s-1HTTP\s0 If the server's protocol is not found in this list, simply do not -specify the protocol and monit will utilize a default test, -including testing if it is possible to read and write to the +specify the protocol and Monit will utilize a default test, +including test if it is possible to read and write to the port. This default test is in most cases more than good enough to deduce if the server behind the port is up or not. .PP @@ -1946,7 +2048,7 @@ testing is Apache Httpd and mod_status is activated on the server. .PP -\&\fBsend/expect: {SEND|EXPECT} \*(L"string\*(R" ...\fR. If monit does not +\&\fBsend/expect: {SEND|EXPECT} \*(L"string\*(R" ...\fR. If Monit does not support the protocol spoken by the server, you can write your own protocol-test using \fIsend\fR and \fIexpect\fR strings. The \fI\s-1SEND\s0\fR statement sends a string to the server port and the \fI\s-1EXPECT\s0\fR @@ -1961,7 +2063,7 @@ \& [{SEND|EXPECT} "string"]+ .Ve .PP -Note that monit will send a string as it is, and you \fBmust\fR +Note that Monit will send a string as it is, and you \fBmust\fR remember to include \s-1CR\s0 and \s-1LF\s0 in the string sent to the server if the protocol expect such characters to terminate a string (most text based protocols used over Internet does). Likewise monit @@ -1971,12 +2073,31 @@ same terminating characters to the string you expect from the server. .PP -You can use non-printable characters in a send string if -needed. Use the hex notation, \e0xHEXHEX to send any char in the -range \e0x00\-\e0xFF, that is, 0\-255 in decimal. This may be useful -when testing some network protocols, particularly those over -\&\s-1UDP\s0. An example, to test a quake 3 server you can use the -following, +As mentioned above, Monit limits the expect input to 255 bytes. +You can override the default value by using this set statement at +the top of the Monit configuration file: +.PP +.Vb 1 +\& SET EXPECTBUFFER ["b"|"kb"|"mb"] +.Ve +.PP +For example, to set the expect buffer to read 10 kilobytes: +.PP +.Vb 1 +\& set expectbuffer 10 kb +.Ve +.PP +Note, if you want to test the number of bytes returned from the +server you need to work around a bound check limit in \s-1POSIX\s0 +regex. You cannot use something like expect \*(L".{5000}\*(R" as the max +number in a boundary check usually is {255}. However this should +work, expect \*(L"(.{250}){20}\*(R" +.PP +You can use non-printable characters in a send string if needed. +Use the hex notation, \e0xHEXHEX to send any char in the range +\&\e0x00\-\e0xFF, that is, 0\-255 in decimal. This may be useful when +testing some network protocols, particularly those over \s-1UDP\s0. For +example, to test a quake 3 server you can use the following, .PP .Vb 2 \& send "\e0xFF\e0xFF\e0xFF\e0xFFgetstatus" @@ -1987,7 +2108,7 @@ \&\s-1TCP\s0 sockets, \s-1UNIX\s0 sockets and \s-1UDP\s0 sockets. .PP \&\fBtimeout:with \s-1TIMEOUT\s0 x \s-1SECONDS\s0\fR. Optionally specifies the -connect and read timeout for the connection. If monit cannot +connect and read timeout for the connection. If Monit cannot connect to the server within this time it will assume that the connection failed and execute the specified action. The default connect timeout is 5 seconds. @@ -2010,7 +2131,7 @@ \& [CONTENT {==|!=} "regular\-expression"] \& [TIMEOUT number SECONDS] [[] CYCLES] \& THEN action -\& [ELSE IF PASSED [[] CYCLES] THEN action] +\& [ELSE IF SUCCEEDED [[] CYCLES] THEN action] .Ve .PP Where URL-spec is an \s-1URL\s0 on the standard form as specified in \s-1RFC\s0 @@ -2020,13 +2141,13 @@ \& ://? .Ve .PP -Here is an example on an \s-1URL\s0 where all components are used: +Here is an example of an \s-1URL\s0 where all components are used: .PP .Vb 1 \& http://user:password@www.foo.bar:8080/document/?querystring#ref .Ve .PP -If a username and password is included in the \s-1URL\s0 monit will +If a username and password is included in the \s-1URL\s0 Monit will attempt to login at the server using \fBBasic Authentication\fR. .PP Testing the content returned by the server is optional. If used, @@ -2045,19 +2166,19 @@ Monit will look at the content-length header returned by the server and download this amount before testing the content. That is, if the content-length is more than 1Mb or this header is not -set by the server monit will default to download up to 1 Mb and +set by the server Monit will default to download up to 1 Mb and not more. .PP Only the http(s) protocol is supported in an \s-1URL\s0 statement. If -the protocol is \fBhttps\fR monit will use \s-1SSL\s0 when connecting to +the protocol is \fBhttps\fR Monit will use \s-1SSL\s0 when connecting to the server. .PP Remote host ping test .IX Subsection "Remote host ping test" .PP -In addition monit can perform \s-1ICMP\s0 Echo tests in remote host +In addition Monit can perform \s-1ICMP\s0 Echo tests in remote host checks. The icmp test may only be used in a check host entry and -monit must run with super user privileges, that is, the root user +Monit must run with super user privileges, that is, the root user must run monit. The reason is that the icmp test utilize a raw socket to send the icmp packet and only the super user is allowed to create a raw socket. @@ -2071,27 +2192,27 @@ \& [COUNT number] [WITH] [TIMEOUT number SECONDS] \& [[] CYCLES] \& THEN action -\& [ELSE IF PASSED [[] CYCLES] THEN action] +\& [ELSE IF SUCCEEDED [[] CYCLES] THEN action] .Ve .PP The rules for action and timeout are the same as those mentioned above in the \s-1CONNECTION\s0 \s-1TESTING\s0 section. The count parameter specifies how many consecutive echo requests will be send to the host in one cycle. In the case that no reply came within timeout -frame, monit reports error. When at least one reply was received, +frame, Monit reports error. When at least one reply was received, the test will pass. Monit sends by default three echo requests in one cycle to prevent the random packet loss from generating false alarm (i.e. up to 66% packet loss is tolerated). You can set the -count option to different value, which can serve as error ratio. -For example in the case that you require 100% ping success, you -can set the count to 1 (i.e. just one attempt will be send, when -the packet was lost, then error will be reported). +count option to a value between 1 and 20, which can serve as an +error ratio. For example if you require 100% ping success, set +the count to 1 (i.e. just one request will be sent, and if the +packet was lost an error will be reported). .PP An icmp ping test is useful for testing if a host is up, before testing ports at the host. If an icmp ping test is used in a check host entry, this test is run first and if the ping test should fail we assume that the connection to the host is down and -monit does \fInot\fR continue to test any ports. Here's an example: +Monit does \fInot\fR continue to test any ports. Here's an example: .PP .Vb 6 \& check host xyzzy with address xyzzy.org @@ -2104,8 +2225,8 @@ .PP In this case, if the icmp test should fail you will get \fIone\fR alert and only one alert as long as the host is down, and equally -important, monit will \fInot\fR test port 80 and port 443. Likewise -if the icmp ping test should succeed (again) monit will continue +important, Monit will \fInot\fR test port 80 and port 443. Likewise +if the icmp ping test should succeed (again) Monit will continue to test both port 80 and 443. .PP Keep in mind though that some firewalls can block icmp packages @@ -2114,7 +2235,7 @@ Examples .IX Subsection "Examples" .PP -To check a port connection and receive an alert if monit cannot +To check a port connection and receive an alert if Monit cannot connect to the port, use the following statement: .PP .Vb 1 @@ -2126,7 +2247,7 @@ entry it's the \fIaddress\fR of the remote host. Monit will conduct a tcp connection to the host at port 80 and use tcp by default. If you want to connect with udp, you can specify this after the -port\-statement; +port-statement; .PP .Vb 1 \& if failed port 53 type udp protocol dns then alert @@ -2136,7 +2257,7 @@ assume that the server behind the port is down. You may increase or decrease the connect timeout by explicit add a connection timeout. In the following example the timeout is increased to 15 -seconds and if monit cannot connect to the server within 15 +seconds and if Monit cannot connect to the server within 15 seconds the test will fail and an alert message is sent. .PP .Vb 1 @@ -2164,11 +2285,11 @@ \& if failed host kvasir.sol.no port 80 then alert .Ve .PP -And as mentioned above, if you do not specify a host\-statement, +And as mentioned above, if you do not specify a host-statement, \&\fIlocalhost\fR or \fIaddress\fR is assumed. .PP Monit also knows how to speak some of the more popular Internet -protocols. So, besides testing for connections, monit can also +protocols. So, besides testing for connections, Monit can also speak with the server in question to verify that the server works. For example, the following is used to test a http server: .PP @@ -2178,7 +2299,7 @@ .Ve .PP Some protocols also support a request statement. This statement -can be used to ask the server for a special document entity. +can be used to ask the server for a special document entity. .PP Currently \fBonly\fR the \fI\s-1HTTP\s0\fR protocol module supports the request statement, such as: @@ -2190,7 +2311,7 @@ .Ve .PP The request must contain an \s-1URI\s0 string specifying a document from -the http server. The string will be \s-1URL\s0 encoded by monit before +the http server. The string will be \s-1URL\s0 encoded by Monit before it sends the request to the http server, so it's okay to use \s-1URL\s0 unsafe characters in the request. If the request statement isn't specified, the default web server page will be requested. @@ -2214,11 +2335,11 @@ \& then alert .Ve .PP -monit will compute a checksum (either \s-1MD5\s0 or \s-1SHA1\s0 is used, +Monit will compute a checksum (either \s-1MD5\s0 or \s-1SHA1\s0 is used, depending on length of the hash) for the document (in the above case, /page.html) and compare the computed checksum with the expected checksum. If the sums does not match then the if-tests -action is performed, in this case alert. Note that monit will +action is performed, in this case alert. Note that Monit will \&\fBnot\fR test the checksum for a document if the server does not set the \s-1HTTP\s0 \fIContent-Length\fR header. A \s-1HTTP\s0 server should set this header when it server a static document (i.e. a file). A @@ -2226,7 +2347,7 @@ serving dynamic content (e.g. a document created by a CGI-script or a Servlet), but to test the checksum for dynamic content is not very useful. There are no limitation on the document size, -but keep in mind that monit will use time to download the +but keep in mind that Monit will use time to download the document over the network so it's probably smart not to ask monit to compute a checksum for documents larger than 1Mb or so, depending on you network connection of course. Tip; If you get a @@ -2235,7 +2356,7 @@ set a longer timeout than the default 5 seconds. .PP As mentioned above, if the server protocol is not supported by -monit you can write your own protocol test using send/expect +Monit you can write your own protocol test using send/expect strings. Here we show a protocol test using send/expect for an imaginary \*(L"Ali Baba and the Forty Thieves\*(R" protocol: .PP @@ -2260,7 +2381,7 @@ .PP .Vb 10 \& if failed host shop.sol.no port 443 -\& type TCPSSL SSLV3 # Force monit to use ssl version 3 +\& type TCPSSL SSLV3 # Force Monit to use ssl version 3 \& # We expect the server to return this md5 certificate sum \& # as either 12\-34\-56\-78\-90\-AB\-CD\-EF\-12\-34\-56\-78\-90\-AB\-CD\-EF \& # or e.g. 1234567890ABCDEF1234567890ABCDEF @@ -2302,17 +2423,58 @@ [*] Well, not quite, since we specify an ip-address directly we will bypass any \s-1DNS\s0 round-robin setup, but that's another story. .PP +Testing the \s-1SIP\s0 protocol +.IX Subsection "Testing the SIP protocol" +.PP +The \s-1SIP\s0 protocol is used by communication platform servers such +as Asterisk and FreeSWITCH. +.PP +The \s-1SIP\s0 test is similar to the other protocol tests, but in +addition allows extra optional parameters. +.IP "\s-1IF\s0 \s-1FAILED\s0 [host] [port] [type] \s-1PROTOCOL\s0 sip [\s-1AND\s0] [\s-1TARGET\s0 valid@uri] [\s-1AND\s0] [\s-1MAXFORWARD\s0 n] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1SUCCEEDED\s0 [[] \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 +.IX Item "IF FAILED [host] [port] [type] PROTOCOL sip [AND] [TARGET valid@uri] [AND] [MAXFORWARD n] THEN action [ELSE IF SUCCEEDED [[] CYCLES] THEN action]" +.PP +\&\s-1TARGET\s0 : +you may specify an alternative recipient for the message, +by adding a valid sip uri after this keyword. +.PP +\&\s-1MAXFORWARD\s0 : +Limit the number of proxies or gateways that can forward the +request to the next server. It's value is an integer in the range +0\-255, set by default to 70. If max-forward = 0, the next server +may respond 200 \s-1OK\s0 (test succeeded) or send a 483 Too Many Hops +(test failed) +.PP +\&\s-1SIP\s0 examples: +.PP +.Vb 4 +\& check host openser_all with address 127.0.0.1 +\& if failed port 5060 type udp protocol sip +\& with target "localhost:5060" and maxforward 6 +\& then alert +.Ve +.PP +If sips is supported, that is, sip over ssl, specify tcpssl as +the connection type. +.PP +.Vb 4 +\& check host fwd.pulver.com with address fwd.pulver.com +\& if failed port 5060 type tcpssl protocol SIP +\& and target 613@fwd.pulver.com maxforward 10 +\& then alert +.Ve +.PP For more examples, see the example section below. .SH "MONIT HTTPD" .IX Header "MONIT HTTPD" -If specified in the control file, monit will start a monit daemon +If specified in the control file, Monit will start a Monit daemon with http support. From a Browser you can then start and stop services, disable or enable service monitoring as well as view -the status of each service. Also, if monit logs to its own file, +the status of each service. Also, if Monit logs to its own file, you can view the content of this logfile in a Browser. .PP -The control file statement for starting a monit daemon with http -support is a global set\-statement: +The control file statement for starting a Monit daemon with http +support is a global set-statement: .IP "set httpd port 2812" 4 .IX Item "set httpd port 2812" .PP @@ -2320,7 +2482,7 @@ the daemon from a browser. The port number, in this case 2812, can be any number that you are allowed to bind to. .PP -If you have compiled monit with openssl, you can also start the +If you have compiled Monit with openssl, you can also start the httpd server with ssl support, using the following expression: .PP .Vb 3 @@ -2330,7 +2492,7 @@ .Ve .PP And you can use this \s-1URL\s0, \fIhttps://localhost:2812/\fR, to access -the monit web server over an ssl encrypted connection. +the Monit web server over an ssl encrypted connection. .PP The pemfile, in the example above, holds both the server's private key and certificate. This file should be stored in a safe @@ -2339,7 +2501,7 @@ .PP In addition, if you want to check for client certificates you can use the \s-1CLIENTPEMFILE\s0 statement. In this case, a connecting -client has to provided a certificate known by monit in order to +client has to provided a certificate known by Monit in order to connect. This file also needs to have all necessary \s-1CA\s0 certificates. A configuration could look like: .PP @@ -2354,7 +2516,7 @@ you want to use a self signed certificate from a client it has to be allowed explicitly with the \s-1ALLOWSELFCERTIFICATION\s0 statement. .PP -For more information on how to use monit with \s-1SSL\s0 and for more +For more information on how to use Monit with \s-1SSL\s0 and for more information about certificates and generating pem files, please consult the \s-1README\s0.SSL file accompanying the software. .PP @@ -2379,7 +2541,7 @@ .PP It is possible to hide monit's httpd server version, which usually is available in httpd header responses and in error -pages. +pages. .PP .Vb 3 \& set httpd port 2812 @@ -2387,7 +2549,7 @@ \& signature {enable|disable} .Ve .PP -Use \fIdisable\fR to hide the server signature \- monit will only +Use \fIdisable\fR to hide the server signature \- Monit will only report its name (e.g. 'monit' instead of for example 'monit 4.2'). By default the version signature is enabled. It is worth to stress that this option provides no security advantage and @@ -2395,42 +2557,27 @@ .PP If you remove the httpd statement from the config file, monit will stop the httpd server on configuration reload. Likewise if -you change the port number, monit will restart the http server +you change the port number, Monit will restart the http server using the new specified port number. .PP -The status page displayed by the monit web server is +The status page displayed by the Monit web server is automatically refreshed with the same poll time set for the monit daemon. .PP \&\fBNote:\fR .PP -We strongly recommend that you start monit with http support (and +We strongly recommend that you start Monit with http support (and bind the server to localhost, only, unless you are behind a firewall). The built-in web-server is small and does not use much -resources, and more \fIimportantly\fR, monit can use the http server -for interprocess communication between a monit client and a monit +resources, and more \fIimportantly\fR, Monit can use the http server +for interprocess communication between a Monit client and a monit daemon. .PP -For instance, you \fImust\fR start a monit daemon with http support -if you want to be able to use the following console commands. -(That is; most of the available console commands). -.PP -.Vb 12 -\& 'monit stop all' -\& 'monit start all' -\& 'monit stop service' -\& 'monit start service' -\& 'monit restart service' -\& 'monit monitor service' -\& 'monit unmonitor service' -\& 'monit \-g groupname stop all' -\& 'monit \-g groupname start all' -\& 'monit \-g groupname restart all' -\& 'monit \-g groupname monitor all' -\& 'monit \-g groupname unmonitor all' -.Ve +For instance, you \fImust\fR start a Monit daemon with http support +if you want to be able to use most of the available console +commands. I.e. 'Monit stop all', 'Monit start all' etc. .PP -If a monit daemon is running in the background we will ask the +If a Monit daemon is running in the background we will ask the daemon (via the \s-1HTTP\s0 protocol) to execute the above commands. That is, the daemon is requested to start and stop the services. This ensures that a daemon will not restart a service that you @@ -2438,7 +2585,7 @@ from a service when you start it. .Sh "Monit \s-1HTTPD\s0 Authentication" .IX Subsection "Monit HTTPD Authentication" -monit supports two types of authentication schema's for +Monit supports two types of authentication schema's for connecting to the httpd server, (three, if you count \s-1SSL\s0 client certificate validation). Both schema's can be used together or by itself. You \fBmust\fR choose at least one. @@ -2449,10 +2596,8 @@ The http server maintains an access-control list of hosts and networks allowed to connect to the server. You can add as many hosts as you want to, but only hosts with a valid domain name or -its \s-1IP\s0 address are allowed. If you specify a hostname that does -not resolve, monit will write an error message in the console and -not start. Networks require a network \s-1IP\s0 and a netmask to be -accepted. +its \s-1IP\s0 address are allowed. Networks require a network \s-1IP\s0 and a +netmask to be accepted. .PP The http server will query a name server to check any hosts connecting to the server. If a host (client) is trying to connect @@ -2471,8 +2616,8 @@ \& allow 10.0.0.0/8 .Ve .PP -Clients, not mentioned in the allow list that tries to connect to -the server are logged with their ip\-address. +Clients, not mentioned in the allow list, trying to connect to +the server are logged with their ip-address. .PP Basic Authentication .IX Subsection "Basic Authentication" @@ -2488,25 +2633,50 @@ The biggest weakness with Basic Authentication is that the username and password is sent in clear-text (i.e. base64 encoded) over the network. It is therefor recommended that you do not use -this authentication method unless you run the monit http server +this authentication method unless you run the Monit http server with \fIssl\fR support. With ssl support it is completely safe to use Basic Authentication since \fBall\fR http data, including Basic Authentication headers will be encrypted. .PP -monit will use Basic Authentication if an allow statement +Monit will use Basic Authentication if an allow statement contains a username and a password separated with a single ':' -character, like so; \fIallow username:password\fR. The username and -password must be written in clear\-text. +character, like so: \fIallow username:password\fR. The username and +password must be written in clear-text. Special characters +can be used but the password has to be quoted. +.PP +\&\s-1PAM\s0 is supported as well on platforms which provide \s-1PAM\s0 (such +as Linux, Mac \s-1OS\s0 X, FreeBSD, NetBSD). The syntax is: +\&\fIallow \f(CI@mygroup\fI\fR which provides access to the user of group +called \fImygroup\fR. Monit uses \s-1PAM\s0 service called \fImonit\fR for +\&\s-1PAM\s0 authentication, see \s-1PAM\s0 manual page for detailed instructions +how to set the \s-1PAM\s0 service and \s-1PAM\s0 authentication plugins. +Example Monit \s-1PAM\s0 for Mac \s-1OS\s0 X \- /etc/pam.d/monit: +.PP +.Vb 5 +\& # monit: auth account password session +\& auth sufficient pam_securityserver.so +\& auth sufficient pam_unix.so +\& auth required pam_deny.so +\& account required pam_permit.so +.Ve +.PP +And configuration part for monitrc which allows only group admins +authenticated using via \s-1PAM\s0 to access the http interface: +.PP +.Vb 1 +\& set httpd port 2812 allow @admin +.Ve .PP Alternatively you can use files in \*(L"htpasswd\*(R" format (one user:passwd entry per line), like so: \fIallow [cleartext|crypt|md5] /path [users]\fR. By default cleartext passwords are read. In case the passwords are digested it is -necessary to specify the cryptographic method. In order to select -the users their names can be added to the allow statement. -Otherwise all users are added. +necessary to specify the cryptographic method. If you do not want +all users in the password file to have access to Monit you can +specify only those users that should have access, in the allow +statement. Otherwise all users are added. .PP -Example: +Example1: .PP .Vb 3 \& set httpd port 2812 @@ -2516,36 +2686,33 @@ .PP If you use this method together with a host list, then only clients from the listed hosts will be allowed to connect to the -monit http server and each client will be asked to provide a +Monit http server and each client will be asked to provide a username and a password. .PP -Example: +Example2: .PP .Vb 4 \& set httpd port 2812 \& allow localhost \& allow 10.1.1.1 -\& allow hauk:password +\& allow hauk:"password" .Ve .PP If you only want to use Basic Authentication, then just provide -allow entries with username and password, like so: +allow entries with username and password or password files as in +example 1 above. .PP -.Vb 3 -\& set httpd port 2812 -\& allow hauk:password -\& allow admin:password -.Ve -.PP -Finally it is possible to define some users as read\-only. A -read-only user can read the monit web pages but will \fInot\fR get +Finally it is possible to define some users as read-only. A +read-only user can read the Monit web pages but will \fInot\fR get access to push-buttons and cannot change a service from the web interface. .PP -.Vb 3 +.Vb 5 \& set httpd port 2812 \& allow admin:password \& allow hauk:password read\-only +\& allow @admins +\& allow @users read\-only .Ve .PP A user is set to read-only by using the \fIread-only\fR keyword @@ -2553,30 +2720,30 @@ is defined as a read-only user, while the \fIadmin\fR user has all access rights. .PP -\&\s-1NB\s0! a monit client will use the \fIfirst\fR username:password pair +\&\s-1NB\s0! a Monit client will use the \fIfirst\fR username:password pair in an allow list and you should \fBnot\fR define the first user as a -read-only user. If you do, monit console commands will not work. +read-only user. If you do, Monit console commands will not work. .PP If you use Basic Authentication it is a good idea to set the access permission for the control file (~/.monitrc) to only readable and writable for the user running monit, because the -password is written in clear\-text. (Use this command, /bin/chmod -600 ~/.monitrc). In fact, since monit \fBversion 3.0\fR, monit will +password is written in clear-text. (Use this command, /bin/chmod +600 ~/.monitrc). In fact, since Monit \fBversion 3.0\fR, Monit will complain and exit if the control file is readable by others. .PP Clients trying to connect to the server but supply the wrong -username and/or password are logged with their ip\-address. +username and/or password are logged with their ip-address. .PP -If the monit command line interface is being used at least one -cleartext password is necessary. Otherwise, the monit command -line interface will not be able to connect to the monit daemon +If the Monit command line interface is being used, at least one +cleartext password is necessary. Otherwise, the Monit command +line interface will not be able to connect to the Monit daemon server. .SH "DEPENDENCIES" .IX Header "DEPENDENCIES" -If specified in the control file, monit can do dependency +If specified in the control file, Monit can do dependency checking before start, stop, monitoring or unmonitoring of services. The dependency statement may be used within any service -entries in the monit control file. +entries in the Monit control file. .PP The syntax for the depend statement is simply: .IP "\s-1DEPENDS\s0 on service[, service [,...]]" 4 @@ -2601,7 +2768,7 @@ Here is an example where we set up an apache service entry to depend on the underlying apache binary. If the binary should change an alert is sent and apache is not monitored anymore. The -rationale is security and that monit should not execute a +rationale is security and that Monit should not execute a possibly cracked apache binary. .PP .Vb 7 @@ -2648,55 +2815,55 @@ starts. See also the example section below for examples using the depend statement. .PP -Here we describe how monit will function with the above +Here we describe how Monit will function with the above dependencies: .IP "If no servers are running" 4 .IX Item "If no servers are running" -monit will start the servers in the following order: \fId\fR, \fIc\fR, +Monit will start the servers in the following order: \fId\fR, \fIc\fR, \&\fIb\fR, \fIa\fR .IP "If all servers are running" 4 .IX Item "If all servers are running" -When you run 'monit stop all' this is the stop order: \fIa\fR, \fIb\fR, -\&\fIc\fR, \fId\fR. If you run 'monit stop d' then \fIa\fR, \fIb\fR and \fIc\fR +When you run 'Monit stop all' this is the stop order: \fIa\fR, \fIb\fR, +\&\fIc\fR, \fId\fR. If you run 'Monit stop d' then \fIa\fR, \fIb\fR and \fIc\fR are also stopped because they depend on \fId\fR and finally \fId\fR is stopped. .IP "If \fIa\fR does not run" 4 .IX Item "If a does not run" -When monit runs it will start \fIa\fR +When Monit runs it will start \fIa\fR .IP "If \fIb\fR does not run" 4 .IX Item "If b does not run" -When monit runs it will first stop \fIa\fR then start \fIb\fR and +When Monit runs it will first stop \fIa\fR then start \fIb\fR and finally start \fIa\fR again. .IP "If \fIc\fR does not run" 4 .IX Item "If c does not run" -When monit runs it will first stop \fIa\fR and \fIb\fR then start \fIc\fR +When Monit runs it will first stop \fIa\fR and \fIb\fR then start \fIc\fR and finally start \fIb\fR then \fIa\fR. .IP "If \fId\fR does not run" 4 .IX Item "If d does not run" -When monit runs it will first stop \fIa\fR, \fIb\fR and \fIc\fR then start +When Monit runs it will first stop \fIa\fR, \fIb\fR and \fIc\fR then start \&\fId\fR and finally start \fIc\fR, \fIb\fR then \fIa\fR. .IP "If the control file contains a depend loop." 4 .IX Item "If the control file contains a depend loop." A depend loop is for example; a\->b and b\->a or a\->b\->c\->a. .Sp -When monit starts it will check for such loops and complain and +When Monit starts it will check for such loops and complain and exit if a loop was found. It will also exit with a complaint if a depend statement was used that does not point to a service in the control file. .SH "THE RUN CONTROL FILE" .IX Header "THE RUN CONTROL FILE" -The preferred way to set up monit is to write a \fI.monitrc\fR file +The preferred way to set up Monit is to write a \fI.monitrc\fR file in your home directory. When there is a conflict between the command-line arguments and the arguments in this file, the command-line arguments take precedence. To protect the security of your control file and passwords the control file must have -permissions \fIno more than 0700\fR (u=xrw,g=,o=); monit will +permissions \fIno more than 0700\fR (u=xrw,g=,o=); Monit will complain and exit otherwise. .Sh "Run Control Syntax" .IX Subsection "Run Control Syntax" Comments begin with a '#' and extend through the end of the line. Otherwise the file consists of a series of service entries or -global option statements in a free\-format, token-oriented syntax. +global option statements in a free-format, token-oriented syntax. .PP There are three kinds of tokens: grammar keywords, numbers (i.e. decimal digit sequences) and strings. Strings can be either @@ -2715,55 +2882,56 @@ .IX Item "2. One or more service entry statements." Each service entry consists of the keywords `check', followed by the service type. Each entry requires a descriptive -name. This name is used by monit to refer to the service -internally and in all interactions with the user. +name, which may be freely chosen. This name is used by monit +to refer to the service internally and in all interactions +with the user. .PP Currently, six types of check statements are supported: .IP "1. \s-1CHECK\s0 \s-1PROCESS\s0 \s-1PIDFILE\s0 " 4 .IX Item "1. CHECK PROCESS PIDFILE " is the absolute path to the program's pidfile. If the pidfile does not exist or does not contain the pid number of a -running process, monit will call the entry's start method if -defined, If monit runs in passive mode or the start methods is -not defined, monit will just send alerts on errors. +running process, Monit will call the entry's start method if +defined, If Monit runs in passive mode or the start methods is +not defined, Monit will just send alerts on errors. .IP "2. \s-1CHECK\s0 \s-1FILE\s0 \s-1PATH\s0 " 4 .IX Item "2. CHECK FILE PATH " is the absolute path to the file. If the file does not -exist or disappeared, monit will call the entry's start method if +exist or disappeared, Monit will call the entry's start method if defined, if does not point to a regular file type (for -instance a directory), monit will disable monitoring of this -entry. If monit runs in passive mode or the start methods is not -defined, monit will just send alerts on errors. +instance a directory), Monit will disable monitoring of this +entry. If Monit runs in passive mode or the start methods is not +defined, Monit will just send alerts on errors. .IP "3. \s-1CHECK\s0 \s-1FIFO\s0 \s-1PATH\s0 " 4 .IX Item "3. CHECK FIFO PATH " is the absolute path to the fifo. If the fifo does not -exist or disappeared, monit will call the entry's start method if +exist or disappeared, Monit will call the entry's start method if defined, if does not point to a fifo type (for -instance a directory), monit will disable monitoring of this -entry. If monit runs in passive mode or the start methods is not -defined, monit will just send alerts on errors. -.IP "4. \s-1CHECK\s0 \s-1DEVICE\s0 \s-1PATH\s0 " 4 -.IX Item "4. CHECK DEVICE PATH " - is the path to the device block special file, mount point, +instance a directory), Monit will disable monitoring of this +entry. If Monit runs in passive mode or the start methods is not +defined, Monit will just send alerts on errors. +.IP "4. \s-1CHECK\s0 \s-1FILESYSTEM\s0 \s-1PATH\s0 " 4 +.IX Item "4. CHECK FILESYSTEM PATH " + is the path to the filesystem block special device, mount point, file or a directory which is part of a filesystem. It is recommended to use a block special file directly (for example /dev/hda1 on Linux or /dev/dsk/c0t0d0s1 on Solaris, etc.) If you use a mount point (for example /data), be careful, because if the -device is unmounted the test will still be true because the mount +filesystem is unmounted the test will still be true because the mount point exist. .Sp -If the device becomes unavailable, monit will call the entry's -start method if defined. if does not point to a device, -monit will disable monitoring of this entry. If monit runs in -passive mode or the start methods is not defined, monit will just +If the filesystem becomes unavailable, Monit will call the entry's +start method if defined. if does not point to a filesystem, +Monit will disable monitoring of this entry. If Monit runs in +passive mode or the start methods is not defined, Monit will just send alerts on errors. .IP "5. \s-1CHECK\s0 \s-1DIRECTORY\s0 \s-1PATH\s0 " 4 .IX Item "5. CHECK DIRECTORY PATH " is the absolute path to the directory. If the directory -does not exist or disappeared, monit will call the entry's start +does not exist or disappeared, Monit will call the entry's start method if defined, if does not point to a directory, monit -will disable monitoring of this entry. If monit runs in passive -mode or the start methods is not defined, monit will just send +will disable monitoring of this entry. If Monit runs in passive +mode or the start methods is not defined, Monit will just send alerts on errors. .IP "6. \s-1CHECK\s0 \s-1HOST\s0 \s-1ADDRESS\s0 " 4 .IX Item "6. CHECK HOST ADDRESS " @@ -2786,17 +2954,15 @@ .PP .Vb 1 \& Here are the legal global keywords: -.Ve -.PP -.Vb 50 +\& \& Keyword Function \& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- \& set daemon Set a background poll interval in seconds. -\& set init Set monit to run from init. monit will not +\& set init Set Monit to run from init. Monit will not \& transform itself into a daemon process. \& set logfile Name of a file to dump error\- and status\- \& messages to. If syslog is specified as the -\& file, monit will utilize the syslog daemon +\& file, Monit will utilize the syslog daemon \& to log messages. This can optionally be \& followed by 'facility ' where \& facility is 'log_local0' \- 'log_local7' or @@ -2804,19 +2970,21 @@ \& LOG_USER is used. \& set mailserver The mailserver used for sending alert \& notifications. If the mailserver is not -\& defined, monit will try to use 'localhost' +\& defined, Monit will try to use 'localhost' \& as the smtp\-server for sending mail. You -\& can add more mail servers, if monit cannot +\& can add more mail servers, if Monit cannot \& connect to the first server it will try the \& next server and so on. \& set mail\-format Set a global mail format for all alert \& messages emitted by monit. -\& set pidfile Explicit set the location of the monit lock +\& set idfile Explicit set the location of the Monit id +\& file. E.g. set idfile /var/monit/id. +\& set pidfile Explicit set the location of the Monit lock \& file. E.g. set pidfile /var/run/xyzmonit.pid. -\& set statefile Explicit set the location of the file monit +\& set statefile Explicit set the location of the file Monit \& will write state data to. If not set, the \& default is $HOME/.monit.state. -\& set httpd port Activates monit http server at the given +\& set httpd port Activates Monit http server at the given \& port number. \& ssl enable Enables ssl support for the httpd server. \& Requires the use of the pemfile statement. @@ -2837,19 +3005,15 @@ \& optional part of the set httpd statement. \& read\-only Set the user defined in username:password \& to read only. A read\-only user cannot change -\& a service from the monit web interface. +\& a service from the Monit web interface. \& include include a file or files matching the globstring -.Ve -.PP -.Vb 1 +\& \& Here are the legal service entry keywords: -.Ve -.PP -.Vb 171 +\& \& Keyword Function \& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- \& check Starts an entry and must be followed by the type -\& of monitored service {device|directory|file|host +\& of monitored service {filesystem|directory|file|host \& process|system} and a descriptive name for the \& service. \& pidfile Specify the process pidfile. Every @@ -2857,7 +3021,7 @@ \& current process id. This statement should only \& be used in a process service entry. \& path Must be followed by a path to the block -\& special file for filesystem (device), regular +\& special file for filesystem, regular \& file, directory or a process's pidfile. \& group Specify a groupname for a service entry. \& start The program used to start the specified @@ -2887,27 +3051,24 @@ \& is also optional. If this statement is not \& prefixed with a host\-statement, localhost is \& used as the hostname to test the port at. -\& type Specifies the socket type monit should use when +\& type Specifies the socket type Monit should use when \& testing a connection to a port. If the type \& keyword is omitted, tcp is used. This keyword \& must be followed by either tcp, udp or tcpssl. -\& tcp Specifies that monit should use a TCP +\& tcp Specifies that Monit should use a TCP \& socket type (stream) when testing a port. -\& tcpssl Specifies that monit should use a TCP socket +\& tcpssl Specifies that Monit should use a TCP socket \& type (stream) and the secure socket layer (ssl) \& when testing a port connection. -\& udp Specifies that monit should use a UDP socket +\& udp Specifies that Monit should use a UDP socket \& type (datagram) when testing a port. \& certmd5 The md5 sum of a certificate a ssl forged \& server has to deliver. \& proto(col) This keyword specifies the type of service -\& found at the port. monit knows at the moment -\& how to speak HTTP, SMTP, FTP, POP, IMAP, MYSQL, -\& NNTP, SSH, DWP, LDAP2, LDAP3, RDATE, NTP3, DNS, -\& POSTFIX\-POLICY, APACHE\-STATUS, TNS, PGSQL and -\& RSYNC. +\& found at the port. See CONNECTION TESTING +\& for list of supported protocols. \& You're welcome to write new protocol test -\& modules. If no protocol is specified monit will +\& modules. If no protocol is specified Monit will \& use a default test which in most cases are good \& enough. \& request Specifies a server request and must come @@ -2924,10 +3085,10 @@ \& unix(socket) Specifies a Unix socket file and used like \& the port statement above to test a Unix \& domain network socket connection. -\& URL Specify an URL string which monit will use for +\& URL Specify an URL string which Monit will use for \& connection testing. \& content Optional sub\-statement for the URL statement. -\& Specifies that monit should test the content +\& Specifies that Monit should test the content \& returned by the server against a regular \& expression. \& timeout x sec. Define a network port connection timeout. Must @@ -2944,6 +3105,9 @@ \& certain events. See the examples above. More \& than one alert statement is allowed in an \& entry. This statement is also optional. +\& noalert Specifies an email address which don't want +\& to receive alerts. This statement is also +\& optional. \& restart, stop These keywords may be used as actions for \& unmonitor, various test statements. The exec statement is \& start and special in that it requires a following string @@ -2954,10 +3118,10 @@ \& mail\-format Specifies a mail format for an alert message \& This statement is an optional part of the \& alert statement. -\& checksum Specify that monit should compute and monitor a +\& checksum Specify that Monit should compute and monitor a \& file's md5/sha1 checksum. May only be used in a \& check file entry. -\& expect Specifies a md5/sha1 checksum string monit +\& expect Specifies a md5/sha1 checksum string Monit \& should expect when testing the checksum. This \& statement is an optional part of the checksum \& statement. @@ -2971,13 +3135,13 @@ \& Useful in daemon mode when the cycle is short \& and a service takes some time to start. \& mode Must be followed either by the keyword active, -\& passive or manual. If active, monit will restart +\& passive or manual. If active, Monit will restart \& the service if it is not running (this is the -\& default behavior). If passive, monit will not +\& default behavior). If passive, Monit will not \& (re)start the service if it is not running \- it \& will only monitor and send alerts (resource \& related restart and stop options are ignored -\& in this mode also). If manual, monit will enter +\& in this mode also). If manual, Monit will enter \& active mode only if a service was started under \& monit's control otherwise the service isn't \& monitored. @@ -3026,26 +3190,26 @@ \&\fIpemfile\fR, \fIallow\fR, \fIread-only\fR, \fIcheck\fR, \fIinit\fR, \fIcount\fR, \&\fIpidfile\fR, \fIstatefile\fR, \fIgroup\fR, \fIstart\fR, \fIstop\fR, \fIuid\fR, \&\fIgid\fR, \fIconnection\fR, \fIport(number)\fR, \fIunix(socket)\fR, \fItype\fR, -\&\fIproto(col)\fR, \fItcp\fR, \fItcpssl\fR, \fIudp\fR, \fIalert\fR, \fIicmp\fR, +\&\fIproto(col)\fR, \fItcp\fR, \fItcpssl\fR, \fIudp\fR, \fIalert\fR, \fInoalert\fR, \&\fImail-format\fR, \fIrestart\fR, \fItimeout\fR, \fIchecksum\fR, \fIresource\fR, \&\fIexpect\fR, \fIsend\fR, \fImailserver\fR, \fIevery\fR, \fImode\fR, \fIactive\fR, \&\fIpassive\fR, \fImanual\fR, \fIdepends\fR, \fIhost\fR, \fIdefault\fR, \fIhttp\fR, -\&\fIftp\fR, \fIsmtp\fR, \fIpop\fR, \fIntp3\fR, \fInntp\fR, \fIimap\fR, \fIssh\fR, -\&\fIdwp\fR, \fIldap2\fR, \fIldap3\fR, \fItns\fR, \fIrequest\fR, \fIcpu\fR, \fImem\fR, -\&\fItotalmem\fR, \fIchildren\fR, \fIloadavg\fR, \fItimestamp\fR, \fIchanged\fR, -\&\fIsecond(s)\fR, \fIminute(s)\fR, \fIhour(s)\fR, \fIday(s)\fR, \fIspace\fR, -\&\fIinode\fR, \fIpid\fR, \fIppid\fR, \fIperm(ission)\fR, \fIprocess\fR, \fIfile\fR, -\&\fIdirectory\fR, \fIdevice\fR, \fIsize\fR, \fIunmonitor\fR, \fIrdate\fR, -\&\fIrsync\fR, \fIdata\fR, \fIinvalid\fR, \fIexec\fR, \fInonexist\fR, \fIpolicy\fR, -\&\fIreminder\fR, \fIinstance\fR, \fIeventqueue\fR, \fIbasedir\fR, \fIslot(s)\fR, -\&\fIsystem\fR and \fIfailed\fR +\&\fIftp\fR, \fIsmtp\fR, \fIpop\fR, \fIntp3\fR, \fInntp\fR, \fIimap\fR, \fIclamav\fR, +\&\fIssh\fR, \fIdwp\fR, \fIldap2\fR, \fIldap3\fR, \fItns\fR, \fIrequest\fR, \fIcpu\fR, +\&\fImem\fR, \fItotalmem\fR, \fIchildren\fR, \fIloadavg\fR, \fItimestamp\fR, +\&\fIchanged\fR, \fIsecond(s)\fR, \fIminute(s)\fR, \fIhour(s)\fR, \fIday(s)\fR, +\&\fIspace\fR, \fIinode\fR, \fIpid\fR, \fIppid\fR, \fIperm(ission)\fR, \fIicmp\fR, +\&\fIprocess\fR, \fIfile\fR, \fIdirectory\fR, \fIfilesystem\fR, \fIsize\fR, \fIaction\fR, +\&\fIunmonitor\fR, \fIrdate\fR, \fIrsync\fR, \fIdata\fR, \fIinvalid\fR, \fIexec\fR, +\&\fInonexist\fR, \fIpolicy\fR, \fIreminder\fR, \fIinstance\fR, \fIeventqueue\fR, +\&\fIbasedir\fR, \fIslot(s)\fR, \fIsystem\fR, \fIidfile\fR and \fIfailed\fR .PP And here is a complete list of \fBnoise keywords\fR ignored by monit: .PP \&\fIis\fR, \fIas\fR, \fIare\fR, \fIon(ly)\fR, \fIwith(in)\fR, \fIand\fR, \fIhas\fR, \&\fIusing\fR, \fIuse\fR, \fIthe\fR, \fIsum\fR, \fIprogram(s)\fR, \fIthan\fR, \fIfor\fR, -\&\fIusage\fR, \fIwas\fR. +\&\fIusage\fR, \fIwas\fR, \fIbut\fR, \fIof\fR. .PP \&\fBNote:\fR If the \fIstart\fR or \fIstop\fR programs are shell scripts, then the script must begin with \f(CW\*(C`#!\*(C'\fR and the remainder of the @@ -3053,7 +3217,7 @@ \&\f(CW\*(C`#!/bin/sh\*(C'\fR .PP It's possible to write scripts directly into the \fIstart\fR and -\&\fIstop\fR entries by using a string of shell\-commands. Like so: +\&\fIstop\fR entries by using a string of shell-commands. Like so: .PP .Vb 2 \& start="/bin/bash \-c 'echo $$ > pidfile; exec program'" @@ -3068,7 +3232,7 @@ \& check process resin with pidfile /usr/local/resin/srun.pid .Ve .PP -To have monit start the server if it's not running, add a start +To have Monit start the server if it's not running, add a start statement: .PP .Vb 2 @@ -3078,17 +3242,18 @@ .PP Here's a more advanced example for monitoring an apache web-server listening on the default port number for \s-1HTTP\s0 and -\&\s-1HTTPS\s0. In this example monit will restart apache if it's not -accepting connections at the port numbers. The method monit use -for a process restart is to first execute the stop\-program, wait -for the process to stop and then execute the start\-program. (If -monit was unable to stop or start the service a failed alert -message will be sent if you have requested alert messages to be -sent). +\&\s-1HTTPS\s0. In this example Monit will restart apache if it's not +accepting connections at the port numbers. The method Monit use +for a process restart is to first execute the stop-program, wait +up to 30s for the process to stop and then execute the start-program +and wait up to 30s for it to start. The length of start or stop +timeout can be overriden using the 'timeout' option. If Monit was +unable to stop or start the service a failed alert message will +be sent if you have requested alert messages to be sent. .PP .Vb 5 \& check process apache with pidfile /var/run/httpd.pid -\& start program = "/etc/init.d/httpd start" +\& start program = "/etc/init.d/httpd start" with timeout 60 seconds \& stop program = "/etc/init.d/httpd stop" \& if failed port 80 then restart \& if failed port 443 with timeout 15 seconds then restart @@ -3100,9 +3265,9 @@ programs that does not (e.g. Java programs), monit's ability to start a program as a certain user can be very useful. In this example we start the Tomcat Java Servlet Engine as the standard -\&\fInobody\fR user and group. Please note that monit will only switch +\&\fInobody\fR user and group. Please note that Monit will only switch uid and gid for a program if the super-user is running monit, -otherwise monit will simply ignore the request to change uid and +otherwise Monit will simply ignore the request to change uid and gid. .PP .Vb 7 @@ -3126,7 +3291,7 @@ \& if 3 restarts within 5 cycles then timeout .Ve .PP -The following example illustrate how to check if the service +The following example illustrates how to check if the service \&'sophie' is answering connections on its Unix domain socket: .PP .Vb 4 @@ -3150,7 +3315,7 @@ \& if failed host www.tildeslash.com port 80 then alert .Ve .PP -To make sure that monit is communicating with a http server a +To make sure that Monit is communicating with a http server a protocol test can be added: .PP .Vb 6 @@ -3207,7 +3372,7 @@ \& then alert .Ve .PP -In the following example we ask monit to compute and verify the +In the following example we ask Monit to compute and verify the checksum for the underlying apache binary used by the start and stop programs. If the the checksum test should fail, monitoring will be disabled to prevent possibly starting a compromised @@ -3219,24 +3384,52 @@ \& stop program = "/etc/init.d/httpd stop" \& if failed host www.tildeslash.com port 80 then restart \& depends on apache_bin -.Ve -.PP -.Vb 2 +\& \& check file apache_bin with path /usr/local/apache/bin/httpd \& if failed checksum then unmonitor .Ve .PP -In this example we ask monit to test the checksum for a document +In this example we ask Monit to test the checksum for a document on a remote server. If the checksum was changed we send an alert: .PP -.Vb 7 +.Vb 5 \& check host tildeslash with address www.tildeslash.com \& if failed port 80 protocol http \& and request "/monit/dist/monit\-4.0.tar.gz" \& with checksum f9d26b8393736b5dfad837bb13780786 \& then alert -\& alert hauk@tildeslash.com with mail\-format {subject: -\& Aaaalarm! } +.Ve +.PP +Here are a couple of tests for some popular communication +servers, using the \s-1SIP\s0 protocol. First we test a FreeSWITCH +server and then an Asterisk server +.PP +.Vb 12 +\& check process freeswitch +\& with pidfile /usr/local/freeswitch/log/freeswitch.pid +\& start program = a\*^XX/usr/local/freeswitch/bin/freeswitch \-nc \-hpa\*^XX +\& stop program = a\*^XX/usr/local/freeswitch/bin/freeswitch \-stopa\*^XX +\& if totalmem > 1000.0 MB for 5 cycles then alert +\& if totalmem > 1500.0 MB for 5 cycles then alert +\& if totalmem > 2000.0 MB for 5 cycles then restart +\& if cpu > 60% for 5 cycles then alert +\& if failed port 5060 type udp protocol SIP +\& target me@foo.bar and maxforward 10 +\& then restart +\& if 5 restarts within 5 cycles then timeout +\& +\& check process asterisk +\& with pidfile /var/run/asterisk/asterisk.pid +\& start program = a\*^XX/usr/sbin/asteriska\*^XX +\& stop program = a\*^XX/usr/sbin/asterisk \-r \-x a\*^XXshutdown nowa\*^XXa\*^XX +\& if totalmem > 1000.0 MB for 5 cycles then alert +\& if totalmem > 1500.0 MB for 5 cycles then alert +\& if totalmem > 2000.0 MB for 5 cycles then restart +\& if cpu > 60% for 5 cycles then alert +\& if failed port 5060 type udp protocol SIP +\& and target me@foo.bar maxforward 10 +\& then restart +\& if 5 restarts within 5 cycles then timeout .Ve .PP Some servers are slow starters, like for example Java based @@ -3253,9 +3446,9 @@ .Ve .PP Here is an example where we group together two database entries -so you can manage them together, e.g.; 'monit \-g database start +so you can manage them together, e.g.; 'Monit \-g database start all'. The mode statement is also illustrated in the first entry -and have the effect that monit will not try to (re)start this +and have the effect that Monit will not try to (re)start this service if it is not running: .PP .Vb 5 @@ -3264,9 +3457,7 @@ \& stop = "/etc/init.d/sybase stop" \& mode passive \& group database -.Ve -.PP -.Vb 6 +\& \& check process oracle with pidfile /var/run/oracle.pid \& start program = "/etc/init.d/oracle start" \& stop program = "/etc/init.d/oracle stop" @@ -3282,12 +3473,13 @@ memory usage over 100Mb for five cycles or if the machines load average is more than 10 for 8 cycles: .PP -.Vb 7 +.Vb 8 \& check process apache with pidfile /var/run/httpd.pid \& start program = "/etc/init.d/httpd start" \& stop program = "/etc/init.d/httpd stop" -\& if cpu > 60% for 2 cycles then alert -\& if cpu > 80% for 5 cycles then restart +\& if cpu > 40% for 2 cycles then alert +\& if totalcpu > 60% for 2 cycles then alert +\& if totalcpu > 80% for 5 cycles then restart \& if mem > 100 MB for 5 cycles then stop \& if loadavg(5min) greater than 10.0 for 8 cycles then stop .Ve @@ -3305,11 +3497,10 @@ In this example we demonstrate usage of the extended alert statement and a file check dependency: .PP -.Vb 15 +.Vb 10 \& check process apache with pidfile /var/run/httpd.pid \& start = "/etc/init.d/httpd start" \& stop = "/etc/init.d/httpd stop" -\& if failed host www.tildeslash.com port 80 then restart \& alert admin@bar on {nonexist, timeout} \& with mail\-format { \& from: bofh@$HOST @@ -3318,13 +3509,15 @@ \& Your faithful employee, \& monit \& } +\& if failed host www.tildeslash.com port 80 then restart \& if 3 restarts within 5 cycles then timeout \& depend httpd_bin \& group apache -.Ve -.PP -.Vb 12 +\& \& check file httpd_bin with path /usr/local/apache/bin/httpd +\& alert security@bar on {checksum, timestamp, +\& permission, uid, gid} +\& with mail\-format {subject: Alaaarrm! on $HOST} \& if failed checksum \& and expect 8f7f419955cefa0b33a2ba316cba3659 \& then unmonitor @@ -3332,9 +3525,6 @@ \& if failed uid root then unmonitor \& if failed gid root then unmonitor \& if changed timestamp then alert -\& alert security@bar on {checksum, timestamp, -\& permission, uid, gid} -\& with mail\-format {subject: Alaaarrm! on $HOST} \& group apache .Ve .PP @@ -3348,9 +3538,7 @@ \& start = "/etc/init.d/httpd start" \& stop = "/etc/init.d/httpd stop" \& depends on oracle -.Ve -.PP -.Vb 4 +\& \& check process oracle with pidfile /var/run/oracle.pid \& start = "/etc/init.d/oracle start" \& stop = "/etc/init.d/oracle stop" @@ -3366,17 +3554,13 @@ \& start = "/etc/init.d/oracle start" \& stop = "/etc/init.d/oracle stop" \& if failed port 9001 then restart -.Ve -.PP -.Vb 5 +\& \& check process oracle\-import \& with pidfile /var/run/oracle\-import.pid \& start = "/etc/init.d/oracle\-import start" \& stop = "/etc/init.d/oracle\-import stop" \& depends on oracle -.Ve -.PP -.Vb 5 +\& \& check process oracle\-export \& with pidfile /var/run/oracle\-export.pid \& start = "/etc/init.d/oracle\-export start" @@ -3386,7 +3570,7 @@ .PP Finally an example with all statements: .PP -.Vb 23 +.Vb 10 \& check process apache with pidfile /var/run/httpd.pid \& start program = "/etc/init.d/httpd start" \& stop program = "/etc/init.d/httpd stop" @@ -3410,18 +3594,14 @@ \& depends on httpd_bin \& depends on datafs \& group server -.Ve -.PP -.Vb 6 +\& \& check file httpd.pid with path /usr/local/apache/logs/httpd.pid \& group server \& if timestamp > 7 days then restart \& every 2 cycles \& alert bofh@bar with mail\-format {from: monit@foo.bar.no} \& depends on datafs -.Ve -.PP -.Vb 7 +\& \& check file httpd.conf with path /etc/httpd/httpd.conf \& group server \& if timestamp was changed @@ -3429,9 +3609,7 @@ \& every 2 cycles \& alert bofh@bar with mail\-format {from: monit@foo.bar.no} \& depends on datafs -.Ve -.PP -.Vb 13 +\& \& check file httpd_bin with path /usr/local/apache/bin/httpd \& group server \& if failed checksum and expect the sum @@ -3445,10 +3623,8 @@ \& alert bofh@bar with mail\-format {from: monit@foo.bar.no} \& alert foo@bar on { checksum, size, timestamp, uid, gid } \& depends on datafs -.Ve -.PP -.Vb 12 -\& check device datafs with path /dev/sdb1 +\& +\& check filesystem datafs with path /dev/sdb1 \& group server \& start program = "/bin/mount /data" \& stop program = "/bin/umount /data" @@ -3460,9 +3636,7 @@ \& if inode usage > 80 % then alert \& if inode usage > 94 % then stop \& alert root@localhost -.Ve -.PP -.Vb 7 +\& \& check host ftp.redhat.com with address ftp.redhat.com \& if failed icmp type echo with timeout 15 seconds \& then alert @@ -3470,9 +3644,7 @@ \& then exec "/usr/X11R6/bin/xmessage \-display \& :0 ftp connection failed" \& alert foo@bar.com -.Ve -.PP -.Vb 7 +\& \& check host www.gnu.org with address www.gnu.org \& if failed port 80 protocol http \& and request "/pub/gnu/bash/bash\-2.05b.tar.gz" @@ -3482,197 +3654,9 @@ \& subject: The gnu server may be hacked again! } .Ve .PP -Note; only the \fBcheck type\fR, \fBpidfile/path/address\fR statements -are mandatory, the other statements are optional and the order of -the optional statements is not important. -.SH "MONIT WITH HEARTBEAT" -.IX Header "MONIT WITH HEARTBEAT" -You can download \fIheartbeat\fR from -http://www.linux\-ha.org/download/. It might be useful to have a -look at The Heartbeat Getting Started Guide at: -http://www.linux\-ha.org/GettingStarted.html -.PP -\&\fBStarting up a Node\fR -.PP -This is the normal start sequence for a cluster\-node. With this -sequence, there should be no error\-case, which is not handled -either by heartbeat or by monit. For example, if monit dies, -initd restarts it. If heartbeat dies, monit restarts it. If the -node dies, the heartbeat instance on the other node detects it -and restart the services there. -.IP "1. initd starts monit with group local" 4 -.IX Item "1. initd starts monit with group local" -.PD 0 -.IP "2. monit starts heartbeat in local group" 4 -.IX Item "2. monit starts heartbeat in local group" -.IP "3. heartbeat requests monit to start the node group" 4 -.IX Item "3. heartbeat requests monit to start the node group" -.IP "4. monit starts the node group" 4 -.IX Item "4. monit starts the node group" -.PD -.PP -\&\fBMonit: \f(BI/etc/monitrc\fB\fR -.PP -This example describes a cluster with 2 nodes. Services running -on Node 1 are in the group \fInode1\fR and Node 2 services are in -the \fInode2\fR group. -.PP -The local group entries are mode \fIactive\fR, the node group -entries are mode \fImanual\fR and controlled by heartbeat. -.PP -.Vb 3 -\& # -\& # local services on both hosts -\& # -.Ve -.PP -.Vb 6 -\& check process heartbeat with pidfile /var/run/heartbeat.pid -\& start program = "/etc/init.d/heartbeat start" -\& stop program = "/etc/init.d/heartbeat start" -\& mode active -\& alert foo@bar -\& group local -.Ve -.PP -.Vb 6 -\& check process postfix with pidfile /var/run/postfix/master.pid -\& start program = "/etc/init.d/postfix start" -\& stop program = "/etc/init.d/postfix stop" -\& mode active -\& alert foo@bar -\& group local -.Ve -.PP -.Vb 3 -\& # -\& # node1 services -\& # -.Ve -.PP -.Vb 7 -\& check process apache with pidfile /var/apache/logs/httpd.pid -\& start program = "/etc/init.d/apache start" -\& stop program = "/etc/init.d/apache stop" -\& depends named -\& alert foo@bar -\& mode manual -\& group node1 -.Ve -.PP -.Vb 6 -\& check process named with pidfile /var/tmp/named.pid -\& start program = "/etc/init.d/named start" -\& stop program = "/etc/init.d/named stop" -\& alert foo@bar -\& mode manual -\& group node1 -.Ve -.PP -.Vb 3 -\& # -\& # node2 services -\& # -.Ve -.PP -.Vb 6 -\& check process named\-slave with pidfile /var/tmp/named\-slave.pid -\& start program = "/etc/init.d/named\-slave start" -\& stop program = "/etc/init.d/named\-slave stop" -\& mode manual -\& alert foo@bar -\& group node2 -.Ve -.PP -.Vb 7 -\& check process squid with pidfile /var/squid/logs/squid.pid -\& start program = "/etc/init.d/squid start" -\& stop program = "/etc/init.d/squid stop" -\& depends named\-slave -\& alert foo@bar -\& mode manual -\& group node2 -.Ve -.PP -\&\fBinitd: \f(BI/etc/inittab\fB\fR -.PP -Monit is started on both nodes with initd. You will need to add -an entry in \fI/etc/inittab\fR to start monit with the same local -group heartbeat is member of. -.PP -.Vb 2 -\& #/etc/inittab -\& mo:2345:respawn:/usr/local/bin/monit \-d 10 \-c /etc/monitrc \-g local -.Ve -.PP -\&\fBheartbeat: \f(BI/etc/ha.d/haresources\fB\fR -.PP -When heartbeat starts, heartbeat looks up the node entry and -start the script \fI/etc/init.d/monit\-node1\fR or -\&\fI/etc/init.d/monit\-node2\fR. The script calls monit to start the -specific group per node. -.PP -.Vb 3 -\& # /etc/ha.d/haresources -\& node1 IPaddr::172.16.100.1 monit\-node1 -\& node2 IPaddr::172.16.100.2 monit\-node2 -.Ve -.PP -\&\fB\f(BI/etc/init.d/monit\-node1\fB\fR -.PP -.Vb 11 -\& #!/bin/bash -\& # -\& # sample script for starting/stopping all services on node1 -\& # -\& prog="/usr/local/bin/monit \-g node1" -\& start() -\& { -\& echo \-n $"Starting $prog:" -\& $prog start all -\& echo -\& } -.Ve -.PP -.Vb 6 -\& stop() -\& { -\& echo \-n $"Stopping $prog:" -\& $prog stop all -\& echo -\& } -.Ve -.PP -.Vb 10 -\& case "$1" in -\& start) -\& start;; -\& stop) -\& stop;; -\& *) -\& echo $"Usage: $0 {start|stop}" -\& RETVAL=1 -\& esac -\& exit $RETVAL -.Ve -.Sh "Handling state" -.IX Subsection "Handling state" -As mentioned elsewhere, monit save its state to a state file. If -the monit process should die, upon restart monit will read its -last known state from this file. This can be a problem if monit -is used in a cluster, as illustrate in this scenario: -.IP "1" 4 -.IX Item "1" -The active node fails, the second takes over -.IP "2" 4 -.IX Item "2" -After a reboot, the failed node comes back, monit read its state -file and start all the services (even manual ones) as they were -running before the failure. This is a problem because services -will now run on both nodes. -.PP -The solution to this problem is to remove the monit.state file in -a rc-script called at boot time and before monit is started. +Note; only the \fBcheck statement\fR is mandatory, the other +statements are optional and the order of the optional statements +is not important. .SH "FILES" .IX Header "FILES" \&\fI~/.monitrc\fR @@ -3689,8 +3673,8 @@ directory contains a \fImonitrc\fR file, this file is used instead. .PP -\&\fI~/.monitrc.pid\fR - Lock file to help prevent concurrent runs (non\-root +\&\fI~/.monit.pid\fR + Lock file to help prevent concurrent runs (non-root mode). .PP \&\fI/var/run/monit.pid\fR @@ -3702,21 +3686,27 @@ systems without /var/run). .PP \&\fI~/.monit.state\fR - monit save its state to this file and utilize + Monit save its state to this file and utilize information found in this file to recover from a crash. This is a binary file and its content is only of interest to monit. You may set the location - of this file in the monit control file or by using - the \-s switch when monit is started. + of this file in the Monit control file or by using + the \-s switch when Monit is started. +.PP +\&\fI~/.monit.id\fR + Monit save its unique id to this file. .SH "ENVIRONMENT" .IX Header "ENVIRONMENT" -No environment variables are used by monit. However, when monit -execute a script or a program monit will set several environment +No environment variables are used by Monit. However, when Monit +execute a script or a program Monit will set several environment variables which can be utilized by the executable. The following and \fIonly\fR the following environment variables are available: .IP "\s-1MONIT_EVENT\s0" 4 .IX Item "MONIT_EVENT" The event that occurred on the service +.IP "\s-1MONIT_DESCRIPTION\s0" 4 +.IX Item "MONIT_DESCRIPTION" +A description of the error condition .IP "\s-1MONIT_SERVICE\s0" 4 .IX Item "MONIT_SERVICE" The name of the service (from monitrc) on which the event @@ -3753,28 +3743,28 @@ variables by them self. .SH "SIGNALS" .IX Header "SIGNALS" -If a monit daemon is running, \s-1SIGUSR1\s0 wakes it up from its sleep +If a Monit daemon is running, \s-1SIGUSR1\s0 wakes it up from its sleep phase and forces a poll of all services. \s-1SIGTERM\s0 and \s-1SIGINT\s0 will -gracefully terminate a monit daemon. The \s-1SIGTERM\s0 signal is sent -to a monit daemon if monit is started with the \fIquit\fR action +gracefully terminate a Monit daemon. The \s-1SIGTERM\s0 signal is sent +to a Monit daemon if Monit is started with the \fIquit\fR action argument. .PP -Sending a \s-1SIGHUP\s0 signal to a running monit daemon will force +Sending a \s-1SIGHUP\s0 signal to a running Monit daemon will force the daemon to reinitialize itself, specifically it will reread configuration, close and reopen log files. .PP -Running monit in foreground while a background monit daemon is +Running Monit in foreground while a background Monit daemon is running will wake up the daemon. .SH "NOTES" .IX Header "NOTES" This is a very silent program. Use the \-v switch if you want to -see what monit is doing, and tail \-f the logfile. Optionally for -testing purposes; you can start monit with the \-Iv switch. Monit +see what Monit is doing, and tail \-f the logfile. Optionally for +testing purposes; you can start Monit with the \-Iv switch. Monit will then print debug information to the console, to stop monit in this mode, simply press CTRL^C (i.e. \s-1SIGINT\s0) in the same console. .PP -The syntax (and parser) of the control file is inspired by Eric +The syntax (and parser) of the control file was inspired by Eric S. Raymond et al. excellent fetchmail program. Some portions of this man page does also receive inspiration from the same authors. @@ -3785,14 +3775,20 @@ Christian Hopp , Rory Toma .PP -See also http://www.tildeslash.com/monit/who.html +See also http://mmonit.com/monit/who/ .SH "COPYRIGHT" .IX Header "COPYRIGHT" -Copyright (C) 2000\-2006 by the monit project group. All Rights -Reserved. This product is distributed in the hope that it will be -useful, but \s-1WITHOUT\s0 any warranty; without even the implied -warranty of \s-1MERCHANTABILITY\s0 or \s-1FITNESS\s0 for a particular purpose. +Copyright (C) 2009 by Tildeslash Ltd. All Rights Reserved. This +product is distributed in the hope that it will be useful, but +\&\s-1WITHOUT\s0 any warranty; without even the implied warranty of +\&\s-1MERCHANTABILITY\s0 or \s-1FITNESS\s0 for a particular purpose. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\s-1GNU\s0 text utilities; \fImd5sum\fR\|(1); \fIsha1sum\fR\|(1); \fIopenssl\fR\|(1); \fIglob\fR\|(7); -\&\fIregex\fR\|(7) +\&\fIregex\fR\|(7); \fIhttp://mmonit.com/\fR +.SH "POD ERRORS" +.IX Header "POD ERRORS" +Hey! \fBThe above document had some coding errors, which are explained below:\fR +.IP "Around line 1034:" 4 +.IX Item "Around line 1034:" +You can't have =items (as at line 1038) unless the first thing after the =over is an =item diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/monitor.c /tmp/QeMlhPoI46/monit-5.0.3/monitor.c --- monit-4.8.1/monitor.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/monitor.c 2009-03-26 06:27:04.000000000 +0000 @@ -1,23 +1,35 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2000-2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ + #include +#include #ifdef HAVE_STDIO_H #include @@ -81,7 +93,7 @@ * @author Martin Pala * @author Christian Hopp, * - * @version \$Id: monitor.c,v 1.129 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: monitor.c,v 1.149 2009/03/24 19:49:05 martinp Exp $ * * @file */ @@ -110,7 +122,7 @@ * The Prime mover */ int main(int argc, char **argv) { - + setlocale(LC_ALL, "C"); prog= Util_basename(argv[0]); init_env(); handle_options(argc, argv); @@ -294,9 +306,9 @@ if(Run.dohttpd) monit_http(STOP_HTTP); - /* wait for all wait_start threads to finish */ - while(Run.wait_start) - sleep(1); + /* Save the current state (no changes are possible now + since the http thread is stopped) */ + State_save(); /* Run the garbage collector */ gc(); @@ -335,8 +347,7 @@ monit_http(START_HTTP); /* send the monit startup notification */ - Event_post(Run.system, EVENT_INSTANCE, STATE_FAILED, - Run.system->action_MONIT_RELOAD, "Monit reloaded"); + Event_post(Run.system, EVENT_INSTANCE, STATE_CHANGED, Run.system->action_MONIT_RELOAD, "Monit reloaded"); } @@ -358,12 +369,12 @@ IS(action, "monitor") || IS(action, "unmonitor") || IS(action, "restart") ) { - if(service) { + if(Run.mygroup || service) { void (*_control_service)(const char *, const char *)= - exist_daemon()?control_service_daemon:control_service; + exist_daemon()?control_service_daemon:control_service_string; - if(IS(service, "all")) { + if(Run.mygroup || IS(service, "all")) { Service_T s= NULL; @@ -420,21 +431,16 @@ if(Run.isdaemon && !Run.once) { - if(Run.dohttpd) + if(can_http()) monit_http(STOP_HTTP); LogInfo("%s daemon with pid [%d] killed\n", prog, (int)getpid()); /* send the monit stop notification */ - Event_post(Run.system, EVENT_INSTANCE, STATE_FAILED, - Run.system->action_MONIT_STOP, "Monit stopped"); + Event_post(Run.system, EVENT_INSTANCE, STATE_CHANGED, Run.system->action_MONIT_STOP, "Monit stopped"); } - /* wait for all wait_start threads to finish */ - while(Run.wait_start) - sleep(1); - gc(); exit(0); @@ -479,14 +485,18 @@ monit_http(START_HTTP); /* send the monit startup notification */ - Event_post(Run.system, EVENT_INSTANCE, STATE_FAILED, - Run.system->action_MONIT_START, "Monit started"); + Event_post(Run.system, EVENT_INSTANCE, STATE_CHANGED, Run.system->action_MONIT_START, "Monit started"); + + sleep(Run.startdelay); while(TRUE) { validate(); State_save(); - sleep(Run.polltime); + + /* In the case that there is no pending action then sleep */ + if(!Run.doaction) + sleep(Run.polltime); if(Run.dowakeup) { Run.dowakeup = FALSE; @@ -497,11 +507,6 @@ do_exit(); } else if(Run.doreload) { do_reinit(); - } else { - Event_post(Run.system, EVENT_INSTANCE, STATE_PASSED, - Run.system->action_MONIT_START, "Monit has not changed"); - Event_post(Run.system, EVENT_INSTANCE, STATE_PASSED, - Run.system->action_MONIT_RELOAD, "Monit has not changed"); } } @@ -628,7 +633,7 @@ printf("Options are as follows:\n"); printf(" -c file Use this control file\n"); printf(" -d n Run as a daemon once per n seconds\n"); - printf(" -g name Set group name for start, stop, restart and status\n"); + printf(" -g name Set group name for start, stop, restart, monitor and unmonitor\n"); printf(" -l logfile Print log information to this file\n"); printf(" -p pidfile Use this lock file in daemon mode\n"); printf(" -s statefile Set the file monit should write state information to\n"); @@ -666,9 +671,9 @@ static void version() { printf("This is monit version %s\n", VERSION); - printf("Copyright (C) 2000-2006 by the monit project group."); + printf("Copyright (C) 2000-2009 by Tildeslash Ltd."); printf(" All Rights Reserved.\n"); - + } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/monitor.h /tmp/QeMlhPoI46/monit-5.0.3/monitor.h --- monit-4.8.1/monitor.h 2006-04-27 21:52:31.000000000 +0100 +++ monit-5.0.3/monitor.h 2009-05-28 22:31:10.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2000-2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -22,6 +32,7 @@ #define MONITOR_H #include +#include #ifdef HAVE_SYS_TYPES_H #include @@ -55,10 +66,18 @@ #include #endif -#ifdef HAVE_ERRNO_H +#ifdef HAVE_SYSLOG_H #include #endif +#ifdef HAVE_LIMITS_H +#include +#endif + +#ifdef HAVE_SYS_UTSNAME_H +#include +#endif + #ifdef HAVE_ERRNO_H #include #endif @@ -76,6 +95,8 @@ #define HTTP_CONTENT_MAX (1024*1000) /* Set event queue directory mode: "drwx------" */ #define QUEUEMASK 0077 +/* Set file mode: "drw-------" */ +#define PRIVATEMASK 0177 /* Set log file mode: "-rw-rw-r--" */ #define LOGMASK 0112 /* Set pid file mode: "-rw-r--r--" */ @@ -83,16 +104,21 @@ #define MYPIDDIR PIDDIR #define MYPIDFILE "monit.pid" #define MYSTATEFILE "monit.state" +#define MYIDFILE "monit.id" #define MYEVENTLISTBASE "/var/monit" #define LOCALHOST "localhost" #define PORT_SMTP 25 +#define PORT_SMTPS 465 #define PORT_HTTP 80 #define PORT_HTTPS 443 #define SSL_TIMEOUT 15 +#define START_DELAY 0 +#define EXEC_TIMEOUT 30 + #define START_HTTP 1 #define STOP_HTTP 2 @@ -103,9 +129,11 @@ #define MONITOR_YES 1 #define MONITOR_INIT 2 -#define STATE_PASSED 0 +#define STATE_SUCCEEDED 0 #define STATE_FAILED 1 -#define STATE_INIT 2 +#define STATE_CHANGED 2 +#define STATE_CHANGEDNOT 3 +#define STATE_INIT 4 #define MODE_ACTIVE 0 #define MODE_PASSIVE 1 @@ -130,13 +158,14 @@ #define ACTION_START 6 #define ACTION_MONITOR 7 -#define TYPE_DEVICE 0 +#define TYPE_FILESYSTEM 0 #define TYPE_DIRECTORY 1 #define TYPE_FILE 2 #define TYPE_PROCESS 3 #define TYPE_HOST 4 #define TYPE_SYSTEM 5 #define TYPE_FIFO 6 +#define TYPE_STATUS 7 #define RESOURCE_ID_CPU_PERCENT 1 #define RESOURCE_ID_MEM_PERCENT 2 @@ -152,10 +181,12 @@ #define RESOURCE_ID_CPUUSER 12 #define RESOURCE_ID_CPUSYSTEM 13 #define RESOURCE_ID_CPUWAIT 14 +#define RESOURCE_ID_TOTAL_CPU_PERCENT 15 #define DIGEST_CLEARTEXT 1 #define DIGEST_CRYPT 2 #define DIGEST_MD5 3 +#define DIGEST_PAM 4 #define UNIT_BYTE 1 #define UNIT_KILOBYTE 1024 @@ -165,7 +196,9 @@ #define HASH_UNKNOWN 0 #define HASH_MD5 1 #define HASH_SHA1 2 -#define DEFAULT_HASH HASH_MD5 +#define DEFAULT_HASH HASH_MD5 +/* Length of the longest message digest in bytes */ +#define MD_SIZE 65 #define PROTOCOL_NULL 0 #define PROTOCOL_HTTP 1 @@ -177,12 +210,13 @@ #define LEVEL_NAME_FULL "full" #define LEVEL_NAME_SUMMARY "summary" -#define HANDLER_PASSED 0x0 +#define HANDLER_SUCCEEDED 0x0 #define HANDLER_ALERT 0x1 -#define HANDLER_COLLECTOR 0x2 -#define HANDLER_MAX HANDLER_COLLECTOR +#define HANDLER_MMONIT 0x2 +#define HANDLER_MAX HANDLER_MMONIT -#define ATTEMPT_COUNT 3 +#define ICMP_ATTEMPT_COUNT 3 +#define ICMP_MAX_COUNT 20 /** ------------------------------------------------- Special purpose macros */ @@ -213,8 +247,8 @@ #define LOCK(mutex) do { pthread_mutex_t *_yymutex = &(mutex); \ - pthread_mutex_lock(_yymutex); -#define END_LOCK pthread_mutex_unlock(_yymutex); } while (0) + assert(pthread_mutex_lock(_yymutex)==0); +#define END_LOCK assert(pthread_mutex_unlock(_yymutex)==0); } while (0) /** ---------------------------------- Object Constructor/"Destructor" macro */ @@ -227,11 +261,15 @@ /** ------------------------------------------ Simple Assert Exception macro */ -#define ASSERT(e) if(!(e)) { LogCritical("AssertException: at %s:%d\naborting..\n", \ - __FILE__, __LINE__); abort(); } +#define ASSERT(e) do { if(!(e)) { LogCritical("AssertException: " #e \ + " at %s:%d\naborting..\n", __FILE__, __LINE__); abort(); } } while(0) /* --------------------------------------------------------- Data structures */ + + +/** Message Digest type with size for the longest digest we will compute */ +typedef char MD_T[MD_SIZE]; /** @@ -248,6 +286,7 @@ uid_t uid; /**< The user id to switch to when running this Command */ int has_gid; /**< TRUE if a new gid is defined for this Command */ gid_t gid; /**< The group id to switch to when running this Command */ + unsigned timeout; /**< Max seconds which we wait for method to execute */ } *Command_T; @@ -257,13 +296,14 @@ Command_T exec; /**< Optional command to be executed */ unsigned count; /**< Event count needed to trigger the action */ unsigned cycles; /**< Cycles during which count limit can be reached */ + char description[PATH_MAX]; /**< Action description buffer */ } *Action_T; /** Defines event's up and down actions */ typedef struct myeventaction { Action_T failed; /**< Action in the case of failure down */ - Action_T passed; /**< Action in the case of failure up */ + Action_T succeeded; /**< Action in the case of failure up */ } *EventAction_T; @@ -293,15 +333,15 @@ /** Defines an event notification and status receiver object */ -typedef struct mycollector { +typedef struct mymmonit { URL_T url; /**< URL definition */ Ssl_T ssl; /**< SSL definition */ int timeout; /**< The timeout to wait for connection or i/o */ Socket_T socket; /**< Socket used for connection */ /** For internal use */ - struct mycollector *next; /**< next receiver in chain */ -} *Collector_T; + struct mymmonit *next; /**< next receiver in chain */ +} *Mmonit_T; /** Defines a mailinglist object */ @@ -322,6 +362,10 @@ typedef struct mymailserver { char *host; /**< Server host address, may be a IP or a hostname string */ int port; /**< Server port */ + char *username; /** < Username for SMTP_AUTH */ + char *password; /** < Password for SMTP_AUTH */ + Ssl_T ssl; /**< SSL definition */ + /** For internal use */ struct mymailserver *next; /**< Next server to try on connect error */ } *MailServer_T; @@ -330,6 +374,7 @@ typedef struct myauthentication { char *uname; /**< User allowed to connect to monit httpd */ char *passwd; /**< The users password data */ + char *groupname; /**< PAM group name */ int digesttype; /**< How did we store the password */ int is_readonly; /**< TRUE if this is a read-only authenticated user*/ struct myauthentication *next; /**< Next credential or NULL if last */ @@ -363,7 +408,8 @@ /** Defines data for systemwide statistic */ typedef struct mysysteminfo { - time_t collected; /**< When were data collected */ + struct timeval collected; /**< When were data collected */ + int cpus; /**< Number of CPUs */ double loadavg[3]; /**< Load average triple */ unsigned long mem_kbyte_max; /**< Maximal system real memory */ unsigned long total_mem_kbyte; /**< Total real memory in use in the system */ @@ -371,6 +417,7 @@ int total_cpu_user_percent; /**< Total CPU in use in user space (pct.)*/ int total_cpu_syst_percent; /**< Total CPU in use in kernel space (pct.)*/ int total_cpu_wait_percent; /**< Total CPU in use in waiting (pct.)*/ + struct utsname uname; /**< Platform information provided by uname() */ } SystemInfo_T; @@ -405,6 +452,7 @@ int request_hashtype; /**< The optional type of hash for a req. document */ char *pathname; /**< Pathname, in case of an UNIX socket */ char *address; /**< Human readable destination of the socket */ + int maxforward; /**< Optional max forward for protocol checking */ Generic_T generic; /**< Generic test handle */ int timeout; /**< The timeout in seconds to wait for connect or read i/o */ int is_available; /**< TRUE if the server/port is available */ @@ -493,8 +541,9 @@ /** Defines size object */ typedef struct mysize { int operator; /**< Comparison operator */ - unsigned long size; /**< Size watermark */ + unsigned long long size; /**< Size watermark */ int test_changes; /**< TRUE if we only should test for changes */ + int test_changes_ok; /**< TRUE if size was initialized for changes test */ EventAction_T action; /**< Description of the action upon event occurence */ /** For internal use */ @@ -504,10 +553,11 @@ /** Defines checksum object */ typedef struct mychecksum { - char *hash; /**< A checksum hash computed for the path */ - int type; /**< The type of hash (e.g. md5 or sha1) */ - int length; /**< Length of the hash */ - int test_changes; /**< TRUE if we only should test for changes */ + char *hash; /**< A checksum hash computed for the path */ + int type; /**< The type of hash (e.g. md5 or sha1) */ + int length; /**< Length of the hash */ + int test_changes; /**< TRUE if we only should test for changes */ + int test_changes_ok; /**< TRUE if cksum was initialized for changes test */ EventAction_T action; /**< Description of the action upon event occurence */ } *Checksum_T; @@ -548,8 +598,8 @@ } *Gid_T; -/** Defines filesystem device configuration */ -typedef struct mydevice { +/** Defines filesystem configuration */ +typedef struct myfilesystem { int resource; /**< Whether to check inode or space */ int operator; /**< Comparison operator */ long limit_absolute; /**< Watermark - blocks */ @@ -557,8 +607,8 @@ EventAction_T action; /**< Description of the action upon event occurence */ /** For internal use */ - struct mydevice *next; /**< next device in chain */ -} *Device_T; + struct myfilesystem *next; /**< next filesystem in chain */ +} *Filesystem_T; /** Defines service data */ @@ -571,7 +621,7 @@ ino_t st_ino; /**< Inode */ time_t timestamp; /**< Timestamp */ - /* Device specific */ + /* Filesystem specific */ long f_bsize; /**< Transfer block size */ long f_blocks; /**< Total data blocks in filesystem */ long f_blocksfree; /**< Free blocks available to non-superuser */ @@ -583,10 +633,12 @@ long inode_total; /**< Used inode total objects */ int space_percent; /**< Used space percentage * 10 */ long space_total; /**< Used space total blocks */ + int _flags; /**< Filesystem flags from last cycle */ + int flags; /**< Filesystem flags from actual cycle */ /* File specific */ - size_t st_size; /**< Size */ - size_t readpos; /**< Position for regex matching */ + off_t st_size; /**< Size */ + off_t readpos; /**< Position for regex matching */ ino_t st_ino_prev; /**< Previous inode for regex matching */ char *cs_sum; /**< Checksum */ @@ -635,7 +687,7 @@ /** Test rules and event handlers */ Checksum_T checksum; /**< Checksum check */ - Device_T devicelist; /**< Device check list */ + Filesystem_T filesystemlist; /**< Filesystem check list */ Gid_T gid; /**< Gid check */ Icmp_T icmplist; /**< ICMP check list */ Perm_T perm; /**< Permission check */ @@ -646,8 +698,9 @@ Timestamp_T timestamplist; /**< Timestamp check list */ Uid_T uid; /**< Uid check */ - EventAction_T action_PID; /**< Description of the action upon pid change */ - EventAction_T action_PPID; /**< Description of the action upon ppid change */ + EventAction_T action_PID; /**< Action upon pid change */ + EventAction_T action_PPID; /**< Action upon ppid change */ + EventAction_T action_FSFLAG; /**< Action upon filesystem flags change */ /** General event handlers */ EventAction_T action_DATA; /**< Description of the action upon event */ @@ -660,22 +713,26 @@ EventAction_T action_MONIT_START; /**< Monit instance start action */ EventAction_T action_MONIT_STOP; /**< Monit instance stop action */ EventAction_T action_MONIT_RELOAD; /**< Monit instance reload action */ + EventAction_T action_ACTION; /**< Action requested by CLI or GUI */ /** Runtime parameters */ unsigned long long error; /**< Error flags bitmap */ + unsigned long long error_hint; /**< Failed/Changed hint for error bitmap */ Info_T inf; /**< Service check result */ - time_t collected; /**< When were data collected */ + struct timeval collected; /**< When were data collected */ + int doaction; /**< Action scheduled by http thread */ + char *token; /**< Action token */ /** Events */ struct myevent { - #define EVENT_VERSION 1 /**< The event structure version */ + #define EVENT_VERSION 2 /**< The event structure version */ int id; /**< The event identification */ - time_t collected; /**< When the event occured */ + struct timeval collected; /**< When the event occured */ char *source; /**< Event source service name */ char *group; /**< Service group name */ int mode; /**< Monitoring mode for the service */ int type; /**< Monitored service type */ - short state; /**< TRUE if failed, FALSE if passed */ + short state; /**< TRUE if failed, FALSE if succeeded */ short state_changed; /**< TRUE if state changed */ long long state_map; /**< Event bitmap for last cycles */ unsigned int count; /**< The event rate */ @@ -683,13 +740,12 @@ char *message; /**< Optional message describing the event */ EventAction_T action; /**< Description of the event action */ /** For internal use */ - pthread_mutex_t mutex; /**< Mutex used for action synchronization */ struct myevent *next; /**< next event in chain */ struct myevent *previous; /**< previous event in chain */ } *eventlist; /**< Pending events list */ /** Context specific parameters */ - char *path; /**< Path to the device, file, directory or process pid file */ + char *path; /**< Path to the filesys, file, directory or process pid file */ /** For internal use */ pthread_mutex_t mutex; /**< Mutex used for action synchronization */ @@ -704,11 +760,13 @@ /** Defines data for application runtime */ struct myrun { - int stopped; /**< TRUE if monit was stopped. Flag used by threads */ + volatile int stopped;/**< TRUE if monit was stopped. Flag used by threads */ char *controlfile; /**< The file to read configuration from */ char *logfile; /**< The file to write logdata into */ char *localhostname; /**< The host name for localhost */ char *pidfile; /**< This programs pidfile */ + char *idfile; /**< The file with unique monit id */ + char id[STRLEN]; /**< Unique monit id */ char *statefile; /**< The file with the saved runtime state */ char *mygroup; /**< Group Name of the Service */ int debug; /**< Write debug information - TRUE or FALSE */ @@ -716,6 +774,7 @@ int dolog; /**< TRUE if program should log actions, otherwise FALSE */ int isdaemon; /**< TRUE if program should run as a daemon */ int polltime; /**< In deamon mode, the sleeptime (sec) between run */ + int startdelay; /**< the sleeptime (sec) after startup */ int dohttpd; /**< TRUE if monit HTTP server should run */ int httpdssl; /**< TRUE if monit HTTP server uses ssl */ char *httpsslpem; /**< PEM file for the HTTPS server */ @@ -729,11 +788,11 @@ int facility; /** The facility to use when running openlog() */ int doprocess; /**< TRUE if process status engine is used */ char *bind_addr; /**< The address monit http will bind to */ - int doreload; /**< TRUE if a monit daemon should reinitialize */ - int dowakeup; /**< TRUE if a monit daemon was wake up by signal */ + volatile int doreload; /**< TRUE if a monit daemon should reinitialize */ + volatile int dowakeup; /**< TRUE if a monit daemon was wake up by signal */ + int doaction; /**< TRUE if some service(s) has action pending */ mode_t umask; /**< The initial umask monit was started with */ int testing; /**< Running in configuration testing mode - TRUE or FALSE */ - int wait_start; /**< Number of threads waiting for process' start */ time_t incarnation; /**< Unique ID for running monit instance */ int handler_init; /**< The handlers queue initialization */ int handler_flag; /**< The handlers state flag */ @@ -741,6 +800,7 @@ Service_T system; /**< The general system service */ char *eventlist_dir; /**< The event queue base directory */ int eventlist_slots; /**< The event queue size - number of slots */ + int expectbuffer; /**< Generic protocol expect buffer - STRLEN by default */ /** An object holding program relevant "environment" data, see; env.c */ struct myenvironment { @@ -749,10 +809,11 @@ char *cwd; /**< Current working directory */ } Env; + char *mail_hostname; /**< Used in HELO/EHLO/MessageID when sending mail */ int mailserver_timeout; /**< Connect and read timeout for a SMTP server */ Mail_T maillist; /**< Global alert notification mailinglist */ MailServer_T mailservers; /**< List of MTAs used for alert notification */ - Collector_T collectors; /**< Event notification and status receivers list */ + Mmonit_T mmonits; /**< Event notification and status receivers list */ Auth_T credentials; /** A list holding Basic Authentication information */ Event_T eventlist; /** A list holding partialy handled events */ /** User selected standard mail format */ @@ -788,7 +849,8 @@ /* FIXME: move remaining prototypes into seperate header-files */ int parse(char *); -void control_service(const char *, const char *); +void control_service(const char *, int); +void control_service_string(const char *, const char *); void control_service_daemon(const char *, const char *); void setup_dependants(); void reset_depend(); @@ -804,10 +866,17 @@ void LogInfo(const char *, ...); void LogDebug(const char *, ...); void log_close(); +#ifndef HAVE_VSYSLOG +#ifdef HAVE_SYSLOG +void vsyslog (int, const char *, va_list); +#endif /* HAVE_SYSLOG */ +#endif /* HAVE_VSYSLOG */ void validate() ; void daemonize() ; void gc(); void gc_mail_list(Mail_T *); +void gccmd(Command_T *); +void gc_event(Event_T *e); int kill_daemon(int); int exist_daemon(); int sendmail(Mail_T); @@ -830,19 +899,20 @@ void unset_signal_block(sigset_t *); void set_signal_block(sigset_t *, sigset_t *); int check_process(Service_T); -int check_device(Service_T); +int check_filesystem(Service_T); int check_file(Service_T); int check_directory(Service_T); int check_remote_host(Service_T); int check_system(Service_T); int check_fifo(Service_T); +int check_status(Service_T); int check_URL(Service_T s); int sha_md5_stream (FILE *, void *, void *); void reset_procinfo(Service_T); int check_service_status(Service_T); void printhash(char *); char *status_xml(Event_T, short); -int handle_collector(Event_T); +int handle_mmonit(Event_T); int do_wakeupcall(); #endif diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/monitrc /tmp/QeMlhPoI46/monit-5.0.3/monitrc --- monit-4.8.1/monitrc 2006-01-01 22:01:03.000000000 +0000 +++ monit-5.0.3/monitrc 2008-11-08 22:10:26.000000000 +0000 @@ -5,49 +5,70 @@ ## Comments begin with a '#' and extend through the end of the line. Keywords ## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. ## -## Bellow is the example of some frequently used statements. For information -## about the control file, a complete list of statements and options please -## have a look in the monit manual. +## Below you will find examples of some frequently used statements. For +## information about the control file, a complete list of statements and +## options please have a look in the monit manual. ## ## ############################################################################### ## Global section ############################################################################### ## -## Start monit in background (run as daemon) and check the services at 2-minute -## intervals. +## Start monit in the background (run as a daemon): # -# set daemon 120 +# set daemon 120 # check services at 2-minute intervals +# with start delay 240 # optional: delay the first check by 4-minutes +# # (by default check immediately after monit start) # # ## Set syslog logging with the 'daemon' facility. If the FACILITY option is -## omited, monit will use 'user' facility by default. You can specify the -## path to the file for monit native logging. +## omitted, monit will use 'user' facility by default. If you want to log to +## a stand alone log file instead, specify the path to a log file # -# set logfile syslog facility log_daemon +# set logfile syslog facility log_daemon # # -## Set list of mailservers for alert delivery. Multiple servers may be -## specified using comma separator. By default monit uses port 25 - it is -## possible to override it with the PORT option. +### Set the location of monit id file which saves the unique id specific for +### given monit. The id is generated and stored on first monit start. +### By default the file is placed in $HOME/.monit.id. +# +# set idfile /var/.monit.id +# +### Set the location of monit state file which saves the monitoring state +### on each cycle. By default the file is placed in $HOME/.monit.state. If +### state file is stored on persistent filesystem, monit will recover the +### monitoring state across reboots. If it is on temporary filesystem, the +### state will be lost on reboot. +# +# set statefile /var/.monit.state +# +## Set the list of mail servers for alert delivery. Multiple servers may be +## specified using comma separator. By default monit uses port 25 - this +## is possible to override with the PORT option. # # set mailserver mail.bar.baz, # primary mailserver # backup.bar.baz port 10025, # backup mailserver on port 10025 # localhost # fallback relay # # -## By default monit will drop the event alert, in the case that there is no -## mailserver available. In the case that you want to keep the events for -## later delivery retry, you can use the EVENTQUEUE statement. The base -## directory where undelivered events will be stored is specified by the -## BASEDIR option. You can limit the maximal queue size using the SLOTS -## option (if omited then the queue is limited just by the backend filesystem). +## By default monit will drop alert events if no mail servers are available. +## If you want to keep the alerts for a later delivery retry, you can use the +## EVENTQUEUE statement. The base directory where undelivered alerts will be +## stored is specified by the BASEDIR option. You can limit the maximal queue +## size using the SLOTS option (if omitted, the queue is limited by space +## available in the back end filesystem). # # set eventqueue # basedir /var/monit # set the base directory where events will be stored # slots 100 # optionaly limit the queue size # # +## Send status and events to M/Monit (Monit central management: for more +## informations about M/Monit see http://www.tildeslash.com/mmonit). +# +# set mmonit http://monit:monit@192.168.1.10:8080/collector +# +# ## Monit by default uses the following alert mail format: ## ## --8<-- @@ -65,38 +86,41 @@ ## monit # ## --8<-- ## -## You can override the alert message format or its parts such as subject +## You can override this message format or parts of it, such as subject ## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc. -## are expanded on runtime. For example to override the sender: +## are expanded at runtime. For example, to override the sender: # # set mail-format { from: monit@foo.bar } # # -## You can set the alert recipients here, which will receive the alert for -## each service. The event alerts may be restricted using the list. +## You can set alert recipients here whom will receive alerts if/when a +## service defined in this file has errors. Alerts may be restricted on +## events by using a filter as in the second example below. # # set alert sysadm@foo.bar # receive all alerts # set alert manager@foo.bar only on { timeout } # receive just service- # # timeout alert # # -## Monit has an embedded webserver, which can be used to view the -## configuration, actual services parameters or manage the services using the -## web interface. +## Monit has an embedded web server which can be used to view status of +## services monitored, the current configuration, actual services parameters +## and manage services from a web interface. # # set httpd port 2812 and # use address localhost # only accept connection from localhost # allow localhost # allow localhost to connect to the server and # allow admin:monit # require user 'admin' with password 'monit' +# allow @monit # allow users of group 'monit' to connect (rw) +# allow @users readonly # allow users of group 'users' to connect readonly # # ############################################################################### ## Services ############################################################################### ## -## Check the general system resources such as load average, cpu and memory -## usage. Each rule specifies the tested resource, the limit and the action -## which will be performed in the case that the test failed. +## Check general system resources such as load average, cpu and memory +## usage. Each test specifies a resource, conditions and the action to be +## performed should a test fail. # # check system myhost.mydomain.tld # if loadavg (1min) > 4 then alert @@ -108,8 +132,9 @@ # # ## Check a file for existence, checksum, permissions, uid and gid. In addition -## to the recipients in the global section, customized alert will be send to -## the additional recipient. The service may be grouped using the GROUP option. +## to alert recipients in the global section, customized alert will be sent to +## additional recipients by specifying a local alert handler. The service may +## be grouped using the GROUP option. # # check file apache_bin with path /usr/local/apache/bin/httpd # if failed checksum and @@ -123,16 +148,16 @@ # group server # # -## Check that a process is running, responding on the HTTP and HTTPS request, -## check its resource usage such as cpu and memory, number of childrens. -## In the case that the process is not running, monit will restart it by -## default. In the case that the service was restarted very often and the -## problem remains, it is possible to disable the monitoring using the -## TIMEOUT statement. The service depends on another service (apache_bin) which -## is defined in the monit control file as well. +## Check that a process is running, in this case Apache, and that it respond +## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory, +## and number of children. If the process is not running, monit will restart +## it by default. In case the service was restarted very often and the +## problem remains, it is possible to disable monitoring using the TIMEOUT +## statement. This service depends on another service (apache_bin) which +## is defined above. # # check process apache with pidfile /usr/local/apache/logs/httpd.pid -# start program = "/etc/init.d/httpd start" +# start program = "/etc/init.d/httpd start" with timeout 60 seconds # stop program = "/etc/init.d/httpd stop" # if cpu > 60% for 2 cycles then alert # if cpu > 80% for 5 cycles then restart @@ -150,12 +175,12 @@ # group server # # -## Check the device permissions, uid, gid, space and inode usage. Other -## services such as databases may depend on this resource and automatical -## graceful stop may be cascaded to them before the filesystem will become -## full and the data will be lost. +## Check filesystem permissions, uid, gid, space and inode usage. Other services, +## such as databases, may depend on this resource and an automatically graceful +## stop may be cascaded to them before the filesystem will become full and data +## lost. # -# check device datafs with path /dev/sdb1 +# check filesystem datafs with path /dev/sdb1 # start program = "/bin/mount /data" # stop program = "/bin/umount /data" # if failed permission 660 then unmonitor @@ -168,22 +193,21 @@ # group server # # -## Check a file's timestamp: when it becomes older then 15 minutes, the -## file is not updated and something is wrong. In the case that the size -## of the file exceeded given limit, perform the script. +## Check a file's timestamp. In this example, we test if a file is older +## than 15 minutes and assume something is wrong if its not updated. Also, +## if the file size exceed a given limit, execute a script # # check file database with path /data/mydatabase.db # if failed permission 700 then alert # if failed uid data then alert # if failed gid data then alert # if timestamp > 15 minutes then alert -# if size > 100 MB then exec "/my/cleanup/script" +# if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba # # -## Check the directory permission, uid and gid. An event is triggered -## if the directory does not belong to the user with the uid 0 and -## the gid 0. In the addition the permissions have to match the octal -## description of 755 (see chmod(1)). +## Check directory permission, uid and gid. An event is triggered if the +## directory does not belong to the user with uid 0 and gid 0. In addition, +## the permissions have to match the octal description of 755 (see chmod(1)). # # check directory bin with path /bin # if failed permission 755 then unmonitor @@ -191,9 +215,9 @@ # if failed gid 0 then unmonitor # # -## Check the remote host network services availability and the response -## content. One of three pings, a successfull connection to a port and -## application level network check is performed. +## Check a remote host network services availability using a ping test and +## check response content from a web server. Up to three pings are sent and +## connection to a port and a application level network check is performed. # # check host myserver with address 192.168.1.1 # if failed icmp type echo count 3 with timeout 3 seconds then alert @@ -208,7 +232,7 @@ ## Includes ############################################################################### ## -## It is possible to include the configuration or its parts from other files or +## It is possible to include additional configuration parts from other files or ## directories. # # include /etc/monit.d/* diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/monit.spec /tmp/QeMlhPoI46/monit-5.0.3/monit.spec --- monit-4.8.1/monit.spec 2006-05-16 20:16:20.000000000 +0100 +++ monit-5.0.3/monit.spec 2009-05-28 22:47:57.000000000 +0100 @@ -1,16 +1,19 @@ Name: monit Summary: Process monitor and restart utility -Version: 4.8.1 +Version: 5.0.3 Release: 1 Source: http://www.tildeslash.com/monit/dist/%{name}-%{version}.tar.gz Group: Utilities/Console URL: http://www.tildeslash.com/monit/ BuildRoot: %{_tmppath}/%{name}-buildroot License: GPL +BuildRequires: flex +BuildRequires: bison +BuildRequires: openssl-devel %description Monit is a utility for managing and monitoring processes, -files, directories and devices on a Unix system. Monit conducts +files, directories and filesystems on a Unix system. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations. @@ -48,13 +51,34 @@ %files %defattr(-,root,root) -%doc CHANGES.txt CONTRIBUTORS COPYING FAQ.txt LICENSE README README.SSL STATUS +%doc CHANGES.txt CONTRIBUTORS COPYING FAQ.txt LICENSE README README.SSL %config /etc/monitrc %config /etc/init.d/%{name} %{_bindir}/%{name} %{_mandir}/man1/%{name}.1.gz %changelog +* Thu May 28 2009 Martin Pala +- Upgraded to monit-5.0.3 + +* Thu May 7 2009 Martin Pala +- Upgraded to monit-5.0.2 + +* Wed Apr 22 2009 Martin Pala +- Upgraded to monit-5.0.1 + +* Sun Apr 13 2008 Martin Pala +- Upgraded to monit-5.0 + +* Mon Nov 06 2007 Martin Pala +- Upgraded to monit-4.10.1 + +* Mon Nov 05 2007 Martin Pala +- Upgraded to monit-4.10 + +* Wed Feb 19 2007 Martin Pala +- Upgraded to monit-4.9 + * Sun Mar 05 2006 Martin Pala - Upgraded to monit-4.7 diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/net.c /tmp/QeMlhPoI46/monit-5.0.3/net.c --- monit-4.8.1/net.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/net.c 2009-05-25 20:02:56.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -134,7 +144,7 @@ * @author Christian Hopp, * @author Martin Pala, * - * @version \$Id: net.c,v 1.71 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: net.c,v 1.83 2009/05/04 19:53:48 martinp Exp $ * * @file */ @@ -157,24 +167,18 @@ */ int check_host(const char *hostname) { -#ifdef HAVE_GETADDRINFO + struct addrinfo hints; struct addrinfo *res; -#else - struct hostent *hp; -#endif ASSERT(hostname); -#ifdef HAVE_GETADDRINFO - if(getaddrinfo(hostname, NULL, NULL, &res)!=0) { + memset(&hints, 0, sizeof(struct addrinfo)); + hints.ai_family = PF_INET; /* we support just IPv4 currently */ + + if(getaddrinfo(hostname, NULL, &hints, &res) != 0) return FALSE; - } + freeaddrinfo(res); -#else - if((hp = gethostbyname(hostname)) == NULL) { - return FALSE; - } -#endif return TRUE; @@ -640,13 +644,12 @@ #ifdef HAVE_SOL_IP struct iphdr *iphdrin; struct icmphdr *icmphdrin= NULL; - struct icmphdr *icmphdrout[count]; + struct icmphdr *icmphdrout[ICMP_MAX_COUNT]; #else struct ip *iphdrin; struct icmp *icmphdrin= NULL; - struct icmp *icmphdrout[count]; + struct icmp *icmphdrout[ICMP_MAX_COUNT]; #endif - size_t size; fd_set rset; int i; int s; @@ -655,11 +658,12 @@ unsigned ttl= 255; char buf[STRLEN]; struct timeval tv; - struct timeval t1[count]; + struct timeval t1[ICMP_MAX_COUNT]; struct timeval t2; double response= -1; - ASSERT(hostname); + ASSERT(hostname); + ASSERT(count <= ICMP_MAX_COUNT); if((hp= gethostbyname(hostname)) == NULL) return response; @@ -680,23 +684,23 @@ #endif if(setsockopt(s, sol_ip, IP_TTL, (char *)&ttl, sizeof(ttl)) < 0) - goto error; + goto error2; tv.tv_sec= timeout; tv.tv_usec= 0; - + for(i=0; icode= 0; icmphdrout[i]->type= ICMP_ECHO; - icmphdrout[i]->un.echo.id= getpid() + (int)hostname + time(NULL); + icmphdrout[i]->un.echo.id= getpid() + (long)hostname + time(NULL); icmphdrout[i]->un.echo.sequence= i; icmphdrout[i]->checksum= checksum_ip((unsigned char *)icmphdrout[i], ICMP_SIZE); #else icmphdrout[i]->icmp_code= 0; icmphdrout[i]->icmp_type= ICMP_ECHO; - icmphdrout[i]->icmp_id= getpid() + (int)hostname + time(NULL); + icmphdrout[i]->icmp_id= getpid() + (long)hostname + time(NULL); icmphdrout[i]->icmp_seq= i; icmphdrout[i]->icmp_cksum= checksum_ip((unsigned char *)icmphdrout[i], ICMP_SIZE); #endif @@ -715,6 +719,8 @@ do { + socklen_t size; + FD_ZERO(&rset); FD_SET(s, &rset); @@ -723,16 +729,16 @@ } while(n == -1 && errno == EINTR); if(n <= 0) - goto error; + goto error1; size= sizeof(struct sockaddr_in); do { - n= recvfrom(s, buf, STRLEN, 0, (struct sockaddr *)&sin, (socklen_t *)&size); + n= recvfrom(s, buf, STRLEN, 0, (struct sockaddr *)&sin, &size); } while(n == -1 && errno == EINTR); if(n < 0) - goto error; + goto error1; for(i=0; i. + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -32,7 +42,7 @@ * @author Christian Hopp, * @author Martin Pala, * - * @version \$Id: net.h,v 1.29 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: net.h,v 1.35 2009/02/13 09:18:08 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/PLATFORMS /tmp/QeMlhPoI46/monit-5.0.3/PLATFORMS --- monit-4.8.1/PLATFORMS 2006-02-07 21:46:06.000000000 +0000 +++ monit-5.0.3/PLATFORMS 2008-11-04 16:25:09.000000000 +0000 @@ -75,15 +75,96 @@ Solaris ======= -Monit is running on Solaris without additional options. You can use -either gcc or Forte C for compilation. +64-bit monit is required for Solaris support. -Monit has to be started as root to work with resource support. +You can use either gcc or Sun Studio for compilation. + +Package prerequisites + +Solaris 10: + SUNWbash + SUNWgmake + SUNWgcc + SUNWopenssl-include + SUNWopenssl-libraries + SUNWbison + SUNWflexlex + SUNWflexruntime + CSWautoconf (http://www.blastwave.org)) + CSWautomake (http://www.blastwave.org)) + CSWgm4 (http://www.blastwave.org)) + +Solaris Nevada: + SUNWaconf NOTE: only if compiling using cvs sources + SUNWbash + SUNWgmake + SUNWgcc + SUNWopenssl-include + SUNWopenssl-libraries + SUNWbison + SUNWflexlex + SUNWflexruntime NOTE: see bellow for Solaris Nevada x86 - AMD64 + CSWgm4 (http://www.blastwave.org)) + + NOTE: + On AMD64 there was problem with flex library bundled with particular + Solaris Express versions (SUNWflexruntime). You can get following + error when trying to start monit: + + -bash-3.2# ./monit + ld.so.1: monit: fatal: relocation error: R_AMD64_PC32: file + /usr/lib/64/libfl.so.1: symbol yylex: value 0x280010e5ad3 does not fit + Killed + + The problem was fixed in SXCE b100 (see http://bugs.opensolaris.org/view_bug.do?bug_id=6752774 + for more details). + + +Set path to the SFW utilities and libraries, for example: + + PATH=$PATH:/usr/sfw/bin:/opt/csw/bin + export PATH + + crle -l /lib:/usr/lib:/usr/sfw/lib # (32-bit) + crle -64 -l /lib/64:/usr/lib/64:/usr/sfw/lib/64 # (64-bit) + +Configure monit with 64-bit support (examples): + + gcc [sparc]: + ./configure \ + --with-ssl-incl-dir=/usr/sfw/include \ + --with-ssl-lib-dir=/usr/sfw/lib/64 \ + CFLAGS='-m64 -mtune=v9' \ + LDFLAGS='-m64 -mtune=v9' + + gcc [amd64]: + ./configure \ + --with-ssl-incl-dir=/usr/sfw/include \ + --with-ssl-lib-dir=/usr/sfw/lib/64 \ + CFLAGS='-m64 -mtune=opteron' \ + LDFLAGS='-m64 -mtune=opteron' + + Sun Studio 12 [sparc]: + ./configure \ + --with-ssl-incl-dir=/usr/sfw/include \ + --with-ssl-lib-dir=/usr/sfw/lib/64 \ + CFLAGS='-xarch=v9' \ + LDFLAGS='-xarch=v9' \ + CC=/opt/SUNWspro/bin/cc + + Sun Studio 12 [amd64]: + ./configure \ + --with-ssl-incl-dir=/usr/sfw/include \ + --with-ssl-lib-dir=/usr/sfw/lib/64 \ + CFLAGS='-m64' \ + LDFLAGS='-m64' \ + CC=/opt/SUNWspro/bin/cc -In case 64bit executables are monitored with monit you have to use a -64bit compiled monit. Furthermore, you do need a 64bit compiled -openssl (optional in case SSL support is configured) and a flex -library (mandatory). +Compile monit with: + + gmake + +Monit has to be started as root to work with resource support. FreeBSD + NetBSD + OpenBSD @@ -95,13 +176,27 @@ Darwin (Mac OS X) ================= -Monit currently doesn't show per-process memory usage on Darwin. You -will see 0 as the value of this property. +Monit compiles out of the box on Mac OS X. + +It seems that Apple is phasing out the kvm interface and that +it is disabled by default on Intel based Mac OS X 10.4.8 and later. +You can get following error in such case for Monit <= 4.9: + + --8<-- + kvm_open: : /dev/mem: No such file or directory + system statistic error -- cannot initialize kvm interface + system statistic error -- cannot initialize the process tree => + process resource monitoring disabled + --8<-- + +You can reenable the kvm interface by adding the kmem to the boot-args +Open FIrmware variable as root - for example: + + nvram boot-arg="kmem=1" + +and reboot the machine. -Monit compiles and was tested on Darwin 7.x. On Darwin 8.x (Tiger), -Apple has changed some systems interfaces, until monit is updated -use './configure --without-resource' to build monit. Resource tests -are unavailable but otherwise monit works well on Mac OS X 10.4.x +Monit > 4.9 don't need this workaround. Any other not yet mentioned but posix compatible platform diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/process_common.c /tmp/QeMlhPoI46/monit-5.0.3/process/process_common.c --- monit-4.8.1/process/process_common.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/process/process_common.c 2009-02-13 13:06:38.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ /** @@ -23,7 +33,7 @@ * @author Jan-Henrik Haukeland, * @author Christian Hopp * - * @version \$Id: process_common.c,v 1.6 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: process_common.c,v 1.12 2009/02/13 09:18:15 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/process_sysdep.h /tmp/QeMlhPoI46/monit-5.0.3/process/process_sysdep.h --- monit-4.8.1/process/process_sysdep.h 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/process/process_sysdep.h 2009-02-13 13:06:38.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #ifndef MONIT_PROCESS_SYSDEP_H diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_AIX.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_AIX.c --- monit-4.8.1/process/sysdep_AIX.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/process/sysdep_AIX.c 2009-02-13 13:06:38.000000000 +0000 @@ -1,25 +1,37 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include +#include "monitor.h" + #ifdef HAVE_STDIO_H #include #endif @@ -28,10 +40,6 @@ #include #endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif - #ifdef HAVE_UNISTD_H #include #endif @@ -65,6 +73,10 @@ #ifdef HAVE_PROCINFO_H #include #endif + +#ifdef HAVE_SYS_TYPES_H +#include +#endif #ifdef HAVE_SYS_PROC_H #include @@ -86,8 +98,19 @@ #include #endif +#ifdef HAVE_SYS_SYSTEMCFG_H +#include +#endif + +#ifdef HAVE_SYS_PROC_H +#include +#endif + +#ifdef HAVE_LIBPERFSTAT_H +#include +#endif + -#include "monitor.h" #include "process.h" #include "process_sysdep.h" @@ -97,78 +120,47 @@ * @author Richard Schwaninger * @author Jan-Henrik Haukeland, * @author Christian Hopp + * @author Martin Pala * - * @version \$Id: sysdep_AIX.c,v 1.15 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: sysdep_AIX.c,v 1.32 2009/02/13 09:18:16 hauk Exp $ * * @file - * most of the code is based on monitor-2.1.5 available on various sources - * (see below). - * The source code version of monitor program can be get from ftp-server - * ftp://ftp.mesa.nl/pub/monitor/monitor-2.1.5.tar.gz - * or via the web from - * http://www.mesa.nl/pub/monitor/monitor-2.1.5.tar.gz. */ -#define NPROCS 10000 -struct procinfo procs[NPROCS]; -int kmemfd = -1; -int nlistdone = 0; +/* There is no prototype for getprocs64 as of AIX 5.3 yet */ +int getprocs64(struct procentry64 *ProcessBuffer, + int ProcessSize, + struct fdsinfo64 *FileBuffer, + int FileSize, + pid_t *IndexPointer, + int Count); + +static int page_size; +static int cpu_initialized = 0; +static unsigned long long cpu_total_old = 0ULL; +static unsigned long long cpu_user_old = 0ULL; +static unsigned long long cpu_syst_old = 0ULL; +static unsigned long long cpu_wait_old = 0ULL; -int init_process_info_sysdep(void) { +struct procentry64 *procs = NULL; - struct CuAt* odmobj; - int results; - - if (odm_initialize() == 0) { - odmobj = (struct CuAt*)getattr ("sys0", "realmem", 0, &results); - systeminfo.mem_kbyte_max = strtoull(odmobj->value, 0, 10); - odm_terminate(); - } else { - mem_kbyte_max = 0; - } - num_cpus= sysconf( _SC_NPROCESSORS_ONLN); - return (getuid()==0); +int init_process_info_sysdep(void) { + perfstat_memory_total_t mem; -} + if (perfstat_memory_total(NULL, &mem, sizeof(perfstat_memory_total_t), 1) < 1) { + LogError("system statistic error -- perfstat_memory_total failed: %s\n", STRERROR); + return FALSE; + } -double timestruc_to_tseconds(struct timeval t) { + page_size = getpagesize(); + systeminfo.mem_kbyte_max = (unsigned long)(mem.real_total * (page_size / 1024)); - return t.tv_sec * 10 + t.tv_usec * 1.0e-7; + systeminfo.cpus = sysconf(_SC_NPROCESSORS_ONLN); + return TRUE; } -/*************************************************************************** - * DATA CAPTURE FUNCTIONS * - ***************************************************************************/ - -int getkmemdata(void *buf, int bufsize, caddr_t address) { - - int n; - - /* - * Do stuff we only need to do once per invocation, like opening - * the kmem file and fetching the parts of the symbol table. - */ - - if (kmemfd < 0) { - if ((kmemfd = open("/dev/kmem", O_RDONLY)) < 0) { - perror("kmem"); - exit(1); - } - } - - /* - * Get the structure from the running kernel. - */ - - lseek(kmemfd, (off_t) address, SEEK_SET); - n = read(kmemfd, buf, bufsize); - - return(n); - -} /* getkmemdata */ - /** * This routine returns 'nelem' double precision floats containing @@ -178,75 +170,81 @@ * @return: 0 if successful, -1 if failed (and all load averages are 0). */ int getloadavg_sysdep (double *loadv, int nelem) { + perfstat_cpu_total_t cpu; + + if (perfstat_cpu_total(NULL, &cpu, sizeof(perfstat_cpu_total_t), 1) < 1) { + LogError("system statistic error -- perfstat_cpu_total failed: %s\n", STRERROR); + return -1; + } + + switch (nelem) { + case 3: + loadv[2] = (double)(cpu.loadavg[2] / (1<0 if succeeded otherwise =0. */ int initprocesstree_sysdep(ProcessTree_T ** reference) { - int treesize; - int i,rv; + int i; struct userinfo user; ProcessTree_T * pt; - + pid_t firstproc = 0; + memset(&user,0,sizeof(struct userinfo)); - /* Find all processes in the system */ + /* Get number of processes */ + if ((treesize = getprocs64(NULL, 0, NULL, 0, &firstproc, PID_MAX)) < 0) { + LogError("system statistic error -- getprocs64 failed: %s\n", STRERROR); + return FALSE; + } - treesize=getproc(procs,NPROCS,sizeof(struct procinfo)); - - /* Allocate the tree */ - - pt = xcalloc(sizeof(ProcessTree_T), treesize); + procs = xcalloc( sizeof(struct procentry64), treesize); - /* Insert data from /proc directory */ + /* Read process info */ + firstproc = 0; + if ((treesize = getprocs64(procs, sizeof(struct procentry64), NULL, 0, &firstproc, treesize)) < 0) { + LogError("system statistic error -- getprocs64 failed: %s\n", STRERROR); + return FALSE; + } - for(i=0;itotal_mem_kbyte = (unsigned long)((mem.real_total - mem.real_free - mem.numperm) * (page_size / 1024)); + return TRUE; } @@ -266,7 +270,43 @@ * @return: TRUE if successful, FALSE if failed (or not available) */ int used_system_cpu_sysdep(SystemInfo_T *si) { + perfstat_cpu_total_t cpu; + unsigned long long cpu_total; + unsigned long long cpu_total_new = 0ULL; + unsigned long long cpu_user = 0ULL; + unsigned long long cpu_syst = 0ULL; + unsigned long long cpu_wait = 0ULL; + + if (perfstat_cpu_total(NULL, &cpu, sizeof(perfstat_cpu_total_t), 1) < 0) { + LogError("system statistic error -- perfstat_cpu_total failed: %s\n", STRERROR); + return -1; + } + + cpu_total_new = (cpu.user + cpu.sys + cpu.wait + cpu.idle) / cpu.ncpus; + cpu_total = cpu_total_new - cpu_total_old; + cpu_total_old = cpu_total_new; + cpu_user = cpu.user / cpu.ncpus; + cpu_syst = cpu.sys / cpu.ncpus; + cpu_wait = cpu.wait / cpu.ncpus; + + if (cpu_initialized) { + if (cpu_total > 0) { + si->total_cpu_user_percent = 1000 * ((double)(cpu_user - cpu_user_old) / (double)cpu_total); + si->total_cpu_syst_percent = 1000 * ((double)(cpu_syst - cpu_syst_old) / (double)cpu_total); + si->total_cpu_wait_percent = 1000 * ((double)(cpu_wait - cpu_wait_old) / (double)cpu_total); + } else { + si->total_cpu_user_percent = 0; + si->total_cpu_syst_percent = 0; + si->total_cpu_wait_percent = 0; + } + } - return FALSE; - + cpu_user_old = cpu_user; + cpu_syst_old = cpu_syst; + cpu_wait_old = cpu_wait; + + cpu_initialized = 1; + + return TRUE; } + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_DARWIN.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_DARWIN.c --- monit-4.8.1/process/sysdep_DARWIN.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/process/sysdep_DARWIN.c 2009-02-13 13:06:38.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -44,6 +54,10 @@ #include #endif +#ifdef HAVE_MACH_MACH_H +#include +#endif + #ifdef HAVE_MACH_HOST_INFO_H #include #endif @@ -64,8 +78,9 @@ * @author Christian Hopp * @author Rory Toma * @author Martin Pala + * @author Dave Cheney (Updated for Tiger) * - * @version \$Id: sysdep_DARWIN.c,v 1.26 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_DARWIN.c,v 1.44 2009/02/13 09:18:16 hauk Exp $ * * @file */ @@ -88,6 +103,7 @@ int mib[2]; size_t len; struct clockinfo clock; + uint64_t memsize; mib[0] = CTL_KERN; mib[1] = KERN_CLOCKRATE; @@ -102,21 +118,22 @@ mib[0] = CTL_HW; mib[1] = HW_NCPU; - len = sizeof(num_cpus); - if(sysctl(mib, 2, &num_cpus, &len, NULL, 0) == -1) + len = sizeof(systeminfo.cpus); + if(sysctl(mib, 2, &systeminfo.cpus, &len, NULL, 0) == -1) { DEBUG("system statistic error -- cannot get cpu count: %s\n", STRERROR); return FALSE; } - mib[1] = HW_PHYSMEM; - len = sizeof(systeminfo.mem_kbyte_max); - if(sysctl(mib, 2, &systeminfo.mem_kbyte_max, &len, NULL, 0) == -1) + mib[1] = HW_MEMSIZE; + len = sizeof(memsize); + memsize = 0L; + if(sysctl(mib, 2, &memsize, &len, NULL, 0 ) == -1) { DEBUG("system statistic error -- cannot get real memory amount: %s\n", STRERROR); return FALSE; } - systeminfo.mem_kbyte_max /= 1024; + systeminfo.mem_kbyte_max = memsize / 1024; mib[1] = HW_PAGESIZE; len = sizeof(pagesize_kbyte); @@ -139,48 +156,83 @@ int initprocesstree_sysdep(ProcessTree_T **reference) { int i; int treesize; - static kvm_t *kvm_handle; - ProcessTree_T *pt; + mach_port_t mytask = mach_task_self(); struct kinfo_proc *pinfo; + ProcessTree_T *pt; + size_t bufSize = 0; + int mib[4] = { CTL_KERN, KERN_PROC, KERN_PROC_ALL, 0 }; if(getuid()!=0) { LogError("system statistic error -- permission denied\n"); return FALSE; } - if(!(kvm_handle = kvm_open(NULL, NULL, NULL, O_RDONLY, NULL))) - { - LogError("system statistic error -- cannot initialize kvm interface\n"); + if(sysctl(mib, 4, NULL, &bufSize, NULL, 0) < 0) { + LogError("system statistic error -- sysctl failed\n"); return FALSE; } + pinfo = (struct kinfo_proc *)xcalloc(1, bufSize); - pinfo = kvm_getprocs(kvm_handle, KERN_PROC_ALL, 0, &treesize); - if(!pinfo || (treesize < 1)) - { - LogError("system statistic error -- cannot get process tree\n"); - kvm_close(kvm_handle); + if(sysctl(mib, 4, pinfo, &bufSize, NULL, 0)) { + LogError("system statistic error -- sysctl failed\n"); + free(pinfo); return FALSE; } + treesize = bufSize / sizeof(struct kinfo_proc); + pt = xcalloc(sizeof(ProcessTree_T), treesize); for(i = 0; i < treesize; i++) { - pt[i].pid = pinfo[i].kp_proc.p_pid; - pt[i].ppid = pinfo[i].kp_eproc.e_ppid; - pt[i].cputime = (long)((pinfo[i].kp_proc.p_rtime.tv_sec * 10) + - (pinfo[i].kp_proc.p_rtime.tv_usec / 100000) - ); - pt[i].mem_kbyte = (unsigned long)(pinfo[i].kp_eproc.e_vm.vm_rssize * pagesize_kbyte); - if(pinfo[i].kp_proc.p_stat == SZOMB) - { + mach_port_t task; + + pt[i].pid = pinfo[i].kp_proc.p_pid; + pt[i].ppid = pinfo[i].kp_eproc.e_ppid; + + if(pinfo[i].kp_proc.p_stat == SZOMB) { pt[i].status_flag |= PROCESS_ZOMBIE; } pt[i].time = get_float_time(); + + if(task_for_pid(mytask, pt[i].pid, &task) == KERN_SUCCESS) { + mach_msg_type_number_t count; + task_basic_info_data_t taskinfo; + thread_array_t threadtable; + unsigned int threadtable_size; + thread_basic_info_t threadinfo; + thread_basic_info_data_t threadinfo_data; + + count = TASK_BASIC_INFO_COUNT; + if(task_info(task, TASK_BASIC_INFO, (task_info_t)&taskinfo, &count) == KERN_SUCCESS) { + pt[i].mem_kbyte = (unsigned long)(taskinfo.resident_size / 1024); + pt[i].cputime = (long)((taskinfo.user_time.seconds + taskinfo.system_time.seconds) * 10 + + (taskinfo.user_time.microseconds + taskinfo.system_time.microseconds) / 100000); + pt[i].cpu_percent = 0; + } + if(task_threads(task, &threadtable, &threadtable_size) == KERN_SUCCESS) { + int j; + + threadinfo = &threadinfo_data; + for(j = 0; j < threadtable_size; j++) { + count = THREAD_BASIC_INFO_COUNT; + if(thread_info(threadtable[j], THREAD_BASIC_INFO, (thread_info_t)threadinfo, &count) == KERN_SUCCESS) { + if((threadinfo->flags & TH_FLAGS_IDLE) == 0) { + pt[i].cputime += (long)((threadinfo->user_time.seconds + threadinfo->system_time.seconds) * 10 + + (threadinfo->user_time.microseconds + threadinfo->system_time.microseconds) / 100000); + pt[i].cpu_percent = 0; + } + } + mach_port_deallocate(mytask, threadtable[j]); + } + vm_deallocate(mytask, (vm_address_t)threadtable,threadtable_size * sizeof(thread_act_t)); + } + mach_port_deallocate(mytask, task); + } } *reference = pt; - kvm_close(kvm_handle); + free(pinfo); return treesize; } @@ -253,9 +305,9 @@ total_old = total_new; si->total_cpu_user_percent = - (total > 0)?(int)(1000 * (double)(cpu_info.cpu_ticks[CPU_STATE_USER] - cpu_user_old) / total):0; + (total > 0)?(int)(1000 * (double)(cpu_info.cpu_ticks[CPU_STATE_USER] - cpu_user_old) / total):-10; si->total_cpu_syst_percent = - (total > 0)?(int)(1000 * (double)(cpu_info.cpu_ticks[CPU_STATE_SYSTEM] - cpu_syst_old) / total):0; + (total > 0)?(int)(1000 * (double)(cpu_info.cpu_ticks[CPU_STATE_SYSTEM] - cpu_syst_old) / total):-10; si->total_cpu_wait_percent = 0; /* there is no wait statistic available */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_FREEBSD.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_FREEBSD.c --- monit-4.8.1/process/sysdep_FREEBSD.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/process/sysdep_FREEBSD.c 2009-02-13 13:06:38.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -72,7 +82,7 @@ * @author Rory Toma * @author Martin Pala * - * @version \$Id: sysdep_FREEBSD.c,v 1.32 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_FREEBSD.c,v 1.41 2009/02/13 09:18:16 hauk Exp $ * * @file */ @@ -109,8 +119,8 @@ mib[0] = CTL_HW; mib[1] = HW_NCPU; - len = sizeof(num_cpus); - if(sysctl(mib, 2, &num_cpus, &len, NULL, 0) == -1) + len = sizeof(systeminfo.cpus); + if(sysctl(mib, 2, &systeminfo.cpus, &len, NULL, 0) == -1) { DEBUG("system statistic error -- cannot get cpu count: %s\n", STRERROR); return FALSE; @@ -189,6 +199,7 @@ { pt[i].status_flag |= PROCESS_ZOMBIE; } + pt[i].cpu_percent = 0; pt[i].time = get_float_time(); } @@ -267,9 +278,9 @@ total_old = total_new; si->total_cpu_user_percent = - (total > 0)?(int)(1000 * (double)(cp_time[CP_USER] - cpu_user_old) / total):0; + (total > 0)?(int)(1000 * (double)(cp_time[CP_USER] - cpu_user_old) / total):-10; si->total_cpu_syst_percent = - (total > 0)?(int)(1000 * (double)(cp_time[CP_SYS] - cpu_syst_old) / total):0; + (total > 0)?(int)(1000 * (double)(cp_time[CP_SYS] - cpu_syst_old) / total):-10; si->total_cpu_wait_percent = 0; /* there is no wait statistic available */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_HPUX.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_HPUX.c --- monit-4.8.1/process/sysdep_HPUX.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/process/sysdep_HPUX.c 2009-02-13 13:06:38.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -80,14 +90,22 @@ #include #endif +#ifdef HAVE_SYS_DK_H +#include +#endif + #include "monitor.h" #include "process.h" #include "process_sysdep.h" -#define NPROCS 10000 -static struct pst_status psall[NPROCS]; - -static int page_size; +static int page_size; +static int nproc; +static long cpu_total_old = 0; +static long cpu_user_old = 0; +static long cpu_syst_old = 0; +static long cpu_wait_old = 0; +struct pst_dynamic pst_dyn; +struct pst_status *psall; /** * System dependent resource gathering code for HP/UX. @@ -95,7 +113,8 @@ * @author Jan-Henrik Haukeland, * @author Christian Hopp * @author Joe Bryant - * @version \$Id: sysdep_HPUX.c,v 1.18 2006/01/01 22:44:02 martinp Exp $ + * @author Martin Pala, + * @version \$Id: sysdep_HPUX.c,v 1.35 2009/02/13 09:18:17 hauk Exp $ * * @file */ @@ -112,7 +131,7 @@ if (pstat_getdynamic(&psd,sizeof(psd),(size_t)1,0)!=-1) { - num_cpus=psd.psd_proc_cnt; + systeminfo.cpus=psd.psd_proc_cnt; } else { @@ -122,9 +141,7 @@ if (pstat_getstatic(&pst, sizeof(pst), (size_t) 1, 0) != -1) { - systeminfo.mem_kbyte_max=(unsigned long)( - (double)pst.physical_memory * (double)pst.page_size / 1024.0 - ); + systeminfo.mem_kbyte_max=(unsigned long)(pst.physical_memory * (pst.page_size / 1024)); page_size=pst.page_size; } else { @@ -173,12 +190,11 @@ return TRUE; } + /** - * Read all processes of the proc files system to initialize - * the process tree (sysdep version... but should work for - * all procfs based unices) + * Read all processes to initialize the process tree * @param reference reference of ProcessTree - * @return treesize>0 if succeeded otherwise =0. + * @return treesize>0 if succeeded otherwise 0. */ int initprocesstree_sysdep(ProcessTree_T ** reference) { @@ -190,12 +206,15 @@ /* Gather process data */ - if ((treesize=pstat_getproc(psall, - (size_t) NPROCS* sizeof(struct pst_status), - (size_t) NPROCS, 0))==-1) { + pstat_getdynamic(&pst_dyn, sizeof(struct pst_dynamic), 1, 0); + nproc = pst_dyn.psd_activeprocs; - return 0; + if ((psall = (struct pst_status *) xresize(psall, nproc * sizeof(struct pst_status))) == NULL) + return 0; + if ((treesize=pstat_getproc(psall, sizeof(struct pst_status), nproc , 0))==-1) { + LogError("system statistic error 1 -- pstat_getproc failed: %s\n", strerror(errno)); + return 0; } /* Allocate the tree */ @@ -213,19 +232,13 @@ pt[i].time = get_float_time(); - /* - * jiffies -> seconds = 1 / HZ - * HZ is defined in "asm/param.h" and it is usually 1/100s but on - * alpha system it is 1/1024s - */ - - pt[i].cputime = ( psall[i].pst_utime + psall[i].pst_stime ) * 10 / HZ; - pt[i].mem_kbyte = (unsigned long)(((double)psall[i].pst_rssize)/1024.0 * - page_size); + pt[i].cputime = psall[i].pst_utime + psall[i].pst_stime * 10; + pt[i].cpu_percent = (int)(1000. * psall[i].pst_pctcpu / (float)systeminfo.cpus); + pt[i].mem_kbyte = (unsigned long)(psall[i].pst_rssize * (page_size / 1024.0)); /* State is Zombie -> then we are a Zombie ... clear or? (-: */ - if ( psall[i].pst_stat || PS_ZOMBIE ) { + if ( psall[i].pst_stat == PS_ZOMBIE ) { pt[i].status_flag |= PROCESS_ZOMBIE; @@ -247,9 +260,20 @@ * @return: TRUE if successful, FALSE if failed (or not available) */ int used_system_memory_sysdep(SystemInfo_T *si) { + struct pst_static pst; + struct pst_dynamic psd; - return FALSE; + if(pstat_getstatic(&pst, sizeof(pst), (size_t)1, 0) == -1) { + LogError("system statistic error -- pstat_getstatic failed: %s\n", STRERROR); + return FALSE; + } + if(pstat_getdynamic(&psd, sizeof(psd), (size_t)1, 0) == -1) { + LogError("system statistic error -- pstat_getdynamic failed: %s\n", STRERROR); + return FALSE; + } + si->total_mem_kbyte = (unsigned long)((pst.physical_memory - psd.psd_free) * (pst.page_size/1024)); + return TRUE; } @@ -258,7 +282,37 @@ * @return: TRUE if successful, FALSE if failed (or not available) */ int used_system_cpu_sysdep(SystemInfo_T *si) { + int i; + long cpu_total; + long cpu_total_new = 0; + long cpu_user = 0; + long cpu_syst = 0; + long cpu_wait = 0; + struct pst_dynamic psd; - return FALSE; - + pstat_getdynamic(&psd, sizeof(psd), 1, 0); + + for(i = 0; i < CPUSTATES; i++) + { + cpu_total_new += psd.psd_cpu_time[i]; + } + cpu_total = cpu_total_new - cpu_total_old; + cpu_total_old = cpu_total_new; + cpu_user = psd.psd_cpu_time[CP_USER] + psd.psd_cpu_time[CP_NICE]; + cpu_syst = psd.psd_cpu_time[CP_SYS]; + cpu_wait = psd.psd_cpu_time[CP_WAIT]; + + si->total_cpu_user_percent = + (cpu_total > 0)?(int)(1000 * (double)(cpu_user - cpu_user_old) / cpu_total):-10; + si->total_cpu_syst_percent = + (cpu_total > 0)?(int)(1000 * (double)(cpu_syst - cpu_syst_old) / cpu_total):-10; + si->total_cpu_wait_percent = + (cpu_total > 0)?(int)(1000 * (double)(cpu_wait - cpu_wait_old) / cpu_total):-10; + + cpu_user_old = cpu_user; + cpu_syst_old = cpu_syst; + cpu_wait_old = cpu_wait; + + return TRUE; } + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_LINUX.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_LINUX.c --- monit-4.8.1/process/sysdep_LINUX.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/process/sysdep_LINUX.c 2009-05-02 20:54:07.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -74,10 +84,15 @@ #include #endif +#ifndef HZ +# define HZ sysconf(_SC_CLK_TCK) +#endif + #include "monitor.h" #include "process.h" #include "process_sysdep.h" + /** * System dependent resource gathering code for Linux. * @@ -86,7 +101,7 @@ * @author Martin Pala * @author Arkadiusz Miskiewicz * - * @version \$Id: sysdep_LINUX.c,v 1.32 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_LINUX.c,v 1.54 2009/05/02 19:54:07 martinp Exp $ * * @file */ @@ -100,11 +115,11 @@ #define MEMBUF "Buffers:" #define MEMCACHE "Cached:" -static long old_cpu_user = 0; -static long old_cpu_syst = 0; -static long old_cpu_wait = 0; -static double old_time = 0.0; -static int page_shift_to_kb = 0; +static unsigned long long old_cpu_user = 0; +static unsigned long long old_cpu_syst = 0; +static unsigned long long old_cpu_wait = 0; +static unsigned long long old_cpu_total = 0; +static int page_shift_to_kb = 0; /* ------------------------------------------------------------------ Public */ @@ -131,10 +146,13 @@ return FALSE; } - if((num_cpus = sysconf(_SC_NPROCESSORS_CONF)) == -1) + if((systeminfo.cpus = sysconf(_SC_NPROCESSORS_CONF)) < 0) { DEBUG("system statistic error -- cannot get cpu count: %s\n", STRERROR); return FALSE; + } else if(systeminfo.cpus == 0) { + DEBUG("system reports cpu count 0, setting dummy cpu count 1\n"); + systeminfo.cpus = 1; } if((page_size = sysconf(_SC_PAGESIZE)) <= 0) { @@ -240,6 +258,7 @@ * alpha system it is 1/1024s */ pt[i].cputime = ((float)(stat_item_utime + stat_item_stime) * 10.0) / HZ; + pt[i].cpu_percent = 0; /* State is Zombie -> then we are a Zombie ... clear or? (-: */ if(stat_item_state == 'Z') @@ -331,12 +350,6 @@ si->total_mem_kbyte = systeminfo.mem_kbyte_max - mem_free - buffers - cached; - if(si->total_mem_kbyte < 0) - { - LogError("system statistic error -- memory usage statistic error\n"); - goto error; - } - return TRUE; error: @@ -351,12 +364,16 @@ * @return: TRUE if successful, FALSE if failed (or not available) */ int used_system_cpu_sysdep(SystemInfo_T *si) { - int rv; - long cpu_user; - long cpu_syst; - long cpu_wait; + int rv; + unsigned long long cpu_total; + unsigned long long cpu_user; + unsigned long long cpu_nice; + unsigned long long cpu_syst; + unsigned long long cpu_idle; + unsigned long long cpu_wait; + unsigned long long cpu_irq; + unsigned long long cpu_softirq; char buf[1024]; - double curr_time = get_float_time(); if(!read_proc_file(buf, 1024, "stat", -1)) { @@ -364,39 +381,52 @@ goto error; } - rv = sscanf(buf, "cpu %ld %*d %ld %*d %ld", &cpu_user, &cpu_syst, &cpu_wait); - if(rv < 2 || rv > 3) + rv = sscanf(buf, "cpu %llu %llu %llu %llu %llu %llu %llu", + &cpu_user, + &cpu_nice, + &cpu_syst, + &cpu_idle, + &cpu_wait, + &cpu_irq, + &cpu_softirq); + if(rv < 4) { LogError("system statistic error -- cannot read cpu usage\n"); goto error; } - else + else if(rv == 4) { - cpu_user = (double)cpu_user * 10.0 / HZ / num_cpus; - cpu_syst = (double)cpu_syst * 10.0 / HZ / num_cpus; - cpu_wait = (rv == 3)?(double)cpu_wait * 10.0 / HZ / num_cpus:0.0; + /* linux 2.4.x doesn't support these values */ + cpu_wait = 0; + cpu_irq = 0; + cpu_softirq = 0; } - - if(old_time == 0.0) + + cpu_total= cpu_user + cpu_nice + cpu_syst + cpu_idle + cpu_wait + cpu_irq + cpu_softirq; + cpu_user = cpu_user + cpu_nice; + + if(old_cpu_total == 0) { - si->total_cpu_user_percent = 0; - si->total_cpu_syst_percent = 0; - si->total_cpu_wait_percent = 0; + si->total_cpu_user_percent = -10; + si->total_cpu_syst_percent = -10; + si->total_cpu_wait_percent = -10; } else { + unsigned long long delta = cpu_total - old_cpu_total; + si->total_cpu_user_percent = - (int)(1000 * (double)(cpu_user - old_cpu_user) / (curr_time - old_time)); + (int)(1000 * (double)(cpu_user - old_cpu_user) / delta); si->total_cpu_syst_percent = - (int)(1000 * (double)(cpu_syst - old_cpu_syst) / (curr_time - old_time)); + (int)(1000 * (double)(cpu_syst - old_cpu_syst) / delta); si->total_cpu_wait_percent = - (int)(1000 * (double)(cpu_wait - old_cpu_wait) / (curr_time - old_time)); + (int)(1000 * (double)(cpu_wait - old_cpu_wait) / delta); } - old_time = curr_time; old_cpu_user = cpu_user; old_cpu_syst = cpu_syst; old_cpu_wait = cpu_wait; + old_cpu_total= cpu_total; return TRUE; error: diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_NETBSD.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_NETBSD.c --- monit-4.8.1/process/sysdep_NETBSD.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/process/sysdep_NETBSD.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -69,7 +79,7 @@ * @author Rory Toma * @author Martin Pala * - * @version \$Id: sysdep_NETBSD.c,v 1.5 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_NETBSD.c,v 1.14 2009/02/13 09:18:18 hauk Exp $ * * @file */ @@ -106,8 +116,8 @@ mib[0] = CTL_HW; mib[1] = HW_NCPU; - len = sizeof(num_cpus); - if(sysctl(mib, 2, &num_cpus, &len, NULL, 0) == -1) + len = sizeof(systeminfo.cpus); + if(sysctl(mib, 2, &systeminfo.cpus, &len, NULL, 0) == -1) { DEBUG("system statistic error -- cannot get cpu count: %s\n", STRERROR); return FALSE; @@ -175,6 +185,7 @@ pt[i].cputime = (long)((pinfo[i].kp_proc.p_rtime.tv_sec * 10) + (pinfo[i].kp_proc.p_rtime.tv_usec / 100000) ); + pt[i].cpu_percent = 0; pt[i].mem_kbyte = (unsigned long)(pinfo[i].kp_eproc.e_vm.vm_rssize * pagesize_kbyte); if(pinfo[i].kp_proc.p_stat == SZOMB) { @@ -250,9 +261,9 @@ total_old = total_new; si->total_cpu_user_percent = - (total > 0)?(int)(1000 * (double)(cp_time[CP_USER] - cpu_user_old) / total):0; + (total > 0)?(int)(1000 * (double)(cp_time[CP_USER] - cpu_user_old) / total):-10; si->total_cpu_syst_percent = - (total > 0)?(int)(1000 * (double)(cp_time[CP_SYS] - cpu_syst_old) / total):0; + (total > 0)?(int)(1000 * (double)(cp_time[CP_SYS] - cpu_syst_old) / total):-10; si->total_cpu_wait_percent = 0; /* there is no wait statistic available */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_OPENBSD.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_OPENBSD.c --- monit-4.8.1/process/sysdep_OPENBSD.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/process/sysdep_OPENBSD.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -69,7 +79,7 @@ * @author Rory Toma * @author Martin Pala * - * @version \$Id: sysdep_OPENBSD.c,v 1.27 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_OPENBSD.c,v 1.36 2009/02/13 09:18:18 hauk Exp $ * * @file */ @@ -106,8 +116,8 @@ mib[0] = CTL_HW; mib[1] = HW_NCPU; - len = sizeof(num_cpus); - if(sysctl(mib, 2, &num_cpus, &len, NULL, 0) == -1) + len = sizeof(systeminfo.cpus); + if(sysctl(mib, 2, &systeminfo.cpus, &len, NULL, 0) == -1) { DEBUG("system statistic error -- cannot get cpu count: %s\n", STRERROR); return FALSE; @@ -175,6 +185,7 @@ pt[i].cputime = (long)((pinfo[i].kp_proc.p_rtime.tv_sec * 10) + (pinfo[i].kp_proc.p_rtime.tv_usec / 100000) ); + pt[i].cpu_percent = 0; pt[i].mem_kbyte = (unsigned long)(pinfo[i].kp_eproc.e_vm.vm_rssize * pagesize_kbyte); if(pinfo[i].kp_proc.p_stat == SZOMB) { @@ -250,9 +261,9 @@ total_old = total_new; si->total_cpu_user_percent = - (total > 0)?(int)(1000 * (double)(cp_time[CP_USER] - cpu_user_old) / total):0; + (total > 0)?(int)(1000 * (double)(cp_time[CP_USER] - cpu_user_old) / total):-10; si->total_cpu_syst_percent = - (total > 0)?(int)(1000 * (double)(cp_time[CP_SYS] - cpu_syst_old) / total):0; + (total > 0)?(int)(1000 * (double)(cp_time[CP_SYS] - cpu_syst_old) / total):-10; si->total_cpu_wait_percent = 0; /* there is no wait statistic available */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_SOLARIS.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_SOLARIS.c --- monit-4.8.1/process/sysdep_SOLARIS.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/process/sysdep_SOLARIS.c 2009-05-01 17:10:11.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -90,7 +100,7 @@ * @author Jan-Henrik Haukeland, * @author Christian Hopp * - * @version \$Id: sysdep_SOLARIS.c,v 1.19 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sysdep_SOLARIS.c,v 1.29 2009/05/01 16:10:11 martinp Exp $ * * @file */ @@ -112,7 +122,7 @@ register int pagesize; - num_cpus= sysconf( _SC_NPROCESSORS_ONLN); + systeminfo.cpus= sysconf( _SC_NPROCESSORS_ONLN); pagesize = sysconf(_SC_PAGESIZE); pageshift = 0; @@ -186,6 +196,7 @@ if (!read_proc_file(buf,4096, "psinfo", pt[i].pid)) { pt[i].cputime = 0; + pt[i].cpu_percent = 0; pt[i].mem_kbyte= 0; continue; @@ -204,6 +215,7 @@ /* and does it anyway matter? */ pt[i].cputime = 0; + pt[i].cpu_percent = 0; pt[i].mem_kbyte= 0; continue; @@ -214,11 +226,13 @@ if (!read_proc_file(buf,4096, "status", pt[i].pid)) { pt[i].cputime=0; + pt[i].cpu_percent = 0; } else { pt[i].cputime= ( timestruc_to_tseconds(pstatus->pr_utime) + timestruc_to_tseconds(pstatus->pr_stime) ); + pt[i].cpu_percent = 0; } } @@ -358,16 +372,15 @@ total += ( cpu_stat[i].cpu_sysinfo.cpu[0]+ cpu_stat[i].cpu_sysinfo.cpu[1]+ cpu_stat[i].cpu_sysinfo.cpu[2]+ - cpu_stat[i].cpu_sysinfo.cpu[3]+ - cpu_stat[i].cpu_sysinfo.cpu[4] ); + cpu_stat[i].cpu_sysinfo.cpu[3]); } if ( old_total == 0.0 ) { - si->total_cpu_user_percent=0; - si->total_cpu_syst_percent=0; - si->total_cpu_wait_percent=0; + si->total_cpu_user_percent=-10; + si->total_cpu_syst_percent=-10; + si->total_cpu_wait_percent=-10; } else { diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process/sysdep_UNKNOWN.c /tmp/QeMlhPoI46/monit-5.0.3/process/sysdep_UNKNOWN.c --- monit-4.8.1/process/sysdep_UNKNOWN.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/process/sysdep_UNKNOWN.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -30,7 +40,7 @@ * @author Jan-Henrik Haukeland, * @author Christian Hopp * - * @version \$Id: sysdep_UNKNOWN.c,v 1.11 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: sysdep_UNKNOWN.c,v 1.17 2009/02/13 09:18:18 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process.c /tmp/QeMlhPoI46/monit-5.0.3/process.c --- monit-4.8.1/process.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/process.c 2009-02-13 13:06:32.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include "config.h" @@ -35,13 +45,11 @@ #include #endif -#ifdef TIME_WITH_SYS_TIME -#include - -#ifdef HAVE_SYS_TIME +#ifdef HAVE_SYS_TIME_H #include #endif -#else + +#ifdef HAVE_TIME_H #include #endif @@ -61,7 +69,7 @@ * @author Jan-Henrik Haukeland, * @author Christian Hopp * - * @version \$Id: process.c,v 1.31 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: process.c,v 1.44 2009/02/13 09:18:09 hauk Exp $ * * @file */ @@ -80,7 +88,7 @@ char statusnames[][STRLEN]= {"accessible", "accessible", "accessible", "running", "online with all services", "running", "accessible"}; -char servicetypes[][STRLEN]= {"Device", "Directory", "File", "Process", +char servicetypes[][STRLEN]= {"Filesystem", "Directory", "File", "Process", "Remote Host", "System", "Fifo"}; char pathnames[][STRLEN]= {"Path", "Path", "Path", "Pid file", "Path", "", "Path"}; @@ -93,18 +101,24 @@ "Address Mask Reply"}; char sslnames[][STRLEN]= {"auto", "v2", "v3", "tls"}; -int include_children= TRUE; -int num_cpus=1; - /** * Initialize the proc information code * @return TRUE if succeeded otherwise FALSE. */ int init_process_info(void) { + int rv; memset(&systeminfo, 0, sizeof(SystemInfo_T)); - time(&systeminfo.collected); + gettimeofday(&systeminfo.collected, NULL); + if((rv = uname(&systeminfo.uname)) < 0) { + LogError("'%s' resource monitoring initialization error -- uname failed: %s\n", Run.system->name, STRERROR); + return FALSE; + } + + systeminfo.total_cpu_user_percent = -10; + systeminfo.total_cpu_syst_percent = -10; + systeminfo.total_cpu_wait_percent = -10; return (init_process_info_sysdep()); @@ -139,17 +153,7 @@ s->inf->mem_kbyte=leaf->mem_kbyte; s->inf->status_flag=leaf->status_flag; s->inf->total_mem_kbyte=leaf->mem_kbyte_sum; - - if ( include_children ) { - - s->inf->cpu_percent=leaf->cpu_percent_sum; - - } else { - - s->inf->cpu_percent=leaf->cpu_percent; - - } - + s->inf->cpu_percent=leaf->cpu_percent; s->inf->total_cpu_percent=leaf->cpu_percent_sum; if ( systeminfo.mem_kbyte_max == 0 ) { @@ -303,7 +307,9 @@ pt[i].cputime_prev = oldentry->cputime; pt[i].time_prev = oldentry->time; - if(pt[i].cputime_prev != 0 && + /* The cpu_percent may be set already (for example by HPUX module) */ + if(pt[i].cpu_percent == 0 && + pt[i].cputime_prev != 0 && pt[i].cputime != 0 && pt[i].cputime > pt[i].cputime_prev) { @@ -312,18 +318,12 @@ 1000 * (double)(pt[i].cputime - pt[i].cputime_prev) / (pt[i].time - pt[i].time_prev) - ) / num_cpus + ) / systeminfo.cpus ); - if(pt[i].cpu_percent > 1000 / num_cpus) - { - /* Just for paranoia! */ - pt[i].cpu_percent = 1000 / num_cpus; - } - } - else - { - pt[i].cpu_percent = 0; + /* Just for paranoia! */ + if(pt[i].cpu_percent > 1000 / systeminfo.cpus) + pt[i].cpu_percent = 1000 / systeminfo.cpus; } } else diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/process.h /tmp/QeMlhPoI46/monit-5.0.3/process.h --- monit-4.8.1/process.h 2006-01-01 22:01:03.000000000 +0000 +++ monit-5.0.3/process.h 2009-02-13 13:06:32.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #ifndef MONIT_PROCESS_H @@ -28,7 +38,6 @@ #define PROCESS_ZOMBIE 1 -extern int include_children; extern char actionnames[][STRLEN]; extern char modenames[][STRLEN]; extern char checksumnames[][STRLEN]; @@ -40,8 +49,6 @@ extern char pathnames[][STRLEN]; extern char icmpnames[][STRLEN]; extern char sslnames[][STRLEN]; -extern int num_cpus; -extern long mem_kbyte_max; int update_process_data(Service_T s, ProcessTree_T *, int treesize, pid_t pid); int init_process_info(void); diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/apache_status.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/apache_status.c --- monit-4.8.1/protocols/apache_status.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/apache_status.c 2009-05-02 16:01:13.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -61,7 +71,7 @@ * even with ExtendedStatus Off on Apache config file. * * @author David Fletcher, - * @version \$Id: apache_status.c,v 1.7 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: apache_status.c,v 1.14 2009/05/02 15:01:13 martinp Exp $ * @file */ int check_apache_status(Socket_T s) { @@ -104,7 +114,7 @@ int scored = 0; int errors = 0; char line[READ_SIZE]; - char search_string[READ_SIZE]; + char search_string[READ_SIZE + 1]; int loglimit= 0; int closelimit= 0; @@ -147,7 +157,7 @@ while(NULL != socket_readln(s, line, READ_SIZE)) { if(Util_startsWith(line, "Scoreboard")) { - if(1 != sscanf(line, "%*s%*[: ]%s", search_string)) { + if(1 != sscanf(line, "%*s%*[: ]%1024s", search_string)) { Util_chomp(line); LogError("APACHE-STATUS error: parsing Apache status response '%s'\n", line); diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/clamav.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/clamav.c --- monit-4.8.1/protocols/clamav.c 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/protocols/clamav.c 2009-02-13 13:06:39.000000000 +0000 @@ -0,0 +1,87 @@ +/* + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. + */ + +#include + +#ifdef HAVE_STDIO_H +#include +#endif + +#ifdef HAVE_ERRNO_H +#include +#endif + +#ifdef HAVE_STRING_H +#include +#endif + +#ifdef HAVE_STRINGS_H +#include +#endif + +#include "protocol.h" + +/** + * Send PING and check for PONG. + * If alive return TRUE, else, return FALSE. + * + * @author Debrard Sébastien + * + * @version \$Id: clamav.c,v 1.7 2009/02/13 09:18:19 hauk Exp $ + * + * @file + */ +int check_clamav(Socket_T s) { + + char buf[STRLEN]; + const char *ok= "PONG"; + + ASSERT(s); + + if(socket_print(s, "PING\r\n") < 0) { + LogError("CLAMAV: error sending data -- %s\n", STRERROR); + return FALSE; + } + + if(!socket_readln(s, buf, sizeof(buf))) { + LogError("CLAMAV: error receiving data -- %s\n", STRERROR); + return FALSE; + } + + Util_chomp(buf); + + if(strncasecmp(buf, ok, strlen(ok)) != 0) { + LogError("CLAMAV error: %s\n", buf); + return FALSE; + } + + return TRUE; + +} + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/default.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/default.c --- monit-4.8.1/protocols/default.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/protocols/default.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -26,7 +36,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: default.c,v 1.13 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: default.c,v 1.19 2009/02/13 09:18:19 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/dns.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/dns.c --- monit-4.8.1/protocols/dns.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/dns.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -48,7 +58,7 @@ * * @author Martin Pala, * - * @version \$Id: dns.c,v 1.5 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: dns.c,v 1.11 2009/02/13 09:18:19 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/dwp.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/dwp.c --- monit-4.8.1/protocols/dwp.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/dwp.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -63,7 +73,7 @@ * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: dwp.c,v 1.16 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: dwp.c,v 1.24 2009/05/09 15:11:39 martinp Exp $ * * @file */ @@ -91,7 +101,7 @@ Util_chomp(buf); - n= sscanf(buf, "%s %d", proto, &status); + n= sscanf(buf, "%255s %d", proto, &status); if(n!=2 || (status >= 400)) { LogError("DWP error: %s\n", buf); return FALSE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/ftp.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/ftp.c --- monit-4.8.1/protocols/ftp.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/ftp.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -40,7 +50,7 @@ * @author Jan-Henrik Haukeland, * @author Michael Amster, * - * @version \$Id: ftp.c,v 1.25 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: ftp.c,v 1.31 2009/02/13 09:18:19 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/generic.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/generic.c --- monit-4.8.1/protocols/generic.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/generic.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -46,102 +56,87 @@ * * @author Christian Hopp, * - * @version \$Id: generic.c,v 1.19 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: generic.c,v 1.29 2009/05/04 20:00:30 martinp Exp $ * * @file */ int check_generic(Socket_T s) { - Generic_T g= NULL; - char buf[STRLEN+1]; + char *buf; #ifdef HAVE_REGEX_H int regex_return; #endif - ASSERT(s); - if(socket_get_Port(s)) { + if(socket_get_Port(s)) g= ((Port_T)(socket_get_Port(s)))->generic; - } + buf = xcalloc(sizeof(char), Run.expectbuffer + 1); + while (g != NULL) { if (g->send != NULL) { /* Unescape any \0x00 escaped chars in g's send string to allow sending a string containing \0 bytes also */ - char *X= xstrdup(g->send); - int l= Util_handle0Escapes(X); + char *X = xstrdup(g->send); + int l = Util_handle0Escapes(X); if(socket_write(s, X, l) < 0) { - LogError("GENERIC: error sending data -- %s\n", STRERROR); + FREE(X); + FREE(buf); return FALSE; - - } else { - + } else DEBUG("GENERIC: successfully sent: '%s'\n", g->send); - - } - + FREE(X); - + } else if (g->expect != NULL) { int n; + /* Need read, not readln here */ - if((n= socket_read(s, buf, STRLEN))<0) { - + if((n= socket_read(s, buf, Run.expectbuffer))<0) { LogError("GENERIC: error receiving data -- %s\n", STRERROR); + FREE(buf); return FALSE; - } buf[n]= 0; #ifdef HAVE_REGEX_H - regex_return=regexec( g->expect, - buf, - 0, - NULL, - 0); + regex_return= regexec(g->expect, buf, 0, NULL, 0); if (regex_return != 0) { - - LogError("GENERIC: receiving unexpected data [%s]\n", buf); + char e[STRLEN]; + regerror(regex_return, g->expect, e, STRLEN); + LogError("GENERIC: receiving unexpected data [%s] -- %s\n", Util_trunc(buf, STRLEN - 4), e); + FREE(buf); return FALSE; - - } else { - - DEBUG("GENERIC: successfully received: '%s'\n", buf); - - } + } else + DEBUG("GENERIC: successfully received: '%s'\n", Util_trunc(buf, STRLEN - 4)); #else /* w/o regex support */ - if ( strncmp(buf, g->expect, strlen(g->expect)) != 0 ) { - - LogError("GENERIC: receiving unexpected data [%s]\n", buf); + if (strncmp(buf, g->expect, strlen(g->expect)) != 0) { + LogError("GENERIC: receiving unexpected data [%s]\n", Util_trunc(buf, STRLEN - 4)); + FREE(buf); return FALSE; - - } else { - - DEBUG("GENERIC: successfully received: '%s'\n", buf); - - } + } else + DEBUG("GENERIC: successfully received: '%s'\n", Util_trunc(buf, STRLEN - 4)); #endif } else { - /* This should not happen */ LogError("GENERIC: unexpected strageness\n"); + FREE(buf); return FALSE; - } - g= g->next; } + FREE(buf); return TRUE; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/http.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/http.c --- monit-4.8.1/protocols/http.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/http.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -68,12 +78,9 @@ * If the status code is >= 400, an error has occurred. * Return TRUE if the status code is OK, otherwise FALSE. * - * The function tries to follow redirects from the server and will - * try to authenticate using Basic Auth if required by the server. - * * @author Jan-Henrik Haukeland, * @author Martin Pala, - * @version \$Id: http.c,v 1.49 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: http.c,v 1.58 2009/02/13 09:18:20 hauk Exp $ * @file */ @@ -86,25 +93,14 @@ #define READ_SIZE 8192 #define LINE_SIZE 512 -typedef struct { - Socket_T s; - int closed; - int status; - long content_length; - char cookie[LINE_SIZE]; - char location[LINE_SIZE]; -} Http_T; - /* -------------------------------------------------------------- Prototypes */ -static int do_redirect(Http_T *H); -static int do_regex(Http_T *h, Request_T R); static int check_request(Socket_T s, Port_T P); -static int get_response(Socket_T s, Http_T *H); static char *get_auth_header(Port_T P, char *auth, int l); -static int check_request_checksum(Http_T *H, char *checksum, int hashtype); +static int do_regex(Socket_T s, long content_length, Request_T R); +static int check_request_checksum(Socket_T s, long content_length, char *checksum, int hashtype); /* ------------------------------------------------------------------ Public */ @@ -125,12 +121,11 @@ request= P->request?P->request:"/"; - /* The connection is kept open in case we have to follow a - redirect */ if(socket_print(s, "GET %s HTTP/1.1\r\n" "Host: %s\r\n" "Accept: */*\r\n" + "Connection: close\r\n" "User-Agent: %s/%s\r\n" "%s\r\n", request, Util_getHTTPHostHeader(s, host, STRLEN), @@ -148,130 +143,139 @@ /** - * Check that the server returns a valid HTTP response + * Check that the server returns a valid HTTP response as well as checksum + * or content regex if required * @param s A socket * @return TRUE if the response is valid otherwise FALSE */ static int check_request(Socket_T s, Port_T P) { - Http_T H; + int status; + char buf[LINE_SIZE]; + long content_length= -1; - memset(&H, 0, sizeof(H)); + if(! socket_readln(s, buf, LINE_SIZE)) { + LogError("HTTP: error receiving data -- %s\n", STRERROR); + return FALSE; + } - /* Read the response and assign those headers we are interested in */ - if(! get_response(s, &H)) { - return FALSE; - } + Util_chomp(buf); - switch(H.status) { - - case SC_OK: - break; - - case SC_MOVED_TEMPORARILY: - if(!do_redirect(&H)) { - DEBUG("HTTP warning: cannot follow redirect\n"); - /* The server did respond so this is not strictly an error, but - it's probably an error to continue from here */ - return TRUE; - } - break; - - default: - if(H.status>=400) { - LogError("HTTP error: Server returned status %d\n", H.status); + if(! sscanf(buf, "%*s %d", &status)) { + LogError("HTTP error: cannot parse HTTP status in response: %s\n", buf); return FALSE; } - - } - - if(P->url_request && P->url_request->regex) { - if(! do_regex(&H, P->url_request)) { - LogError("HTTP error: Failed regular expression test on content" - " returned from server\n"); + + if(status >= 400) { + LogError("HTTP error: Server returned status %d\n", status); return FALSE; } - } + + /* Get Content-Length header value */ + while(NULL != socket_readln(s, buf, LINE_SIZE)) { - if(P->request_checksum) { - return check_request_checksum(&H, P->request_checksum, P->request_hashtype); - } - - return TRUE; + if((buf[0] == '\r' && buf[1] == '\n') || (buf[0] == '\n')) + break; + + Util_chomp(buf); + + if(Util_startsWith(buf, "Content-Length")) { + if(! sscanf(buf, "%*s%*[: ]%ld", &content_length)) { + LogError("HTTP error: parsing Content-Length response header '%s'\n", + buf); + return FALSE; + } + if(content_length < 0) { + LogError("HTTP error: Illegal Content-Length response header '%s'\n", + buf); + return FALSE; + } + } + + } -} + if(P->url_request && P->url_request->regex) { + if(! do_regex(s, content_length, P->url_request)) { + LogError("HTTP error: Failed regular expression test on content" + " returned from server\n"); + return FALSE; + } + } + + if(P->request_checksum) { + return check_request_checksum(s, content_length, P->request_checksum, + P->request_hashtype); + } + return TRUE; -static int check_request_checksum(Http_T *H, char *checksum, int hashtype) { +} - Socket_T s= H->s; - long content_length= H->content_length; - if(! content_length) { - DEBUG("HTTP warning: Response does not contain Content-Length\n"); - } else { - - char *r; - int n, i; - long size; - char result[STRLEN]; - char buf[READ_SIZE]; - unsigned char hash[STRLEN]; - int keylength=0; +static int check_request_checksum(Socket_T s, long content_length, char *checksum, int hashtype) { - switch (hashtype) { + int n; + long size; + MD_T result; + char buf[READ_SIZE]; + unsigned char hash[STRLEN]; + int keylength=0; + + if(content_length <= 0) { + DEBUG("HTTP warning: Response does not contain a valid Content-Length\n" + "Cannot compute checksum\n"); + return TRUE; + } + + switch (hashtype) { case HASH_MD5: - { - struct md5_ctx ctx; - md5_init_ctx(&ctx); - while(content_length > 0) { - size= content_length>READ_SIZE?READ_SIZE:content_length; - n= socket_read(s, buf, size); - if(n<0) break; - md5_process_bytes(buf, n, &ctx); - content_length -= n; - } - md5_finish_ctx(&ctx, hash); - keylength=16; /* Raw key bytes not string chars! */ - break; + { + struct md5_ctx ctx; + md5_init_ctx(&ctx); + while(content_length > 0) { + size= content_length>READ_SIZE?READ_SIZE:content_length; + n= socket_read(s, buf, size); + if(n<0) break; + md5_process_bytes(buf, n, &ctx); + content_length -= n; } + md5_finish_ctx(&ctx, hash); + keylength=16; /* Raw key bytes not string chars! */ + break; + } case HASH_SHA1: - { - struct sha_ctx ctx; - sha_init_ctx(&ctx); - while(content_length > 0) { - size= content_length>READ_SIZE?READ_SIZE:content_length; - n= socket_read(s, buf, size); - if(n<0) break; - sha_process_bytes(buf, n, &ctx); - content_length -= n; - } - sha_finish_ctx(&ctx, hash); - keylength=20; /* Raw key bytes not string chars! */ - break; + { + struct sha_ctx ctx; + sha_init_ctx(&ctx); + while(content_length > 0) { + size= content_length>READ_SIZE?READ_SIZE:content_length; + n= socket_read(s, buf, size); + if(n<0) break; + sha_process_bytes(buf, n, &ctx); + content_length -= n; } - default: - DEBUG("HTTP warning: Unknown hash type\n"); - return FALSE; - } - r= result; - for(i= 0; i < keylength; ++i) { - r+= snprintf(r, STRLEN-(r-result) ,"%02x", hash[i]); - } - if(strncasecmp(result, checksum, keylength*2) != 0) { - DEBUG("HTTP warning: Document checksum mismatch\n"); - return FALSE; - } else { - DEBUG("HTTP: Succeeded testing document checksum\n"); + sha_finish_ctx(&ctx, hash); + keylength=20; /* Raw key bytes not string chars! */ + break; } + default: + DEBUG("HTTP warning: Unknown hash type\n"); + return FALSE; + } + + if(strncasecmp(Util_digest2Bytes(hash, keylength, result), checksum, keylength*2) != 0) { + DEBUG("HTTP warning: Document checksum mismatch\n"); + return FALSE; + } else { + DEBUG("HTTP: Succeeded testing document checksum\n"); } - + return TRUE; - + } -static int do_regex(Http_T *H, Request_T R) { +static int do_regex(Socket_T s, long content_length, Request_T R) { int n; int size= 0; @@ -288,24 +292,24 @@ return TRUE; } - if(H->content_length == 0) { + if(content_length == 0) { LogError("HTTP error: Cannot test regex -- No content returned " "from server\n"); return FALSE; } - if(H->content_length < 0) /* Not defined in response */ - H->content_length= HTTP_CONTENT_MAX; - else if(H->content_length > HTTP_CONTENT_MAX) - H->content_length= HTTP_CONTENT_MAX; + if(content_length < 0) /* Not defined in response */ + content_length= HTTP_CONTENT_MAX; + else if(content_length > HTTP_CONTENT_MAX) + content_length= HTTP_CONTENT_MAX; n= 0; size= 0; - length= H->content_length; - buf= xmalloc(H->content_length + 1); + length= content_length; + buf= xmalloc(content_length + 1); do { - n= socket_read(H->s, &buf[size], length); + n= socket_read(s, &buf[size], length); if(n<=0) break; size+= n; @@ -383,166 +387,6 @@ } -/* -------------------------------------------------------- State management */ - - -/* - * Follow redirect responses from the server. - */ -static int do_redirect(Http_T *H) { - - char host[STRLEN]; - char auth[STRLEN]= {0}; - Port_T P= socket_get_Port(H->s); - - - /* - * FIXME: there is a - * BIG shortcoming here since the code only follow redirects on the - * same server. What we need to do is to open a new socket against - * the server in the location header. This may provide problems since - * the socket is owned by the caller. Anyway, do investigate this further. - */ - - if(!*H->location) { - DEBUG("HTTP error: Missing Location header in response\n"); - return FALSE; - } - - if(H->closed) { - DEBUG("HTTP warning: Aborting test, connection was closed\n"); - return FALSE; - } - - if(socket_print(H->s, - "GET %s HTTP/1.1\r\n" - "Host: %s\r\n" - "Accept: */*\r\n" - "User-Agent: %s/%s\r\n" - "Cookie: %s\r\n" - "%s\r\n", - H->location, Util_getHTTPHostHeader(H->s, host,STRLEN), - prog, VERSION, H->cookie, get_auth_header(P, auth, STRLEN)) - < 0) { - DEBUG("HTTP error: Failed sending data -- %s\n", STRERROR); - return FALSE; - } - - if(! get_response(H->s, H)) { - return FALSE; - } - - switch(H->status) { - - case SC_OK: - break; - - case SC_MOVED_TEMPORARILY: - if(!do_redirect(H)) { - return FALSE; - } - break; - - default: - if(H->status>=400) { - return FALSE; - } - - } - - return TRUE; - -} - - -static int get_response(Socket_T s, Http_T *H) { - - char buf[LINE_SIZE]; - - H->s= s; - *H->location= 0; - H->content_length= -1; - - if(! socket_readln(H->s, buf, LINE_SIZE)) { - LogError("HTTP: error receiving data -- %s\n", STRERROR); - return FALSE; - } - - Util_chomp(buf); - - if(sscanf(buf, "%*s %d", &H->status) !=1) { - LogError("HTTP error: cannot parse HTTP status in response: %s\n", buf); - return FALSE; - } - - while(NULL != socket_readln(s, buf, LINE_SIZE)) { - - if(Util_startsWith(buf, "\r\n") || Util_startsWith(buf, "\n")) - break; - - Util_chomp(buf); - - if(Util_startsWith(buf, "Content-Length")) { - if(1 != sscanf(buf, "%*s%*[: ]%ld", &H->content_length)) { - LogError("HTTP error: parsing Content-Length response header '%s'\n", - buf); - return FALSE; - } - if(H->content_length < 0) { - LogError("HTTP error: Illegal Content-Length response header '%s'\n", - buf); - return FALSE; - } - } - - if(Util_startsWith(buf, "Location")) { - if(1 != sscanf(buf, "%*s%*[: ]%s", H->location)) { - LogError("HTTP error: parsing Location response header '%s'\n", - buf); - return FALSE; - } - } - - if(Util_startsWith(buf, "Connection")) { - char *p= strchr(buf, ':'); - if(!p) { - LogError("HTTP error: parsing Connection response header '%s'\n", - buf); - return FALSE; - } - Util_trim(++p); - H->closed= Util_startsWith(p, "close"); - } - - if(Util_startsWith(buf, "Set-Cookie")) { - char *s; - char *p= strchr(buf, ':'); - if(!p) { - LogError("HTTP error: parsing Cookie response header '%s'\n", buf); - return FALSE; - } - Util_trim(++p); - /* Strip away cookie-av elements. */ -again: - if((s= strstr(p, "Comment")) || - (s= strstr(p, "Domain")) || - (s= strstr(p, "Max-Age")) || - (s= strstr(p, "Secure")) || - (s= strstr(p, "Version")) || - (s= strstr(p, "Path"))) { - *s= 0; - goto again; - } - snprintf(H->cookie, LINE_SIZE, "%s", Util_trim(p)); - } - - } - - return TRUE; - -} - - static char *get_auth_header(Port_T P, char *auth, int l) { char *b64; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/imap.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/imap.c --- monit-4.8.1/protocols/imap.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/imap.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -43,7 +53,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: imap.c,v 1.20 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: imap.c,v 1.26 2009/02/13 09:18:20 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/ldap2.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/ldap2.c --- monit-4.8.1/protocols/ldap2.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/ldap2.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -49,7 +59,7 @@ * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: ldap2.c,v 1.16 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: ldap2.c,v 1.22 2009/02/13 09:18:20 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/ldap3.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/ldap3.c --- monit-4.8.1/protocols/ldap3.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/ldap3.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -49,7 +59,7 @@ * @author Jan-Henrik Haukeland, * @author Martin Pala, * - * @version \$Id: ldap3.c,v 1.16 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: ldap3.c,v 1.22 2009/02/13 09:18:20 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/lmtp.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/lmtp.c --- monit-4.8.1/protocols/lmtp.c 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/protocols/lmtp.c 2009-02-13 13:06:39.000000000 +0000 @@ -0,0 +1,107 @@ +/* + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#include + +#ifdef HAVE_STDIO_H +#include +#endif + +#ifdef HAVE_ERRNO_H +#include +#endif + +#ifdef HAVE_STRING_H +#include +#endif + +#include "protocol.h" + + +/* Private prototypes */ +static int do_send(Socket_T s, char *msg); +static int expect(Socket_T s, int expect, int log); + + +/** + * Check the server for greeting code 220 and send LHLO and test + * for return code 250 and finally send QUIT and check + * for return code 221. If alive return TRUE else return FALSE. + * See rfc2033 + * + * @author Fco.Javier Felix, + * + * @version \$Id: lmtp.c,v 1.3 2009/02/13 08:31:34 hauk Exp $ + * + * @file + */ +int check_lmtp(Socket_T s) { + + ASSERT(s); + + if(!expect(s, 220, TRUE)) + return FALSE; + + if (!(do_send(s, "LHLO localhost\r\n") && expect(s, 250, TRUE))) + return FALSE; + + if(!(do_send(s, "QUIT\r\n") && expect(s, 221, TRUE))) + return FALSE; + + return TRUE; + +} + + +/* --------------------------------------------------------------- Private */ + + +static int do_send(Socket_T s, char *msg) { + + if(socket_write(s, msg, strlen(msg)) < 0) { + LogError("LMTP: error sending data -- %s\n", STRERROR); + return FALSE; + } + + return TRUE; + +} + + +static int expect(Socket_T s, int expect, int log) { + + int status; + char buf[STRLEN]; + + if(!socket_readln(s, buf, STRLEN)) { + LogError("LMTP: error receiving data -- %s\n", STRERROR); + return FALSE; + } + + Util_chomp(buf); + + sscanf(buf, "%d%*s", &status); + if(status != expect) { + if(log) + LogError("LMTP error: %s\n", buf); + return FALSE; + } + + return TRUE; + +} + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/mysql.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/mysql.c --- monit-4.8.1/protocols/mysql.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/mysql.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -44,7 +54,7 @@ * * @author Martin Pala, * - * @version \$Id: mysql.c,v 1.9 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: mysql.c,v 1.16 2009/02/13 09:18:20 hauk Exp $ * * @file */ @@ -115,8 +125,9 @@ } /* read just first few bytes which contains enough information */ + errno = 0; if(socket_read(s, buf, 7) <= 6) { - LogError("MYSQL: error receiving login response -- %s\n", STRERROR); + LogError("MYSQL: error receiving login response\n"); return FALSE; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/nntp.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/nntp.c --- monit-4.8.1/protocols/nntp.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/nntp.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -39,7 +49,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: nntp.c,v 1.21 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: nntp.c,v 1.27 2009/02/13 09:18:21 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/NOTES /tmp/QeMlhPoI46/monit-5.0.3/protocols/NOTES --- monit-4.8.1/protocols/NOTES 2006-01-01 22:01:06.000000000 +0000 +++ monit-5.0.3/protocols/NOTES 2008-03-31 22:13:31.000000000 +0100 @@ -69,9 +69,9 @@ your new xyz.c file and compile it. 5) Edit your control file to test your new protocol, e.g. - (nb! use a real portnumber to the server that speaks xyz): + (NB! use a real port number to the server that speaks xyz): - port 8040 protocol xyz + if failed port 8040 protocol xyz then alert 6) It's time for testing; Run monit from the command line: @@ -87,7 +87,3 @@ --------------------------------------------- - - -Jan-Henrik Haukeland - diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/ntp3.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/ntp3.c --- monit-4.8.1/protocols/ntp3.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/ntp3.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -37,7 +47,7 @@ * * @author Michel Marti, * - * @version \$Id: ntp3.c,v 1.10 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: ntp3.c,v 1.16 2009/02/13 09:18:21 hauk Exp $ * */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/pgsql.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/pgsql.c --- monit-4.8.1/protocols/pgsql.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/pgsql.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -38,7 +48,7 @@ * * @author Tatsuya Nonogaki, * - * @version \$Id: pgsql.c,v 1.2 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: pgsql.c,v 1.8 2009/02/13 09:18:21 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/pop.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/pop.c --- monit-4.8.1/protocols/pop.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/pop.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -43,7 +53,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: pop.c,v 1.20 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: pop.c,v 1.26 2009/02/13 09:18:21 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/postfix_policy.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/postfix_policy.c --- monit-4.8.1/protocols/postfix_policy.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/postfix_policy.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -66,7 +76,7 @@ * * @author Martin Pala, * - * @version \$Id: postfix_policy.c,v 1.4 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: postfix_policy.c,v 1.11 2009/02/13 09:18:21 hauk Exp $ * * @file */ @@ -98,7 +108,7 @@ if( (strlen(buf) <= 7) || strncasecmp(buf, "action=", 7) ) { LogError("POSTFIX-POLICY error: %s\n", - (buf && *buf)?buf:"no action returned"); + *buf?buf:"no action returned"); return FALSE; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/protocol.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/protocol.c --- monit-4.8.1/protocols/protocol.c 2006-01-22 22:13:09.000000000 +0000 +++ monit-5.0.3/protocols/protocol.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -42,6 +52,7 @@ static Protocol_T mygeneric= NULL; static Protocol_T myhttp= NULL; static Protocol_T myimap= NULL; +static Protocol_T myclamav= NULL; static Protocol_T myldap2= NULL; static Protocol_T myldap3= NULL; static Protocol_T mymysql= NULL; @@ -51,10 +62,12 @@ static Protocol_T mypop= NULL; static Protocol_T mysmtp= NULL; static Protocol_T myssh= NULL; +static Protocol_T mylmtp= NULL; static Protocol_T myrdate= NULL; static Protocol_T myrsync= NULL; static Protocol_T mytns= NULL; static Protocol_T mypgsql= NULL; +static Protocol_T mysip= NULL; /** @@ -63,7 +76,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: protocol.c,v 1.27 2006/01/22 19:47:36 hauk Exp $ + * @version \$Id: protocol.c,v 1.36 2009/02/13 09:18:21 hauk Exp $ * * @file */ @@ -82,6 +95,7 @@ FREE(mygeneric); FREE(myhttp); FREE(myimap); + FREE(myclamav); FREE(myldap2); FREE(myldap3); FREE(mymysql); @@ -91,10 +105,12 @@ FREE(mypop); FREE(mysmtp); FREE(myssh); + FREE(mylmtp); FREE(myrdate); FREE(myrsync); FREE(mytns); FREE(mypgsql); + FREE(mysip); } @@ -178,6 +194,14 @@ return myimap; } +void *create_clamav() { + if(myclamav == NULL) { + NEW(myclamav); + myclamav->name= "CLAMAV"; + myclamav->check= check_clamav; + } + return myclamav; +} void *create_ldap2() { if(myldap2 == NULL) { @@ -209,6 +233,16 @@ } +void *create_sip() { + if(mysip == NULL) { + NEW(mysip); + mysip->name= "SIP"; + mysip->check= check_sip; + } + return mysip; +} + + void *create_nntp() { if(mynntp == NULL) { NEW(mynntp); @@ -258,6 +292,15 @@ return mysmtp; } +void *create_lmtp() { + if(mylmtp == NULL) { + NEW(mylmtp); + mylmtp->name= "LMTP"; + mylmtp->check= check_lmtp; + } + return mylmtp; +} + void *create_ssh() { if(myssh == NULL) { diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/protocol.h /tmp/QeMlhPoI46/monit-5.0.3/protocols/protocol.h --- monit-4.8.1/protocols/protocol.h 2006-01-22 22:13:09.000000000 +0000 +++ monit-5.0.3/protocols/protocol.h 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -48,6 +58,9 @@ #define P_POSTFIXPOLICY 19 #define P_TNS 20 #define P_PGSQL 21 +#define P_CLAMAV 22 +#define P_SIP 23 +#define P_LMTP 24 void gc_protocols(); @@ -60,6 +73,7 @@ void* create_generic(); void* create_http(); void* create_imap(); +void* create_clamav(); void* create_ldap2(); void* create_ldap3(); void* create_mysql(); @@ -73,6 +87,8 @@ void* create_rsync(); void* create_tns(); void* create_pgsql(); +void* create_sip(); +void* create_lmtp(); /* "Package" locale Protocol routines */ int check_apache_status(Socket_T); @@ -83,6 +99,7 @@ int check_generic(Socket_T); int check_http(Socket_T); int check_imap(Socket_T); +int check_clamav(Socket_T); int check_ldap2(Socket_T); int check_ldap3(Socket_T); int check_mysql(Socket_T); @@ -96,6 +113,8 @@ int check_rsync(Socket_T); int check_tns(Socket_T); int check_pgsql(Socket_T); +int check_sip(Socket_T); +int check_lmtp(Socket_T); #endif diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/rdate.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/rdate.c --- monit-4.8.1/protocols/rdate.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/rdate.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -49,7 +59,7 @@ * * @author Francois Isabelle * - * @version \$Id: rdate.c,v 1.9 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: rdate.c,v 1.15 2009/02/13 09:18:21 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/rsync.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/rsync.c --- monit-4.8.1/protocols/rsync.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/rsync.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -40,7 +50,7 @@ * * @author Igor Homyakov * - * @version \$Id: rsync.c,v 1.14 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: rsync.c,v 1.22 2009/05/09 15:11:39 martinp Exp $ * * @file */ @@ -60,7 +70,7 @@ Util_chomp(buf); - rc = sscanf(buf, "%s %d", msg, &version); + rc = sscanf(buf, "%255s %d", msg, &version); if ((rc == EOF) || (rc == 0)) { LogError("RSYNC: server greeting parse error %s\n", buf); return FALSE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/sip.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/sip.c --- monit-4.8.1/protocols/sip.c 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/protocols/sip.c 2009-02-13 13:06:39.000000000 +0000 @@ -0,0 +1,213 @@ +/* + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. + */ + + +#include + +#ifdef HAVE_STDIO_H +#include +#endif + +#ifdef HAVE_ERRNO_H +#include +#endif + +#ifdef HAVE_STRING_H +#include +#endif + +#ifdef HAVE_TIME_H +#include +#endif + +#ifdef HAVE_STDLIB_H +#include +#endif + +#ifdef HAVE_SYS_TYPES_H +#include +#endif + +#ifdef HAVE_SYS_SOCKET_H +#include +#endif + +#ifdef HAVE_UNISTD_H +#include +#endif + +#ifdef HAVE_ARPA_INET_H +#include +#endif + +#include "protocol.h" + + +/** + * + * A SIP test. + * + * This test has been created in order to construct valid SIP message, + * even with a low poll cycle. (In case of low poll cycle, chance are + * high for a misinterpretation of the generic test by the SIP AS. It + * will considered it for a retransmission, not for a new message) + * + * The test sends an OPTIONS request and check the server's status code. + * + * The status code must be between 200 and 300 + * Return TRUE if the status code is OK, otherwise FALSE + * + * In this current version, redirection is not supported. + * + * @author Pierrick Grasland + * @author Bret McDanel, + * @version \$Id: sip.c,v 1.10 2009/02/13 09:18:22 hauk Exp $ + * + * @file + */ + + + /* -------------------------------------------------------------- Public*/ + +int check_sip(Socket_T s) { + int status; + char buf[STRLEN]; + int port; + char *transport; + Port_T P; + const char *request; + const char *myip; + char *rport= ""; + char *proto; + int seed; + + ASSERT(s); + + P= socket_get_Port(s); + ASSERT(P); + request= P->request?P->request:"monit@foo.bar"; + + port = socket_get_local_port(s); + proto = socket_is_secure(s) ? "sips" : "sip"; + + switch(socket_get_type(s)) { + case SOCK_DGRAM: + { + transport="UDP"; + rport=";rport"; + seed=1; + break; + } + case SOCK_STREAM: + { + transport="TCP"; + seed=2; + break; + } + default: + { + LogError("Unsupported socket type, only TCP and UDP are supported\n"); + return TRUE; + } + } + + myip= socket_get_local_host(s); + + /* initialization of random param */ + srand(time(NULL)+getpid()+seed); + + if(socket_print(s, + "OPTIONS %s:%s SIP/2.0\r\n" + "Via: SIP/2.0/%s %s:%d;branch=z9hG4bKh%u%s\r\n" + "Max-Forwards: %d\r\n" + "To: <%s:%s>\r\n" + "From: monit <%s:monit@%s>;tag=%d\r\n" + "Call-ID: %u\r\n" + "CSeq: 63104 OPTIONS\r\n" + "Contact: <%s:%s:%d>\r\n" + "Accept: application/sdp\r\n" + "Content-Length: 0\r\n" + "User-Agent: %s/%s\r\n\r\n", + proto, // protocol + request, // to + transport, // via transport udp|tcp + myip, // who its from + port, // our port + rand(), // branch + rport, // rport option + P->maxforward, // maximum forwards + proto, // protocol + request, // to + proto, // protocol + myip, // from host + rand(), // tag + rand(), // call id + proto, // protocol + myip, // contact host + port, // contact port + prog, VERSION // user agent + ) < 0) { + LogError("SIP: error sending data -- %s\n", STRERROR); + return FALSE; + } + + if(! socket_readln(s, buf, sizeof(buf))) { + LogError("SIP: error receiving data -- %s\n", STRERROR); + return FALSE; + } + + Util_chomp(buf); + + DEBUG("Response from SIP server: %s\n", buf); + + if(! sscanf(buf, "%*s %d", &status)) { + LogError("SIP error: cannot parse SIP status in response: %s\n", buf); + return FALSE; + } + + if(status >= 400) { + LogError("SIP error: Server returned status %d\n", status); + return FALSE; + } + + if(status >= 300 && status < 400) { + LogError("SIP info: Server redirection. Returned status %d\n", status); + return FALSE; + } + + if(status > 100 && status < 200) { + LogError("SIP error: Provisional response . Returned status %d\n", status); + return FALSE; + } + + return TRUE; + +} diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/smtp.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/smtp.c --- monit-4.8.1/protocols/smtp.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/smtp.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -33,45 +43,66 @@ #include "protocol.h" + +/* Private prototypes */ +static int say(Socket_T s, char *msg); +static int expect(Socket_T s, int expect, int log); + + /** -* Check the server for greeting code 220 and then send QUIT and - * check for code 221. If alive return TRUE, else, return FALSE. + * Check the server for greeting code 220 and send EHLO. If that failed + * try HELO and test for return code 250 and finally send QUIT and check + * for return code 221. If alive return TRUE else return FALSE. * * @author Jan-Henrik Haukeland, * @author Michael Amster, * - * @version \$Id: smtp.c,v 1.27 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: smtp.c,v 1.38 2009/02/13 09:18:22 hauk Exp $ * * @file */ int check_smtp(Socket_T s) { - - int status; - char buf[STRLEN]; - + ASSERT(s); - if(!socket_readln(s, buf, sizeof(buf))) { - LogError("SMTP: error receiving data -- %s\n", STRERROR); + if(!expect(s, 220, TRUE)) return FALSE; - } - Util_chomp(buf); - - sscanf(buf, "%d%*s", &status); - if(status != 220) { - LogError("SMTP error: %s\n", buf); - return FALSE; + if(!(say(s, "EHLO localhost\r\n") && expect(s, 250, FALSE))) { + /* Try HELO also before giving up as of rfc2821 4.1.1.1 */ + if(!(say(s, "HELO localhost\r\n") && expect(s, 250, TRUE))) + return FALSE; } + + if(!(say(s, "QUIT\r\n") && expect(s, 221, TRUE))) + return FALSE; + + return TRUE; - /* Terminate the session */ - if(socket_print(s, "QUIT\r\n") < 0) { +} + + +/* --------------------------------------------------------------- Private */ + + +static int say(Socket_T s, char *msg) { + + if(socket_write(s, msg, strlen(msg)) < 0) { LogError("SMTP: error sending data -- %s\n", STRERROR); return FALSE; } - /* Check the reply */ - if(!socket_readln(s, buf, sizeof(buf))) { + return TRUE; + +} + + +static int expect(Socket_T s, int expect, int log) { + + int status; + char buf[STRLEN]; + + if(!socket_readln(s, buf, STRLEN)) { LogError("SMTP: error receiving data -- %s\n", STRERROR); return FALSE; } @@ -79,8 +110,9 @@ Util_chomp(buf); sscanf(buf, "%d%*s", &status); - if(status != 221) { - LogError("SMTP error: %s\n", buf); + if(status != expect) { + if(log) + LogError("SMTP error: %s\n", buf); return FALSE; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/ssh.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/ssh.c --- monit-4.8.1/protocols/ssh.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/ssh.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -37,7 +47,7 @@ * * @author Igor Homyakov, * - * @version \$Id: ssh.c,v 1.13 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: ssh.c,v 1.21 2009/02/13 09:18:22 hauk Exp $ * * @file */ @@ -53,7 +63,7 @@ } if(! Util_startsWith(buf, "SSH-")) { - LogError("SSH: protocol error %s", buf); + LogError("SSH: protocol error %s\n", buf); return FALSE; } @@ -62,6 +72,9 @@ LogError("SSH: error sending identification string -- %s\n", STRERROR); return FALSE; } + + /* Read one extra line to prevent the "Read from socket failed" warning */ + socket_readln(s, buf, sizeof(buf)); return TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/protocols/tns.c /tmp/QeMlhPoI46/monit-5.0.3/protocols/tns.c --- monit-4.8.1/protocols/tns.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/protocols/tns.c 2009-02-13 13:06:39.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -38,7 +48,7 @@ * * @author Artyom Khafizov, * - * @version \$Id: tns.c,v 1.4 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: tns.c,v 1.10 2009/02/13 09:18:22 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/p.y /tmp/QeMlhPoI46/monit-5.0.3/p.y --- monit-4.8.1/p.y 2006-05-10 21:29:00.000000000 +0100 +++ monit-5.0.3/p.y 2009-05-25 20:02:56.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -30,7 +40,7 @@ * @author Martin Pala * @author Christian Hopp * @author Rory Toma - * @version \$Id: p.y,v 1.234 2006/05/10 17:13:43 martinp Exp $ + * @version \$Id: p.y,v 1.300 2009/05/04 21:25:21 martinp Exp $ */ #include @@ -63,6 +73,14 @@ #include #endif +#ifdef HAVE_SYS_TIME_H +#include +#endif + +#ifdef HAVE_TIME_H +#include +#endif + #ifdef HAVE_SYS_SOCKET_H #include #endif @@ -142,15 +160,15 @@ extern int buffer_stack_ptr; /* Local variables */ - static int cfg_errflag= FALSE; - static Service_T tail= NULL; - static Service_T current= NULL; + static int cfg_errflag = FALSE; + static Service_T tail = NULL; + static Service_T current = NULL; static unsigned int eventset; - static Request_T urlrequest= NULL; - static Command_T command= NULL; - static Command_T command1= NULL; - static Command_T command2= NULL; - static Service_T depend_list= NULL; + static Request_T urlrequest = NULL; + static Command_T command = NULL; + static Command_T command1 = NULL; + static Command_T command2 = NULL; + static Service_T depend_list = NULL; static struct mygid gidset; static struct myuid uidset; static struct myperm permset; @@ -159,15 +177,16 @@ static struct myicmp icmpset; static struct mymail mailset; static struct myport portset; - static struct mydevice deviceset; + static struct mymailserver mailserverset; + static struct myfilesystem filesystemset; static struct myresource resourceset; static struct mychecksum checksumset; static struct mytimestamp timestampset; - static struct IHavePrecedence ihp= {FALSE, FALSE, FALSE}; + static struct IHavePrecedence ihp = {FALSE, FALSE, FALSE}; static struct myrate rate1 = {1, 1}; static struct myrate rate2 = {1, 1}; - static char * htpasswd_file= NULL; - static int digesttype= DIGEST_CLEARTEXT; + static char * htpasswd_file = NULL; + static int digesttype = DIGEST_CLEARTEXT; static int hassystem = FALSE; #define BITMAP_MAX (sizeof(long long) * 8) @@ -184,16 +203,19 @@ static void addport(Port_T); static void addresource(Resource_T); static void addtimestamp(Timestamp_T, int); - static void addsize(Size_T, int); - static void adddevice(Device_T); + static void addsize(Size_T); + static void addfilesystem(Filesystem_T); static void addicmp(Icmp_T); static void *addprotocol(int); static void addgeneric(Port_T, char*, char*); - static void addcommand(int); + static void addcommand(int, unsigned); static void addargument(char *); - static void addcollector(URL_T, int, int, char *); - static void addmailserver(char *, int); + static void addmmonit(URL_T, int, int, char *); + static void addmailserver(MailServer_T); static int addcredentials(char *, char *, int, int); +#ifdef HAVE_LIBPAM + static void addpamauth(char *, int); +#endif static void addhtpasswdentry(char *, char *, int); static uid_t get_uid(char *, uid_t); static gid_t get_gid(char *, gid_t); @@ -212,6 +234,7 @@ static void setlogfile(char *); static void setpidfile(char *); static void reset_mailset(); + static void reset_mailserverset(); static void reset_portset(); static void reset_resourceset(); static void reset_timestampset(); @@ -220,7 +243,7 @@ static void reset_permset(); static void reset_uidset(); static void reset_gidset(); - static void reset_deviceset(); + static void reset_filesystemset(); static void reset_icmpset(); static void reset_rateset(); static void check_name(char *); @@ -229,10 +252,12 @@ static int check_perm(int); static void check_hostname (char *); static void check_exec(char *); - static void createinfo(); static int cleanup_hash_string(char *); static void check_depend(); static void setsyslog(char *); + static void describeAction(Action_T); + static Command_T copycommand(Command_T); + static int verifyMaxForward(int); %} @@ -245,34 +270,36 @@ %token IF ELSE THEN OR FAILED %token SET LOGFILE FACILITY DAEMON SYSLOG MAILSERVER HTTPD ALLOW ADDRESS INIT -%token READONLY CLEARTEXT MD5HASH SHA1HASH CRYPT +%token READONLY CLEARTEXT MD5HASH SHA1HASH CRYPT DELAY %token PEMFILE ENABLE DISABLE HTTPDSSL CLIENTPEMFILE ALLOWSELFCERTIFICATION -%token STATEFILE SEND EXPECT CYCLE COUNT REMINDER +%token IDFILE STATEFILE SEND EXPECT EXPECTBUFFER CYCLE COUNT REMINDER %token PIDFILE START STOP PATHTOK -%token HOST PORT TYPE UDP TCP TCPSSL PROTOCOL CONNECTION -%token ALERT MAILFORMAT UNIXSOCKET SIGNATURE -%token TIMEOUT RESTART CHECKSUM EXPECT EVERY -%token DEFAULT HTTP APACHESTATUS FTP SMTP POP IMAP NNTP NTP3 MYSQL DNS -%token SSH DWP LDAP2 LDAP3 RDATE RSYNC TNS PGSQL POSTFIXPOLICY +%token HOST HOSTNAME PORT TYPE UDP TCP TCPSSL PROTOCOL CONNECTION +%token ALERT NOALERT MAILFORMAT UNIXSOCKET SIGNATURE +%token TIMEOUT RESTART CHECKSUM EVERY +%token DEFAULT HTTP APACHESTATUS FTP SMTP POP IMAP CLAMAV NNTP NTP3 MYSQL DNS +%token SSH DWP LDAP2 LDAP3 RDATE RSYNC TNS PGSQL POSTFIXPOLICY SIP LMTP %token STRING PATH MAILADDR MAILFROM MAILSUBJECT %token MAILBODY SERVICENAME STRINGNAME %token NUMBER PERCENT LOGLIMIT CLOSELIMIT DNSLIMIT KEEPALIVELIMIT %token REPLYLIMIT REQUESTLIMIT STARTLIMIT WAITLIMIT GRACEFULLIMIT %token CLEANUPLIMIT %token REAL -%token CHECKPROC CHECKDEV CHECKFILE CHECKDIR CHECKHOST CHECKSYSTEM CHECKFIFO -%token CPUUSAGE MEMUSAGE MEMKBYTE CHILDREN SYSTEM +%token CHECKPROC CHECKFILESYS CHECKFILE CHECKDIR CHECKHOST CHECKSYSTEM CHECKFIFO CHECKSTATUS +%token CHILDREN SYSTEM %token RESOURCE MEMORY TOTALMEMORY LOADAVG1 LOADAVG5 LOADAVG15 -%token MODE ACTIVE PASSIVE MANUAL CPU CPUUSER CPUSYSTEM CPUWAIT +%token MODE ACTIVE PASSIVE MANUAL CPU TOTALCPU CPUUSER CPUSYSTEM CPUWAIT %token GROUP REQUEST DEPENDS BASEDIR SLOT EVENTQUEUE -%token UID GID COLLECTOR INSTANCE +%token UID GID MMONIT INSTANCE USERNAME PASSWORD %token TIMESTAMP CHANGED SECOND MINUTE HOUR DAY %token SSLAUTO SSLV2 SSLV3 TLSV1 CERTMD5 %token BYTE KILOBYTE MEGABYTE GIGABYTE -%token INODE SPACE PERMISSION SIZE MATCH NOT IGNORE -%token EXEC UNMONITOR ICMP ICMPECHO NONEXIST INVALID DATA RECOVERED PASSED -%token URL CONTENT PID PPID +%token INODE SPACE PERMISSION SIZE MATCH NOT IGNORE ACTION +%token EXEC UNMONITOR ICMP ICMPECHO NONEXIST INVALID DATA RECOVERED PASSED SUCCEEDED +%token URL CONTENT PID PPID FSFLAG %token URLOBJECT +%token TARGET +%token MAXFORWARD %left GREATER LESS EQUAL NOTEQUAL @@ -290,20 +317,23 @@ | setdaemon | setlog | seteventqueue - | setcollectors + | setmmonits | setmailservers | setmailformat | sethttpd | setpid - | setstate + | setidfile + | setstatefile + | setexpectbuffer | setinit | checkproc optproclist | checkfile optfilelist - | checkdev optdevlist + | checkfilesys optfilesyslist | checkdir optdirlist | checkhost opthostlist | checksystem optsystemlist | checkfifo optfifolist + | checkstatus optstatuslist ; optproclist : /* EMPTY */ @@ -346,11 +376,11 @@ | depend ; -optdevlist : /* EMPTY */ - | optdevlist optdev +optfilesyslist : /* EMPTY */ + | optfilesyslist optfilesys ; -optdev : start +optfilesys : start | stop | timeout | every @@ -363,6 +393,7 @@ | depend | inode | space + | fsflag ; optdirlist : /* EMPTY */ @@ -429,34 +460,58 @@ | depend ; +optstatuslist : /* EMPTY */ + | optstatuslist optstatus + ; + +optstatus : timeout + | alert + | every + | group + | depend + ; + setalert : SET alertmail '{' eventoptionlist '}' formatlist reminder { addmail($2, &mailset, &Run.maillist, eventset, $7); } | SET alertmail formatlist reminder { - addmail($2, &mailset, &Run.maillist, eventset, $4); + addmail($2, &mailset, &Run.maillist, EVENT_ALL, $4); + } + | SET alertmail NOT '{' eventoptionlist '}' formatlist reminder { + addmail($2, &mailset, &Run.maillist, ~eventset, $8); } ; -setdaemon : SET DAEMON NUMBER { - if(!Run.isdaemon || ihp.daemon) { - ihp.daemon= TRUE; - Run.isdaemon= TRUE; - Run.polltime= $3; +setdaemon : SET DAEMON NUMBER startdelay { + if (!Run.isdaemon || ihp.daemon) { + ihp.daemon = TRUE; + Run.isdaemon = TRUE; + Run.polltime = $3; + Run.startdelay = $4; } } ; +startdelay : /* EMPTY */ { $$ = START_DELAY; } + | START DELAY NUMBER { $$ = $3; } + ; + +setexpectbuffer : SET EXPECTBUFFER NUMBER unit { + Run.expectbuffer = $3 * $4; + } + ; + setinit : SET INIT { - Run.init= TRUE; + Run.init = TRUE; } ; setlog : SET LOGFILE PATH { - if(!Run.logfile || ihp.logfile) { - ihp.logfile= TRUE; + if (!Run.logfile || ihp.logfile) { + ihp.logfile = TRUE; setlogfile($3); - Run.use_syslog= FALSE; - Run.dolog=TRUE; + Run.use_syslog = FALSE; + Run.dolog =TRUE; } } | SET LOGFILE SYSLOG { @@ -468,69 +523,66 @@ ; seteventqueue : SET EVENTQUEUE BASEDIR PATH { - Run.eventlist_dir= $4; + Run.eventlist_dir = $4; } | SET EVENTQUEUE BASEDIR PATH SLOT NUMBER { - Run.eventlist_dir= $4; - Run.eventlist_slots= $6; + Run.eventlist_dir = $4; + Run.eventlist_slots = $6; } | SET EVENTQUEUE SLOT NUMBER { - Run.eventlist_dir= xstrdup(MYEVENTLISTBASE); - Run.eventlist_slots= $4; + Run.eventlist_dir = xstrdup(MYEVENTLISTBASE); + Run.eventlist_slots = $4; } ; -setstate : SET STATEFILE PATH { - Run.statefile= $3; +setidfile : SET IDFILE PATH { + Run.idfile = $3; + } + ; + +setstatefile : SET STATEFILE PATH { + Run.statefile = $3; } ; setpid : SET PIDFILE PATH { - if(!Run.pidfile || ihp.pidfile) { - ihp.pidfile= TRUE; + if (!Run.pidfile || ihp.pidfile) { + ihp.pidfile = TRUE; setpidfile($3); } } ; -setcollectors : SET COLLECTOR collectorlist +setmmonits : SET MMONIT mmonitlist ; -collectorlist : collector - | collectorlist collector +mmonitlist : mmonit + | mmonitlist mmonit ; -collector : URLOBJECT nettimeout sslversion certmd5 { +mmonit : URLOBJECT nettimeout sslversion certmd5 { check_hostname(($1)->hostname); - addcollector($1, $2, $3, $4); + addmmonit($1, $2, $3, $4); } ; -setmailservers : SET MAILSERVER mailserverlist nettimeout { - Run.mailserver_timeout= $4; +setmailservers : SET MAILSERVER mailserverlist nettimeout hostname { + Run.mailserver_timeout = $4; + Run.mail_hostname = $5; } ; setmailformat : SET MAILFORMAT '{' formatoptionlist '}' { - Run.MailFormat.from= - mailset.from? - mailset.from: - xstrdup(ALERT_FROM); - Run.MailFormat.subject= - mailset.subject? - mailset.subject: - xstrdup(ALERT_SUBJECT); - Run.MailFormat.message= - mailset.message? - mailset.message: - xstrdup(ALERT_MESSAGE); + Run.MailFormat.from = mailset.from ? mailset.from : xstrdup(ALERT_FROM); + Run.MailFormat.subject = mailset.subject ? mailset.subject : xstrdup(ALERT_SUBJECT); + Run.MailFormat.message = mailset.message ? mailset.message : xstrdup(ALERT_MESSAGE); reset_mailset(); } ; sethttpd : SET HTTPD PORT NUMBER httpdlist { - Run.dohttpd= TRUE; - Run.httpdport= $4; + Run.dohttpd = TRUE; + Run.httpdport = $4; } ; @@ -538,21 +590,41 @@ | mailserverlist mailserver ; -mailserver : STRING { +mailserver : STRING username password sslversion certmd5 { /* Restore the current text overriden by lookahead */ FREE(argyytext); - argyytext= xstrdup($1); + argyytext = xstrdup($1); check_hostname($1); - addmailserver($1, PORT_SMTP); + mailserverset.host = $1; + mailserverset.username = $2; + mailserverset.password = $3; + mailserverset.ssl.version = $4; + if (mailserverset.ssl.version != SSL_VERSION_NONE) { + mailserverset.ssl.use_ssl = TRUE; + if (mailserverset.ssl.version == SSL_VERSION_SSLV2 || + mailserverset.ssl.version == SSL_VERSION_SSLV3) + mailserverset.port = PORT_SMTPS; + mailserverset.ssl.certmd5 = $5; + } + addmailserver(&mailserverset); } - | STRING PORT NUMBER { + | STRING PORT NUMBER username password sslversion certmd5 { /* Restore the current text overriden by lookahead */ FREE(argyytext); - argyytext= xstrdup($1); + argyytext = xstrdup($1); check_hostname($1); - addmailserver($1, $3); + mailserverset.host = $1; + mailserverset.port = $3; + mailserverset.username = $4; + mailserverset.password = $5; + mailserverset.ssl.version = $6; + if (mailserverset.ssl.version != SSL_VERSION_NONE) { + mailserverset.ssl.use_ssl = TRUE; + mailserverset.ssl.certmd5 = $7; + } + addmailserver(&mailserverset); } ; @@ -566,12 +638,11 @@ | allow ; -ssl : ssldisable { Run.httpdssl= FALSE; } +ssl : ssldisable { Run.httpdssl = FALSE; } | sslenable pemfile clientpemfile allowselfcert { - Run.httpdssl= TRUE; - if(!have_ssl()) { + Run.httpdssl = TRUE; + if (!have_ssl()) yyerror("SSL is not supported"); - } } ; @@ -587,8 +658,8 @@ | ssldisable ALLOWSELFCERTIFICATION ; -signature : sigenable { Run.httpdsig= TRUE; } - | sigdisable { Run.httpdsig= FALSE; } +signature : sigenable { Run.httpdsig = TRUE; } + | sigdisable { Run.httpdsig = FALSE; } ; sigenable : SIGNATURE ENABLE @@ -599,42 +670,46 @@ | DISABLE SIGNATURE ; -bindaddress : ADDRESS STRING { Run.bind_addr= $2; } +bindaddress : ADDRESS STRING { Run.bind_addr = $2; } ; pemfile : PEMFILE PATH { - Run.httpsslpem= $2; - if(!File_checkStat(Run.httpsslpem, - "SSL server PEM file", S_IRWXU)) { + Run.httpsslpem = $2; + if (!File_checkStat(Run.httpsslpem, "SSL server PEM file", S_IRWXU)) yyerror2("SSL server PEM file has too loose permissions"); - } } ; clientpemfile : /* EMPTY */ | CLIENTPEMFILE PATH { - Run.httpsslclientpem= $2; - Run.clientssl= TRUE; - if(!File_checkStat(Run.httpsslclientpem, - "SSL client PEM file", S_IRWXU | S_IRGRP | S_IROTH)) { + Run.httpsslclientpem = $2; + Run.clientssl = TRUE; + if (!File_checkStat(Run.httpsslclientpem, "SSL client PEM file", S_IRWXU | S_IRGRP | S_IROTH)) yyerror2("SSL client PEM file has too loose permissions"); - } } ; allowselfcert : /* EMPTY */ { - Run.allowselfcert= FALSE; + Run.allowselfcert = FALSE; config_ssl(Run.allowselfcert); } | ALLOWSELFCERTIFICATION { - Run.allowselfcert= TRUE; - config_ssl(Run.allowselfcert); + Run.allowselfcert = TRUE; + config_ssl(Run.allowselfcert); } ; allow : ALLOW STRING':'STRING readonly { addcredentials($2,$4, DIGEST_CLEARTEXT, $5); } + | ALLOW '@'STRING readonly { +#ifdef HAVE_LIBPAM + addpamauth($3, $4); +#else + yyerror("PAM is not supported"); + FREE($3); +#endif + } | ALLOW PATH { addhtpasswdentry($2, NULL, DIGEST_CLEARTEXT); FREE($2); @@ -652,35 +727,35 @@ FREE($3); } | ALLOW PATH { - htpasswd_file= $2; - digesttype= CLEARTEXT; + htpasswd_file = $2; + digesttype = CLEARTEXT; } allowuserlist { FREE(htpasswd_file); } | ALLOW CLEARTEXT PATH { - htpasswd_file= $3; - digesttype= DIGEST_CLEARTEXT; + htpasswd_file = $3; + digesttype = DIGEST_CLEARTEXT; } allowuserlist { FREE(htpasswd_file); } | ALLOW MD5HASH PATH { - htpasswd_file= $3; - digesttype= DIGEST_MD5; + htpasswd_file = $3; + digesttype = DIGEST_MD5; } allowuserlist { FREE(htpasswd_file); } | ALLOW CRYPT PATH { - htpasswd_file= $3; - digesttype= DIGEST_CRYPT; + htpasswd_file = $3; + digesttype = DIGEST_CRYPT; } allowuserlist { FREE(htpasswd_file); } | ALLOW STRING { - if(! (add_net_allow($2) || add_host_allow($2))) { + if (! (add_net_allow($2) || add_host_allow($2))) { yyerror2("erroneous network or host identifier %s", $2); } FREE($2); @@ -695,66 +770,78 @@ FREE($1); } ; -readonly : /* EMPTY */ { $$= FALSE; } - | READONLY { $$= TRUE; } +readonly : /* EMPTY */ { $$ = FALSE; } + | READONLY { $$ = TRUE; } ; checkproc : CHECKPROC SERVICENAME PIDFILE PATH { - check_name($2); - createservice(TYPE_PROCESS, $2, $4, check_process); + check_name($2); + createservice(TYPE_PROCESS, $2, $4, check_process); } | CHECKPROC SERVICENAME PATHTOK PATH { - check_name($2); - createservice(TYPE_PROCESS, $2, $4, check_process); + check_name($2); + createservice(TYPE_PROCESS, $2, $4, check_process); } ; checkfile : CHECKFILE SERVICENAME PATHTOK PATH { - check_name($2); - createservice(TYPE_FILE, $2, $4, check_file); + check_name($2); + createservice(TYPE_FILE, $2, $4, check_file); } ; -checkdev : CHECKDEV SERVICENAME PATHTOK PATH { - check_name($2); - createservice(TYPE_DEVICE, $2, $4, check_device); +checkfilesys : CHECKFILESYS SERVICENAME PATHTOK PATH { + check_name($2); + createservice(TYPE_FILESYSTEM, $2, $4, check_filesystem); } ; checkdir : CHECKDIR SERVICENAME PATHTOK PATH { - check_name($2); - createservice(TYPE_DIRECTORY, $2, $4, - check_directory); + check_name($2); + createservice(TYPE_DIRECTORY, $2, $4, check_directory); } ; checkhost : CHECKHOST SERVICENAME ADDRESS STRING { - check_hostname($4); - check_name($2); - createservice(TYPE_HOST, $2, $4, check_remote_host); + check_hostname($4); + check_name($2); + createservice(TYPE_HOST, $2, $4, check_remote_host); } ; checksystem : CHECKSYSTEM SERVICENAME { - check_name($2); - createservice(TYPE_SYSTEM, $2, xstrdup(""), - check_system); - hassystem = TRUE; + check_name($2); + createservice(TYPE_SYSTEM, $2, xstrdup(""), check_system); + hassystem = TRUE; } ; checkfifo : CHECKFIFO SERVICENAME PATHTOK PATH { - check_name($2); - createservice(TYPE_FIFO, $2, $4, check_fifo); + check_name($2); + createservice(TYPE_FIFO, $2, $4, check_fifo); + } + ; + +checkstatus : CHECKSTATUS SERVICENAME PATHTOK PATH { + check_name($2); + createservice(TYPE_STATUS, $2, $4, check_status); } ; -start : START argumentlist { addcommand(START); } - | START argumentlist useroptionlist { addcommand(START); } +start : START argumentlist exectimeout { + addcommand(START, $3); + } + | START argumentlist useroptionlist exectimeout { + addcommand(START, $4); + } ; -stop : STOP argumentlist { addcommand(STOP); } - | STOP argumentlist useroptionlist { addcommand(STOP); } +stop : STOP argumentlist exectimeout { + addcommand(STOP, $3); + } + | STOP argumentlist useroptionlist exectimeout { + addcommand(STOP, $4); + } ; argumentlist : argument @@ -775,16 +862,29 @@ | GID NUMBER { addegid( get_gid(NULL, $2) ); } ; +username : /* EMPTY */ { $$ = NULL; } + | USERNAME MAILADDR { $$ = $2; } + | USERNAME STRING { $$ = $2; } + ; + +password : /* EMPTY */ { $$ = NULL; } + | PASSWORD STRING { $$ = $2; } + ; + +hostname : /* EMPTY */ { $$ = NULL; } + | HOSTNAME STRING { $$ = $2; } + ; + connection : IF FAILED host port type protocol nettimeout rate1 THEN action1 recovery { - portset.timeout= $7; + portset.timeout = $7; addeventaction(&(portset).action, $10, $11); addport(&portset); } | IF FAILED URL URLOBJECT urloption nettimeout rate1 THEN action1 recovery { prepare_urlrequest($4); - portset.timeout= $6; + portset.timeout = $6; addeventaction(&(portset).action, $9, $10); addport(&portset); } @@ -792,133 +892,144 @@ connectionunix : IF FAILED unixsocket type protocol nettimeout rate1 THEN action1 recovery { - portset.timeout= $6; + portset.timeout = $6; addeventaction(&(portset).action, $9, $10); addport(&portset); } ; -icmp : IF FAILED ICMP icmptype count nettimeout rate1 +icmp : IF FAILED ICMP icmptype icmpcount nettimeout rate1 THEN action1 recovery { - icmpset.type= $4; - icmpset.count= $5; - icmpset.timeout= $6; + icmpset.type = $4; + icmpset.count = $5; + icmpset.timeout = $6; addeventaction(&(icmpset).action, $9, $10); addicmp(&icmpset); } ; host : /* EMPTY */ { - if(current->type == TYPE_HOST) - portset.hostname= xstrdup(current->path); + if (current->type == TYPE_HOST) + portset.hostname = xstrdup(current->path); else - portset.hostname= xstrdup(LOCALHOST); + portset.hostname = xstrdup(LOCALHOST); } - | HOST STRING { check_hostname($2); portset.hostname= $2; } + | HOST STRING { check_hostname($2); portset.hostname = $2; } ; -port : PORT NUMBER { portset.port= $2; portset.family= AF_INET; } +port : PORT NUMBER { portset.port = $2; portset.family = AF_INET; } ; unixsocket : UNIXSOCKET PATH { - portset.pathname= $2; portset.family= AF_UNIX; + portset.pathname = $2; portset.family = AF_UNIX; } ; type : /* EMPTY */ { - portset.type= SOCK_STREAM; + portset.type = SOCK_STREAM; } | TYPE TCP { - portset.type= SOCK_STREAM; + portset.type = SOCK_STREAM; } | TYPE TCPSSL sslversion certmd5 { - portset.type= SOCK_STREAM; - portset.SSL.use_ssl= TRUE; - portset.SSL.version= $3; - portset.SSL.certmd5= $4; + portset.type = SOCK_STREAM; + portset.SSL.use_ssl = TRUE; + portset.SSL.version = $3; + if (portset.SSL.version == SSL_VERSION_NONE) + portset.SSL.version = SSL_VERSION_AUTO; + portset.SSL.certmd5 = $4; } | TYPE UDP { - portset.type= SOCK_DGRAM; + portset.type = SOCK_DGRAM; } ; -certmd5 : /* EMPTY */ { $$= NULL; } - | CERTMD5 STRING { $$= $2; } +certmd5 : /* EMPTY */ { $$ = NULL; } + | CERTMD5 STRING { $$ = $2; } ; -sslversion : /* EMPTY */ { $$= SSL_VERSION_AUTO; } - | SSLV2 { $$= SSL_VERSION_SSLV2; } - | SSLV3 { $$= SSL_VERSION_SSLV3; } - | TLSV1 { $$= SSL_VERSION_TLS; } - | SSLAUTO { $$= SSL_VERSION_AUTO; } +sslversion : /* EMPTY */ { $$ = SSL_VERSION_NONE; } + | SSLV2 { $$ = SSL_VERSION_SSLV2; } + | SSLV3 { $$ = SSL_VERSION_SSLV3; } + | TLSV1 { $$ = SSL_VERSION_TLS; } + | SSLAUTO { $$ = SSL_VERSION_AUTO; } ; protocol : /* EMPTY */ { - portset.protocol= addprotocol(P_DEFAULT); + portset.protocol = addprotocol(P_DEFAULT); } | PROTOCOL APACHESTATUS apache_stat_list { - portset.protocol= addprotocol(P_APACHESTATUS); + portset.protocol = addprotocol(P_APACHESTATUS); } | PROTOCOL DEFAULT { - portset.protocol= addprotocol(P_DEFAULT); + portset.protocol = addprotocol(P_DEFAULT); } | PROTOCOL DNS { - portset.protocol= addprotocol(P_DNS); + portset.protocol = addprotocol(P_DNS); } | PROTOCOL DWP { - portset.protocol= addprotocol(P_DWP); + portset.protocol = addprotocol(P_DWP); } | PROTOCOL FTP { - portset.protocol= addprotocol(P_FTP); + portset.protocol = addprotocol(P_FTP); } | PROTOCOL HTTP request { - portset.protocol= addprotocol(P_HTTP); + portset.protocol = addprotocol(P_HTTP); } | PROTOCOL IMAP { - portset.protocol= addprotocol(P_IMAP); + portset.protocol = addprotocol(P_IMAP); + } + | PROTOCOL CLAMAV { + portset.protocol = addprotocol(P_CLAMAV); } | PROTOCOL LDAP2 { - portset.protocol= addprotocol(P_LDAP2); + portset.protocol = addprotocol(P_LDAP2); } | PROTOCOL LDAP3 { - portset.protocol= addprotocol(P_LDAP3); + portset.protocol = addprotocol(P_LDAP3); } | PROTOCOL MYSQL { - portset.protocol= addprotocol(P_MYSQL); + portset.protocol = addprotocol(P_MYSQL); + } + | PROTOCOL SIP target maxforward { + portset.protocol = addprotocol(P_SIP); } | PROTOCOL NNTP { - portset.protocol= addprotocol(P_NNTP); + portset.protocol = addprotocol(P_NNTP); } | PROTOCOL NTP3 { - portset.protocol= addprotocol(P_NTP3); - portset.type= SOCK_DGRAM; + portset.protocol = addprotocol(P_NTP3); + portset.type = SOCK_DGRAM; } | PROTOCOL POSTFIXPOLICY { - portset.protocol= addprotocol(P_POSTFIXPOLICY); + portset.protocol = addprotocol(P_POSTFIXPOLICY); } | PROTOCOL POP { - portset.protocol= addprotocol(P_POP); + portset.protocol = addprotocol(P_POP); } | PROTOCOL SMTP { - portset.protocol= addprotocol(P_SMTP); + portset.protocol = addprotocol(P_SMTP); } | PROTOCOL SSH { - portset.protocol= addprotocol(P_SSH); + portset.protocol = addprotocol(P_SSH); } | PROTOCOL RDATE { - portset.protocol= addprotocol(P_RDATE); + portset.protocol = addprotocol(P_RDATE); } | PROTOCOL RSYNC { - portset.protocol= addprotocol(P_RSYNC); + portset.protocol = addprotocol(P_RSYNC); } | PROTOCOL TNS { - portset.protocol= addprotocol(P_TNS); + portset.protocol = addprotocol(P_TNS); } | PROTOCOL PGSQL { - portset.protocol= addprotocol(P_PGSQL); + portset.protocol = addprotocol(P_PGSQL); + } + | PROTOCOL LMTP { + portset.protocol = addprotocol(P_LMTP); } | sendexpectlist { - portset.protocol= addprotocol(P_GENERIC); + portset.protocol = addprotocol(P_GENERIC); } ; @@ -930,14 +1041,30 @@ | EXPECT STRING { addgeneric(&portset, NULL, $2); FREE($2);} ; +target : /* EMPTY */ + | TARGET MAILADDR { + portset.request = $2; + } + | TARGET STRING { + portset.request = $2; + } + ; + +maxforward : /* EMPTY */ + | MAXFORWARD NUMBER { + portset.maxforward = verifyMaxForward($2); + } + ; + request : /* EMPTY */ | REQUEST PATH { - portset.request= Util_urlEncode($2); + portset.request = Util_urlEncode($2); FREE($2); } | REQUEST PATH CHECKSUM STRING { - portset.request= Util_urlEncode($2); FREE($2); - portset.request_checksum= $4; + portset.request = Util_urlEncode($2); + FREE($2); + portset.request_checksum = $4; } ; @@ -946,80 +1073,86 @@ ; apache_stat : LOGLIMIT operator NUMBER PERCENT { - portset.ApacheStatus.loglimitOP= $2; - portset.ApacheStatus.loglimit= (int)$3; + portset.ApacheStatus.loglimitOP = $2; + portset.ApacheStatus.loglimit = (int)$3; } | CLOSELIMIT operator NUMBER PERCENT { - portset.ApacheStatus.closelimitOP= $2; - portset.ApacheStatus.closelimit= (int)($3); + portset.ApacheStatus.closelimitOP = $2; + portset.ApacheStatus.closelimit = (int)($3); } | DNSLIMIT operator NUMBER PERCENT { - portset.ApacheStatus.dnslimitOP= $2; - portset.ApacheStatus.dnslimit= (int)($3); + portset.ApacheStatus.dnslimitOP = $2; + portset.ApacheStatus.dnslimit = (int)($3); } | KEEPALIVELIMIT operator NUMBER PERCENT { - portset.ApacheStatus.keepalivelimitOP= $2; - portset.ApacheStatus.keepalivelimit= (int)($3); + portset.ApacheStatus.keepalivelimitOP = $2; + portset.ApacheStatus.keepalivelimit = (int)($3); } | REPLYLIMIT operator NUMBER PERCENT { - portset.ApacheStatus.replylimitOP= $2; - portset.ApacheStatus.replylimit= (int)($3); + portset.ApacheStatus.replylimitOP = $2; + portset.ApacheStatus.replylimit = (int)($3); } | REQUESTLIMIT operator NUMBER PERCENT { - portset.ApacheStatus.requestlimitOP= $2; - portset.ApacheStatus.requestlimit= (int)($3); + portset.ApacheStatus.requestlimitOP = $2; + portset.ApacheStatus.requestlimit = (int)($3); } | STARTLIMIT operator NUMBER PERCENT { - portset.ApacheStatus.startlimitOP= $2; - portset.ApacheStatus.startlimit= (int)($3); + portset.ApacheStatus.startlimitOP = $2; + portset.ApacheStatus.startlimit = (int)($3); } | WAITLIMIT operator NUMBER PERCENT { - portset.ApacheStatus.waitlimitOP= $2; - portset.ApacheStatus.waitlimit= (int)($3); + portset.ApacheStatus.waitlimitOP = $2; + portset.ApacheStatus.waitlimit = (int)($3); } | GRACEFULLIMIT operator NUMBER PERCENT { - portset.ApacheStatus.gracefullimitOP= $2; - portset.ApacheStatus.gracefullimit= (int)($3); + portset.ApacheStatus.gracefullimitOP = $2; + portset.ApacheStatus.gracefullimit = (int)($3); } | CLEANUPLIMIT operator NUMBER PERCENT { - portset.ApacheStatus.cleanuplimitOP= $2; - portset.ApacheStatus.cleanuplimit= (int)($3); + portset.ApacheStatus.cleanuplimitOP = $2; + portset.ApacheStatus.cleanuplimit = (int)($3); } ; pid : IF CHANGED PID rate1 THEN action1 { - seteventaction(&(current)->action_PID, $6, - ACTION_IGNORE); + seteventaction(&(current)->action_PID, $6, ACTION_IGNORE); } ; ppid : IF CHANGED PPID rate1 THEN action1 { - seteventaction(&(current)->action_PPID, $6, - ACTION_IGNORE); + seteventaction(&(current)->action_PPID, $6, ACTION_IGNORE); + } + ; + +icmpcount : /* EMPTY */ { + $$ = ICMP_ATTEMPT_COUNT; + } + | COUNT NUMBER { + $$ = $2; } ; -count : /* EMPTY */ { - $$= ATTEMPT_COUNT; +exectimeout : /* EMPTY */ { + $$ = EXEC_TIMEOUT; } - | COUNT NUMBER { - $$= $2; + | TIMEOUT NUMBER SECOND { + $$ = $2; } ; nettimeout : /* EMPTY */ { - $$= NET_TIMEOUT; + $$ = NET_TIMEOUT; } | TIMEOUT NUMBER SECOND { - $$= $2; + $$ = $2; } ; timeout : IF NUMBER RESTART NUMBER CYCLE THEN TIMEOUT { check_timeout($2, $4); - current->def_timeout= TRUE; - current->to_start= $2; - current->to_cycle= $4; + current->def_timeout = TRUE; + current->to_start = $2; + current->to_cycle = $4; } ; @@ -1030,48 +1163,54 @@ } ; -urloperator : EQUAL { $$= OPERATOR_EQUAL; } - | NOTEQUAL { $$= OPERATOR_NOTEQUAL; } +urloperator : EQUAL { $$ = OPERATOR_EQUAL; } + | NOTEQUAL { $$ = OPERATOR_NOTEQUAL; } ; alert : alertmail '{' eventoptionlist '}' formatlist reminder { addmail($1, &mailset, ¤t->maillist, eventset, $6); } | alertmail formatlist reminder { - addmail($1, &mailset, ¤t->maillist, eventset, $3); + addmail($1, &mailset, ¤t->maillist, EVENT_ALL, $3); + } + | alertmail NOT '{' eventoptionlist '}' formatlist reminder { + addmail($1, &mailset, ¤t->maillist, ~eventset, $7); + } + | noalertmail { + addmail($1, &mailset, ¤t->maillist, EVENT_NULL, 0); } ; -alertmail : ALERT MAILADDR { $$= $2; } +alertmail : ALERT MAILADDR { $$ = $2; } + ; + +noalertmail : NOALERT MAILADDR { $$ = $2; } ; eventoptionlist : eventoption | eventoptionlist eventoption ; -eventoption : CHANGED { eventset |= EVENT_CHANGED; } +eventoption : ACTION { eventset |= EVENT_ACTION; } | CHECKSUM { eventset |= EVENT_CHECKSUM; } | CONNECTION { eventset |= EVENT_CONNECTION; } + | CONTENT { eventset |= EVENT_CONTENT; } | DATA { eventset |= EVENT_DATA; } | EXEC { eventset |= EVENT_EXEC; } + | FSFLAG { eventset |= EVENT_FSFLAG; } | GID { eventset |= EVENT_GID; } | ICMP { eventset |= EVENT_ICMP; } | INSTANCE { eventset |= EVENT_INSTANCE; } | INVALID { eventset |= EVENT_INVALID; } - | MATCH { eventset |= EVENT_MATCH; } | NONEXIST { eventset |= EVENT_NONEXIST; } | PERMISSION { eventset |= EVENT_PERMISSION; } + | PID { eventset |= EVENT_PID; } + | PPID { eventset |= EVENT_PPID; } | RESOURCE { eventset |= EVENT_RESOURCE; } | SIZE { eventset |= EVENT_SIZE; } | TIMEOUT { eventset |= EVENT_TIMEOUT; } | TIMESTAMP { eventset |= EVENT_TIMESTAMP; } | UID { eventset |= EVENT_UID; } - /* deprecated values kept for backward compatibility - * as aliases to valid events */ - | START { eventset |= EVENT_NONEXIST|EVENT_INVALID; } - | STOP { eventset |= EVENT_NONEXIST|EVENT_INVALID; } - | RESTART { eventset |= EVENT_NONEXIST|EVENT_INVALID; } - | UNMONITOR { eventset |= EVENT_TIMEOUT; } ; formatlist : /* EMPTY */ @@ -1082,31 +1221,31 @@ | formatoptionlist formatoption ; -formatoption : MAILFROM { mailset.from= $1; } - | MAILSUBJECT { mailset.subject= $1; } - | MAILBODY { mailset.message= $1; } +formatoption : MAILFROM { mailset.from = $1; } + | MAILSUBJECT { mailset.subject = $1; } + | MAILBODY { mailset.message = $1; } ; every : EVERY NUMBER CYCLE { check_every($2); - current->def_every= TRUE; - current->every= $2; + current->def_every = TRUE; + current->every = $2; } ; mode : MODE ACTIVE { - current->mode= MODE_ACTIVE; + current->mode = MODE_ACTIVE; } | MODE PASSIVE { - current->mode= MODE_PASSIVE; + current->mode = MODE_PASSIVE; } | MODE MANUAL { - current->mode= MODE_MANUAL; - current->monitor= MONITOR_NOT; + current->mode = MODE_MANUAL; + current->monitor = MONITOR_NOT; } ; -group : GROUP STRINGNAME { current->group= $2; } +group : GROUP STRINGNAME { current->group = $2; } ; @@ -1121,8 +1260,7 @@ ; resourceprocess : IF resourceprocesslist rate1 THEN action1 recovery { - addeventaction(&(resourceset).action, - $5, $6); + addeventaction(&(resourceset).action, $5, $6); addresource(&resourceset); } ; @@ -1138,8 +1276,7 @@ ; resourcesystem : IF resourcesystemlist rate1 THEN action1 recovery { - addeventaction(&(resourceset).action, - $5, $6); + addeventaction(&(resourceset).action, $5, $6); addresource(&resourceset); } ; @@ -1154,65 +1291,68 @@ ; resourcecpuproc : CPU operator NUMBER PERCENT { - resourceset.resource_id= RESOURCE_ID_CPU_PERCENT; - resourceset.operator= $2; - resourceset.limit= ($3 * 10); + resourceset.resource_id = RESOURCE_ID_CPU_PERCENT; + resourceset.operator = $2; + resourceset.limit = ($3 * 10); + } + | TOTALCPU operator NUMBER PERCENT { + resourceset.resource_id = RESOURCE_ID_TOTAL_CPU_PERCENT; + resourceset.operator = $2; + resourceset.limit = ($3 * 10); } ; resourcecpu : resourcecpuid operator NUMBER PERCENT { - resourceset.resource_id= $1; - resourceset.operator= $2; - resourceset.limit= ($3 * 10); + resourceset.resource_id = $1; + resourceset.operator = $2; + resourceset.limit = ($3 * 10); } ; -resourcecpuid : CPUUSER { $$= RESOURCE_ID_CPUUSER; } - | CPUSYSTEM { $$= RESOURCE_ID_CPUSYSTEM; } - | CPUWAIT { $$= RESOURCE_ID_CPUWAIT; } +resourcecpuid : CPUUSER { $$ = RESOURCE_ID_CPUUSER; } + | CPUSYSTEM { $$ = RESOURCE_ID_CPUSYSTEM; } + | CPUWAIT { $$ = RESOURCE_ID_CPUWAIT; } ; resourcemem : MEMORY operator value unit { - resourceset.resource_id= RESOURCE_ID_MEM_KBYTE; - resourceset.operator= $2; - resourceset.limit= (int) ($3 * - ($4 / 1024.0)); + resourceset.resource_id = RESOURCE_ID_MEM_KBYTE; + resourceset.operator = $2; + resourceset.limit = (int) ($3 * ($4 / 1024.0)); } | MEMORY operator NUMBER PERCENT { - resourceset.resource_id= RESOURCE_ID_MEM_PERCENT; - resourceset.operator= $2; - resourceset.limit= ($3 * 10); + resourceset.resource_id = RESOURCE_ID_MEM_PERCENT; + resourceset.operator = $2; + resourceset.limit = ($3 * 10); } | TOTALMEMORY operator value unit { - resourceset.resource_id= RESOURCE_ID_TOTAL_MEM_KBYTE; - resourceset.operator= $2; - resourceset.limit= (int) ($3 * - ($4 / 1024.0)); + resourceset.resource_id = RESOURCE_ID_TOTAL_MEM_KBYTE; + resourceset.operator = $2; + resourceset.limit = (int) ($3 * ($4 / 1024.0)); } | TOTALMEMORY operator NUMBER PERCENT { - resourceset.resource_id= RESOURCE_ID_TOTAL_MEM_PERCENT; - resourceset.operator= $2; - resourceset.limit= ($3 * 10); + resourceset.resource_id = RESOURCE_ID_TOTAL_MEM_PERCENT; + resourceset.operator = $2; + resourceset.limit = ($3 * 10); } ; resourcechild : CHILDREN operator NUMBER { - resourceset.resource_id= RESOURCE_ID_CHILDREN; - resourceset.operator= $2; - resourceset.limit= (int) $3; + resourceset.resource_id = RESOURCE_ID_CHILDREN; + resourceset.operator = $2; + resourceset.limit = (int) $3; } ; resourceload : resourceloadavg operator value { - resourceset.resource_id= $1; - resourceset.operator= $2; - resourceset.limit= (int) ($3 * 10.0); + resourceset.resource_id = $1; + resourceset.operator = $2; + resourceset.limit = (int) ($3 * 10.0); } ; -resourceloadavg : LOADAVG1 { $$= RESOURCE_ID_LOAD1; } - | LOADAVG5 { $$= RESOURCE_ID_LOAD5; } - | LOADAVG15 { $$= RESOURCE_ID_LOAD15; } +resourceloadavg : LOADAVG1 { $$ = RESOURCE_ID_LOAD1; } + | LOADAVG5 { $$ = RESOURCE_ID_LOAD5; } + | LOADAVG15 { $$ = RESOURCE_ID_LOAD15; } ; value : REAL { $$ = $1; } @@ -1221,58 +1361,56 @@ timestamp : IF TIMESTAMP operator NUMBER time rate1 THEN action1 recovery { - timestampset.operator= $3; - timestampset.time= ($4 * $5); - addeventaction(&(timestampset).action, $8, - $9); + timestampset.operator = $3; + timestampset.time = ($4 * $5); + addeventaction(&(timestampset).action, $8, $9); addtimestamp(×tampset, FALSE); } | IF CHANGED TIMESTAMP rate1 THEN action1 { - timestampset.test_changes= TRUE; - addeventaction(&(timestampset).action, $6, - ACTION_IGNORE); + timestampset.test_changes = TRUE; + addeventaction(&(timestampset).action, $6, ACTION_IGNORE); addtimestamp(×tampset, TRUE); } ; -operator : /* EMPTY */ { $$= OPERATOR_EQUAL; } - | GREATER { $$= OPERATOR_GREATER; } - | LESS { $$= OPERATOR_LESS; } - | EQUAL { $$= OPERATOR_EQUAL; } - | NOTEQUAL { $$= OPERATOR_NOTEQUAL; } - | CHANGED { $$= OPERATOR_NOTEQUAL; } - ; - -time : /* EMPTY */ { $$= TIME_SECOND; } - | SECOND { $$= TIME_SECOND; } - | MINUTE { $$= TIME_MINUTE; } - | HOUR { $$= TIME_HOUR; } - | DAY { $$= TIME_DAY; } - ; - -action : ALERT { $$= ACTION_ALERT; } - | EXEC argumentlist { $$= ACTION_EXEC; } - | EXEC argumentlist useroptionlist { $$= ACTION_EXEC; } - | RESTART { $$= ACTION_RESTART; } - | START { $$= ACTION_START; } - | STOP { $$= ACTION_STOP; } - | UNMONITOR { $$= ACTION_UNMONITOR; } +operator : /* EMPTY */ { $$ = OPERATOR_EQUAL; } + | GREATER { $$ = OPERATOR_GREATER; } + | LESS { $$ = OPERATOR_LESS; } + | EQUAL { $$ = OPERATOR_EQUAL; } + | NOTEQUAL { $$ = OPERATOR_NOTEQUAL; } + | CHANGED { $$ = OPERATOR_NOTEQUAL; } + ; + +time : /* EMPTY */ { $$ = TIME_SECOND; } + | SECOND { $$ = TIME_SECOND; } + | MINUTE { $$ = TIME_MINUTE; } + | HOUR { $$ = TIME_HOUR; } + | DAY { $$ = TIME_DAY; } + ; + +action : ALERT { $$ = ACTION_ALERT; } + | EXEC argumentlist { $$ = ACTION_EXEC; } + | EXEC argumentlist useroptionlist { $$ = ACTION_EXEC; } + | RESTART { $$ = ACTION_RESTART; } + | START { $$ = ACTION_START; } + | STOP { $$ = ACTION_STOP; } + | UNMONITOR { $$ = ACTION_UNMONITOR; } ; action1 : action { - $$= $1; - if($1 == ACTION_EXEC && command) { - command1= command; - command= NULL; + $$ = $1; + if ($1 == ACTION_EXEC && command) { + command1 = command; + command = NULL; } } ; action2 : action { - $$= $1; - if($1 == ACTION_EXEC && command) { - command2= command; - command= NULL; + $$ = $1; + if ($1 == ACTION_EXEC && command) { + command2 = command; + command = NULL; } } ; @@ -1281,22 +1419,16 @@ | NUMBER CYCLE { rate1.count = $1; rate1.cycles = $1; - if(rate1.cycles < 1 || rate1.cycles > BITMAP_MAX) { - yyerror2("the number of cycles must be between 1 and %d", - BITMAP_MAX); - } + if (rate1.cycles < 1 || rate1.cycles > BITMAP_MAX) + yyerror2("the number of cycles must be between 1 and %d", BITMAP_MAX); } | NUMBER NUMBER CYCLE { rate1.count = $1; rate1.cycles = $2; - if(rate1.cycles < 1 || rate1.cycles > BITMAP_MAX) { - yyerror2("the number of cycles must be between 1 and %d", - BITMAP_MAX); - } - if(rate1.count < 1 || rate1.count > rate1.cycles) { - yyerror2("the number of events must be bigger then 0 and " - "less than poll cycles"); - } + if (rate1.cycles < 1 || rate1.cycles > BITMAP_MAX) + yyerror2("the number of cycles must be between 1 and %d", BITMAP_MAX); + if (rate1.count < 1 || rate1.count > rate1.cycles) + yyerror2("the number of events must be bigger then 0 and less than poll cycles"); } ; @@ -1304,189 +1436,184 @@ | NUMBER CYCLE { rate2.count = $1; rate2.cycles = $1; - if(rate2.cycles < 1 || rate2.cycles > BITMAP_MAX) { - yyerror2("the number of cycles must be between 1 and %d", - BITMAP_MAX); - } + if (rate2.cycles < 1 || rate2.cycles > BITMAP_MAX) + yyerror2("the number of cycles must be between 1 and %d", BITMAP_MAX); } | NUMBER NUMBER CYCLE { rate2.count = $1; rate2.cycles = $2; - if(rate2.cycles < 1 || rate2.cycles > BITMAP_MAX) { - yyerror2("the number of cycles must be between 1 and %d", - BITMAP_MAX); - } - if(rate2.count < 1 || rate2.count > rate2.cycles) { - yyerror2("the number of events must be bigger then 0 and " - "less than poll cycles"); - } + if (rate2.cycles < 1 || rate2.cycles > BITMAP_MAX) + yyerror2("the number of cycles must be between 1 and %d", BITMAP_MAX); + if (rate2.count < 1 || rate2.count > rate2.cycles) + yyerror2("the number of events must be bigger then 0 and less than poll cycles"); } ; recovery : /* EMPTY */ { - $$= ACTION_ALERT; + $$ = ACTION_ALERT; } | ELSE IF RECOVERED rate2 THEN action2 { - $$= $6; + $$ = $6; } | ELSE IF PASSED rate2 THEN action2 { - $$= $6; + $$ = $6; + } + | ELSE IF SUCCEEDED rate2 THEN action2 { + $$ = $6; } ; checksum : IF FAILED hashtype CHECKSUM rate1 THEN action1 recovery { - addeventaction(&(checksumset).action, $7, - $8); + addeventaction(&(checksumset).action, $7, $8); addchecksum(&checksumset); } | IF FAILED hashtype CHECKSUM EXPECT STRING rate1 THEN action1 recovery { - checksumset.hash= $6; - addeventaction(&(checksumset).action, $9, - $10); + checksumset.hash = $6; + addeventaction(&(checksumset).action, $9, $10); addchecksum(&checksumset); } | IF CHANGED hashtype CHECKSUM rate1 THEN action1 { - checksumset.test_changes= TRUE; - addeventaction(&(checksumset).action, $7, - ACTION_IGNORE); + checksumset.test_changes = TRUE; + addeventaction(&(checksumset).action, $7, ACTION_IGNORE); addchecksum(&checksumset); } ; -hashtype : /* EMPTY */ { checksumset.type= HASH_UNKNOWN; } - | MD5HASH { checksumset.type= HASH_MD5; } - | SHA1HASH { checksumset.type= HASH_SHA1; } +hashtype : /* EMPTY */ { checksumset.type = HASH_UNKNOWN; } + | MD5HASH { checksumset.type = HASH_MD5; } + | SHA1HASH { checksumset.type = HASH_SHA1; } ; inode : IF INODE operator NUMBER rate1 THEN action1 recovery { - deviceset.resource= RESOURCE_ID_INODE; - deviceset.operator= $3; - deviceset.limit_absolute= $4; - addeventaction(&(deviceset).action, $7, $8); - adddevice(&deviceset); + filesystemset.resource = RESOURCE_ID_INODE; + filesystemset.operator = $3; + filesystemset.limit_absolute = $4; + addeventaction(&(filesystemset).action, $7, $8); + addfilesystem(&filesystemset); } | IF INODE operator NUMBER PERCENT rate1 THEN action1 recovery { - deviceset.resource= RESOURCE_ID_INODE; - deviceset.operator= $3; - deviceset.limit_percent= (int)($4 * 10); - addeventaction(&(deviceset).action, $8, $9); - adddevice(&deviceset); + filesystemset.resource = RESOURCE_ID_INODE; + filesystemset.operator = $3; + filesystemset.limit_percent = (int)($4 * 10); + addeventaction(&(filesystemset).action, $8, $9); + addfilesystem(&filesystemset); } ; space : IF SPACE operator value unit rate1 THEN action1 recovery { - if(!device_usage(current->inf, current->path)) { - yyerror2("cannot read usage of device %s", - current->path); - } - deviceset.resource= RESOURCE_ID_SPACE; - deviceset.operator= $3; - deviceset.limit_absolute= - (int)( - (float)$4 / - (float)current->inf->f_bsize * (float)$5 - ); - addeventaction(&(deviceset).action, $8, $9); - adddevice(&deviceset); + if (!filesystem_usage(current->inf, current->path)) + yyerror2("cannot read usage of filesystem %s", current->path); + filesystemset.resource = RESOURCE_ID_SPACE; + filesystemset.operator = $3; + filesystemset.limit_absolute = (int)((float)$4 / (float)current->inf->f_bsize * (float)$5); + addeventaction(&(filesystemset).action, $8, $9); + addfilesystem(&filesystemset); } | IF SPACE operator NUMBER PERCENT rate1 THEN action1 recovery { - deviceset.resource= RESOURCE_ID_SPACE; - deviceset.operator= $3; - deviceset.limit_percent= (int)($4 * 10); - addeventaction(&(deviceset).action, $8, $9); - adddevice(&deviceset); + filesystemset.resource = RESOURCE_ID_SPACE; + filesystemset.operator = $3; + filesystemset.limit_percent = (int)($4 * 10); + addeventaction(&(filesystemset).action, $8, $9); + addfilesystem(&filesystemset); + } + ; + +fsflag : IF CHANGED FSFLAG rate1 THEN action1 { + seteventaction(&(current)->action_FSFLAG, $6, ACTION_IGNORE); } ; -unit : BYTE { $$= UNIT_BYTE; } - | KILOBYTE { $$= UNIT_KILOBYTE; } - | MEGABYTE { $$= UNIT_MEGABYTE; } - | GIGABYTE { $$= UNIT_GIGABYTE; } +unit : /* empty */ { $$ = UNIT_BYTE; } + | BYTE { $$ = UNIT_BYTE; } + | KILOBYTE { $$ = UNIT_KILOBYTE; } + | MEGABYTE { $$ = UNIT_MEGABYTE; } + | GIGABYTE { $$ = UNIT_GIGABYTE; } ; permission : IF FAILED PERMISSION NUMBER rate1 THEN action1 recovery { - permset.perm= check_perm($4); + permset.perm = check_perm($4); addeventaction(&(permset).action, $7, $8); addperm(&permset); } ; match : IF matchflagnot MATCH PATH rate1 THEN action1 { - matchset.ignore= FALSE; - matchset.match_path= xstrdup($4); - matchset.match_string= NULL; + matchset.ignore = FALSE; + matchset.match_path = $4; + matchset.match_string = NULL; addmatchpath(&matchset, $7); + FREE($4); } | IF matchflagnot MATCH STRING rate1 THEN action1 { - matchset.ignore= FALSE; - matchset.match_path= NULL; - matchset.match_string= xstrdup($4); + matchset.ignore = FALSE; + matchset.match_path = NULL; + matchset.match_string = xstrdup($4); addmatch(&matchset, $7, 0); } | IGNORE matchflagnot MATCH PATH { - matchset.ignore= TRUE; - matchset.match_path= xstrdup($4); - matchset.match_string= NULL; + matchset.ignore = TRUE; + matchset.match_path = $4; + matchset.match_string = NULL; addmatchpath(&matchset, ACTION_IGNORE); + FREE($4); } | IGNORE matchflagnot MATCH STRING { - matchset.ignore= TRUE; - matchset.match_path= NULL; - matchset.match_string= xstrdup($4); + matchset.ignore = TRUE; + matchset.match_path = NULL; + matchset.match_string = xstrdup($4); addmatch(&matchset, ACTION_IGNORE, 0); } ; matchflagnot : /* EMPTY */ { - matchset.not= FALSE; + matchset.not = FALSE; } | NOT { - matchset.not= TRUE; + matchset.not = TRUE; } ; size : IF SIZE operator NUMBER unit rate1 THEN action1 recovery { - sizeset.operator= $3; - sizeset.size= ((unsigned long)$4 * $5); + sizeset.operator = $3; + sizeset.size = ((unsigned long long)$4 * $5); addeventaction(&(sizeset).action, $8, $9); - addsize(&sizeset, FALSE); + addsize(&sizeset); } | IF CHANGED SIZE rate1 THEN action1 { - sizeset.test_changes= TRUE; - addeventaction(&(sizeset).action, $6, - ACTION_IGNORE); - addsize(&sizeset, TRUE); + sizeset.test_changes = TRUE; + addeventaction(&(sizeset).action, $6, ACTION_IGNORE); + addsize(&sizeset); } ; uid : IF FAILED UID STRING rate1 THEN action1 recovery { - uidset.uid= get_uid($4, 0); + uidset.uid = get_uid($4, 0); addeventaction(&(uidset).action, $7, $8); adduid(&uidset); FREE($4); } | IF FAILED UID NUMBER rate1 THEN action1 recovery { - uidset.uid= get_uid(NULL, $4); + uidset.uid = get_uid(NULL, $4); addeventaction(&(uidset).action, $7, $8); adduid(&uidset); } ; gid : IF FAILED GID STRING rate1 THEN action1 recovery { - gidset.gid= get_gid($4, 0); + gidset.gid = get_gid($4, 0); addeventaction(&(gidset).action, $7, $8); addgid(&gidset); FREE($4); } | IF FAILED GID NUMBER rate1 THEN action1 recovery { - gidset.gid= get_gid(NULL, $4); + gidset.gid = get_gid(NULL, $4); addeventaction(&(gidset).action, $7, $8); addgid(&gidset); } ; -icmptype : TYPE ICMPECHO { $$= ICMP_ECHO; } +icmptype : TYPE ICMPECHO { $$ = ICMP_ECHO; } ; reminder : /* EMPTY */ { $$ = 0; } @@ -1509,12 +1636,12 @@ long len; va_list ap; - char *msg= NULL; + char *msg = NULL; ASSERT(s); va_start(ap,s); - msg= Util_formatString(s, ap, &len); + msg = Util_formatString(s, ap, &len); va_end(ap); LogError("%s:%i: Error: %s '%s'\n", currentfile, lineno, msg, yytext); @@ -1531,12 +1658,12 @@ long len; va_list ap; - char *msg= NULL; + char *msg = NULL; ASSERT(s); va_start(ap,s); - msg= Util_formatString(s, ap, &len); + msg = Util_formatString(s, ap, &len); va_end(ap); LogWarning("%s:%i: Warning: %s '%s'\n", currentfile, lineno, msg, yytext); @@ -1552,12 +1679,12 @@ long len; va_list ap; - char *msg= NULL; + char *msg = NULL; ASSERT(s); va_start(ap,s); - msg= Util_formatString(s, ap, &len); + msg = Util_formatString(s, ap, &len); va_end(ap); LogError("%s:%i: Error: %s '%s'\n", argcurrentfile, arglineno, msg, argyytext); @@ -1574,12 +1701,12 @@ long len; va_list ap; - char *msg= NULL; + char *msg = NULL; ASSERT(s); va_start(ap,s); - msg= Util_formatString(s, ap, &len); + msg = Util_formatString(s, ap, &len); va_end(ap); LogWarning("%s:%i: Warning: %s '%s'\n", argcurrentfile, arglineno, msg, argyytext); @@ -1596,24 +1723,22 @@ ASSERT(controlfile); - servicelist= tail= current= NULL; + servicelist = tail = current = NULL; /* * Secure check the monitrc file. The run control file must have the * same uid as the REAL uid of this process, it must have permissions * no greater than 700 and it must not be a symbolic link. */ - if (! File_checkStat(controlfile, "control file", S_IRUSR|S_IWUSR|S_IXUSR)) { + if (! File_checkStat(controlfile, "control file", S_IRUSR|S_IWUSR|S_IXUSR)) return FALSE; - } if ((yyin = fopen(controlfile,"r")) == (FILE *)NULL) { - LogError("%s: Error: cannot open the control file '%s' -- %s\n", - prog, controlfile, STRERROR); + LogError("%s: Error: cannot open the control file '%s' -- %s\n", prog, controlfile, STRERROR); return FALSE; } - currentfile=xstrdup(controlfile); + currentfile = xstrdup(controlfile); /* * Creation of the global service list is synchronized @@ -1623,21 +1748,20 @@ yyparse(); fclose(yyin); /* Add the default general system service if not specified explicitly */ - if(!hassystem) { + if (!hassystem) createservice(TYPE_SYSTEM, xstrdup(Run.localhostname), xstrdup(""), check_system); - } /* If defined - add the last service to the service list */ - if(current) { + if (current) { addservice(current); - current = NULL; + FREE(current); } postparse(); END_LOCK; FREE(currentfile); - if (argyytext!=NULL) - FREE(argyytext); + if (argyytext != NULL) + FREE(argyytext); return(cfg_errflag == 0); } @@ -1656,56 +1780,58 @@ /* * Get the localhost name */ - if(gethostname(localhost, sizeof(localhost)) < 0) { + if (gethostname(localhost, sizeof(localhost)) < 0) snprintf(localhost, STRLEN, "%s", LOCALHOST); - } /* Set instance incarnation ID */ time(&Run.incarnation); /* Reset lexer */ - buffer_stack_ptr=0; - lineno= 1; - arglineno= 1; - argcurrentfile=NULL; - argyytext=NULL; + buffer_stack_ptr = 0; + lineno = 1; + arglineno = 1; + argcurrentfile = NULL; + argyytext = NULL; /* Reset parser */ - Run.wait_start= 0; - Run.stopped= FALSE; - Run.dolog= FALSE; - Run.dohttpd= FALSE; - Run.httpdsig= TRUE; - Run.credentials= NULL; - Run.httpdssl= FALSE; - Run.clientssl= FALSE; - Run.mailserver_timeout= NET_TIMEOUT; - Run.bind_addr= NULL; - Run.eventlist= NULL; - Run.eventlist_dir= NULL; - Run.eventlist_slots= -1; - Run.system= NULL; - Run.maillist= NULL; - Run.mailservers= NULL; - Run.MailFormat.from= NULL; - Run.MailFormat.subject= NULL; - Run.MailFormat.message= NULL; - Run.localhostname= xstrdup(localhost); - depend_list= NULL; - Run.handler_init= TRUE; - for(i=0; i<=HANDLER_MAX; i++) { + Run.stopped = FALSE; + Run.dolog = FALSE; + Run.dohttpd = FALSE; + Run.doaction = FALSE; + Run.httpdsig = TRUE; + Run.credentials = NULL; + Run.httpdssl = FALSE; + Run.httpsslpem = NULL; + Run.httpsslclientpem = NULL; + Run.clientssl = FALSE; + Run.mailserver_timeout = NET_TIMEOUT; + Run.bind_addr = NULL; + Run.eventlist = NULL; + Run.eventlist_dir = NULL; + Run.eventlist_slots = -1; + Run.system = NULL; + Run.expectbuffer = STRLEN; + Run.maillist = NULL; + Run.mailservers = NULL; + Run.MailFormat.from = NULL; + Run.MailFormat.subject = NULL; + Run.MailFormat.message = NULL; + Run.localhostname = xstrdup(localhost); + depend_list = NULL; + Run.handler_init = TRUE; + for (i = 0; i <= HANDLER_MAX; i++) Run.handler_queue[i] = 0; - } /* * Initialize objects */ reset_uidset(); reset_gidset(); - reset_mailset(); reset_sizeset(); + reset_mailset(); + reset_mailserverset(); reset_portset(); reset_permset(); reset_icmpset(); reset_rateset(); - reset_deviceset(); + reset_filesystemset(); reset_resourceset(); reset_checksumset(); reset_timestampset(); @@ -1716,37 +1842,33 @@ * Check that values are reasonable after parsing */ static void postparse() { - Service_T s; - if(cfg_errflag || (servicelist==NULL)) { + if (cfg_errflag || ! servicelist) return; - } /* Check the sanity of any dependency graph */ check_depend(); /* Check that we do not start monit in daemon mode without having a * poll time */ - if(!Run.polltime && (Run.isdaemon || Run.init)) { - LogError("%s: Error: Poll time not defined. Please define poll time" - " in the\n control file or use the -d option when starting monit\n", - prog); + if (!Run.polltime && (Run.isdaemon || Run.init)) { + LogError("%s: Error: Poll time not defined. Please define poll time in the\n control file or use the -d option when starting monit\n", prog); cfg_errflag++; } - for(s= servicelist; s; s= s->next) { + if (Run.logfile) + Run.dolog = TRUE; + + for (s = servicelist; s; s = s->next) { /* Set the general system service shortcut */ - if(s->type == TYPE_SYSTEM) + if (s->type == TYPE_SYSTEM) Run.system = s; - if(s->type != TYPE_HOST) + if (s->type != TYPE_HOST) continue; /* Verify that a remote service has a port or an icmp list */ - if(!s->portlist && !s->icmplist) { - LogError("%s: Error: 'check host' statement is incomplete; Please" - " specify a port number to test\n or an icmp test at the remote" - " host: '%s'\n", - prog, s->name); + if (!s->portlist && !s->icmplist) { + LogError("%s: Error: 'check host' statement is incomplete; Please specify a port number to test\n or an icmp test at the remote host: '%s'\n", prog, s->name); cfg_errflag++; } } @@ -1757,33 +1879,30 @@ * Create a new service object and add any current objects to the * service list. */ -static void createservice(int type, char *name, char *value, - int (*check)(Service_T s)) { +static void createservice(int type, char *name, char *value, int (*check)(Service_T s)) { ASSERT(name); ASSERT(value); - if(current) { + if (current) addservice(current); - } else { + else NEW(current); - } /* Reset the current object */ memset(current, 0, sizeof(*current)); - /* Set default values */ - current->monitor= MONITOR_INIT; - current->mode= MODE_ACTIVE; - - current->name= name; - current->type= type; - current->check= check; - current->path= value; - - createinfo(); + NEW(current->inf); Util_resetInfo(current); + /* Set default values */ + current->monitor = MONITOR_INIT; + current->mode = MODE_ACTIVE; + current->name = name; + current->type = type; + current->check = check; + current->path = value; + /* Initialize general event handlers */ addeventaction(&(current)->action_DATA, ACTION_ALERT, ACTION_ALERT); addeventaction(&(current)->action_EXEC, ACTION_ALERT, ACTION_ALERT); @@ -1792,15 +1911,17 @@ addeventaction(&(current)->action_TIMEOUT, ACTION_UNMONITOR, ACTION_ALERT); addeventaction(&(current)->action_PID, ACTION_ALERT, ACTION_IGNORE); addeventaction(&(current)->action_PPID, ACTION_ALERT, ACTION_IGNORE); + addeventaction(&(current)->action_FSFLAG, ACTION_ALERT, ACTION_IGNORE); /* Initialize internal event handlers */ - addeventaction(&(current)->action_MONIT_START, ACTION_ALERT, ACTION_IGNORE); - addeventaction(&(current)->action_MONIT_STOP, ACTION_ALERT, ACTION_IGNORE); - addeventaction(&(current)->action_MONIT_RELOAD, ACTION_ALERT, ACTION_IGNORE); + addeventaction(&(current)->action_MONIT_START, ACTION_START, ACTION_IGNORE); + addeventaction(&(current)->action_MONIT_STOP, ACTION_STOP, ACTION_IGNORE); + addeventaction(&(current)->action_MONIT_RELOAD, ACTION_START, ACTION_IGNORE); + addeventaction(&(current)->action_ACTION, ACTION_ALERT, ACTION_IGNORE); pthread_mutex_init(¤t->mutex, NULL); - time(¤t->collected); + gettimeofday(¤t->collected, NULL); } @@ -1809,29 +1930,21 @@ * Add a service object to the servicelist */ static void addservice(Service_T s) { - Service_T n; ASSERT(s); NEW(n); memcpy(n, s, sizeof(*s)); - /* Add the service to the end of the service list */ - if(tail != NULL) { - - tail->next= n; - tail->next_conf= n; - + if (tail != NULL) { + tail->next = n; + tail->next_conf = n; } else { - - servicelist= n; - servicelist_conf= n; - + servicelist = n; + servicelist_conf = n; } - - tail= n; - + tail = n; } @@ -1840,19 +1953,17 @@ * */ static void adddependant(char *dependant) { - Dependant_T d; ASSERT(dependant); NEW(d); - if (current->dependantlist != NULL) { - d->next= current->dependantlist; - } + if (current->dependantlist != NULL) + d->next = current->dependantlist; - d->dependant=dependant; - current->dependantlist= d; + d->dependant = dependant; + current->dependantlist = d; } @@ -1862,30 +1973,22 @@ * values and mail attributes to the given mailinglist. */ static void addmail(char *mailto, Mail_T f, Mail_T *l, unsigned int events, unsigned int reminder) { - Mail_T m; ASSERT(mailto); NEW(m); - if(events != EVENT_NULL) { - m->events= events; - } else { - /* Turn on all events */ - m->events= ~((unsigned int)0); - } + m->events = events; + m->to = mailto; + m->from = f->from; + m->subject = f->subject; + m->message = f->message; + m->reminder = reminder; - m->to= mailto; - m->from= f->from; - m->subject= f->subject; - m->message= f->message; - m->reminder= reminder; - - m->next= *l; - *l= m; + m->next = *l; + *l = m; reset_mailset(); - } @@ -1893,63 +1996,61 @@ * Add the given portset to the current service's portlist */ static void addport(Port_T port) { - Port_T p; char address[STRLEN]; ASSERT(port); NEW(p); - p->port= port->port; - p->type= port->type; - p->socket= port->socket; - p->family= port->family; - p->action= port->action; - p->timeout= port->timeout; - p->request= port->request; - p->generic= port->generic; - p->protocol= port->protocol; - p->pathname= port->pathname; - p->hostname= port->hostname; - p->url_request= port->url_request; - p->request_checksum= port->request_checksum; + p->port = port->port; + p->type = port->type; + p->socket = port->socket; + p->family = port->family; + p->action = port->action; + p->timeout = port->timeout; + p->request = port->request; + p->generic = port->generic; + p->protocol = port->protocol; + p->pathname = port->pathname; + p->hostname = port->hostname; + p->url_request = port->url_request; + p->request_checksum = port->request_checksum; memcpy(&p->ApacheStatus, &port->ApacheStatus, sizeof(struct apache_status)); if (p->request_checksum) { cleanup_hash_string(p->request_checksum); - if (strlen(p->request_checksum)==32) { - p->request_hashtype=HASH_MD5; - } else if (strlen(p->request_checksum)==40) { - p->request_hashtype=HASH_SHA1; - } else { + if (strlen(p->request_checksum) == 32) + p->request_hashtype = HASH_MD5; + else if (strlen(p->request_checksum) == 40) + p->request_hashtype = HASH_SHA1; + else yyerror2("invalid checksum [%s]", p->request_checksum); - } - } else { - p->request_hashtype=0; - } + } else + p->request_hashtype = 0; - if(port->family == AF_INET) { + if (port->family == AF_INET) snprintf(address, STRLEN, "INET[%s:%d]", port->hostname, port->port); - } else if(port->family == AF_UNIX) { + else if (port->family == AF_UNIX) snprintf(address, STRLEN, "UNIX[%s]", port->pathname); - } - p->address= xstrdup(address); + else + address[0] = 0; + p->address = xstrdup(address); - if(port->SSL.use_ssl == TRUE) { - if(!have_ssl()) { + if (port->SSL.use_ssl == TRUE) { + if (!have_ssl()) { yyerror("ssl check cannot be activated. SSL is not supported"); } else { if (port->SSL.certmd5 != NULL) { - p->SSL.certmd5= port->SSL.certmd5; + p->SSL.certmd5 = port->SSL.certmd5; cleanup_hash_string(p->SSL.certmd5); } - p->SSL.use_ssl= TRUE; - p->SSL.version= port->SSL.version; + p->SSL.use_ssl = TRUE; + p->SSL.version = port->SSL.version; } } - - p->next= current->portlist; - current->portlist= p; + p->maxforward = port->maxforward; + p->next = current->portlist; + current->portlist = p; reset_portset(); @@ -1960,25 +2061,20 @@ * Add a new resource object to the current service resource list */ static void addresource(Resource_T rr) { - Resource_T r; ASSERT(rr); NEW(r); - if(! Run.doprocess) { - yyerror("cannot activate service check.\n" - "\t(The process status engine was disabled. On certain" - " systems you must\n\trun monit as root to utilize this" - " feature)\n\t"); - } - r->resource_id= rr->resource_id; - r->limit= rr->limit; - r->action= rr->action; - r->operator= rr->operator; - r->next= current->resourcelist; + if (! Run.doprocess) + yyerror("Cannot activate service check. The process status engine was disabled. On certain systems you must run monit as root to utilize this feature)\n"); + r->resource_id = rr->resource_id; + r->limit = rr->limit; + r->action = rr->action; + r->operator = rr->operator; + r->next = current->resourcelist; - current->resourcelist= r; + current->resourcelist = r; reset_resourceset(); } @@ -1987,29 +2083,26 @@ * Add a new file object to the current service timestamp list */ static void addtimestamp(Timestamp_T ts, int notime) { - Timestamp_T t; ASSERT(ts); NEW(t); - t->operator= ts->operator; - t->time= ts->time; - t->action= ts->action; - t->test_changes= ts->test_changes; - - if(t->test_changes || notime) { - if(!File_exist(current->path)) { - yyerror2("the path '%s' used in the TIMESTAMP statement" - " does not exist", current->path); - } else if(!(t->timestamp= - File_getTimestamp(current->path, S_IFDIR|S_IFREG))) { - yyerror2("cannot get the timestamp for '%s'", current->path); + t->operator = ts->operator; + t->time = ts->time; + t->action = ts->action; + t->test_changes = ts->test_changes; + + if (t->test_changes || notime) { + if (! File_exist(current->path)) { + DEBUG("%s: Debug: the path '%s' used in the TIMESTAMP statement refer to a non-existing object\n", prog, current->path); + } else if (!(t->timestamp = File_getTimestamp(current->path, S_IFDIR|S_IFREG))) { + yyerror2("cannot get the timestamp for '%s'", current->path); } } - t->next= current->timestamplist; - current->timestamplist= t; + t->next = current->timestamplist; + current->timestamplist = t; reset_timestampset(); @@ -2019,35 +2112,26 @@ /* * Add a new Size object to the current service size list */ -static void addsize(Size_T ss, int nosize) { - +static void addsize(Size_T ss) { Size_T s; struct stat buf; ASSERT(ss); - /* - In the case that we are testig changes, get the initial - size for future comparision. In the case that we are not - testing changes, we don't need the initial size nor require - file to exist in the time of configuration file parsing - */ - if(ss->test_changes != 0 && stat(current->path, &buf) != 0) { - yyerror2("cannot get size for '%s'", current->path); - reset_sizeset(); - return; - } - NEW(s); - s->operator= ss->operator; - s->size= ss->size; - s->action= ss->action; - s->test_changes= ss->test_changes; - if(ss->test_changes || nosize) - s->size= (unsigned long)buf.st_size; + s->operator = ss->operator; + s->size = ss->size; + s->action = ss->action; + s->test_changes = ss->test_changes; + /* Get the initial size for future comparision, if the file exists */ + if (s->test_changes) { + s->test_changes_ok = !stat(current->path, &buf); + if (s->test_changes_ok) + s->size = (unsigned long long)buf.st_size; + } - s->next= current->sizelist; - current->sizelist= s; + s->next = current->sizelist; + current->sizelist = s; reset_sizeset(); } @@ -2063,44 +2147,51 @@ ASSERT(cs); - if(!cs->hash) { - if(cs->type == HASH_UNKNOWN) { - cs->type=DEFAULT_HASH; - } - if( !(cs->hash= Util_getChecksum(current->path, cs->type))) { - yyerror2("cannot compute a checksum for a file %s", current->path); - reset_checksumset(); - return; + cs->test_changes_ok = TRUE; + + if (!cs->hash) { + if (cs->type == HASH_UNKNOWN) + cs->type = DEFAULT_HASH; + if ( !(cs->hash = Util_getChecksum(current->path, cs->type))) { + if (cs->test_changes == TRUE) { + /* If the file doesn't exist and we're checking for checksum changes, set dummy value */ + cs->test_changes_ok = FALSE; + cs->hash = xstrdup("00000000000000000000000000000000"); + } else { + yyerror2("cannot compute a checksum for file %s", current->path); + reset_checksumset(); + return; + } } } - len= cleanup_hash_string(cs->hash); + len = cleanup_hash_string(cs->hash); - if(cs->type == HASH_UNKNOWN) { - if (len==32) { - cs->type=HASH_MD5; - } else if (len==40) { - cs->type=HASH_SHA1; + if (cs->type == HASH_UNKNOWN) { + if (len == 32) { + cs->type = HASH_MD5; + } else if (len == 40) { + cs->type = HASH_SHA1; } else { - yyerror2("invalid checksum [%s] for a file %s", cs->hash, current->path); + yyerror2("invalid checksum [%s] for file %s", cs->hash, current->path); reset_checksumset(); return; } - } else if (( cs->type==HASH_MD5 && len!=32 ) || - ( cs->type==HASH_SHA1 && len!=40 )) { - yyerror2("invalid checksum [%s] for a file %s", cs->hash, current->path); + } else if (( cs->type == HASH_MD5 && len!=32 ) || ( cs->type == HASH_SHA1 && len != 40 )) { + yyerror2("invalid checksum [%s] for file %s", cs->hash, current->path); reset_checksumset(); return; } NEW(c); - c->type=cs->type; - c->hash= cs->hash; - c->test_changes= cs->test_changes; - c->action= cs->action; + c->type = cs->type; + c->hash = cs->hash; + c->test_changes = cs->test_changes; + c->test_changes_ok = cs->test_changes_ok; + c->action = cs->action; - current->checksum= c; + current->checksum = c; reset_checksumset(); @@ -2111,15 +2202,14 @@ * Set Perm object in the current service */ static void addperm(Perm_T ps) { - Perm_T p; ASSERT(ps); NEW(p); - p->perm= ps->perm; - p->action= ps->action; - current->perm= p; + p->perm = ps->perm; + p->action = ps->action; + current->perm = p; reset_permset(); } @@ -2128,7 +2218,6 @@ * Set Match object in the current service */ static void addmatch(Match_T ms, int actionnumber, int linenumber) { - Match_T m; Match_T ml; int reg_return; @@ -2140,102 +2229,107 @@ NEW(m->regex_comp); #endif - m->match_string= ms->match_string; - m->match_path= ms->match_path; - m->action= ms->action; - m->not= ms->not; - m->ignore= ms->ignore; - m->next=NULL; + m->match_string = ms->match_string; + m->match_path = ms->match_path ? xstrdup(ms->match_path) : NULL; + m->action = ms->action; + m->not = ms->not; + m->ignore = ms->ignore; + m->next = NULL; addeventaction(&(m->action), actionnumber, ACTION_IGNORE); #ifdef HAVE_REGEX_H - reg_return= regcomp(m->regex_comp, ms->match_string, REG_NOSUB|REG_EXTENDED); + reg_return = regcomp(m->regex_comp, ms->match_string, REG_NOSUB|REG_EXTENDED); - if (reg_return!=0) { + if (reg_return != 0) { char errbuf[STRLEN]; regerror(reg_return, ms->regex_comp, errbuf, STRLEN); if (m->match_path != NULL) - yyerror2("regex parsing error:%s on line %i of", errbuf, linenumber); + yyerror2("regex parsing error:%s on line %i of", errbuf, linenumber); else - yyerror2("regex parsing error:%s", errbuf); + yyerror2("regex parsing error:%s", errbuf); } #endif if (current->matchlist) { /* Find the end of the list */ - for(ml=current->matchlist; ml->next; ml=ml->next); + for (ml = current->matchlist; ml->next; ml = ml->next) + ; - ml->next= m; + ml->next = m; - } else { - - current->matchlist= m; - - } + } else + current->matchlist = m; } + static void addmatchpath(Match_T ms, int actionnumber) { FILE *handle; + Command_T savecommand = NULL; char buf[2048]; - int linenumber=0; + int linenumber = 0; ASSERT(ms->match_path); - handle=fopen(ms->match_path, "r"); - - if ( handle==NULL ) { - + handle = fopen(ms->match_path, "r"); + if (handle == NULL) { yyerror2("cannot read regex match file (%s)", ms->match_path); - return; } while (!feof(handle)) { + int len; + linenumber++; - if (! fgets(buf, 2048, handle)) { - + if (! fgets(buf, 2048, handle)) continue; - - } - if (strlen(buf)==0 || buf[0]=='\n') { + len = strlen(buf); + if (len == 0 || buf[0] == '\n') continue; - } + if (buf[len-1] == '\n') + buf[len-1] = 0; - if(buf[strlen(buf)-1]=='\n') { + ms->match_string = xstrdup(buf); - buf[strlen(buf)-1]=0; - + /* The addeventaction() called from addmatch() will reset the + * command1 to NULL, but we need to duplicate the command for + * each line, thus need to save it here */ + if (actionnumber == ACTION_EXEC) { + if (command1 == NULL) { + ASSERT(savecommand); + command1 = savecommand; + } + savecommand = copycommand(command1); } - ms->match_string= xstrdup(buf); addmatch(ms, actionnumber, linenumber); } - fclose(handle); + if (actionnumber == ACTION_EXEC && savecommand) + gccmd(&savecommand); + fclose(handle); } + /* * Set Uid object in the current service */ static void adduid(Uid_T us) { - Uid_T u; ASSERT(us); NEW(u); - u->uid= us->uid; - u->action= us->action; - current->uid= u; + u->uid = us->uid; + u->action = us->action; + current->uid = u; reset_uidset(); - } @@ -2243,40 +2337,37 @@ * Set Gid object in the current service */ static void addgid(Gid_T gs) { - Gid_T g; ASSERT(gs); NEW(g); - g->gid= gs->gid; - g->action= gs->action; - current->gid= g; + g->gid = gs->gid; + g->action = gs->action; + current->gid = g; reset_gidset(); - } /* - * Add a new device to the current service's device list + * Add a new filesystem to the current service's filesystem list */ -static void adddevice(Device_T ds) { - - Device_T dev; +static void addfilesystem(Filesystem_T ds) { + Filesystem_T dev; ASSERT(ds); NEW(dev); - dev->resource= ds->resource; - dev->operator= ds->operator; - dev->limit_absolute= ds->limit_absolute; - dev->limit_percent= ds->limit_percent; - dev->action= ds->action; + dev->resource = ds->resource; + dev->operator = ds->operator; + dev->limit_absolute = ds->limit_absolute; + dev->limit_percent = ds->limit_percent; + dev->action = ds->action; - dev->next= current->devicelist; - current->devicelist= dev; + dev->next = current->filesystemlist; + current->filesystemlist = dev; - reset_deviceset(); + reset_filesystemset(); } @@ -2285,26 +2376,23 @@ * Add a new icmp object to the current service's icmp list */ static void addicmp(Icmp_T is) { - if(!getuid()) { - + if (!getuid()) { Icmp_T icmp; ASSERT(is); NEW(icmp); - icmp->type= is->type; - icmp->count= is->count; - icmp->timeout= is->timeout; - icmp->action= is->action; - icmp->is_available= FALSE; - icmp->response= -1; - - icmp->next= current->icmplist; - current->icmplist= icmp; - - } else { + icmp->type = is->type; + icmp->count = is->count > ICMP_MAX_COUNT ? ICMP_MAX_COUNT : is->count; + icmp->timeout = is->timeout; + icmp->action = is->action; + icmp->is_available = FALSE; + icmp->response = -1; + + icmp->next = current->icmplist; + current->icmplist = icmp; + } else yyerror("icmp statements must be run as root"); - } reset_icmpset(); } @@ -2312,83 +2400,68 @@ /* * Set EventAction object */ -static void addeventaction(EventAction_T *_ea, int failed, int passed) { - +static void addeventaction(EventAction_T *_ea, int failed, int succeeded) { EventAction_T ea; ASSERT(_ea); NEW(ea); NEW(ea->failed); - NEW(ea->passed); + NEW(ea->succeeded); - ea->failed->id= failed; - ea->failed->count= rate1.count; - ea->failed->cycles= rate1.cycles; - if(failed == ACTION_EXEC) { + ea->failed->id = failed; + ea->failed->count = rate1.count; + ea->failed->cycles = rate1.cycles; + if (failed == ACTION_EXEC) { ASSERT(command1); ea->failed->exec = command1; command1 = NULL; } + describeAction(ea->failed); - ea->passed->id= passed; - ea->passed->count= rate2.count; - ea->passed->cycles= rate2.cycles; - if(passed == ACTION_EXEC) { + ea->succeeded->id = succeeded; + ea->succeeded->count = rate2.count; + ea->succeeded->cycles = rate2.cycles; + if (succeeded == ACTION_EXEC) { ASSERT(command2); - ea->passed->exec = command2; + ea->succeeded->exec = command2; command2 = NULL; } - - *_ea= ea; - + describeAction(ea->succeeded); + *_ea = ea; reset_rateset(); - } /* * Redefine EventAction object (used for default action overloading) */ -static void seteventaction(EventAction_T *_ea, int failed, int passed) { - +static void seteventaction(EventAction_T *_ea, int failed, int succeeded) { EventAction_T ea = *_ea; ASSERT(ea); ASSERT(ea->failed); - ASSERT(ea->passed); + ASSERT(ea->succeeded); - ea->failed->id= failed; - ea->failed->count= rate1.count; - ea->failed->cycles= rate1.cycles; - if(failed == ACTION_EXEC) { + ea->failed->id = failed; + ea->failed->count = rate1.count; + ea->failed->cycles = rate1.cycles; + if (failed == ACTION_EXEC) { ASSERT(command1); ea->failed->exec = command1; command1 = NULL; } + describeAction(ea->failed); - ea->passed->id= passed; - ea->passed->count= rate2.count; - ea->passed->cycles= rate2.cycles; - if(passed == ACTION_EXEC) { + ea->succeeded->id = succeeded; + ea->succeeded->count = rate2.count; + ea->succeeded->cycles = rate2.cycles; + if (succeeded == ACTION_EXEC) { ASSERT(command2); - ea->passed->exec = command2; + ea->succeeded->exec = command2; command2 = NULL; } -} - - -/* - * Adds runtime info to current service - */ -static void createinfo() { - - Info_T inf; - - NEW(inf); - - current->inf= inf; - + describeAction(ea->succeeded); } @@ -2405,6 +2478,7 @@ case P_GENERIC: return create_generic(); case P_HTTP: return create_http(); case P_IMAP: return create_imap(); + case P_CLAMAV: return create_clamav(); case P_LDAP2: return create_ldap2(); case P_LDAP3: return create_ldap3(); case P_MYSQL: return create_mysql(); @@ -2418,6 +2492,8 @@ case P_RSYNC: return create_rsync(); case P_TNS: return create_tns(); case P_PGSQL: return create_pgsql(); + case P_SIP: return create_sip(); + case P_LMTP: return create_lmtp(); } return create_default(); @@ -2429,38 +2505,36 @@ * Add a generic protocol handler to */ static void addgeneric(Port_T port, char *send, char *expect) { - - Generic_T g= port->generic; + Generic_T g = port->generic; if (g == NULL) { NEW(g); - port->generic= g; + port->generic = g; } else { - while (g->next != NULL) { - g= g->next; - } + while (g->next != NULL) + g = g->next; NEW(g->next); - g=g->next; + g = g->next; } if (send != NULL) { - g->send=xstrdup(send); - g->expect=NULL; + g->send = xstrdup(send); + g->expect = NULL; } else if (expect != NULL) { #ifdef HAVE_REGEX_H int reg_return; NEW(g->expect); - reg_return= regcomp(g->expect, expect, REG_NOSUB|REG_EXTENDED); - if (reg_return!=0) { + reg_return = regcomp(g->expect, expect, REG_NOSUB|REG_EXTENDED); + if (reg_return != 0) { char errbuf[STRLEN]; regerror(reg_return, g->expect, errbuf, STRLEN); yyerror2("regex parsing error:%s", errbuf); } #else - g->expect=xstrdup(expect); + g->expect = xstrdup(expect); #endif - g->send=NULL; + g->send = NULL; } } @@ -2469,14 +2543,16 @@ * Add the current command object to the current service object's * start or stop program. */ -static void addcommand(int what) { +static void addcommand(int what, unsigned timeout) { switch(what) { - case START: current->start= command; break; - case STOP: current->stop= command; break; + case START: current->start = command; break; + case STOP: current->stop = command; break; } + + command->timeout = timeout; - command= NULL; + command = NULL; } @@ -2488,21 +2564,18 @@ ASSERT(argument); - if(! command) { + if (! command) { NEW(command); check_exec(argument); } - command->arg[command->length++]= argument; - command->arg[command->length]= NULL; + command->arg[command->length++] = argument; + command->arg[command->length] = NULL; - if(command->length >= ARGMAX) { - + if (command->length >= ARGMAX) yyerror("exceeded maximum number of program arguments"); - - } } @@ -2514,25 +2587,23 @@ ASSERT(U); - portset.protocol= addprotocol(P_HTTP); + portset.protocol = addprotocol(P_HTTP); - if(urlrequest==NULL) + if (urlrequest == NULL) NEW(urlrequest); - urlrequest->url= U; - portset.hostname= xstrdup(U->hostname); + urlrequest->url = U; + portset.hostname = xstrdup(U->hostname); check_hostname(portset.hostname); - portset.port= U->port; - portset.url_request= urlrequest; - portset.type= SOCK_STREAM; - portset.request= Util_getString("%s%s%s", U->path, U->query?"?":"", - U->query?U->query:""); + portset.port = U->port; + portset.url_request = urlrequest; + portset.type = SOCK_STREAM; + portset.request = Util_getString("%s%s%s", U->path, U->query ? "?" : "", U->query ? U->query : ""); /* Only the HTTP protocol is supported for URLs. See also the lexer if this is to be changed in the future */ - portset.protocol= addprotocol(P_HTTP); - if(IS(U->protocol, "https")) { - portset.SSL.use_ssl= TRUE; - } + portset.protocol = addprotocol(P_HTTP); + if (IS(U->protocol, "https")) + portset.SSL.use_ssl = TRUE; } @@ -2544,47 +2615,45 @@ ASSERT(regex); - if(! urlrequest) + if (! urlrequest) NEW(urlrequest); - urlrequest->operator= operator; + urlrequest->operator = operator; #ifdef HAVE_REGEX_H { int reg_return; NEW(urlrequest->regex); - reg_return= regcomp(urlrequest->regex, regex, REG_NOSUB|REG_EXTENDED); - if (reg_return!=0) { + reg_return = regcomp(urlrequest->regex, regex, REG_NOSUB|REG_EXTENDED); + if (reg_return != 0) { char errbuf[STRLEN]; regerror(reg_return, urlrequest->regex, errbuf, STRLEN); yyerror2("regex parsing error: %s", errbuf); } } #else - urlrequest->regex= xstrdup(regex); + urlrequest->regex = xstrdup(regex); #endif } /* - * Add a new data recipient server to the collector server list + * Add a new data recipient server to the mmonit server list */ -static void addcollector(URL_T url, int timeout, int sslversion, - char *certmd5) { - - Collector_T c; +static void addmmonit(URL_T url, int timeout, int sslversion, char *certmd5) { + Mmonit_T c; ASSERT(url); NEW(c); c->url = url; - if(!strcmp(c->url->protocol, "https")) { - if(!have_ssl()) { + if (!strcmp(c->url->protocol, "https")) { + if (!have_ssl()) { yyerror("ssl check cannot be activated. SSL is not supported"); } else { - c->ssl.use_ssl= TRUE; - c->ssl.version= sslversion; + c->ssl.use_ssl = TRUE; + c->ssl.version = sslversion; if (certmd5) { - c->ssl.certmd5= certmd5; + c->ssl.certmd5 = certmd5; cleanup_hash_string(c->ssl.certmd5); } } @@ -2592,14 +2661,13 @@ c->timeout = timeout; c->next = NULL; - if(Run.collectors) { - Collector_T C; - for(C = Run.collectors; C->next; C = C->next) + if (Run.mmonits) { + Mmonit_T C; + for (C = Run.mmonits; C->next; C = C->next) /* Empty */ ; C->next = c; - } - else { - Run.collectors = c; + } else { + Run.mmonits = c; } } @@ -2607,25 +2675,32 @@ /* * Add a new smtp server to the mail server list */ -static void addmailserver(char *host, int port) { +static void addmailserver(MailServer_T mailserver) { MailServer_T s; - ASSERT(host); + ASSERT(mailserver->host); NEW(s); - s->host= host; - s->port= port; - s->next= NULL; + s->host = mailserver->host; + s->port = mailserver->port; + s->username = mailserver->username; + s->password = mailserver->password; + s->ssl.use_ssl = mailserver->ssl.use_ssl; + s->ssl.version = mailserver->ssl.version; + s->ssl.certmd5 = mailserver->ssl.certmd5; - if(Run.mailservers) { + s->next = NULL; + + if (Run.mailservers) { MailServer_T l; - for(l= Run.mailservers; l->next; l= l->next) /* empty */; - l->next= s; + for (l = Run.mailservers; l->next; l = l->next) /* empty */; + l->next = s; } else { - Run.mailservers= s; + Run.mailservers = s; } + reset_mailserverset(); } @@ -2635,24 +2710,20 @@ * otherwise the user parameter is used. */ static uid_t get_uid(char *user, uid_t uid) { - struct passwd *pwd; - if(user) { + if (user) { + pwd = getpwnam(user); - pwd= getpwnam(user); - - if(pwd == NULL) { + if (pwd == NULL) { yyerror2("requested user not found on the system"); - return(0); } } else { - if( (pwd= getpwuid(uid)) == NULL ) { + if ( (pwd = getpwuid(uid)) == NULL ) { yyerror2("requested uid not found on the system"); - return(0); } } @@ -2668,24 +2739,20 @@ * otherwise the group parameter is used. */ static gid_t get_gid(char *group, gid_t gid) { - struct group *grd; - if(group) { - - grd= getgrnam(group); + if (group) { + grd = getgrnam(group); - if(grd == NULL) { + if (grd == NULL) { yyerror2("requested group not found on the system"); - return(0); } } else { - if( (grd= getgrgid(gid)) == NULL ) { + if ( (grd = getgrgid(gid)) == NULL ) { yyerror2("requested gid not found on the system"); - return(0); } @@ -2700,18 +2767,11 @@ * Add a new user id to the current command object. */ static void addeuid(uid_t uid) { - - if(!getuid()) { - - command->has_uid= TRUE; - command->uid= uid; - - } else { - + if (!getuid()) { + command->has_uid = TRUE; + command->uid = uid; + } else yyerror("uid statement requires root privileges"); - - } - } @@ -2719,18 +2779,11 @@ * Add a new group id to the current command object. */ static void addegid(gid_t gid) { - - if(!getuid()) { - - command->has_gid= TRUE; - command->gid= gid; - - } else { - + if (!getuid()) { + command->has_gid = TRUE; + command->gid = gid; + } else yyerror("gid statement requires root privileges"); - - } - } @@ -2738,23 +2791,14 @@ * Reset the logfile if changed */ static void setlogfile(char *logfile) { - - if(Run.logfile) { - - if(IS(Run.logfile, logfile)) { - + if (Run.logfile) { + if (IS(Run.logfile, logfile)) { FREE(logfile); return; - - } else { - + } else FREE(Run.logfile); - - } } - - Run.logfile= logfile; - + Run.logfile = logfile; } @@ -2762,23 +2806,14 @@ * Reset the pidfile if changed */ static void setpidfile(char *pidfile) { - - if(Run.pidfile) { - - if(IS(Run.pidfile, pidfile)) { - + if (Run.pidfile) { + if (IS(Run.pidfile, pidfile)) { FREE(pidfile); return; - - } else { - + } else FREE(Run.pidfile); - - } } - - Run.pidfile= pidfile; - + Run.pidfile = pidfile; } @@ -2786,161 +2821,151 @@ * Read a apache htpasswd file and add credentials found for username */ static void addhtpasswdentry(char *filename, char *username, int dtype) { - - char *ht_username= NULL; - char *ht_passwd= NULL; + char *ht_username = NULL; + char *ht_passwd = NULL; char buf[STRLEN]; - FILE *handle= NULL; - int credentials_added= 0; + FILE *handle = NULL; + int credentials_added = 0; ASSERT(filename); - handle=fopen(filename, "r"); + handle = fopen(filename, "r"); - if ( handle==NULL ) { - - if (username!=NULL) { + if ( handle == NULL ) { + if (username != NULL) yyerror2("cannot read htpasswd (%s)", filename); - } else { + else yyerror2("cannot read htpasswd", filename); - } return; - } while (!feof(handle)) { - char *colonindex= NULL; + char *colonindex = NULL; int i; - if (! fgets(buf, STRLEN, handle)) { - + if (! fgets(buf, STRLEN, handle)) continue; - - } /* strip trailing non visible characters */ - for (i=strlen(buf)-1; i >= 0; i--) { - if ( buf[i] == ' ' || buf[i] == '\r' || - buf[i] == '\n' || buf[i] == '\t' ) { - - buf[i]='\0'; - - } else { - + for (i = strlen(buf)-1; i >= 0; i--) { + if ( buf[i] == ' ' || buf[i] == '\r' || buf[i] == '\n' || buf[i] == '\t' ) + buf[i] ='\0'; + else break; - - } } - if ( NULL == (colonindex=strchr(buf, ':'))) { - + if ( NULL == (colonindex = strchr(buf, ':'))) continue; - - } - ht_passwd=xstrdup(colonindex+1); - *colonindex='\0'; + ht_passwd = xstrdup(colonindex+1); + *colonindex = '\0'; - /* Incase we have a file in /etc/passwd or /etc/shadow style we + /* In case we have a file in /etc/passwd or /etc/shadow style we * want to remove ":.*$" and Crypt and MD5 hashed dont have a colon */ - if ( (NULL != (colonindex=strchr(ht_passwd, ':'))) && - ( dtype != DIGEST_CLEARTEXT) ) { + if ( (NULL != (colonindex = strchr(ht_passwd, ':'))) && ( dtype != DIGEST_CLEARTEXT) ) + *colonindex = '\0'; - *colonindex='\0'; - - } - - ht_username=xstrdup(buf); + ht_username = xstrdup(buf); - if (username==NULL) { - - if (addcredentials(ht_username, ht_passwd, dtype, FALSE)) { + if (username == NULL) { + if (addcredentials(ht_username, ht_passwd, dtype, FALSE)) credentials_added++; - } - } else if (strcmp(username, ht_username) == 0) { - - if (addcredentials(ht_username, ht_passwd, dtype, FALSE)) { + if (addcredentials(ht_username, ht_passwd, dtype, FALSE)) credentials_added++; - } - } else { - FREE(ht_passwd); FREE(ht_username); - } } - if (credentials_added==0) { + if (credentials_added == 0) { + if ( username == NULL ) + yywarning2("htpasswd file (%s) has no usable credentials", filename); + else + yywarning2("htpasswd file (%s) has no usable credentials for user %s", filename, username); + } + fclose(handle); +} - if ( username == NULL ) { - - yywarning2("htpasswd file (%s) has no usable credentials", - filename); - } else { +#ifdef HAVE_LIBPAM +static void addpamauth(char* groupname, int readonly) { + Auth_T c = NULL; + Auth_T prev = NULL; - yywarning2("htpasswd file (%s) has no usable credentials " - "for user %s", filename, username); + ASSERT(groupname); - } - - - } + if (Run.credentials == NULL) + NEW(Run.credentials); - fclose(handle); + c = Run.credentials; + do { + if (c->groupname != NULL && IS(c->groupname, groupname)) { + yywarning2("PAM group %s was added already, entry ignored", groupname); + FREE(groupname); + return; + } + prev = c; + c = c->next; + } while (c != NULL); + + NEW(prev->next); + c = prev->next; + + c->next = NULL; + c->uname = NULL; + c->passwd = NULL; + c->groupname = groupname; + c->digesttype = DIGEST_PAM; + c->is_readonly = readonly; + DEBUG("%s: Adding PAM group '%s'.\n", prog, groupname); + + return; } +#endif /* * Add Basic Authentication credentials */ static int addcredentials(char *uname, char *passwd, int dtype, int readonly) { - Auth_T c; ASSERT(uname); ASSERT(passwd); if (Run.credentials == NULL) { - NEW(Run.credentials); - c=Run.credentials; - + c = Run.credentials; } else { if (Util_getUserCredentials(uname) != NULL) { - - yywarning2("credentials for user %s were already added, entry ignored", - uname); + yywarning2("credentials for user %s were already added, entry ignored", uname); FREE(uname); FREE(passwd); return FALSE; - } - c=Run.credentials; - - while ( c->next != NULL ) { + c = Run.credentials; - c=c->next; - - } + while ( c->next != NULL ) + c = c->next; NEW(c->next); - c=c->next; + c = c->next; } - c->next=NULL; - c->uname=uname; - c->passwd=passwd; - c->digesttype=dtype; - c->is_readonly= readonly; + c->next = NULL; + c->uname = uname; + c->passwd = passwd; + c->groupname = NULL; + c->digesttype = dtype; + c->is_readonly = readonly; DEBUG("%s: Debug: Adding credentials for user '%s'.\n", prog, uname); @@ -2955,38 +2980,35 @@ static void setsyslog(char *facility) { if (!Run.logfile || ihp.logfile) { - - ihp.logfile= TRUE; + ihp.logfile = TRUE; setlogfile(xstrdup("syslog")); - Run.use_syslog= TRUE; - Run.dolog=TRUE; - + Run.use_syslog = TRUE; + Run.dolog = TRUE; } - if(facility) { - if(IS(facility,"log_local0")) { + if (facility) { + if (IS(facility,"log_local0")) Run.facility = LOG_LOCAL0; - } else if(IS(facility, "log_local1")) { + else if (IS(facility, "log_local1")) Run.facility = LOG_LOCAL1; - } else if(IS(facility, "log_local2")) { + else if (IS(facility, "log_local2")) Run.facility = LOG_LOCAL2; - } else if(IS(facility, "log_local3")) { + else if (IS(facility, "log_local3")) Run.facility = LOG_LOCAL3; - } else if(IS(facility, "log_local4")) { + else if (IS(facility, "log_local4")) Run.facility = LOG_LOCAL4; - } else if(IS(facility, "log_local5")) { + else if (IS(facility, "log_local5")) Run.facility = LOG_LOCAL5; - } else if(IS(facility, "log_local6")) { + else if (IS(facility, "log_local6")) Run.facility = LOG_LOCAL6; - } else if(IS(facility, "log_local7")) { + else if (IS(facility, "log_local7")) Run.facility = LOG_LOCAL7; - } else if(IS(facility, "log_daemon")) { + else if (IS(facility, "log_daemon")) Run.facility = LOG_DAEMON; - } else { + else yyerror2("invalid syslog facility"); - } } else { - Run.facility= LOG_USER; + Run.facility = LOG_USER; } } @@ -2997,7 +3019,18 @@ */ static void reset_mailset() { memset(&mailset, 0, sizeof(struct mymail)); - eventset= 0; + eventset = EVENT_NULL; +} + + +/* + * Reset the mailserver set to default values + */ +static void reset_mailserverset() { + memset(&mailserverset, 0, sizeof(struct mymailserver)); + mailserverset.port = PORT_SMTP; + mailserverset.ssl.use_ssl = FALSE; + mailserverset.ssl.version = SSL_VERSION_AUTO; } @@ -3006,12 +3039,13 @@ */ static void reset_portset() { memset(&portset, 0, sizeof(struct myport)); - portset.socket= -1; - portset.type= SOCK_STREAM; - portset.family= AF_INET; - portset.SSL.version= SSL_VERSION_AUTO; - portset.timeout= NET_TIMEOUT; - urlrequest= NULL; + portset.socket = -1; + portset.type = SOCK_STREAM; + portset.family = AF_INET; + portset.SSL.version = SSL_VERSION_AUTO; + portset.timeout = NET_TIMEOUT; + portset.maxforward = 70; + urlrequest = NULL; } @@ -3019,10 +3053,10 @@ * Reset the Proc set to default values */ static void reset_resourceset() { - resourceset.resource_id= 0; - resourceset.limit= 0; - resourceset.action= NULL; - resourceset.operator= OPERATOR_EQUAL; + resourceset.resource_id = 0; + resourceset.limit = 0; + resourceset.action = NULL; + resourceset.operator = OPERATOR_EQUAL; } @@ -3030,10 +3064,10 @@ * Reset the Timestamp set to default values */ static void reset_timestampset() { - timestampset.operator= OPERATOR_EQUAL; - timestampset.time= 0; - timestampset.test_changes= FALSE; - timestampset.action= NULL; + timestampset.operator = OPERATOR_EQUAL; + timestampset.time = 0; + timestampset.test_changes = FALSE; + timestampset.action = NULL; } @@ -3041,10 +3075,10 @@ * Reset the Size set to default values */ static void reset_sizeset() { - sizeset.operator= OPERATOR_EQUAL; - sizeset.size= 0; - sizeset.test_changes= FALSE; - sizeset.action= NULL; + sizeset.operator = OPERATOR_EQUAL; + sizeset.size = 0; + sizeset.test_changes = FALSE; + sizeset.action = NULL; } @@ -3052,10 +3086,10 @@ * Reset the Checksum set to default values */ static void reset_checksumset() { - checksumset.type= HASH_UNKNOWN; - checksumset.hash= NULL; - checksumset.test_changes= FALSE; - checksumset.action= NULL; + checksumset.type = HASH_UNKNOWN; + checksumset.hash = NULL; + checksumset.test_changes = FALSE; + checksumset.action = NULL; } @@ -3063,8 +3097,8 @@ * Reset the Perm set to default values */ static void reset_permset() { - permset.perm= 0; - permset.action= NULL; + permset.perm = 0; + permset.action = NULL; } @@ -3072,8 +3106,8 @@ * Reset the Uid set to default values */ static void reset_uidset() { - uidset.uid= 0; - uidset.action= NULL; + uidset.uid = 0; + uidset.action = NULL; } @@ -3081,20 +3115,20 @@ * Reset the Gid set to default values */ static void reset_gidset() { - gidset.gid= 0; - gidset.action= NULL; + gidset.gid = 0; + gidset.action = NULL; } /* - * Reset the Device set to default values + * Reset the Filesystem set to default values */ -static void reset_deviceset() { - deviceset.resource= 0; - deviceset.operator= OPERATOR_EQUAL; - deviceset.limit_absolute= -1; - deviceset.limit_percent= -1; - deviceset.action= NULL; +static void reset_filesystemset() { + filesystemset.resource = 0; + filesystemset.operator = OPERATOR_EQUAL; + filesystemset.limit_absolute = -1; + filesystemset.limit_percent = -1; + filesystemset.action = NULL; } @@ -3102,10 +3136,10 @@ * Reset the ICMP set to default values */ static void reset_icmpset() { - icmpset.type= ICMP_ECHO; - icmpset.count= ATTEMPT_COUNT; - icmpset.timeout= NET_TIMEOUT; - icmpset.action= NULL; + icmpset.type = ICMP_ECHO; + icmpset.count = ICMP_ATTEMPT_COUNT; + icmpset.timeout = NET_TIMEOUT; + icmpset.action = NULL; } @@ -3131,12 +3165,10 @@ ASSERT(name); - if(Util_existService(name) || (current && IS(name, current->name))) { + if (Util_existService(name) || (current && IS(name, current->name))) yyerror2("service name conflict, %s already defined", name); - } - if(name && *name=='/') { + if (name && *name == '/') yyerror2("service name must not start with '/' -- ", name); - } } @@ -3145,24 +3177,18 @@ * Permission statement semantic check */ static int check_perm(int perm) { - long result; char *status; char buf[STRLEN]; snprintf(buf, STRLEN, "%d", perm); - result= strtol(buf, &status, 8); + result = strtol(buf, &status, 8); - if( *status != '\0' || result < 0 || result > 07777 ) { - - yyerror2("permission statements must have an octal value " - "between 0 and 07777"); - - } + if ( *status != '\0' || result < 0 || result > 07777 ) + yyerror2("permission statements must have an octal value between 0 and 7777"); return result; - } @@ -3170,19 +3196,10 @@ * Timeout statement semantic check */ static void check_timeout(int s, int c) { - - if(s > c) { - + if (s > c) yyerror2("the number of restarts must be less than poll cycles"); - - } - - if(s <= 0 || c <= 0) { - + if (s <= 0 || c <= 0) yyerror2("zero or negative values not allowed in a timeout statement"); - - } - } @@ -3190,13 +3207,8 @@ * Every statement semantic check */ static void check_every(int every) { - - if(every <= 1) { - + if (every <= 1) yyerror2("an EVERY statement must have a value greater than 1"); - - } - } @@ -3207,12 +3219,8 @@ ASSERT(hostname); - if(!check_host(hostname)) { - - yyerror2("hostname did not resolve"); - - } - + if (!check_host(hostname)) + yywarning2("hostname did not resolve"); } /* @@ -3222,7 +3230,7 @@ */ static void check_depend() { Service_T s; - Service_T depends_on= NULL; + Service_T depends_on = NULL; Service_T* dlt = &depend_list; /* the current tail of it */ int done; /* no unvisited nodes left? */ int found_some; /* last iteration found anything new ? */ @@ -3231,17 +3239,16 @@ do { done = TRUE; found_some = FALSE; - for(s= servicelist; s; s= s->next) { + for (s = servicelist; s; s = s->next) { Dependant_T d; - if(s->visited) + if (s->visited) continue; done = FALSE; // still unvisited nodes depends_on = NULL; - for(d= s->dependantlist; d; d= d->next) { + for (d = s->dependantlist; d; d = d->next) { Service_T dp = Util_getService(d->dependant); - if(!dp) { - LogError("%s: Error: Depend service '%s' is not defined in the " - "control file\n", prog, d->dependant); + if (!dp) { + LogError("%s: Error: Depend service '%s' is not defined in the control file\n", prog, d->dependant); exit(1); } if (!dp->visited) { @@ -3256,21 +3263,19 @@ dlt = &s->next_depend; } } - } while(found_some && !done); + } while (found_some && !done); - if (!done) - { + if (!done) { ASSERT(depends_on); - LogError("%s: Error: Found a depend loop in the control file " - "involving the service '%s'\n", prog, depends_on->name); + LogError("%s: Error: Found a depend loop in the control file involving the service '%s'\n", prog, depends_on->name); exit(1); } ASSERT(depend_list); - servicelist= depend_list; + servicelist = depend_list; - for(s= depend_list; s; s= s->next_depend) - s->next= s->next_depend; + for (s = depend_list; s; s = s->next_depend) + s->next = s->next_depend; reset_depend(); } @@ -3280,42 +3285,87 @@ * Check if the executable exist */ static void check_exec(char *exec) { - - if(! File_exist(exec)) { - yyerror2("the executable does not exist"); - } - + if (! File_exist(exec)) + yywarning2("the executable does not exist"); } + +/* Return a valid max forward value for SIP header */ +static int verifyMaxForward(int mf) { + int max = 70; + + if (mf >= 0 && mf <= 255) + max = mf; + else + yywarning2("SIP max forward is outside the range [0..255]. Setting max forward to 70"); + + return max; +} + /* -------------------------------------------------------------------- Misc */ /* - * Cleans up an md5 string, tolower and remove byte sperators + * Cleans up an md5 string, tolower and remove byte separators */ static int cleanup_hash_string(char *hashstring) { - - int i= 0, j= 0; + int i = 0, j = 0; ASSERT(hashstring); while (hashstring[i] != '\0') { - if (isxdigit((int) hashstring[i])) { - - hashstring[j]=tolower(hashstring[i]); + hashstring[j] = tolower((int)hashstring[i]); j++; - } - i++; + } + hashstring[j] = '\0'; + return j; +} + +static void describeAction(Action_T A) { + #define BUF_CURSOR (A->description + strlen(A->description)) + #define BUF_AVAILABLE (sizeof(A->description) - strlen(A->description)) + snprintf(BUF_CURSOR, BUF_AVAILABLE, "%s", actionnames[A->id]); + if (A->id == ACTION_EXEC) { + int i = 0; + Command_T C = A->exec; + + while (C->arg[i]) { + snprintf(BUF_CURSOR, BUF_AVAILABLE, "%s%s", i ? " " : " '", C->arg[i]); + i++; + } + snprintf(BUF_CURSOR, BUF_AVAILABLE, "'"); + if (C->has_uid) + snprintf(BUF_CURSOR, BUF_AVAILABLE, " as uid %d", C->uid); + if (C->has_gid) + snprintf(BUF_CURSOR, BUF_AVAILABLE, " as gid %d", C->gid); + snprintf(BUF_CURSOR, BUF_AVAILABLE, " timeout %d cycle(s)", C->timeout); } - - hashstring[j]='\0'; + #undef BUF_CURSOR + #undef BUF_AVAILABLE +} - return j; - + +/* Return deep copy of the command */ +static Command_T copycommand(Command_T source) { + int i; + Command_T copy = NULL; + + NEW(copy); + copy->length = source->length; + copy->has_uid = source->has_uid; + copy->uid = source->uid; + copy->has_gid = source->has_gid; + copy->gid = source->gid; + copy->timeout = source->timeout; + for (i = 0; i < copy->length; i++) + copy->arg[i] = xstrdup(source->arg[i]); + copy->arg[copy->length] = NULL; + + return copy; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/README /tmp/QeMlhPoI46/monit-5.0.3/README --- monit-4.8.1/README 2006-01-21 20:57:09.000000000 +0000 +++ monit-5.0.3/README 2009-02-13 13:06:31.000000000 +0000 @@ -1,76 +1,61 @@ -QUICK START ------------ - -This readme serves as a quick start, please use `man monit' for -documentation on the program. - - -Installation: -------------- - - - ./configure - - make - - make install - - man monit - -This will install monit and the man-file in /usr/local/bin and -/usr/local/man/man1 respectively. If you want another location than -/usr/local, run configure with the prefix options, like so: -./configure --prefix= - - -Notes: ------- - -- This directory contains an example monit control file, called - monitrc. Please read it and use it as a starting point when you - write your own monit control file. - -- monit will probably work on most Unix systems. However, monit is - tested and known to compile and operate on: Darwin, Linux, FreeBSD, - NetBSD, OpenBSD and Solaris. See also the PLATFORMS file. - -- If you are upgrading from a previous monit version and experience - problems with the monit control file, please consult the UPGRADE.txt - file accompanying the software. - - -License Notes: --------------- - -This software product is licensed under the GNU General Public License -(GPL). This license gives you the freedom to use this product and have -access to the source code. You can modify this product as you see fit -and even use parts in your own software. If you choose to do so, you -also choose to accept that a modified product or software that use any -code from monit MUST also be licensed under the GNU General Public -License. - -In plain words, you can NOT sell or distribute monit, a modified -version or any software product based on any parts of monit as a -closed source product. Likewise you cannot re-license this product and -derivates under another license other than GNU GPL. - -See also the article, "Free Software Matters: Enforcing the GPL" by -Eben Moglen. http://emoglen.law.columbia.edu/publications/lu-13.html - - -Product Support: ----------------- - -If you have questions or comments about the software or documentation -please subscribe to the monit general mailing list: - - http://lists.nongnu.org/mailman/listinfo/monit-general - -You can also look in the mailing list archive for answers: - - http://lists.gnu.org/archive/html/monit-general/ - - -Professional support and contract development: ----------------------------------------------- - -The developers behind monit provides contract support and contract -development for monit. If you are looking for this kind of services -please visit us at: http://www.tildeslash.com/monit/support/ + QUICK START + ----------- + + This readme serves as a quick start, please use `man monit' for + documentation on the program. + + + Installation: + ------------- + + - ./configure + - make + - make install + - man monit + + This will install Monit and the man-file in /usr/local/bin and + /usr/local/man/man1 respectively. If you want another location than + /usr/local, run configure with the prefix options, like so: + ./configure --prefix= + + + Notes: + ------ + + - This directory contains an example Monit control file, called + monitrc. Please read it and use it as a starting point when you + write your own Monit control file. + + - Monit will probably work on most Unix systems. However, Monit is + tested and known to compile and operate on: Darwin, Linux, FreeBSD, + NetBSD, OpenBSD and Solaris. See also the PLATFORMS file. + + - If you are upgrading from a previous Monit version and experience + problems with the Monit control file, please consult the UPGRADE.txt + file accompanying the software. + + + License Notes: + -------------- + + This program is free software: you can redistribute it and/or modify it + under the terms of the GNU General Public License version 3. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the file + COPYING accompanying the Software for details. + + Questions and support: + ---------------------- + + If you have questions or comments about the software or documentation + please subscribe to the Monit general mailing list and post your + questions there. + + http://lists.nongnu.org/mailman/listinfo/monit-general + + You can also look in the mailing list archive for answers: + + http://lists.gnu.org/archive/html/monit-general/ + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/README.DEVELOPER /tmp/QeMlhPoI46/monit-5.0.3/README.DEVELOPER --- monit-4.8.1/README.DEVELOPER 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/README.DEVELOPER 2008-03-31 22:13:31.000000000 +0100 @@ -0,0 +1,135 @@ + +Project standards +----------------- + + * Bug fixes and small code changes are updated in the CVS and the + mailing list is notified later. + + * Adding new Features is the other way around. A proposal for a new + Feature is first sent to the mailing list, discussed there (and + possible voted on in case of major changes). If accepted, the CVS + is updated with the new code. + + Adding new features also include updating the monit.pod file, + the CHANGES.txt and other relevant documentation files, like + ./monitrc for configuration syntax or semantic changes. It is + important that the documentation is *always* aligned with the + lates codebase. + + * Add yourself as an author to any files you have changed + substantially. Substantially changes means adding a new method + or adding more than a couple of new code lines in a file so the + program behavior was changed. The reason is mainly that you get + the credit for the work you have done and partly that others + will know whom to blame. + + +Decision Making +--------------- + + * All Contributors are encouraged to participate in decisions, but + the decision itself is made by those that have Committer status + in the Project. In other words, the Project is a "Minimum + Threshold Meritocracy". + + * Each vote can be made in one of three flavors: + + +1 "Yes," "Agree," or "the action should be performed." On some + issues this is only binding if the voter has tested the + action on their own system(s). + + 0 "Abstain," "no opinion". An abstention may have detrimental + effects if too many people abstain. + + -1 "No." On issues where consensus is required, this vote counts + as a veto. All vetos must contain an explanation of why the + veto is appropriate. Vetos with no explanation are void. No + veto can be overruled. If you disagree with the veto, you + should lobby the person who cast the veto. Voters intending + to veto an action item should make their opinions known to + the group immediately so that the problem can be remedied as + early as possible. + + +Programs you will need to build a monit package +----------------------------------------------- + + * GNU make + * pod2html and pod2man + * flex + * yacc or bison (bison is recommended) + * Perl + * GNU tar and GNU gzip + * autoconf (v. >= 2.53) + * automake (v. >= 1.5) + * doxygen (v. >= 1.2.15) + + + +Setting up the developing environment +------------------------------------- + + 1. Run autogen.sh to create and run configure, or alternatively do: + autoheader + autoconf + ./configure + Pass any configure arguments on the command line of autogen.sh if + you are running autogen.sh. + + 2. You will now have a Makefile for building the program. The + Makefile will handle any additional source files you add to the + project and will link everything to monit. + + 3. The man file for the project is monit.pod and a monit.1 man + file is created by using perl-pod and pod2man. + + 4. To build a new release run the make_dist script. This will + create a monit-{release-number}.tar.gz file in the current + directory. + + +CVS standards +------------- + + * ONLY check-in files that will compile without any warnings. + (Change the CFLAGS macro in the Makefile to include -Wall; + CFLAGS = -Wall .. to compile with all warnings turned on) + + * Regularly do a 'cvs update -d .' to keep your local copy in sync + with the master repository. + + * To check out a certain release you can do: + + export CVS_RSH=ssh + cvs -z3 -duname@subversions.gnu.org:/cvsroot/monit/ co -r release-2-4-3 monit + + Where uname is your developer name at Savannah. + + * To check a files current tags, use: 'cvs status -v {filename}' + + + For Project Managers: + + * Every file in the project *must* be tagged with a release tag + matching the version number in configure.ac before a new release + is released. We use the following release tag standard: + release-x-y(-z) e.g. release-2-4-2 + + * The release numbers explained: + + x is for major feature releases + y is for minor feature releases + z is for bug fix releases + + * To tag a new relase, use: 'cvs tag release-x-y-z .' This will tag + all the files in current directory, and (recursively), files in + any subdirectories. You can force a tag if you had to change + files after the first tag *BUT* before the release is official: + 'cvs tag -F release-2-4-2 .' + + * Only the project manager is allowed to create and tag a new + release + + +-- +hauk@tildeslash.com diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/sendmail.c /tmp/QeMlhPoI46/monit-5.0.3/sendmail.c --- monit-4.8.1/sendmail.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/sendmail.c 2009-03-26 06:27:05.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -59,6 +69,7 @@ #include "monitor.h" #include "net.h" #include "socket.h" +#include "base64.h" /** @@ -66,7 +77,7 @@ * * @author Jan-Henrik Haukeland, * - * @version \$Id: sendmail.c,v 1.43 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: sendmail.c,v 1.67 2009/03/24 19:49:06 martinp Exp $ * * @file */ @@ -80,6 +91,9 @@ sigjmp_buf error; const char *server; int port; + const char *username; + const char *password; + Ssl_T ssl; char localhost[STRLEN]; } SendMail_T; @@ -98,29 +112,67 @@ /** * Send mail messages via SMTP * @param mail A Mail object - * @return FALSE if failed, TRUE if passed + * @return FALSE if failed, TRUE if succeeded */ int sendmail(Mail_T mail) { + int i; + int rv; Mail_T m; SendMail_T S; + char *b64 = NULL; char now[STRLEN]; - int rv; ASSERT(mail); + S.socket = NULL; if((rv = sigsetjmp(S.error, TRUE))) { + rv = FALSE; goto exit; + } else { + rv = TRUE; } + open_server(&S); + Util_getRFC822Date(NULL, now, STRLEN); - if(gethostname(S.localhost, sizeof(S.localhost)) < 0) { - snprintf(S.localhost, sizeof(S.localhost), "%s", LOCALHOST); + + if(Run.mail_hostname || gethostname(S.localhost, sizeof(S.localhost)) < 0) { + snprintf(S.localhost, sizeof(S.localhost), "%s", Run.mail_hostname?Run.mail_hostname:LOCALHOST); } + do_status(&S); - do_send(&S, "HELO %s\r\n", S.localhost); + + /* Use EHLO if TLS or Authentication is requested */ + if((S.ssl.use_ssl && S.ssl.version == SSL_VERSION_TLS) || S.username) { + do_send(&S, "EHLO %s\r\n", S.localhost); + } else { + do_send(&S, "HELO %s\r\n", S.localhost); + } do_status(&S); - for(m= mail; m; m= m->next) { + + /* Switch to TLS now if configured */ + if(S.ssl.use_ssl && S.ssl.version == SSL_VERSION_TLS) { + do_send(&S, "STARTTLS\r\n"); + do_status(&S); + if(!socket_switch2ssl(S.socket, S.ssl)) { + rv = FALSE; + goto exit; + } + } + + /* Authenticate if possible */ + if(S.username) { + unsigned char buffer[STRLEN]; + int len; + + len = snprintf((char *)buffer, STRLEN, "%c%s%c%s", '\0', S.username, '\0', S.password?S.password:""); + b64 = encode_base64(len, buffer); + do_send(&S, "AUTH PLAIN %s\r\n", b64); + do_status(&S); + } + + for(i = 0, m= mail; m; m= m->next, i++) { do_send(&S, "MAIL FROM: <%s>\r\n", m->from); do_status(&S); do_send(&S, "RCPT TO: <%s>\r\n", m->to); @@ -134,18 +186,23 @@ do_send(&S, "X-Mailer: %s %s\r\n", prog, VERSION); do_send(&S, "Mime-Version: 1.0\r\n"); do_send(&S, "Content-Type: text/plain; charset=\"iso-8859-1\"\r\n"); - do_send(&S, "Content-Transfer-Encoding: quoted-printable\r\n"); + do_send(&S, "Content-Transfer-Encoding: 8bit\r\n"); + do_send(&S, "Message-id: <%ld.%d@%s>\r\n", time(NULL), i, S.localhost); do_send(&S, "\r\n"); do_send(&S, "%s\r\n", m->message); do_send(&S, ".\r\n"); do_status(&S); } do_send(&S, "QUIT\r\n"); + do_status(&S); + exit: - if(S.socket) { + if(S.socket) socket_free(&S.socket); - } - return !rv; + + FREE(b64); + + return rv; } @@ -161,13 +218,16 @@ va_start(ap,s); msg= Util_formatString(s, ap, &len); va_end(ap); + if (socket_write(S->socket, msg, strlen(msg)) <= 0) { FREE(msg); LogError("Sendmail: error sending data to the server '%s' -- %s\n", S->server, STRERROR); siglongjmp(S->error, TRUE); } + FREE(msg); + } @@ -181,12 +241,16 @@ S->server, STRERROR); siglongjmp(S->error, TRUE); } + Util_chomp(buf); + sscanf(buf, "%d", &status); + if(status >= 400) { LogError("Sendmail error: %s\n", buf); siglongjmp(S->error, TRUE); } + } @@ -194,18 +258,39 @@ MailServer_T mta= Run.mailservers; - S->server= mta?mta->host:LOCALHOST; - S->port= mta?mta->port:PORT_SMTP; + if(mta) { + S->server = mta->host; + S->port = mta->port; + S->username = mta->username; + S->password = mta->password; + S->ssl = mta->ssl; + } else { + LogError("No mail servers are defined -- see manual for 'set mailserver' statement\n"); + siglongjmp(S->error, TRUE); + } + do { - S->socket= socket_new(S->server, S->port, SOCKET_TCP, FALSE, - Run.mailserver_timeout); + + /* wait with ssl-connect if SSL_VERSION_TLS is set (rfc2487) */ + if(!S->ssl.use_ssl || S->ssl.version == SSL_VERSION_TLS) { + S->socket= socket_new(S->server, S->port, SOCKET_TCP, FALSE, + Run.mailserver_timeout); + } else { + S->socket= socket_create_t(S->server, S->port, SOCKET_TCP, + S->ssl, Run.mailserver_timeout); + } if(S->socket) break; + LogError("Cannot open a connection to the mailserver '%s:%i' -- %s\n", S->server, S->port, STRERROR); + if(mta && (mta= mta->next)) { - S->server= mta->host; - S->port= mta->port; + S->server = mta->host; + S->port = mta->port; + S->username = mta->username; + S->password = mta->password; + S->ssl = mta->ssl; LogInfo("Trying the next mail server '%s:%i'\n", S->server, S->port); continue; } else { @@ -213,5 +298,6 @@ siglongjmp(S->error, TRUE); } } while(TRUE); + } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/sha.c /tmp/QeMlhPoI46/monit-5.0.3/sha.c --- monit-4.8.1/sha.c 2006-01-01 22:01:03.000000000 +0000 +++ monit-5.0.3/sha.c 2008-03-31 22:13:31.000000000 +0100 @@ -10,7 +10,7 @@ /* This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the - Free Software Foundation; either version 2, or (at your option) any + Free Software Foundation; either version 3, or (at your option) any later version. This program is distributed in the hope that it will be useful, diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/signal.c /tmp/QeMlhPoI46/monit-5.0.3/signal.c --- monit-4.8.1/signal.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/signal.c 2009-02-13 13:06:32.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -35,7 +45,7 @@ * @author W. Richard Stevens * @author Jan-Henrik Haukeland, * - * @version \$Id: signal.c,v 1.12 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: signal.c,v 1.18 2009/02/13 09:18:09 hauk Exp $ * * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/socket.c /tmp/QeMlhPoI46/monit-5.0.3/socket.c --- monit-4.8.1/socket.c 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/socket.c 2009-02-13 13:06:32.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include "config.h" @@ -39,6 +49,15 @@ #include #endif +#ifdef HAVE_ARPA_INET_H +#include +#endif + +#ifdef HAVE_NETINET_IN_H +#include +#endif + + #include "net.h" #include "ssl.h" #include "monitor.h" @@ -50,7 +69,7 @@ * Implementation of the socket interface. * * @author Jan-Henrik Haukeland, - * @version \$Id: socket.c,v 1.56 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: socket.c,v 1.72 2009/02/13 09:18:10 hauk Exp $ * @file */ @@ -86,35 +105,20 @@ /* ------------------------------------------------------------------ Public */ -/** - * Create a new Socket opened against host:port. The returned Socket - * is a connected socket. This method can be used to create either TCP - * or UDP sockets and the type parameter is used to select the socket - * type. If the use_ssl parameter is TRUE the socket is created using - * SSL. Only TCP sockets may use SSL. - * @param host The remote host to open the Socket against. The host - * may be a hostname found in the DNS or an IP address string. - * @param port The port number to connect to - * @param type The socket type to use (SOCKET_TCP or SOCKET_UPD) - * @param use_ssl If TRUE the socket is created supporting SSL - * @param timeout The timeout value in seconds - * @return The connected Socket or NULL if an error occurred - */ Socket_T socket_new(const char *host, int port, int type, int use_ssl, int timeout) { - Ssl_T ssl= {use_ssl, SSL_VERSION_AUTO, NULL}; + Ssl_T ssl; + + ssl.use_ssl= use_ssl; + ssl.version= SSL_VERSION_AUTO; + ssl.certmd5= NULL; return socket_create_t(host, port, type, ssl, timeout); } -/** - * Factory method for creating a new Socket from a monit Port object - * @param port The port object to create a socket from - * @return The connected Socket or NULL if an error occurred - */ Socket_T socket_create(void *port) { int s; @@ -141,46 +145,19 @@ S->host= xstrdup(p->hostname); } - if(p->SSL.use_ssl) { - if(! (S->ssl= new_ssl_connection(NULL, p->SSL.version))) { - goto ssl_error; - } - if(! embed_ssl_socket(S->ssl, S->socket)) { - goto ssl_error; - } - if(p->SSL.certmd5) { - if(! check_ssl_md5sum(S->ssl, p->SSL.certmd5)) { - goto ssl_error; - } - } + if(p->SSL.use_ssl && !socket_switch2ssl(S, p->SSL)) { + socket_free(&S); + return NULL; } S->Port= port; - return S; - -ssl_error: - socket_free(&S); - return NULL; - } return NULL; - } -/** - * Create a new Socket opened against host:port with an explicit - * ssl value for connect and read. Otherwise, same as socket_new() - * @param host The remote host to open the Socket against. The host - * may be a hostname found in the DNS or an IP address string. - * @param port The port number to connect to - * @param type The socket type to use (SOCKET_TCP or SOCKET_UPD) - * @param use_ssl if TRUE the socket is created supporting SSL - * @param timeout The timeout value in seconds - * @return The connected Socket or NULL if an error occurred - */ Socket_T socket_create_t(const char *host, int port, int type, Ssl_T ssl, int timeout) { @@ -208,46 +185,18 @@ S->host= xstrdup(host); S->connection_type= TYPE_LOCAL; - if(ssl.use_ssl) { - if(! (S->ssl= new_ssl_connection(NULL, ssl.version))) { - goto ssl_error; - } - if(! embed_ssl_socket(S->ssl, S->socket)) { - goto ssl_error; - } - if(ssl.certmd5) { - if(! check_ssl_md5sum(S->ssl, ssl.certmd5)) { - goto ssl_error; - } - } + if(ssl.use_ssl && !socket_switch2ssl(S, ssl)) { + socket_free(&S); + return NULL; } return S; - -ssl_error: - socket_free(&S); - return NULL; - } return NULL; - } -/** - * Factory method for creating a Socket object from an accepted - * socket. The given socket must be a socket created from accept(2). - * If the sslserver context is non-null the socket will support - * ssl. This method does only support TCP sockets. - * @param socket The accepted socket - * @param remote_host The remote host from where the socket connection - * originated - * @param port The localhost port number from where the connection - * arrived. - * @param sslserver A ssl server connection context, may be NULL - * @return A Socket or NULL if an error occurred - */ Socket_T socket_create_a(int socket, const char *remote_host, int port, void *sslserver) { @@ -285,11 +234,6 @@ } -/** - * Destroy a Socket object. Close the socket and release allocated - * resources. - * @param S A Socket object reference - */ void socket_free(Socket_T *S) { ASSERT(S && *S); @@ -315,11 +259,6 @@ /* ------------------------------------------------------------ Properties */ -/** - * Returns TRUE if the socket is ready for i|o - * @param S A Socket object - * @return TRUE if the socket is ready otherwise FALSE - */ int socket_is_ready(Socket_T S) { ASSERT(S); @@ -341,11 +280,15 @@ } -/** - * Get the underlying socket descriptor - * @param S A Socket object - * @return The socket descriptor - */ +int socket_is_secure(Socket_T S) { + + ASSERT(S); + + return (S->ssl != NULL); + +} + + int socket_get_socket(Socket_T S) { ASSERT(S); @@ -355,11 +298,6 @@ } -/** - * Get the type of this socket. - * @param S A Socket object - * @return The socket type - */ int socket_get_type(Socket_T S) { ASSERT(S); @@ -369,12 +307,6 @@ } -/** - * Get the Port object used to create this socket. If no Port object - * was used this method returns NULL. - * @param S A Socket object - * @return The Port object or NULL - */ void *socket_get_Port(Socket_T S) { ASSERT(S); @@ -384,11 +316,6 @@ } -/** - * Get the remote port number the socket is connected to - * @param S A Socket object - * @return The remote host's port number - */ int socket_get_remote_port(Socket_T S) { ASSERT(S); @@ -398,12 +325,6 @@ } -/** - * Get the remote host this socket is connected to. The host is either - * a host name in DNS or an IP address string. - * @param S A Socket object - * @return The remote host - */ const char *socket_get_remote_host(Socket_T S) { ASSERT(S); @@ -413,16 +334,52 @@ } +int socket_get_local_port(Socket_T S) { + struct sockaddr sock; + socklen_t len = sizeof(sock); + + ASSERT(S); + + if(getsockname (S->socket, &sock, &len ) == 0) + return ntohs (((struct sockaddr_in *)&sock)->sin_port); + return -1; + +} + + +const char *socket_get_local_host(Socket_T S) { + struct sockaddr sock; + socklen_t len = sizeof(sock); + + ASSERT(S); + + if(getsockname(S->socket, &sock, &len) == 0) + return inet_ntoa(((struct sockaddr_in *)&sock)->sin_addr); + return NULL; + +} + + /* ---------------------------------------------------------------- Public */ -/** - * Writes a character string. Use this function to send text based - * messages to a client. - * @param S A Socket_T object - * @param m A String to send to the client - * @return The bytes sent or -1 if an error occured - */ +int socket_switch2ssl(Socket_T S, Ssl_T ssl) { + + if(! (S->ssl= new_ssl_connection(NULL, ssl.version))) + return FALSE; + + if(! embed_ssl_socket(S->ssl, S->socket)) + return FALSE; + + if(ssl.certmd5 && !check_ssl_md5sum(S->ssl, ssl.certmd5)) { + LogError("md5sum of certificate does not match!"); + return FALSE; + } + + return TRUE; +} + + int socket_print(Socket_T S, const char *m, ...) { int n; @@ -445,13 +402,6 @@ } -/** - * Write size bytes from the buffer b. - * @param S A Socket_T object - * @param b The data to be written - * @param size The size of the data in b - * @return The bytes sent or -1 if an error occured - */ int socket_write(Socket_T S, void *b, int size) { int n= 0; @@ -489,12 +439,6 @@ } -/** - * Read a single byte. The byte is returned as an int in the range 0 - * to 255. - * @param S A Socket_T object - * @return The byte read, or -1 if the end of the stream has been reached - */ int socket_read_byte(Socket_T S) { ASSERT(S); @@ -509,13 +453,6 @@ } -/** - * Reads size bytes and stores them into the byte buffer pointed to by b. - * @param S A Socket_T object - * @param b A Byte buffer - * @param size The size of the buffer b - * @return The bytes read or -1 if an error occured - */ int socket_read(Socket_T S, void *b, int size) { int c; @@ -527,22 +464,11 @@ *p++= c; } - return (int)p - (int)b; + return (long)p - (long)b; } -/** - * Reads in at most one less than size characters and - * stores them into the buffer pointed to by s. Reading stops after - * an EOF or a newline. If a newline is read, it is stored into the - * buffer. A '\0' is stored after the last character in the buffer. - * @param S A Socket_T object - * @param s A character buffer to store the string in - * @param size The size of the string buffer, s - * @return s on success, and NULL on error or when end of file occurs - * while no characters have been read. - */ char *socket_readln(Socket_T S, char *s, int size) { int c; @@ -566,15 +492,11 @@ } -/** - * Clears any data that exists in the input buffer - * @param S A Socket_T object - */ void socket_reset(Socket_T S) { ASSERT(S); - /* Also throw away any pending incomming data */ + /* Throw away any pending incomming data */ while(fill(S, 0) > 0); S->offset= 0; S->length= 0; @@ -582,6 +504,12 @@ } +int socket_shutdown_write(Socket_T S) { + ASSERT(S); + return (shutdown(S->socket, 1) == 0); +} + + /* --------------------------------------------------------------- Private */ @@ -606,10 +534,10 @@ while(RBUFFER_SIZE > S->length) { if(S->ssl) { - n= recv_ssl_socket(S->ssl, &S->buffer[S->length], + n= recv_ssl_socket(S->ssl, S->buffer + S->length, RBUFFER_SIZE-S->length, timeout); } else { - n= sock_read(S->socket, &S->buffer[S->length], + n= sock_read(S->socket, S->buffer + S->length, RBUFFER_SIZE-S->length, timeout); } @@ -618,15 +546,12 @@ if(n > 0) { S->length+= n; continue; - } - - if(n==0) break; - - if(n < 0) { + } else if(n < 0) { if(errno == EAGAIN || errno == EWOULDBLOCK || S->type==SOCK_DGRAM) break; return -1; - } - + } else + break; + } return S->length; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/socket.h /tmp/QeMlhPoI46/monit-5.0.3/socket.h --- monit-4.8.1/socket.h 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/socket.h 2009-02-13 13:06:32.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -30,7 +40,7 @@ * communication between two machines. * * @author Jan-Henrik Haukeland, - * @version \$Id: socket.h,v 1.22 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: socket.h,v 1.34 2009/02/13 09:18:10 hauk Exp $ * @file */ @@ -71,7 +81,7 @@ * may be a hostname found in the DNS or an IP address string. * @param port The port number to connect to * @param type The socket type to use (SOCKET_TCP or SOCKET_UPD) - * @param ssl If defined the socket is created supporting SSL + * @param ssl Options for SSL * @param timeout The timeout value in seconds * @return The connected Socket or NULL if an error occurred */ @@ -113,6 +123,14 @@ /** + * Return TRUE if the connection is encrypted with SSL + * @param S A Socket object + * @return TRUE if SSL is used otherwise FALSE + */ +int socket_is_secure(Socket_T S); + + +/** * Get the underlying socket descriptor * @param S A Socket object * @return The socket descriptor @@ -155,6 +173,31 @@ /** + * Get the local (ephemeral) port number this socket is using. + * @param S A Socket object + * @return The port number on success otherwise -1 + */ +int socket_get_local_port(Socket_T S); + + +/** + * Get the local interface IP address + * @param S A Socket object + * @return The local host interface address or NULL if an error occurred + */ +const char *socket_get_local_host(Socket_T S); + + +/** + * Switches a connected socket to ssl. + * @param S The already connected socket + * @param ssl Options for ssl + * @return TRUE if ssl is ready otherwise FALSE + */ +int socket_switch2ssl(Socket_T S, Ssl_T ssl); + + +/** * Writes a character string. Use this function to send text based * messages to a client. * @param S A Socket_T object @@ -214,4 +257,12 @@ void socket_reset(Socket_T S); +/** + * Shut down the writing side of the socket + * @param S A Socket object + * @return TRUE if the write side was shutdown otherwise FALSE + */ +int socket_shutdown_write(Socket_T S); + + #endif diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/spawn.c /tmp/QeMlhPoI46/monit-5.0.3/spawn.c --- monit-4.8.1/spawn.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/spawn.c 2009-05-25 20:02:56.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -77,7 +87,7 @@ * @author Jan-Henrik Haukeland, * @author Peter Holdaway * - * @version \$Id: spawn.c,v 1.48 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: spawn.c,v 1.59 2009/05/04 20:18:20 martinp Exp $ * @file */ @@ -93,7 +103,10 @@ fork_ERROR = 0x8 }; -typedef struct En {char env[STRLEN]; struct En *next;} *Environment_T; +typedef struct En { + char env[STRLEN]; + struct En *next; +} *Environment_T; /* -------------------------------------------------------------- Prototypes */ @@ -236,7 +249,6 @@ * We do not need to wait for the second child since we forked twice, * the init system-process will wait for it. So we just return */ - return ; } @@ -268,6 +280,11 @@ snprintf(buf, STRLEN, "MONIT_EVENT=%s", event?event:"No Event"); push_monit_environment(buf, e); + + if (s->eventlist) { + snprintf(buf, STRLEN, "MONIT_DESCRIPTION=%s", s->eventlist->message); + push_monit_environment(buf, e); + } if (s->type == TYPE_PROCESS) { snprintf(buf, STRLEN, "MONIT_PROCESS_PID=%d", Util_isProcessRunning(s)); @@ -289,7 +306,8 @@ static void push_monit_environment(char const *env, Environment_T *list) { Environment_T e= NULL; NEW(e); - strncpy(e->env, env, STRLEN); + strncpy(e->env, env, sizeof(e->env) - 1); + e->env[sizeof(e->env) - 1] = 0; e->next= *list; *list= e; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/ssl.c /tmp/QeMlhPoI46/monit-5.0.3/ssl.c --- monit-4.8.1/ssl.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/ssl.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,27 +1,39 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ -/* client socket clean up -> close */ -/* close client socket */ #include + +#ifdef HAVE_OPENSSL + + #ifdef HAVE_STDIO_H #include #endif @@ -78,7 +90,6 @@ #endif -#ifdef HAVE_OPENSSL #include #include #include @@ -87,44 +98,37 @@ #include #include #include -#endif #include "monitor.h" #include "net.h" #include "ssl.h" -#ifdef HAVE_OPENSSL -/* Initialization code */ -static int ssl_thread_start(void); -static int ssl_thread_stop(void); -static int unsigned long ssl_thread_id(void); -static void ssl_mutex_lock(int mode, int n, const char *file, int line); -static int ssl_entropy_start(void); -static int ssl_entropy_stop(void); +/* -------------------------------------------------------------- Prototypes */ -static pthread_mutex_t ssl_mutex= PTHREAD_MUTEX_INITIALIZER; -static pthread_mutex_t *ssl_mutex_table; -static int ssl_initialized= FALSE; -/* Connection verification code */ +#define SSLERROR ERR_error_string(ERR_get_error(),NULL) + +static int unsigned long ssl_thread_id(); +static void ssl_mutex_lock(int, int n, const char *, int ); static int verify_init(ssl_server_connection *); static int verify_callback(int, X509_STORE_CTX *); -static int verify_callback_noclientcert(int, X509_STORE_CTX *); -static void verify_info(ssl_server_connection *); static int check_preverify(X509_STORE_CTX *); +static void cleanup_ssl_socket(ssl_connection *); +static void cleanup_ssl_server_socket(ssl_server_connection *); +static int handle_error(int, ssl_connection *); +static int update_ssl_cert_data(ssl_connection *); +static ssl_server_connection *new_ssl_server_connection(char *, char *); +static int start_ssl(); + +static int allow_self_certification = FALSE; +static int ssl_initialized = FALSE; +static pthread_mutex_t ssl_mutex = PTHREAD_MUTEX_INITIALIZER; +static pthread_mutex_t *ssl_mutex_table; -static int allow_self_certfication= FALSE; -static int allow_any_purpose= FALSE; - -/* Error handling */ -static int handle_connection_error(int, ssl_connection *, char *, int); -static void handle_ssl_error(char *); -#define SSLERROR ERR_error_string(ERR_get_error(),NULL) -#define ALLOW_ANY_PURPOSE +/* ------------------------------------------------------------- Definitions */ -#endif /** * Number of random bytes to obtain @@ -149,22 +153,23 @@ * * @author Christian Hopp * @author Jan-Henrik Haukeland, + * @author Martin Pala, * - * @version \$Id: ssl.c,v 1.46 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: ssl.c,v 1.69 2009/05/03 21:29:42 martinp Exp $ * * @file */ +/** + * For some of the code I was enlightened by: + * + * An Introduction to OpenSSL Programming, Part I of II + * + * by Eric Rescorla + * Linux Journal 9/2001 + * http://www.linuxjournal.com/article.php?sid=4822 + */ - /* - * For some of the code I was enlightened by: - * - * An Introduction to OpenSSL Programming, Part I of II - * - * by Eric Rescorla - * Linux Journal 9/2001 - * http://www.linuxjournal.com/article.php?sid=4822 - */ /* ------------------------------------------------------------------ Public */ @@ -174,146 +179,73 @@ * @param socket the socket to be used. * @return The ssl connection or NULL if an error occured. */ -int embed_ssl_socket (ssl_connection *ssl, int socket) { - -#ifdef HAVE_OPENSSL +int embed_ssl_socket(ssl_connection *ssl, int socket) { int ssl_error; time_t ssl_time; - if ( ssl == NULL ) { - + if(!ssl) return FALSE; - - } - if (!ssl_initialized) { - + if(!ssl_initialized) start_ssl(); - } - - if ( socket >= 0 ) { - + if(socket >= 0) { ssl->socket= socket; - } else { - - LogError("%s: embed_ssl_socket (): Socket error!\n", prog); + LogError("%s: Socket error!\n", prog); goto sslerror; } - if ((ssl->handler= SSL_new (ssl->ctx)) == NULL ) { - - handle_ssl_error("embed_ssl_socket()"); - LogError("%s: embed_ssl_socket (): Cannot initialize the SSL handler!\n", - prog); + if((ssl->handler= SSL_new (ssl->ctx)) == NULL) { + LogError("%s: Cannot initialize the SSL handler -- %s\n", prog, SSLERROR); goto sslerror; - } set_noblock(ssl->socket); if((ssl->socket_bio= BIO_new_socket(ssl->socket, BIO_NOCLOSE)) == NULL) { - - handle_ssl_error("embed_ssl_socket()"); - LogError("%s: embed_ssl_socket (): Cannot generate IO buffer!\n", prog); + LogError("%s: Cannot generate IO buffer -- %s\n", prog, SSLERROR); goto sslerror; - } SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio); - - ssl_time=time(NULL); + ssl_time= time(NULL); while((ssl_error= SSL_connect (ssl->handler)) < 0) { - if((time(NULL)-ssl_time) > SSL_TIMEOUT) { - - LogError("%s: embed_ssl_socket (): SSL service timeout!\n", - prog); + if((time(NULL) - ssl_time) > SSL_TIMEOUT) { + LogError("%s: SSL service timeout!\n", prog); goto sslerror; - } - if (!handle_connection_error(ssl_error, ssl, "embed_ssl_socket()", SSL_TIMEOUT)) { - + if(!handle_error(ssl_error, ssl)) goto sslerror; - } - - if (!BIO_should_retry(ssl->socket_bio)) { - + if(!BIO_should_retry(ssl->socket_bio)) goto sslerror; - - } - } ssl->cipher= (char *) SSL_get_cipher(ssl->handler); - if (! update_ssl_cert_data(ssl)) { - - LogError("%s: embed_ssl_socket (): Cannot get the SSL server certificate!\n", - prog); + if(! update_ssl_cert_data(ssl)) { + LogError("%s: Cannot get the SSL server certificate!\n", prog); goto sslerror; - } return TRUE; - sslerror: +sslerror: cleanup_ssl_socket(ssl); - return FALSE; - -#else return FALSE; -#endif } /** - * Updates some data in the ssl connection - * @param ssl reference to ssl connection - * @return TRUE, if not successful FALSE - */ -int update_ssl_cert_data(ssl_connection *ssl) { - -#ifdef HAVE_OPENSSL - - unsigned char md5[EVP_MAX_MD_SIZE]; - - ASSERT(ssl); - - if ((ssl->cert = SSL_get_peer_certificate (ssl->handler)) == NULL) { - - return FALSE; - - } - - /* RATS: ignore */ /* buffer is dynamically allocated */ - ssl->cert_issuer=X509_NAME_oneline (X509_get_issuer_name (ssl->cert),0,0); - /* RATS: ignore */ /* buffer is dynamically allocated */ - ssl->cert_subject=X509_NAME_oneline (X509_get_subject_name (ssl->cert),0,0); - X509_digest(ssl->cert,EVP_md5(), md5, &ssl->cert_md5_len); - ssl->cert_md5= (unsigned char *) xstrdup((char *) md5); - - return TRUE; - -#else - - return FALSE; - -#endif - -} - - -/** * Compare certificate with given md5 sum * @param ssl reference to ssl connection * @param md5sum string of the md5sum to test against @@ -321,748 +253,278 @@ */ int check_ssl_md5sum(ssl_connection *ssl, char *md5sum) { -#ifdef HAVE_OPENSSL unsigned int i= 0; ASSERT(md5sum); while (( i < ssl->cert_md5_len ) && ( md5sum[2*i] != '\0' ) && - ( md5sum[2*i+1] != '\0' )) { + ( md5sum[2*i+1] != '\0' )) + { unsigned char c= (md5sum[2*i] > 57 ? md5sum[2*i] - 87 : md5sum[2*i] - 48) * 0x10+ (md5sum[2*i+1] > 57 ? md5sum[2*i+1] - 87 : md5sum[2*i+1] - 48); - if ( c!=ssl->cert_md5[i] ) { - + if(c != ssl->cert_md5[i]) return FALSE; - - } i ++; } -#endif - return TRUE; } /** - * Open a socket against hostname:port with the given protocol. - * This socket is sent through a ssl connection. - * The protocol is normaly either SOCK_STREAM or SOCK_DGRAM. - * @param hostname The host to open a socket at - * @param port The port number to connect to - * @param protocol Socket protocol to use (SOCK_STREAM|SOCK_DGRAM) - * @param sslversion Version of the ssl layer auto, SSLv3, SSLv2 or TLS - * @return The ssl connection or NULL if an error occured. + * Closes a ssl connection (ssl socket + net socket) + * @param ssl ssl connection + * @return TRUE, or FALSE if an error has occured. */ -ssl_connection *create_ssl_socket(char *hostname, int port, int protocol, int sslversion) { - -#ifdef HAVE_OPENSSL - - int socket; - ssl_connection *ssl = new_ssl_connection(NULL, sslversion); - - ASSERT(hostname); +int close_ssl_socket(ssl_connection *ssl) { - if (!ssl_initialized) { + int rv; - start_ssl(); + if(!ssl) + return FALSE; + if(! (rv= SSL_shutdown(ssl->handler))) { + shutdown(ssl->socket, 1); + rv= SSL_shutdown(ssl->handler); } - if((socket= create_socket(hostname, port, protocol, NET_TIMEOUT)) == -1) { - - LogError("%s: create_ssl_socket(): Cannot connect!\n", prog); - goto sslerror; - - } + close_socket(ssl->socket); + cleanup_ssl_socket(ssl); - if (! embed_ssl_socket(ssl, socket)) { + return (rv > 0)?TRUE:FALSE; - goto sslerror; +} - } - return ssl; +/** + * Garbage collection for non-reusable parts a ssl connection + * @param ssl ssl connection + */ +void delete_ssl_socket(ssl_connection *ssl) { - sslerror: + if(!ssl) + return; - return NULL; + cleanup_ssl_socket(ssl); -#else + if(ssl->ctx && !ssl->accepted) + SSL_CTX_free(ssl->ctx); - return NULL; + ssl->ctx= NULL; -#endif + FREE(ssl); } /** - * Closes a ssl connection (ssl socket + net socket) - * @param ssl ssl connection - * @return TRUE, or FALSE if an error has occured. + * Initializes a ssl connection for server use. + * @param pemfilename Filename for the key/cert file + * @return An ssl connection, or NULL if an error occured. */ -int close_ssl_socket(ssl_connection *ssl) { - -#ifdef HAVE_OPENSSL +ssl_server_connection *init_ssl_server(char *pemfile, char *clientpemfile) { - int error; + ssl_server_connection *ssl_server; - if(ssl == NULL) { + ASSERT(pemfile); - return FALSE; + if(!ssl_initialized) + start_ssl(); + ssl_server = new_ssl_server_connection(pemfile, clientpemfile); + + if(!(ssl_server->method= SSLv23_server_method())) { + LogError("%s: Cannot initialize the SSL method -- %s\n", prog, SSLERROR); + goto sslerror; } - if (! (error= SSL_shutdown (ssl->handler))) { - - shutdown(ssl->socket,1 ); - error= SSL_shutdown (ssl->handler); - + if(!(ssl_server->ctx= SSL_CTX_new(ssl_server->method))) { + LogError("%s: Cannot initialize SSL server certificate handler -- %s\n", + prog, SSLERROR); + goto sslerror; } - close_socket(ssl->socket); - cleanup_ssl_socket(ssl); + if(SSL_CTX_use_certificate_file(ssl_server->ctx, pemfile, + SSL_FILETYPE_PEM) != 1) { + LogError("%s: Cannot initialize SSL server certificate -- %s\n", + prog, SSLERROR); + goto sslerror; + } - if ( error<=0 ) { - - return FALSE; + if(SSL_CTX_use_PrivateKey_file(ssl_server->ctx, pemfile, + SSL_FILETYPE_PEM) != 1) { + LogError("%s: Cannot initialize SSL server private key -- %s\n", + prog, SSLERROR); + goto sslerror; + } - } else { + if(SSL_CTX_check_private_key(ssl_server->ctx) != 1) { + LogError("%s: The private key doesn't match the certificate public key -- %s\n", + prog, SSLERROR); + goto sslerror; + } - return TRUE; + /* + * We need this to force transmission of client certs + */ + if (!verify_init(ssl_server)) { + LogError("%s: Verification engine was not properly initialized -- %s\n", + prog, SSLERROR); + goto sslerror; + } + if(ssl_server->clientpemfile) { + STACK_OF(X509_NAME) *stack= SSL_CTX_get_client_CA_list(ssl_server->ctx); + LogInfo("%s: Found %d client certificates\n", prog, sk_X509_NAME_num(stack)); } -#else + return ssl_server; - return FALSE; +sslerror: -#endif + delete_ssl_server_socket(ssl_server); + + return NULL; } /** - * Garbage collection for non reusable parts of the ssl connection - * @param ssl ssl connection - * @return TRUE, or FALSE if an error has occured. + * Deletes a SSL server connection. + * @param ssl_server data for ssl server connection */ -int cleanup_ssl_socket(ssl_connection *ssl) { - -#ifdef HAVE_OPENSSL +void delete_ssl_server_socket(ssl_server_connection *ssl_server) { - if(ssl==NULL) { + if(!ssl_server) + return; - return FALSE; - - } + cleanup_ssl_server_socket(ssl_server); - if (ssl->cert != NULL) { + if(ssl_server->ctx) + SSL_CTX_free(ssl_server->ctx); - X509_free(ssl->cert); - ssl->cert= NULL; + FREE(ssl_server); - } +} - if (ssl->handler != NULL) { - - SSL_free(ssl->handler); - ssl->handler= NULL; - } +/** + * Inserts an SSL connection in the connection list of a server. + * @param ssl_server data for ssl server connection + * @return new SSL connection for the connection, or NULL if failed + */ +ssl_connection *insert_accepted_ssl_socket(ssl_server_connection *ssl_server) { - if (ssl->socket_bio != NULL) { - - /* - * no BIO_free(ssl->socket_bio); necessary, because BIO is freed - * by ssl->handler - */ + ssl_connection *ssl; - ssl->socket_bio= NULL; + ASSERT(ssl_server); - } + if(!ssl_initialized) + start_ssl(); - if (ssl->cert_issuer != NULL) { + NEW(ssl); + ssl->method= NULL; + ssl->handler= NULL; + ssl->cert= NULL; + ssl->cipher= NULL; + ssl->socket= 0; + ssl->next= NULL; + ssl->accepted= FALSE; + ssl->cert_md5= NULL; + ssl->cert_md5_len= 0; + ssl->clientpemfile= NULL; - FREE(ssl->cert_issuer); - ssl->cert_issuer= NULL; + if(ssl_server->clientpemfile!=NULL) + ssl->clientpemfile= xstrdup(ssl_server->clientpemfile); - } + LOCK(ssl_mutex); - if (ssl->cert_subject != NULL) { + ssl->prev= NULL; + ssl->next= ssl_server->ssl_conn_list; - FREE(ssl->cert_subject); - ssl->cert_subject= NULL; + if( ssl->next != NULL ) + ssl->next->prev= ssl; - } + END_LOCK; - if (ssl->cert_md5 != NULL) { + ssl_server->ssl_conn_list= ssl; + ssl->ctx= ssl_server->ctx; + ssl->accepted= TRUE; - FREE(ssl->cert_md5); - ssl->cert_md5= NULL; + return ssl; - } +} - if(ssl->clientpemfile!=NULL) { - FREE(ssl->clientpemfile); - ssl->clientpemfile= NULL; +/** + * Closes an accepted SSL server connection and deletes it form the + * connection list. + * @param ssl_server data for ssl server connection + * @param ssl data the connection to be deleted + */ +void close_accepted_ssl_socket(ssl_server_connection *ssl_server, + ssl_connection *ssl) { - } + if(!ssl || !ssl_server) + return; - return TRUE; + close_socket(ssl->socket); + + LOCK(ssl_mutex); -#else + if(ssl->prev == NULL) + ssl_server->ssl_conn_list= ssl->next; + else + ssl->prev->next= ssl->next; - return FALSE; + END_LOCK; -#endif + delete_ssl_socket(ssl); } /** - * Garbage collection for non-reusable parts a ssl connection + * Embeds an accepted server socket in an existing ssl connection. * @param ssl ssl connection + * @param socket the socket to be used. * @return TRUE, or FALSE if an error has occured. */ -int delete_ssl_socket(ssl_connection *ssl) { +int embed_accepted_ssl_socket(ssl_connection *ssl, int socket) { -#ifdef HAVE_OPENSSL + int ssl_error; + time_t ssl_time; - if(ssl==NULL) { + ASSERT(ssl); + + ssl->socket= socket; + + if(!ssl_initialized) + start_ssl(); + if(!(ssl->handler= SSL_new(ssl->ctx))) { + LogError("%s: Cannot initialize the SSL handler -- %s\n", prog, SSLERROR); return FALSE; + } + if(socket < 0) { + LogError("%s: Socket error!\n", prog); + return FALSE; } - cleanup_ssl_socket(ssl); + set_noblock(ssl->socket); - if((ssl->ctx != NULL) && (! ssl->accepted)) { - - SSL_CTX_free(ssl->ctx); - ssl->ctx=NULL; - - } else { - - ssl->ctx=NULL; - - } - - FREE(ssl); - - ssl=NULL; - - return TRUE; - -#else - - return TRUE; - -#endif - -} - - -/** - * Initializes a ssl connection for server use. - * @param pemfilename Filename for the key/cert file - * @return An ssl connection, or NULL if an error occured. - */ -ssl_server_connection *init_ssl_server (char *pemfile, char *clientpemfile) { - -#ifdef HAVE_OPENSSL - - ssl_server_connection *ssl_server = new_ssl_server_connection(pemfile, - clientpemfile); - - ASSERT(pemfile); - - if (!ssl_initialized) { - - start_ssl(); - - } - - if ((ssl_server->method= SSLv23_server_method()) == NULL ) { - - handle_ssl_error("init_ssl_server()"); - LogError("%s: init_ssl_server (): Cannot initialize the SSL method!\n", - prog); - goto sslerror; - - } - - if ((ssl_server->ctx= SSL_CTX_new(ssl_server->method)) == NULL ) { - - handle_ssl_error("init_ssl_server()"); - LogError("%s: init_ssl_server (): Cannot initialize SSL server" - " certificate handler!\n" - , prog); - goto sslerror; - - } - - if (SSL_CTX_use_certificate_file(ssl_server->ctx, pemfile, - SSL_FILETYPE_PEM) <= 0) { - - handle_ssl_error("init_ssl_server()"); - LogError("%s: init_ssl_server(): Cannot initialize SSL server" - " certificate!\n", prog); - goto sslerror; - - } - - if (SSL_CTX_use_PrivateKey_file(ssl_server->ctx, pemfile, - SSL_FILETYPE_PEM) <= 0) { - - handle_ssl_error("init_ssl_server()"); - LogError("%s: init_ssl_server(): Cannot initialize SSL server" - " private key!\n", prog); - goto sslerror; - - } - - if (!SSL_CTX_check_private_key(ssl_server->ctx)) { - - handle_ssl_error("init_ssl_server()"); - LogError("%s: init_ssl_server(): The private key does not match the" - " certificate public key!\n", prog); - goto sslerror; - - } - - /* - * We need this to force transmission of client certs - */ - if (!verify_init(ssl_server)) { - - handle_ssl_error("init_ssl_server()"); - LogError("%s: init_ssl_server(): Verification engine was not" - " properly initialized!\n", prog); - goto sslerror; - - } - - if (ssl_server->clientpemfile != NULL) { - - verify_info(ssl_server); - - } - - return ssl_server; - - sslerror: - - cleanup_ssl_server_socket(ssl_server); - return NULL; - -#else - - return NULL; - -#endif - -} - - -/** - * Creates a server socket (SOCK_STREAM type) and binds it to the - * specified local port number. The socket get a ssl layer for - * data transmission. - * @param pemfilename Filename for the key/cert file - * @param port The localhost port number to open - * @param backlog The maximum queue length for incomming connections - * @param bindAddr the local address the server will bind to - * @return An ssl connection ready for accept, or NULL if an error occured. - */ -ssl_server_connection *create_ssl_server_socket(char *pemfile, int port, - int backlog, - char *bindAddr, - char *clientpemfile) { - -#ifdef HAVE_OPENSSL - - int socket; - ssl_server_connection *ssl_server; - - ASSERT(pemfile); - ASSERT(bindAddr); - - if (!ssl_initialized) { - - start_ssl(); - - } - - if ((socket= create_server_socket(port, backlog, bindAddr)) == -1) { - - LogError("%s: create_ssl_server_socket(): Cannot connect!\n", prog); - goto sslerror; - - } - - if (( ssl_server= init_ssl_server(pemfile, clientpemfile)) == NULL) { - - goto sslerror; - - } - - ssl_server->server_socket=socket; - - return ssl_server; - - sslerror: - - return NULL; - -#else - - return FALSE; - -#endif - -} - - -/** - * Closes a ssl server connection (ssl socket + net socket) - * @param ssl ssl connection - * @return TRUE, or FALSE if an error has occured. - */ -int close_ssl_server_socket(ssl_server_connection *ssl_server) { - -#ifdef HAVE_OPENSSL - - if (ssl_server==NULL) { - - return FALSE; - - } - - close(ssl_server->server_socket); - cleanup_ssl_server_socket(ssl_server); - - return TRUE; - -#else - - return FALSE; - -#endif -} - - -/** - * Garbage collection for a SSL server connection. - * @param ssl_server data for ssl server connection - * @return TRUE, or FALSE if an error has occured. - */ -int cleanup_ssl_server_socket(ssl_server_connection *ssl_server) { - -#ifdef HAVE_OPENSSL - - ssl_connection *ssl; - - if(ssl_server==NULL) { - - return FALSE; - - } - - if(ssl_server->pemfile!=NULL) { - - FREE(ssl_server->pemfile); - ssl_server->pemfile= NULL; - - } - - if(ssl_server->clientpemfile!=NULL) { - - FREE(ssl_server->clientpemfile); - ssl_server->clientpemfile= NULL; - - } - - while (ssl_server->ssl_conn_list!=NULL) { - - ssl = ssl_server->ssl_conn_list; - - ssl_server->ssl_conn_list=ssl_server->ssl_conn_list->next; - - close_accepted_ssl_socket(ssl_server, ssl); - - } - - return TRUE; - -#else - - return TRUE; - -#endif - -} - - -/** - * Deletes a SSL server connection. - * @param ssl_server data for ssl server connection - * @return TRUE, or FALSE if an error has occured. - */ -int delete_ssl_server_socket(ssl_server_connection *ssl_server) { - -#ifdef HAVE_OPENSSL - - if(ssl_server==NULL) { - - return FALSE; - - } - - cleanup_ssl_server_socket(ssl_server); - - if (ssl_server->ctx != NULL) { - - SSL_CTX_free(ssl_server->ctx); - - } - - FREE(ssl_server); - ssl_server=NULL; - - return TRUE; - -#else - - return TRUE; - -#endif - -} - - -/** - * Inserts an SSL connection in the connection list of a server. - * @param ssl_server data for ssl server connection - * @return new SSL connection for the connection, or NULL if failed - */ -ssl_connection *insert_accepted_ssl_socket(ssl_server_connection *ssl_server) { - -#ifdef HAVE_OPENSSL - - ssl_connection *ssl = (ssl_connection *) NEW(ssl); - - ASSERT(ssl_server); - - if (!ssl_initialized) { - - start_ssl(); - - } - - ssl->method= NULL; - ssl->handler= NULL; - ssl->cert= NULL; - ssl->cipher= NULL; - ssl->socket= 0; - ssl->next= NULL; - ssl->accepted= FALSE; - ssl->cert_md5= NULL; - ssl->cert_md5_len= 0; - ssl->clientpemfile= NULL; - - if(ssl_server->clientpemfile!=NULL) { - - ssl->clientpemfile= xstrdup(ssl_server->clientpemfile); - - } - - if(( ssl_server == NULL ) || (ssl == NULL)) { - - return NULL; - - } - - LOCK(ssl_mutex); - - ssl->prev=NULL; - ssl->next=ssl_server->ssl_conn_list; - - if( ssl->next != NULL ) { - - ssl->next->prev=ssl; - - } - - END_LOCK; - - ssl_server->ssl_conn_list=ssl; - ssl->ctx=ssl_server->ctx; - ssl->accepted=TRUE; - - return ssl; - -#else - - return NULL; - -#endif - -} - - -/** - * Closes an accepted SSL server connection and deletes it form the - * connection list. - * @param ssl_server data for ssl server connection - * @param ssl data the connection to be deleted - * @return TRUE, or FALSE if an error has occured. - */ -int close_accepted_ssl_socket(ssl_server_connection *ssl_server, - ssl_connection *ssl) { - -#ifdef HAVE_OPENSSL - - int return_value= TRUE; - - if ((ssl == NULL) || (ssl_server == NULL)) { - - return FALSE; - - } - - close_socket(ssl->socket); - - if (! delete_accepted_ssl_socket(ssl_server, ssl)) { - - return_value= FALSE; - - } - - return return_value; - -#else - - return FALSE; - -#endif - -} - - -/** - * Deletes an accepted SSL server connection from the connection - * list. - * @param ssl_server data for ssl server connection - * @param ssl data the connection to be deleted - * @return TRUE, or FALSE if an error has occured. - */ -int delete_accepted_ssl_socket (ssl_server_connection *ssl_server, - ssl_connection *ssl) { - -#ifdef HAVE_OPENSSL - - int return_value= TRUE; - - if ((ssl == NULL) || (ssl_server == NULL)) { - return FALSE; - } - - LOCK(ssl_mutex); - - if ( ssl->prev == NULL ) { - - ssl_server->ssl_conn_list=ssl->next; - - } else { - - ssl->prev->next=ssl->next; - - } - - END_LOCK; - - if(! cleanup_ssl_socket(ssl)) { - - return_value= FALSE; - - } - - if (! delete_ssl_socket(ssl)) { - - return_value= FALSE; - - } - - return return_value; - -#else - - return FALSE; - -#endif - -} - - -/** - * Embeds an accepted server socket in an existing ssl connection. - * @param ssl ssl connection - * @param socket the socket to be used. - * @return TRUE, or FALSE if an error has occured. - */ -int embed_accepted_ssl_socket(ssl_connection *ssl, int socket) { - -#ifdef HAVE_OPENSSL - - int ssl_error; - time_t ssl_time; - - ASSERT(ssl); - - ssl->socket=socket; - - if(!ssl_initialized) { - - start_ssl(); - - } - - if((ssl->handler= SSL_new(ssl->ctx)) == NULL) { - - handle_ssl_error("embed_accepted_ssl_socket()"); - LogError("%s: embed_accepted_ssl_socket(): Cannot initialize the" - " SSL handler!\n", prog); - goto sslerror; - - } - - if(socket < 0) { - - LogError("Socket error!\n"); - goto sslerror; - - } - - set_noblock(ssl->socket); - - if((ssl->socket_bio= BIO_new_socket(ssl->socket, BIO_NOCLOSE)) == NULL) { - - handle_ssl_error("embed_accepted_ssl_socket()"); - LogError("%s: embed_accepted_ssl_socket(): Cannot generate IO buffer!\n", - prog); - goto sslerror; - - } + if(!(ssl->socket_bio= BIO_new_socket(ssl->socket, BIO_NOCLOSE))) { + LogError("%s: Cannot generate IO buffer -- %s\n", prog, SSLERROR); + return FALSE; + } SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio); @@ -1070,113 +532,34 @@ while((ssl_error= SSL_accept(ssl->handler)) < 0) { - if((time(NULL)-ssl_time) > SSL_TIMEOUT) { - - LogError("%s: embed_accepted_ssl_socket(): SSL service timeout!\n", - prog); - goto sslerror; - - } - - if (!handle_connection_error(ssl_error, ssl, - "embed_accepted_ssl_socket()", SSL_TIMEOUT)) { - - goto sslerror; - + if((time(NULL) - ssl_time) > SSL_TIMEOUT) { + LogError("%s: SSL service timeout!\n", prog); + return FALSE; } - if (!BIO_should_retry(ssl->socket_bio)) { + if(!handle_error(ssl_error, ssl)) + return FALSE; - goto sslerror; - - } + if(!BIO_should_retry(ssl->socket_bio)) + return FALSE; } - ssl->cipher= (char *) SSL_get_cipher(ssl->handler); - - if(!update_ssl_cert_data(ssl) && (ssl->clientpemfile != NULL)) { + ssl->cipher= (char *)SSL_get_cipher(ssl->handler); - LogError("%s: The client did not supply a required client certificate!\n", + if(!update_ssl_cert_data(ssl) && ssl->clientpemfile) { + LogError("%s: The client did not supply a required client certificate!\n", prog); - goto sslerror; - + return FALSE; } - if (SSL_get_verify_result(ssl->handler)>0) { - - LogError("%s: Verification of the certificate has failed!\n", - prog); - goto sslerror; - + if(SSL_get_verify_result(ssl->handler) > 0) { + LogError("%s: Verification of the certificate has failed!\n", prog); + return FALSE; } return TRUE; - sslerror: - - return FALSE; - -#else - - return FALSE; - -#endif - -} - - -/** - * Do "accept" for a ssl server socket - * @param ssl ssl connection - * @return the ssl_connection of the socket, NULL in case of an error - */ -ssl_connection *accept_ssl_socket(ssl_server_connection *ssl_server) { - -#ifdef HAVE_OPENSSL - - int no_crypt_socket; - unsigned int len= sizeof(struct sockaddr_in); - struct sockaddr_in in; - - ASSERT(ssl_server); - - no_crypt_socket= accept(ssl_server->server_socket, (struct sockaddr*)&in, - &len); - - if(no_crypt_socket >= 0) { - - ssl_connection *ssl = insert_accepted_ssl_socket(ssl_server); - - if(ssl == NULL) { - - return NULL; - - } - - if(embed_accepted_ssl_socket(ssl, no_crypt_socket)) { - - return ssl; - - } else { - - close_accepted_ssl_socket(ssl_server, ssl); - return NULL; - - } - - } else { - - return NULL; - - } - -#else - - return NULL; - -#endif - } @@ -1190,7 +573,6 @@ */ int send_ssl_socket(ssl_connection *ssl, void *buffer, int len, int timeout) { -#ifdef HAVE_OPENSSL int n= 0; ASSERT(ssl); @@ -1201,17 +583,7 @@ BIO_should_retry(ssl->socket_bio) && can_write(ssl->socket, timeout)); - if(n <= 0) { - return -1; - } - - return n; - -#else - - return -1; - -#endif + return (n > 0)?n:-1; } @@ -1226,7 +598,6 @@ */ int recv_ssl_socket(ssl_connection *ssl, void *buffer, int len, int timeout) { -#ifdef HAVE_OPENSSL int n= 0; ASSERT(ssl); @@ -1237,48 +608,8 @@ BIO_should_retry(ssl->socket_bio) && can_read(ssl->socket, timeout)); - if(n < 0) { - return -1; - } - - return n; - -#else - - return -1; + return (n >= 0)?n:-1; -#endif - -} - - -/** - * Start SSL support library. It has to be run before the SSL support - * can be used. - * @return TRUE, or FALSE if an error has occured. - */ -int start_ssl() { - -#ifdef HAVE_OPENSSL - - if (! ssl_initialized ) { - - ssl_initialized=TRUE; - ERR_load_crypto_strings(); - return (ssl_thread_start() && SSL_library_init() && ssl_entropy_start()); - - } else { - - return TRUE; - - } - -#else - - return FALSE; - -#endif - } @@ -1286,62 +617,45 @@ * Stop SSL support library * @return TRUE, or FALSE if an error has occured. */ -int stop_ssl() { - -#ifdef HAVE_OPENSSL - - if ( ssl_initialized ) { +void stop_ssl() { - ssl_initialized=FALSE; + if(ssl_initialized) { + int i; + ssl_initialized= FALSE; ERR_free_strings(); - return (ssl_thread_stop() && ssl_entropy_stop()); - - } else { - - return TRUE; - + CRYPTO_set_id_callback(NULL); + CRYPTO_set_locking_callback(NULL); + for(i= 0; i < CRYPTO_num_locks(); i++) + assert(pthread_mutex_destroy(&ssl_mutex_table[i]) == 0); + FREE(ssl_mutex_table); + RAND_cleanup(); } -#else - - return FALSE; - -#endif - } + /** * Configures the ssl engine */ - void config_ssl(int conf_allow_self_cert) { -#ifdef HAVE_OPENSSL - - allow_self_certfication= conf_allow_self_cert; - -#endif - - return; + allow_self_certification= conf_allow_self_cert; } + /** * Generate a new ssl connection * @return ssl connection container */ ssl_connection *new_ssl_connection(char *clientpemfile, int sslversion) { -#ifdef HAVE_OPENSSL - - ssl_connection *ssl = (ssl_connection *) NEW(ssl); - - if (!ssl_initialized) { + ssl_connection *ssl; + if(!ssl_initialized) start_ssl(); - } - + NEW(ssl); ssl->socket_bio= NULL; ssl->handler= NULL; ssl->cert= NULL; @@ -1351,184 +665,80 @@ ssl->accepted = FALSE; ssl->cert_md5 = NULL; ssl->cert_md5_len = 0; + ssl->clientpemfile= clientpemfile?xstrdup(clientpemfile):NULL; - if(clientpemfile!=NULL) { - - ssl->clientpemfile= xstrdup(clientpemfile); - - } else { - - ssl->clientpemfile= NULL; - - } - switch (sslversion) { case SSL_VERSION_AUTO: - ssl->method = SSLv23_client_method(); break; case SSL_VERSION_SSLV2: - ssl->method = SSLv2_client_method(); break; case SSL_VERSION_SSLV3: - ssl->method = SSLv3_client_method(); break; case SSL_VERSION_TLS: - ssl->method = TLSv1_client_method(); break; default: - - LogError("%s: new_ssl_connection(): Unknown SSL version!\n", prog); + LogError("%s: Unknown SSL version!\n", prog); goto sslerror; } - if (ssl->method == NULL ) { - - handle_ssl_error("new_ssl_connection()"); - LogError("%s: new_ssl_connection(): Cannot initialize SSL method!\n", - prog); + if(!ssl->method) { + LogError("%s: Cannot initialize SSL method -- %s\n", prog, SSLERROR); goto sslerror; - } - if ((ssl->ctx= SSL_CTX_new (ssl->method)) == NULL ) { - - handle_ssl_error("new_ssl_connection()"); - LogError("%s: new_ssl_connection(): Cannot initialize SSL server " - "certificate handler!\n", prog); + if(!(ssl->ctx= SSL_CTX_new (ssl->method))) { + LogError("%s: Cannot initialize SSL server certificate handler -- %s\n", + prog, SSLERROR); goto sslerror; - } - if ( ssl->clientpemfile!=NULL ) { + if(ssl->clientpemfile) { - if (SSL_CTX_use_certificate_file(ssl->ctx, ssl->clientpemfile, + if(SSL_CTX_use_certificate_file(ssl->ctx, ssl->clientpemfile, SSL_FILETYPE_PEM) <= 0) { - - handle_ssl_error("new_ssl_connection()"); - LogError("%s: new_ssl_connection(): Cannot initialize SSL server" - " certificate!\n", prog); + LogError("%s: Cannot initialize SSL server certificate -- %s\n", + prog, SSLERROR); goto sslerror; - } - if (SSL_CTX_use_PrivateKey_file(ssl->ctx, ssl->clientpemfile, + if(SSL_CTX_use_PrivateKey_file(ssl->ctx, ssl->clientpemfile, SSL_FILETYPE_PEM) <= 0) { - - handle_ssl_error("new_ssl_connection()"); - LogError("%s: new_ssl_connection(): Cannot initialize SSL server" - " private key!\n", prog); + LogError("%s: Cannot initialize SSL server private key -- %s\n", + prog, SSLERROR); goto sslerror; - } - if (!SSL_CTX_check_private_key(ssl->ctx)) { - - handle_ssl_error("new_ssl_connection()"); - LogError("%s: new_ssl_connection(): Private key does not match the" - " certificate public key!\n", - prog); + if(!SSL_CTX_check_private_key(ssl->ctx)) { + LogError("%s: Private key does not match the certificate public key -- %s\n", + prog, SSLERROR); goto sslerror; - } } - return ssl; - sslerror: +sslerror: delete_ssl_socket(ssl); return NULL; -#else - - return NULL; - -#endif - -} - - -/** - * Generate a new ssl server connection - * @return ssl server connection container - */ -ssl_server_connection *new_ssl_server_connection(char * pemfile, - char * clientpemfile) { - -#ifdef HAVE_OPENSSL - - ssl_server_connection *ssl_server = - (ssl_server_connection *) NEW(ssl_server); - - ASSERT(pemfile); - - if (!ssl_initialized) { - - start_ssl(); - - } - - ssl_server->ctx= NULL; - ssl_server->method= NULL; - ssl_server->server_socket= 0; - ssl_server->ssl_conn_list = NULL; - ssl_server->pemfile=xstrdup(pemfile); - - if(clientpemfile != NULL) { - - ssl_server->clientpemfile= xstrdup(clientpemfile); - - } else { - - ssl_server->clientpemfile= NULL; - - } - - return ssl_server; - -#else - - return NULL; - -#endif - } -/** - * Checks if openssl is compiled in - * @return TRUE if installed - */ -int have_ssl(void) { - -#ifdef HAVE_OPENSSL - - return HAVE_OPENSSL; - -#else - - return FALSE; - -#endif - -} - /* ----------------------------------------------------------------- Private */ -#ifdef HAVE_OPENSSL /** * Init verification of transmitted client certs @@ -1537,111 +747,79 @@ struct stat stat_buf; - if (ssl_server->clientpemfile==NULL) { - - allow_any_purpose= TRUE; - SSL_CTX_set_verify(ssl_server->ctx, SSL_VERIFY_PEER , - verify_callback_noclientcert); - goto end_success; /* No verification, but we have to call the callback! */ - + if(!ssl_server->clientpemfile) { + SSL_CTX_set_verify(ssl_server->ctx, SSL_VERIFY_NONE, NULL); + return TRUE; } - if ( -1 == stat(ssl_server->clientpemfile, &stat_buf )) { - - LogError("%s: verify_init(): Cannot stat the SSL pem path '%s' -- %s\n", + if(stat(ssl_server->clientpemfile, &stat_buf) == -1) { + LogError("%s: Cannot stat the SSL pem path '%s' -- %s\n", prog, Run.httpsslclientpem, STRERROR); - - goto end_error; - + return FALSE; } - if (S_ISDIR(stat_buf.st_mode)) { + if(S_ISDIR(stat_buf.st_mode)) { - if (!SSL_CTX_load_verify_locations(ssl_server->ctx, NULL , + if(!SSL_CTX_load_verify_locations(ssl_server->ctx, NULL , ssl_server->clientpemfile)) { - - handle_ssl_error("verify_init()"); - LogError("%s: verify_init(): Error setting verify directory to %s\n", - Run.httpsslclientpem); - - goto end_error; - + LogError("%s: Error setting verify directory to %s -- %s\n", + prog, Run.httpsslclientpem, SSLERROR); + return FALSE; } - LogInfo("%s: verify_init(): Loaded SSL client pem directory '%s'\n", + LogInfo("%s: Loaded SSL client pem directory '%s'\n", prog, ssl_server->clientpemfile); - /* Monits server cert for cli support ! */ + /* Monit's server cert for cli support */ if(!SSL_CTX_load_verify_locations(ssl_server->ctx, ssl_server->pemfile, NULL)) { - - handle_ssl_error("verify_init()"); - LogError("%s: verify_init(): Error loading verify certificates from %s\n", - prog, ssl_server->pemfile); - - goto end_error; - + LogError("%s: Error loading verify certificates from %s -- %s\n", + prog, ssl_server->pemfile, SSLERROR); + return FALSE; } - LogInfo("%s: verify_init(): Loaded monit's SSL pem server file '%s'\n", + LogInfo("%s: Loaded monit's SSL pem server file '%s'\n", prog, ssl_server->pemfile); - } else if (S_ISREG(stat_buf.st_mode)) { + } else if(S_ISREG(stat_buf.st_mode)) { if(!SSL_CTX_load_verify_locations(ssl_server->ctx, ssl_server->clientpemfile, NULL)) { - - handle_ssl_error("verify_init()"); - LogError("%s: verify_init(): Error loading verify certificates from %s\n", - prog, Run.httpsslclientpem); - - goto end_error; - + LogError("%s: Error loading verify certificates from %s -- %s\n", + prog, Run.httpsslclientpem, SSLERROR); + return FALSE; } - LogInfo("%s: verify_init(): Loaded SSL pem client file '%s'\n", + LogInfo("%s: Loaded SSL pem client file '%s'\n", prog, ssl_server->clientpemfile); /* Monits server cert for cli support ! */ if(!SSL_CTX_load_verify_locations(ssl_server->ctx, ssl_server->pemfile, NULL)) { - - handle_ssl_error("verify_init()"); - LogError("%s: verify_init(): Error loading verify certificates from %s\n", - prog, ssl_server->pemfile); - - goto end_error; - + LogError("%s: Error loading verify certificates from %s -- %s\n", + prog, ssl_server->pemfile, SSLERROR); + return FALSE; } - LogInfo("%s: verify_init(): Loaded monit's SSL pem server file '%s'\n", + LogInfo("%s: Loaded monit's SSL pem server file '%s'\n", prog, ssl_server->pemfile); SSL_CTX_set_client_CA_list(ssl_server->ctx, SSL_load_client_CA_file(ssl_server->clientpemfile)); } else { - - LogError("%s: verify_init(): SSL client pem path is no file or directory %s\n", + LogError("%s: SSL client pem path is no file or directory %s\n", prog, ssl_server->clientpemfile); - - goto end_error; - + return FALSE; } - allow_any_purpose= FALSE; - SSL_CTX_set_verify(ssl_server->ctx, SSL_VERIFY_PEER , verify_callback); + SSL_CTX_set_verify(ssl_server->ctx, SSL_VERIFY_PEER, verify_callback); - end_success: - return TRUE; - end_error: - - return FALSE; } @@ -1653,69 +831,28 @@ char subject[STRLEN]; X509_OBJECT found_cert; - /* RATS: ignore */ /* buffer size is limited by STRLEN */ X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), subject, STRLEN-1); - if(!preverify_ok) { - - if (!check_preverify(ctx)) { - - goto reject; - - } - - } + if(!preverify_ok && !check_preverify(ctx)) + return 0; if(ctx->error_depth==0 && X509_STORE_get_by_subject(ctx, X509_LU_X509, X509_get_subject_name(ctx->current_cert), - &found_cert)!=1) { + &found_cert)!=1) + { - handle_ssl_error("verify_callback()"); - LogError("%s: verify_callback(): SSL connection rejected. No matching " - "certificate found.", prog); - - goto reject; + LogError("%s: SSL connection rejected. No matching certificate found -- %s\n", + prog, SSLERROR); + return 0; } return 1; - reject: - return 0; - } -/** - * Check the transmitted client certs and a do NOT compare with client cert - * database - */ -static int verify_callback_noclientcert(int preverify_ok, - X509_STORE_CTX *ctx) { - - char subject[STRLEN]; - - /* RATS: ignore */ /* buffer size is limited by STRLEN-1 */ - X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), subject, - STRLEN-1); - - if(!preverify_ok) { - - if (!check_preverify(ctx)) { - - goto reject; - - } - - } - - return 1; - - reject: - return 0; - -} /** * Analyse errors found before actual verification @@ -1724,63 +861,31 @@ static int check_preverify(X509_STORE_CTX *ctx) { if ((ctx->error != X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) && - (ctx->error != X509_V_ERR_INVALID_PURPOSE)) { - + (ctx->error != X509_V_ERR_INVALID_PURPOSE)) + { /* Remote site specified a certificate, but it's not correct */ - - LogError("%s: check_preverify(): SSL connection rejected because" - " certificate verification has failed -- Error %i\n", - prog, ctx->error); - return FALSE; /* Reject connection */ - + LogError("%s: SSL connection rejected because certificate verification has failed -- error %i\n", + prog, ctx->error); + /* Reject connection */ + return FALSE; } - - if(allow_self_certfication && - (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)) { - + if(allow_self_certification && + (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)) + { /* Let's accept self signed certs for the moment! */ - - LogInfo("%s: check_preverify(): SSL connection accepted with" - " self signed certificate!\n", prog); - - ctx->error=0; - return TRUE; - - } - - if(allow_any_purpose && - (ctx->error == X509_V_ERR_INVALID_PURPOSE)) { - - /* Let's accept any purpose certs for the moment! */ - - LogInfo("%s: check_preverify(): SSL connection accepted " - "with invalid purpose!\n", prog); - + LogInfo("%s: SSL connection accepted with self signed certificate!\n", + prog); ctx->error=0; return TRUE; - } - - LogError("%s: check_preverify(): SSL connection rejected because " - "certificate verification has failed -- Error %i!\n", - prog, ctx->error); - return FALSE; /* Reject connection */ + /* Reject connection */ + LogError("%s: SSL connection rejected because certificate verification has failed -- error %i!\n", + prog, ctx->error); + return FALSE; -} -/** - * Print info about the verification engine - */ -static void verify_info(ssl_server_connection *ssl_server) { - - STACK_OF(X509_NAME) *stack; - - stack=SSL_CTX_get_client_CA_list(ssl_server->ctx); - LogInfo("%s: verify_info(): Found %d client certificates\n", prog, - sk_X509_NAME_num(stack)); - } @@ -1788,7 +893,7 @@ * Helper function for the SSL threadding support * @return current thread number */ -static int unsigned long ssl_thread_id(void) { +static int unsigned long ssl_thread_id() { return ((unsigned long) pthread_self()); @@ -1800,87 +905,128 @@ */ static void ssl_mutex_lock(int mode, int n, const char *file, int line) { - - if(mode & CRYPTO_LOCK) { - - pthread_mutex_lock( & ssl_mutex_table[n]); - - } else { - - pthread_mutex_unlock( & ssl_mutex_table[n]); - - } + if(mode & CRYPTO_LOCK) + assert(pthread_mutex_lock( & ssl_mutex_table[n]) == 0); + else + assert(pthread_mutex_unlock( & ssl_mutex_table[n]) == 0); } /** - * Initialize threadding support for the SSL library - * @return TRUE if successful, FALSE if failed + * Handle errors during read, write, connect and accept + * @return TRUE if non fatal, FALSE if non fatal and retry */ -static int ssl_thread_start(void) { +static int handle_error(int code, ssl_connection *ssl) { - int i; - ssl_mutex_table= xcalloc(CRYPTO_num_locks(), sizeof(pthread_mutex_t)); - for(i= 0; i < CRYPTO_num_locks(); i++) - pthread_mutex_init(&ssl_mutex_table[i], NULL); - CRYPTO_set_id_callback(ssl_thread_id); - CRYPTO_set_locking_callback(ssl_mutex_lock); + int ssl_error= SSL_get_error(ssl->handler, code); - return TRUE; + switch (ssl_error) { + + case SSL_ERROR_WANT_READ: + if(can_read(ssl->socket, SSL_TIMEOUT)) + return TRUE; + LogError("%s: Openssl read timeout error!\n", prog); + break; + + case SSL_ERROR_WANT_WRITE: + if(can_read(ssl->socket, SSL_TIMEOUT)) + return TRUE; + LogError("%s: Openssl write timeout error!\n", prog); + break; + + case SSL_ERROR_SYSCALL: + LogError("%s: Openssl syscall error: %s!\n", prog, STRERROR); + break; + + case SSL_ERROR_SSL: + LogError("%s: Openssl engine error: %s\n", prog, SSLERROR); + break; + + default: + LogError("%s: Openssl error!\n", prog); + break; + + } + return FALSE; } /** - * Garbage colletion for the SSL threadding support - * @return TRUE if successful, FALSE if failed + * Garbage collection for non reusable parts of the ssl connection + * @param ssl ssl connection */ -static int ssl_thread_stop(void) { +static void cleanup_ssl_socket(ssl_connection *ssl) { - int i; - CRYPTO_set_id_callback(NULL); - CRYPTO_set_locking_callback(NULL); - for(i= 0; i < CRYPTO_num_locks(); i++) - pthread_mutex_destroy(&ssl_mutex_table[i]); - FREE(ssl_mutex_table); + if(!ssl) + return; - return TRUE; + if(ssl->cert) { + X509_free(ssl->cert); + ssl->cert= NULL; + } -} + if(ssl->handler) { + SSL_free(ssl->handler); + ssl->handler= NULL; + } + if(ssl->socket_bio) { + /* + * no BIO_free(ssl->socket_bio); necessary, because BIO is freed + * by ssl->handler + */ + ssl->socket_bio= NULL; + } -/** - * Start entropy gathering - * @return TRUE if successful, FALSE if failed - */ -static int ssl_entropy_start(void) { + FREE(ssl->cert_issuer); + FREE(ssl->cert_subject); + FREE(ssl->cert_md5); + FREE(ssl->clientpemfile); - if(File_exist(URANDOM_DEVICE)) { +} - return(RAND_load_file(URANDOM_DEVICE, RANDOM_BYTES)==RANDOM_BYTES); - } else if(File_exist(RANDOM_DEVICE)) { +/** + * Garbage collection for a SSL server connection. + * @param ssl_server data for ssl server connection + */ +static void cleanup_ssl_server_socket(ssl_server_connection *ssl_server) { - fprintf(stdout, "Gathering entropy from the random device. Please wait\n"); - fflush(stdout); + if(!ssl_server) + return; - return(RAND_load_file(RANDOM_DEVICE, RANDOM_BYTES)==RANDOM_BYTES); + FREE(ssl_server->pemfile); + FREE(ssl_server->clientpemfile); + while(ssl_server->ssl_conn_list) { + ssl_connection *ssl = ssl_server->ssl_conn_list; + ssl_server->ssl_conn_list = ssl_server->ssl_conn_list->next; + close_accepted_ssl_socket(ssl_server, ssl); } - return FALSE; - } /** - * Stop entropy gathering - * @return TRUE if successful, FALSE if failed + * Updates some data in the ssl connection + * @param ssl reference to ssl connection + * @return TRUE, if not successful FALSE */ -static int ssl_entropy_stop(void) { +static int update_ssl_cert_data(ssl_connection *ssl) { + + unsigned char md5[EVP_MAX_MD_SIZE]; + + ASSERT(ssl); + + if(!(ssl->cert = SSL_get_peer_certificate(ssl->handler))) + return FALSE; - RAND_cleanup(); + ssl->cert_issuer= X509_NAME_oneline (X509_get_issuer_name(ssl->cert), 0, 0); + ssl->cert_subject= X509_NAME_oneline (X509_get_subject_name(ssl->cert), 0, 0); + X509_digest(ssl->cert, EVP_md5(), md5, &ssl->cert_md5_len); + ssl->cert_md5= (unsigned char *)xstrdup((char *)md5); return TRUE; @@ -1888,55 +1034,62 @@ /** - * Handle errors during read, write, connect and accept - * @return TRUE if non fatal, FALSE if non fatal and retry + * Generate a new ssl server connection + * @return ssl server connection container */ -static int handle_connection_error(int code, ssl_connection *ssl, - char *operation, int timeout) { - - int ssl_error= 0; +static ssl_server_connection *new_ssl_server_connection(char * pemfile, + char * clientpemfile) { - switch ((ssl_error= SSL_get_error(ssl->handler, code))) { - - case SSL_ERROR_WANT_READ: - if (can_read(ssl->socket, timeout)) - return TRUE; - else - LogError("%s: %s: Openssl read timeout error!\n", prog, operation); - return FALSE; - - case SSL_ERROR_WANT_WRITE: - if (can_read(ssl->socket, timeout)) - return TRUE; - else - LogError("%s: %s: Openssl write timeout error!\n", prog, operation); - return FALSE; - - case SSL_ERROR_SYSCALL: - LogError("%s: %s: Openssl syscall error: %s!\n", prog, operation, - STRERROR); - return FALSE; + ssl_server_connection *ssl_server; - case SSL_ERROR_SSL: - handle_ssl_error(operation); - return FALSE; - - default: - LogError("%s: %s: Openssl error!\n", prog, operation); + ASSERT(pemfile); - } + NEW(ssl_server); + ssl_server->ctx= NULL; + ssl_server->method= NULL; + ssl_server->server_socket= 0; + ssl_server->ssl_conn_list= NULL; + ssl_server->pemfile= xstrdup(pemfile); + ssl_server->clientpemfile= clientpemfile?xstrdup(clientpemfile):NULL; + + return ssl_server; - return FALSE; } /** - * Handle errors of arbitrary SSL calls + * Start SSL support library. It has to be run before the SSL support + * can be used. + * @return TRUE, or FALSE if an error has occured. */ -static void handle_ssl_error(char *operation) { +static int start_ssl() { + + if(! ssl_initialized) { + int i; + int locks = CRYPTO_num_locks(); + + ssl_initialized= TRUE; + ERR_load_crypto_strings(); + ssl_mutex_table= xcalloc(locks, sizeof(pthread_mutex_t)); + for(i= 0; i < locks; i++) + pthread_mutex_init(&ssl_mutex_table[i], NULL); + CRYPTO_set_id_callback(ssl_thread_id); + CRYPTO_set_locking_callback(ssl_mutex_lock); + SSL_library_init(); + if(File_exist(URANDOM_DEVICE)) { + return(RAND_load_file(URANDOM_DEVICE, RANDOM_BYTES)==RANDOM_BYTES); + } else if(File_exist(RANDOM_DEVICE)) { + DEBUG("Gathering entropy from the random device\n"); + return(RAND_load_file(RANDOM_DEVICE, RANDOM_BYTES)==RANDOM_BYTES); + } + return FALSE; + } - LogError("%s: %s: Openssl engine error: %s\n", prog, operation, SSLERROR); + return TRUE; } + #endif + + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/ssl.h /tmp/QeMlhPoI46/monit-5.0.3/ssl.h --- monit-4.8.1/ssl.h 2006-01-01 22:01:03.000000000 +0000 +++ monit-5.0.3/ssl.h 2009-02-13 13:06:33.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #ifndef SSL_H @@ -34,6 +44,7 @@ #define SSL_VERSION_SSLV2 1 #define SSL_VERSION_SSLV3 2 #define SSL_VERSION_TLS 3 +#define SSL_VERSION_NONE 4 /** Defines an SSL object */ typedef struct myssl { @@ -42,90 +53,83 @@ char *certmd5; /**< The expected md5 sum of the server's certificate */ } Ssl_T; -#ifdef HAVE_OPENSSL -typedef struct my_ssl_connection { - int socket; - int accepted; +#ifdef HAVE_OPENSSL - SSL* handler; - SSL_CTX * ctx; - X509 * cert; - SSL_METHOD * method; - BIO * socket_bio; - - const char * cipher; - - char * cert_subject; - char * cert_issuer; - unsigned char * cert_md5; - unsigned int cert_md5_len; - char * clientpemfile; +typedef struct my_ssl_connection { + int socket; + int accepted; + SSL *handler; + SSL_CTX *ctx; + X509 *cert; + SSL_METHOD *method; + BIO *socket_bio; + const char *cipher; + char *cert_subject; + char *cert_issuer; + unsigned char *cert_md5; + unsigned int cert_md5_len; + char *clientpemfile; struct my_ssl_connection *prev; struct my_ssl_connection *next; - } ssl_connection; typedef struct my_ssl_server_connection { - - int server_socket; - - SSL_METHOD * method; - SSL_CTX * ctx; - - char * pemfile; - char * clientpemfile; - - + int server_socket; + SSL_METHOD *method; + SSL_CTX *ctx; + char *pemfile; + char *clientpemfile; ssl_connection *ssl_conn_list; - } ssl_server_connection; -#else - -typedef void ssl_connection; -typedef void ssl_server_connection; - -#endif - - -ssl_connection * new_ssl_connection(char *, int); -ssl_server_connection * new_ssl_server_connection(char *, char *); -ssl_connection * create_ssl_socket(char *, int, int, int); -int embed_ssl_socket (ssl_connection *, int); +#define have_ssl() 1 +void config_ssl(int); +void stop_ssl(); +int embed_ssl_socket(ssl_connection *, int); +int embed_accepted_ssl_socket(ssl_connection *, int); +int close_ssl_socket(ssl_connection *); +void close_accepted_ssl_socket(ssl_server_connection *, ssl_connection *); +void delete_ssl_socket(ssl_connection *); +void delete_ssl_server_socket(ssl_server_connection *); +int check_ssl_md5sum(ssl_connection *, char *); +int send_ssl_socket(ssl_connection *, void *, int, int); +int recv_ssl_socket(ssl_connection *, void *, int, int); +ssl_connection *new_ssl_connection(char *, int); +ssl_connection *insert_accepted_ssl_socket(ssl_server_connection *); +ssl_server_connection *init_ssl_server(char *, char *); -ssl_server_connection * init_ssl_server (char *, char *); -ssl_server_connection * create_ssl_server_socket(char *, int, int, char *, char *); -int embed_accepted_ssl_socket(ssl_connection *, int); -ssl_connection * accept_ssl_socket(ssl_server_connection *); -ssl_connection * insert_accepted_ssl_socket (ssl_server_connection *); +#else -int close_ssl_socket(ssl_connection *); -int close_ssl_server_socket(ssl_server_connection *); -int close_accepted_ssl_socket(ssl_server_connection *, ssl_connection *); -int cleanup_ssl_socket(ssl_connection *); -int cleanup_ssl_server_socket(ssl_server_connection *); +typedef void ssl_connection; +typedef void ssl_server_connection; -int delete_ssl_socket(ssl_connection *); -int delete_ssl_server_socket(ssl_server_connection *); -int delete_accepted_ssl_socket (ssl_server_connection *, ssl_connection *); -int update_ssl_cert_data(ssl_connection *); -int check_ssl_md5sum(ssl_connection * , char *); +/* dummy ssl functions */ +#define have_ssl() 0 +#define config_ssl(x) +#define stop_ssl() +#define embed_ssl_socket(x, y) 0 +#define embed_accepted_ssl_socket(x, y) 0 +#define close_ssl_socket(x) 0 +#define close_accepted_ssl_socket(x, y) +#define delete_ssl_socket(x) +#define delete_ssl_server_socket(x) +#define check_ssl_md5sum(x, y) 0 +#define send_ssl_socket(a, b, c, d) 0 +#define recv_ssl_socket(a, b, c, d) 0 +#define new_ssl_connection(x, y) NULL +#define insert_accepted_ssl_socket(x) NULL +#define init_ssl_server(x, y) NULL -int send_ssl_socket(ssl_connection *, void *, int, int timeout); -int recv_ssl_socket(ssl_connection *, void *, int, int timeout); -int start_ssl(void); -int stop_ssl(void); -void config_ssl(int); +#endif -int have_ssl(void); #endif diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/state.c /tmp/QeMlhPoI46/monit-5.0.3/state.c --- monit-4.8.1/state.c 2006-05-10 21:29:01.000000000 +0100 +++ monit-5.0.3/state.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -58,13 +68,13 @@ /** * Manage service information persistently. Service data is saved to * a state file when monit runs in daemon mode for each poll - * cycle. Monit use this file to recover from a crash or to maintain - * service data persistently during a reload. The location of the - * state file may be set from the command line or set in the monitrc - * file, if not set, the default is ~/.monit.state. + * cycle. Monit use this file to maintain service data persistently + * during reload or restart. The location of the state file may be + * set from the command line or set in the monitrc file, if not set, + * the default is ~/.monit.state. * * @author Jan-Henrik Haukeland, - * @version \$Id: state.c,v 1.28 2006/05/10 16:32:22 martinp Exp $ + * @version \$Id: state.c,v 1.39 2009/05/04 20:18:21 martinp Exp $ * @file */ @@ -107,13 +117,10 @@ Service_T s; State_T state; FILE *S= NULL; - sigset_t ns,os; if(! (S= open_state("w"))) return; - set_signal_block(&ns, &os); - l= Util_getNumberOfServices(); if(fwrite(&l, 1, sizeof (int), S) != sizeof(int)) { @@ -133,8 +140,6 @@ error: close_state(S); - unset_signal_block(&os); - } @@ -185,15 +190,12 @@ int l= 0; State_T s; FILE *S= NULL; - sigset_t ns, os; Service_T service; int has_error= FALSE; if(! (S= open_state("r"))) return; - set_signal_block(&ns, &os); - errno= 0; if(fread(&l, 1, sizeof (int), S) != sizeof(int)) { LogError("%s: Unable to read monit state information from '%s'\n", @@ -218,7 +220,6 @@ error: close_state(S); - unset_signal_block(&os); if(!has_error) State_save(); @@ -265,12 +266,12 @@ memset(state, 0, sizeof(State_T)); - strncpy(state->name, service->name, STRLEN); + strncpy(state->name, service->name, sizeof(state->name) - 1); + state->name[sizeof(state->name) - 1] = 0; state->mode= service->mode; state->nstart= service->nstart; state->ncycle= service->ncycle; state->monitor= service->monitor; - state->error= service->error; } @@ -281,6 +282,5 @@ service->nstart= state->nstart; service->ncycle= state->ncycle; service->monitor= state->monitor; - service->error= state->error; } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/state.h /tmp/QeMlhPoI46/monit-5.0.3/state.h --- monit-4.8.1/state.h 2006-01-01 22:44:02.000000000 +0000 +++ monit-5.0.3/state.h 2009-02-13 13:06:33.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -31,7 +41,7 @@ * file, if not set, the default is ~/.monit.state. * * @author Jan-Henrik Haukeland, - * @version \$Id: state.h,v 1.3 2006/01/01 22:44:02 martinp Exp $ + * @version \$Id: state.h,v 1.9 2009/02/13 09:18:10 hauk Exp $ * @file */ diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/STATUS /tmp/QeMlhPoI46/monit-5.0.3/STATUS --- monit-4.8.1/STATUS 2006-01-01 22:01:02.000000000 +0000 +++ monit-5.0.3/STATUS 1970-01-01 01:00:00.000000000 +0100 @@ -1,6 +0,0 @@ - - monit Bugs and To-Do Items ------------------------------------------------------------------- - -see http://www.tildeslash.com/monit/next.html - diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/status.c /tmp/QeMlhPoI46/monit-5.0.3/status.c --- monit-4.8.1/status.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/status.c 2009-02-13 13:06:33.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -60,7 +70,7 @@ * @author Jan-Henrik Haukeland, * @author Christian Hopp, * - * @version \$Id: status.c,v 1.61 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: status.c,v 1.69 2009/02/13 09:18:11 hauk Exp $ * * @file */ @@ -93,7 +103,7 @@ return status; } - auth= Util_getBasicAuthHeader(); + auth= Util_getBasicAuthHeaderMonit(); socket_print(sock, "GET /_status?format=text&level=%s HTTP/1.0\r\n%s\r\n", level, auth?auth:""); @@ -101,7 +111,7 @@ /* Read past HTTP headers and check status */ while(socket_readln(sock, buf, LINE)) { - if(IS(buf, "\n") || IS(buf, "\r\n")) + if(*buf == '\n' || *buf == '\r') break; if(Util_startsWith(buf, "HTTP/1.0 200")) status= TRUE; diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/UPGRADE.txt /tmp/QeMlhPoI46/monit-5.0.3/UPGRADE.txt --- monit-4.8.1/UPGRADE.txt 2006-01-01 22:01:02.000000000 +0000 +++ monit-5.0.3/UPGRADE.txt 1970-01-01 01:00:00.000000000 +0100 @@ -1,152 +0,0 @@ - How to Upgrade Monit - -------------------- - - -This document describes how to change the configuration files of monit -in case monit is upgraded. Further changes and addition are described -in CHANGES.txt. - -From monit 3.2 to monit 4.0: -=========================== - -Monit 4.0 supports file, device, directory and host checks in addition -to process checks. Thus, the CHECK statement has changed: - - Old syntax: CHECK servicename - - New syntax: CHECK [PROCESS|DEVICE|DIRECTORY|FILE|HOST] servicename - -The old CHECK syntax without "PROCESS" token is still usable but -depreciated. Future versions might not support this. - ------------------------------------------------------------------------------- - -The CHECKSUM statement can now only be used in a check file -entry. Usage of this statements in a check process service entry is -obsolete from this release. In addition, the syntax has changed: - - Old syntax: CHECKSUM path [EXPECT checksum] [path [EXPECT checksum]]+ - - New syntax: IF FAILED CHECKSUM [EXPECT checksum] THEN action - - - Old syntax example: - - check process apache with pidfile /usr/local/apache/logs/httpd.pid - ... - checksum /usr/local/apache/bin/httpd - and expect 8f7f419955cefa0b33a2ba316cba3659 - - New syntax example: - - check process apache with pidfile /usr/local/apache/logs/httpd.pid - ... - depends on httpd_bin - - check file httpd_bin with path /usr/local/apache/bin/httpd - if failed checksum and expect 8f7f419955cefa0b33a2ba316cba3659 - then unmonitor - ------------------------------------------------------------------------------- - -The TIMESTAMP statement can now only be used in a check file -entry. Usage of this statements in a check process service entry is -obsolete from this release. In addition, the syntax has changed: - - Old syntax: IF TIMESTAMP path [operator] value [unit] THEN action - - New syntax: IF TIMESTAMP [operator] value [unit] THEN action - - or - - IF TIMESTAMP was CHANGED THEN action - - Old syntax example: - - check process apache with pidfile /usr/local/apache/logs/httpd.pid - ... - if timestamp /usr/local/etc/httpd.conf < 1 hour then restart - - New syntax example: - - check process apache with pidfile /usr/local/apache/logs/httpd.pid - start program = "/etc/init.d/httpd start" - stop program = "/etc/init.d/httpd stop" - depends on httpd_conf - - check file httpd_conf with path /usr/local/etc/httpd.conf - if timestamp changed then restart - ------------------------------------------------------------------------------- - -The PORT statement has changed and now requires that an explicit -action is specified if the connection test should fail. The old -statement would blindly restart the service if a port connection test -failed, the new version allows you to choose an action from the set, -ALERT, STOP, RESTART, UNMONITOR or EXEC. - - Old syntax: [HOST hostname] PORT number [TYPE {...}] - [PROTO(COL) {name} [REQUEST {"/path"}]] - - New syntax: IF FAILED [HOST hostname] PORT number [TYPE {...}] - [PROTO(COL) {name} [REQUEST {"/path"}]] - [with TIMEOUT x SECONDS] - THEN action - - Old syntax example: - check process apache with pidfile /usr/local/apache/logs/httpd.pid - ... - host nettvenn.sol.no port 80 proto http - - New syntax example: - check process apache with pidfile /usr/local/apache/logs/httpd.pid - ... - if failed host nettvenn.sol.no port 80 proto http - then restart - ------------------------------------------------------------------------------- - -The DEPENDS statement has changed. The services are from now on comma -separated: - - Old syntax: DEPENDS service [service [...]] - - New syntax: DEPENDS service[, service [,...]] - ------------------------------------------------------------------------------- - -The CPU and memory check syntax has been simplified. The new syntax -has only the tokens CPU and MEM and the syntax is also changed to -become a real IF-THEN statement: - - - Old syntax: CPUUSAGE value [cycles] action - MEMUSAGE value [cycles] action - MEMKBYTE value [cycles] action - - New syntax: IF CPU operator value unit [cycles] THEN action - IF MEM operator value unit [cycles] THEN action - -The "operator" token is still a choice of {<|>|==|!=} or in words -{less|greater|equal|notequal}; value is a choice of an integer number -or a real number (using a dot); unit is {%|PERCENT} for CPU and a -choice of {%|B|KB|MB|GB} or in words {PERCENT|BYTE|KILOBYTE| -MEGABYTE|GIGABYTE}; "cycles" still refers to the number of cycles the -statement has to be true in order to start the "action". Example: - - if MEM > 2.5 MB for 5 cycles then RESTART - - And not specifying a cycle means implicit 1 cycle: - if MEM > 25% then RESTART - -The old syntax using CPUUSAGE, MEMUSAGE, MEMKBYTE is obsolete and no -longer supported. - ------------------------------------------------------------------------------- - -The $PROGRAM tag used in a mail-format statement was renamed to -$SERVICE without changing its meaning. $PROGRAM is still usable but -depreciated. Future versions might not support it anymore. - ------------------------------------------------------------------------------- - diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/util.c /tmp/QeMlhPoI46/monit-5.0.3/util.c --- monit-4.8.1/util.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/util.c 2009-05-28 22:35:30.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -94,6 +104,22 @@ #include #endif +#ifdef HAVE_SECURITY_PAM_APPL_H +#include +#endif + +#ifdef HAVE_PAM_PAM_APPL_H +#include +#endif + +#ifdef HAVE_PWD_H +#include +#endif + +#ifdef HAVE_GRP_H +#include +#endif + #include "monitor.h" #include "engine.h" #include "md5.h" @@ -105,10 +131,25 @@ /* Private prototypes */ -static char x2c(char *hex); -static char *is_str_defined(char *); -static void printevents(unsigned int); -static int is_url_unsafe(unsigned char *); +static char x2c(char *hex); +static char *is_str_defined(char *); +static void printevents(unsigned int); +static int is_url_unsafe(unsigned char *); +#ifdef HAVE_LIBPAM +#ifdef SOLARIS +static int PAMquery(int, struct pam_message **, struct pam_response **, void *); +#else +static int PAMquery(int, const struct pam_message **, struct pam_response **, void *); +#endif +static int PAMcheckPasswd(const char *, const char *); +static Auth_T PAMcheckUserGroup(const char *); +#endif + + +struct ad_user { + const char *login; + const char *passwd; +}; /** @@ -119,7 +160,7 @@ * @author Christian Hopp * @author Michael Amster, * - * @version \$Id: util.c,v 1.184 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: util.c,v 1.241 2009/05/28 21:35:30 martinp Exp $ * @file */ @@ -259,6 +300,21 @@ } +char *Util_trunc(char *s, int n) { + ASSERT(n>=0); + if (s) { + int sl = strlen(s); + if (sl > (n + 4)) { + int e = n+3; + for (; n < e; n++) + s[n]= '.'; + s[n]= 0; + } + } + return s; +} + + /** * Replace all occurrences of the old char in the string * s with the new char. @@ -367,11 +423,11 @@ */ int Util_startsWith(const char *a, const char *b) { - if((!a || !b) || toupper(*a)!=toupper(*b)) return FALSE; + if((!a || !b) || toupper((int)*a)!=toupper((int)*b)) return FALSE; while(*a && *b) { - if(toupper(*a++) != toupper(*b++)) return FALSE; + if(toupper((int)*a++) != toupper((int)*b++)) return FALSE; } @@ -501,6 +557,27 @@ /** + * Convert a digest buffer to a char string + * @param digest buffer containing a MD digest + * @param mdlen digest length + * @param result buffer to write the result to. Must be at least + * 41 bytes long. + */ +char *Util_digest2Bytes(unsigned char *digest, int mdlen, MD_T result) { + int i; + unsigned char *tmp= (unsigned char*)result; + static unsigned char hex[] = "0123456789abcdef"; + ASSERT(mdlen * 2 < MD_SIZE); // Overflow guard + for(i= 0; i < mdlen; i++) { + *tmp++ = hex[digest[i] >> 4]; + *tmp++ = hex[digest[i] & 0xf]; + } + *tmp = '\0'; + return result; +} + + +/** * @param name A service name as stated in the config file * @return the named service or NULL if not found */ @@ -541,15 +618,9 @@ */ int Util_existService(const char *name) { - Service_T s; - ASSERT(name); - for(s= servicelist; s; s= s->next) - if(IS(s->name, name)) - return TRUE; - - return FALSE; + return Util_getService(name)?TRUE:FALSE; } @@ -568,7 +639,8 @@ printf(" %-18s = %s\n", "Use syslog", Run.use_syslog?"True":"False"); printf(" %-18s = %s\n", "Is Daemon", Run.isdaemon?"True":"False"); printf(" %-18s = %s\n", "Use process engine", Run.doprocess?"True":"False"); - printf(" %-18s = %d seconds\n", "Poll time", Run.polltime); + printf(" %-18s = %d seconds with start delay %d seconds\n", "Poll time", Run.polltime, Run.startdelay); + printf(" %-18s = %d bytes\n", "Expect buffer", Run.expectbuffer); if(Run.eventlist_dir) { char slots[STRLEN]; @@ -582,16 +654,16 @@ "Event queue", Run.eventlist_dir, slots); } - if(Run.collectors) { - Collector_T c= Run.collectors; - printf(" %-18s = ", "Collector(s)"); - for(c= Run.collectors; c; c= c->next) + if(Run.mmonits) { + Mmonit_T c= Run.mmonits; + printf(" %-18s = ", "M/Monit(s)"); + for(c= Run.mmonits; c; c= c->next) { printf("%s with timeout %d seconds%s%s%s%s%s%s", c->url->url, c->timeout, - c->ssl.use_ssl?" ssl version ":"", - c->ssl.use_ssl?sslnames[c->ssl.version]:"", + (c->ssl.use_ssl && c->ssl.version) ? " ssl version " : "", + (c->ssl.use_ssl && c->ssl.version) ? sslnames[c->ssl.version] : "", c->ssl.certmd5?" server cert md5 sum ":"", c->ssl.certmd5?c->ssl.certmd5:"", c->url->user?" using credentials":"", @@ -600,14 +672,19 @@ printf("\n"); } - printf(" %-18s = ", "Mail server(s)"); if(Run.mailservers) { + printf(" %-18s = ", "Mail server(s)"); MailServer_T mta= Run.mailservers; for(mta= Run.mailservers; mta; mta= mta->next) - printf("%s%s", mta->host, mta->next?", ":" "); + printf("%s:%d%s%s", + mta->host, + mta->port, + mta->ssl.use_ssl?"(ssl)":"", + mta->next?", ":" "); + printf("with timeout %d seconds", Run.mailserver_timeout); + if(Run.mail_hostname) + printf(" using '%s' as my hostname", Run.mail_hostname); printf("\n"); - } else { - printf("localhost\n"); } printf(" %-18s = %s\n", "Mail from", is_str_defined(Run.MailFormat.from)); @@ -677,7 +754,7 @@ Port_T n; Icmp_T i; Mail_T r; - Device_T dl; + Filesystem_T dl; Resource_T q; Timestamp_T t; Size_T sl; @@ -701,17 +778,33 @@ if(s->start) { int i = 0; - printf(" %-20s =", "Start program"); - while(s->start->arg[i]) - printf(" %s", s->start->arg[i++]); + printf(" %-20s = '", "Start program"); + while(s->start->arg[i]) { + if(i) printf(" "); + printf("%s", s->start->arg[i++]); + } + printf("'"); + if(s->start->has_uid) + printf(" as uid %d", s->start->uid); + if(s->start->has_gid) + printf(" as gid %d", s->start->gid); + printf(" timeout %d second(s)", s->start->timeout); printf("\n"); } if(s->stop) { int i = 0; - printf(" %-20s =", "Stop program"); - while(s->stop->arg[i]) - printf(" %s", s->stop->arg[i++]); + printf(" %-20s = '", "Stop program"); + while(s->stop->arg[i]) { + if(i) printf(" "); + printf("%s", s->stop->arg[i++]); + } + printf("'"); + if(s->stop->has_uid) + printf(" as uid %d", s->stop->uid); + if(s->stop->has_gid) + printf(" as gid %d", s->stop->gid); + printf(" timeout %d second(s)", s->stop->timeout); printf("\n"); } @@ -723,11 +816,19 @@ printf(" %-20s = if changed %s then %s\n", "Pid", Util_getEventratio(s->action_PID->failed, ratio1), - actionnames[s->action_PID->failed->id]); + s->action_PID->failed->description); + printf(" %-20s = if changed %s then %s\n", "Ppid", Util_getEventratio(s->action_PPID->failed, ratio1), - actionnames[s->action_PPID->failed->id]); + s->action_PPID->failed->description); + } + + if(s->type == TYPE_FILESYSTEM) { + printf(" %-20s = if changed %s then %s\n", + "Filesystem flags", + Util_getEventratio(s->action_FSFLAG->failed, ratio1), + s->action_FSFLAG->failed->description); } if(s->checksum && s->checksum->action) { @@ -735,53 +836,53 @@ EventAction_T a= cs->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(cs->test_changes) printf(" %-20s = if changed %s %s then %s\n", "Checksum", checksumnames[cs->type], - ratio1, actionnames[a->failed->id]); + ratio1, a->failed->description); else - printf(" %-20s = if failed %s(%s) %s then %s else if passed %s then %s\n", + printf(" %-20s = if failed %s(%s) %s then %s else if succeeded %s then %s\n", "Checksum", cs->hash, checksumnames[cs->type], - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } if(s->perm && s->perm->action) { EventAction_T a= s->perm->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); - printf(" %-20s = if failed %o %s then %s else if passed %s then %s\n", + printf(" %-20s = if failed %04o %s then %s else if succeeded %s then %s\n", "Permission", s->perm->perm, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } if(s->uid && s->uid->action) { EventAction_T a= s->uid->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); - printf(" %-20s = if failed %d %s then %s else if passed %s then %s\n", + printf(" %-20s = if failed %d %s then %s else if succeeded %s then %s\n", "UID", (int)s->uid->uid, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } if(s->gid && s->gid->action) { EventAction_T a= s->gid->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); - printf(" %-20s = if failed %d %s then %s else if passed %s then %s\n", + printf(" %-20s = if failed %d %s then %s else if succeeded %s then %s\n", "GID", (int)s->gid->gid, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } if(s->icmplist) @@ -789,13 +890,13 @@ EventAction_T a= i->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); printf(" %-20s = if failed %s count %d with timeout %d seconds %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "ICMP", icmpnames[i->type], i->count, i->timeout, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } if(s->portlist) { @@ -804,17 +905,17 @@ EventAction_T a= n->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(n->family == AF_INET) { printf(" %-20s = if failed %s:%d%s [%s via %s] with " - "timeout %d seconds %s then %s else if passed %s then %s\n", + "timeout %d seconds %s then %s else if succeeded %s then %s\n", "Port", n->hostname, n->port, n->request?n->request:"", n->protocol->name, Util_portTypeDescription(n), n->timeout, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); if(n->SSL.certmd5 != NULL) printf(" %-20s = %s\n", "Server cert md5 sum", n->SSL.certmd5); @@ -822,10 +923,10 @@ } else if(n->family == AF_UNIX) { printf(" %-20s = if failed %s [protocol %s] with timeout %d seconds " - "%s then %s else if passed %s then %s\n", + "%s then %s else if succeeded %s then %s\n", "Unix Socket", n->pathname, n->protocol->name, n->timeout, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } @@ -837,17 +938,17 @@ EventAction_T a= t->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(t->test_changes) printf(" %-20s = if changed %s then %s\n", "Timestamp", - ratio1, actionnames[a->failed->id]); + ratio1, a->failed->description); else - printf(" %-20s = if %s %d second(s) %s then %s else if passed %s then %s\n", + printf(" %-20s = if %s %d second(s) %s then %s else if succeeded %s then %s\n", "Timestamp", operatornames[t->operator], t->time, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } @@ -855,17 +956,17 @@ EventAction_T a= sl->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(sl->test_changes) printf(" %-20s = if changed %s then %s\n", "Size", - ratio1, actionnames[a->failed->id]); + ratio1, a->failed->description); else - printf(" %-20s = if %s %lu byte(s) %s then %s else if passed %s then %s\n", + printf(" %-20s = if %s %llu byte(s) %s then %s else if succeeded %s then %s\n", "Size", operatornames[sl->operator], sl->size, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } @@ -876,50 +977,50 @@ printf(" %-20s = if%s match \"%s\" %s then %s\n", "Regex", ml->not?" not":"", ml->match_string, - ratio1, actionnames[a->failed->id]); + ratio1, a->failed->description); } - for(dl= s->devicelist; dl; dl= dl->next) { + for(dl= s->filesystemlist; dl; dl= dl->next) { EventAction_T a= dl->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); if(dl->resource == RESOURCE_ID_INODE) { if(dl->limit_absolute > -1) { - printf(" %-20s = if %s %ld %s then %s else if passed %s then %s\n", + printf(" %-20s = if %s %ld %s then %s else if succeeded %s then %s\n", "Inodes usage limit", operatornames[dl->operator], dl->limit_absolute, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } else { - printf(" %-20s = if %s %.1f%% %s then %s else if passed %s then %s\n", + printf(" %-20s = if %s %.1f%% %s then %s else if succeeded %s then %s\n", "Inodes usage limit", operatornames[dl->operator], dl->limit_percent/10., - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } else if(dl->resource == RESOURCE_ID_SPACE) { if(dl->limit_absolute > -1) { - printf(" %-20s = if %s %ld blocks %s then %s else if passed %s then %s\n", + printf(" %-20s = if %s %ld blocks %s then %s else if succeeded %s then %s\n", "Space usage limit", operatornames[dl->operator], dl->limit_absolute, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } else { - printf(" %-20s = if %s %.1f%% %s then %s else if passed %s then %s\n", + printf(" %-20s = if %s %.1f%% %s then %s else if succeeded %s then %s\n", "Space usage limit", operatornames[dl->operator], dl->limit_percent/10., - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); } } @@ -930,127 +1031,137 @@ EventAction_T a= q->action; Util_getEventratio(a->failed, ratio1); - Util_getEventratio(a->passed, ratio2); + Util_getEventratio(a->succeeded, ratio2); switch(q->resource_id) { case RESOURCE_ID_CPU_PERCENT: printf(" %-20s = if %s %.1f%% %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "CPU usage limit", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); + break; + + case RESOURCE_ID_TOTAL_CPU_PERCENT: + + printf(" %-20s = if %s %.1f%% %s then %s " + "else if succeeded %s then %s\n", + "CPU usage limit (incl. children)", + operatornames[q->operator], q->limit/10.0, + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_CPUUSER: printf(" %-20s = if %s %.1f%% %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "CPU user limit", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_CPUSYSTEM: printf(" %-20s = if %s %.1f%% %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "CPU system limit", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_CPUWAIT: printf(" %-20s = if %s %.1f%% %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "CPU wait limit", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_MEM_PERCENT: printf(" %-20s = if %s %.1f%% %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "Memory usage limit", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_MEM_KBYTE: printf(" %-20s = if %s %ldkB %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "Memory amount limit", operatornames[q->operator], q->limit, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_LOAD1: printf(" %-20s = if %s %.1f %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "Load avg. (1min)", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_LOAD5: printf(" %-20s = if %s %.1f %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "Load avg. (5min)", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_LOAD15: printf(" %-20s = if %s %.1f %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "Load avg. (15min)", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_CHILDREN: printf(" %-20s = If %s %ld %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "Children", operatornames[q->operator], q->limit, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_TOTAL_MEM_KBYTE: printf(" %-20s = If %s %ld %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "Memory amount limit (incl. children)", operatornames[q->operator], q->limit, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; case RESOURCE_ID_TOTAL_MEM_PERCENT: printf(" %-20s = If %s %.1f%% %s then %s " - "else if passed %s then %s\n", + "else if succeeded %s then %s\n", "Memory usage limit (incl. children)", operatornames[q->operator], q->limit/10.0, - ratio1, actionnames[a->failed->id], - ratio2, actionnames[a->passed->id]); + ratio1, a->failed->description, + ratio2, a->succeeded->description); break; } @@ -1062,9 +1173,12 @@ if(s->def_timeout && s->action_TIMEOUT) { EventAction_T a= s->action_TIMEOUT; printf(" %-20s = If %d restart within %d cycles then %s " - "else if passed then %s\n", - "Timeout", s->to_start, s->to_cycle, actionnames[a->failed->id], - actionnames[a->passed->id]); + "else if succeeded then %s\n", + "Timeout", + s->to_start, + s->to_cycle, + a->failed->description, + a->succeeded->description); } for(r= s->maillist; r; r= r->next) { @@ -1151,13 +1265,60 @@ } /** + * Open and read the id from the given idfile. If the idfile doesn't exist, + * generate new id and store it in the id file. + * @param idfile An idfile with full path + * @return the id + */ +char *Util_monitId(char *idfile) { + FILE *file = NULL; + + ASSERT(idfile); + + if(! File_exist(idfile)) { + char buf[STRLEN]; + unsigned char digest[STRLEN]; + mode_t mask = umask(PRIVATEMASK); + file = fopen(idfile, "w"); + umask(mask); + if(! file) { + LogError("%s: Error opening the idfile '%s' -- %s\n", prog, idfile, STRERROR); + return NULL; + } + /* Generate the unique id */ + srandom(time(NULL) + getpid()); + snprintf(buf, STRLEN, "%lu%d%lu", (unsigned long)time(NULL), getpid(), random()); + md5_buffer(buf, strlen(buf), digest); + Util_digest2Bytes(digest, 16, Run.id); + fprintf(file, "%s", Run.id); + LogInfo("%s: generated unique Monit id %s and stored to '%s'\n", prog, Run.id, idfile); + } else { + if(! File_isFile(idfile)) { + LogError("%s: idfile '%s' is not a regular file\n", prog, idfile); + return NULL; + } + if((file = fopen(idfile,"r")) == (FILE *)NULL) { + LogError("%s: Error opening the idfile '%s' -- %s\n", prog, idfile, STRERROR); + return NULL; + } + if(fscanf(file, "%256s", Run.id) != 1) { + LogError("%s: Error reading id from file '%s'\n", prog, idfile); + fclose(file); + return NULL; + } + } + fclose(file); + + return Run.id; +} + +/** * Open and read the pid from the given pidfile. * @param pidfile A pidfile with full path * @return the pid (TRUE) or FALSE if the pid could * not be read from the file */ pid_t Util_getPid(char *pidfile) { - FILE *file= NULL; int pid= -1; @@ -1172,19 +1333,20 @@ return FALSE; } if((file= fopen(pidfile,"r")) == (FILE *)NULL) { - LogError("%s: Error opening the pidfile '%s' -- %s\n", - prog, pidfile, STRERROR); - return FALSE ; + LogError("%s: Error opening the pidfile '%s' -- %s\n", prog, pidfile, STRERROR); + return FALSE; } - fscanf(file, "%d", &pid); - fclose(file); - if(pid == -1) { - LogError("%s: pidfile `%s' does not contain a valid pidnumber\n", - prog, pidfile); - return (FALSE); + if(fscanf(file, "%d", &pid) != 1) { + LogError("%s: Error reading pid from file '%s'\n", prog, pidfile); + fclose(file); + return FALSE; } + fclose(file); + + if(pid < 0) + return(FALSE); - return (pid_t)pid; + return(pid_t)pid; } @@ -1204,7 +1366,7 @@ if( (getpgid(pid) > -1) || (errno == EPERM) ) return pid; DEBUG("'%s' Error testing process id [%d] -- %s\n", s->name, pid, STRERROR); - } + } Util_resetInfo(s); return FALSE; @@ -1224,16 +1386,16 @@ char *Util_getRFC822Date(time_t *date, char *result, int len) { struct tm *tm_now; - time_t now= (date && *date>0)?*date:time(NULL); + time_t now = (date && *date > 0) ? *date : time(NULL); - tm_now= localtime(&now); + tm_now = localtime(&now); + if (! tm_now) + return NULL; - if(strftime(result, len, "%a, %d %b %Y %H:%M:%S %z", tm_now) <= 0) { + if (strftime(result, len, "%a, %d %b %Y %H:%M:%S %z", tm_now) <= 0) { *result= 0; } - return result; - } @@ -1269,29 +1431,28 @@ */ char *Util_getUptime(time_t delta, char *sep) { - static int min= 60; - static int hour= 3600; - static int day= 86400; + static int min = 60; + static int hour = 3600; + static int day = 86400; long rest_d; long rest_h; long rest_m; char buf[STRLEN]; - char *p= buf; + char *p = buf; - *buf= 0; + *buf = 0; if(delta < 0) return(xstrdup("")); - if((rest_d= delta/day)>0) { - p+= snprintf(p, STRLEN-(p-buf), "%ldd%s", rest_d,sep); - delta-= rest_d*day; - } - if((rest_h= delta/hour)>0 || (rest_d > 0)) { - p+= snprintf(p, STRLEN-(p-buf),"%ldh%s", rest_h,sep); - delta-= rest_h*hour; - } - rest_m= delta/min; - p+= snprintf(p, STRLEN-(p-buf),"%ldm%s", rest_m,sep); - delta-= rest_m*min; + if((rest_d = delta/day)>0) { + p += snprintf(p, STRLEN-(p-buf), "%ldd%s", rest_d,sep); + delta -= rest_d*day; + } + if((rest_h = delta/hour)>0 || (rest_d > 0)) { + p += snprintf(p, STRLEN-(p-buf), "%ldh%s", rest_h,sep); + delta -= rest_h*hour; + } + rest_m = delta/min; + snprintf(p, STRLEN - (p - buf), "%ldm%s", rest_m, sep); return xstrdup(buf); @@ -1301,56 +1462,54 @@ /** * @return a checksum for the given file, or NULL if error. */ -char *Util_getChecksum(char *file, int hashtype) { + char *Util_getChecksum(char *file, int hashtype) { - int hashlength=16; + int hashlength=16; - ASSERT(file); - - switch(hashtype) { - case HASH_MD5: - hashlength=16; - break; - case HASH_SHA1: - hashlength=20; - break; - default: - return NULL; - } - - if(File_isFile(file)) { - FILE *f= fopen(file, "r"); - if(f) { - int i; - unsigned char buf[hashlength]; - char result[STRLEN]; - char *r= result; - int fresult=0; - - *result=0; - - switch(hashtype) { - case HASH_MD5: - fresult=md5_stream(f, buf); - break; - case HASH_SHA1: - fresult=sha_stream(f, buf); - break; - } - - fclose(f); - if(fresult) { - return NULL; - } - for(i= 0; i < hashlength; ++i) - r+= snprintf(r, STRLEN-(r-result) ,"%02x", buf[i]); - - return (xstrdup(result)); - - } - } - return NULL; -} + ASSERT(file); + + switch(hashtype) { + case HASH_MD5: + hashlength=16; + break; + case HASH_SHA1: + hashlength=20; + break; + default: + return NULL; + } + + if(File_isFile(file)) { + FILE *f= fopen(file, "r"); + if(f) { + MD_T result; + unsigned char buf[STRLEN]; + int fresult=0; + + *result=0; + + switch(hashtype) { + case HASH_MD5: + fresult=md5_stream(f, buf); + break; + case HASH_SHA1: + fresult=sha_stream(f, buf); + break; + } + + fclose(f); + if(fresult) { + return NULL; + } + + return (xstrdup(Util_digest2Bytes(buf, hashlength, result))); + + } + } + + return NULL; + + } /** @@ -1385,8 +1544,8 @@ /** - * Unescape an url string. The url parameter is modified - * by this method. + * Unescape an url string and remove redundant slashes. The + * url parameter is modified by this method. * @param url an escaped url string * @return A pointer to the unescaped urlstring */ @@ -1401,6 +1560,9 @@ url[x]= x2c(&url[y+1]); y+=2; } + while(url[x] == '/' && url[y+1] == '/') { + y++; + } } url[x]= 0; return url; @@ -1411,41 +1573,44 @@ * @return a Basic Authentication Authorization string (RFC 2617), * with credentials from the Run object, NULL if credentials are not defined. */ -char *Util_getBasicAuthHeader() { +char *Util_getBasicAuthHeaderMonit() { - Auth_T c= Run.credentials; + Auth_T c = Run.credentials; - if (c==NULL) { - return NULL; - } - /* We find the first cleartext credential for authorization */ - while (c!= NULL) { - if (c->digesttype == DIGEST_CLEARTEXT) { + while (c != NULL) { + if (c->digesttype == DIGEST_CLEARTEXT) break; - } - c=c->next; - } - if(c!=NULL) { - char *auth, *b64; - char buf[STRLEN]; - snprintf(buf, STRLEN, "%s:%s", - c->uname, - c->passwd); - if(! (b64= encode_base64(strlen(buf), (unsigned char *)buf)) ) { - LogError("Failed to base64 encode authentication header\n"); - FREE(b64); - return NULL; - } - auth= xcalloc(sizeof(char), STRLEN+1); - snprintf(auth, STRLEN, "Authorization: Basic %s\r\n", b64); - FREE(b64); - return auth; + c = c->next; } - LogError("Cleattext credentials needed for basic authorization!\n"); + if (c) + return Util_getBasicAuthHeader(c->uname, c->passwd); + return NULL; +} + +/** + * @return a Basic Authentication Authorization string (RFC 2617), + * NULL if username is not defined. + */ +char *Util_getBasicAuthHeader(char *username, char *password) { + char *auth, *b64; + char buf[STRLEN]; + + if (!username) + return NULL; + + snprintf(buf, STRLEN, "%s:%s", username, password ? password : ""); + if(! (b64= encode_base64(strlen(buf), (unsigned char *)buf)) ) { + LogError("Failed to base64 encode authentication header\n"); + return NULL; + } + auth= xcalloc(sizeof(char), STRLEN+1); + snprintf(auth, STRLEN, "Authorization: Basic %s\r\n", b64); + FREE(b64); + return auth; } @@ -1525,14 +1690,13 @@ int i; for(i= 0; i < 3; i++) { if(close(i) == -1 || open("/dev/null", O_RDWR) != i) { - LogError("Cannot reopen standard file descriptor (%d) -- %s\n", - i, STRERROR); + LogError("Cannot reopen standard file descriptor (%d) -- %s\n", i, STRERROR); } } } -/* +/** * Close all filedescriptors except standard. Everything * seems to have getdtablesize, so we'll use it here, and back * out to use 1024 if getdtablesize not available. @@ -1550,20 +1714,146 @@ } -/* +/** * Check if monit does have credentials for this user. If successful * a pointer to the password is returned. */ Auth_T Util_getUserCredentials(char *uname) { - Auth_T c= Run.credentials; - while ( c != NULL ) { - if ( strcmp(c->uname, uname) == 0 ) { + Auth_T c; + + /* check allowed user names */ + for (c = Run.credentials; c; c = c->next) + if (c->uname && IS(c->uname, uname)) return c; + +#ifdef HAVE_LIBPAM + /* check allowed group names */ + return(PAMcheckUserGroup(uname)); +#else + return NULL; +#endif +} + + +#ifdef HAVE_LIBPAM +/** + * PAM conversation + */ +#ifdef SOLARIS +static int PAMquery(int num_msg, struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { +#else +static int PAMquery(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { +#endif + int i; + struct ad_user *user = (struct ad_user *)appdata_ptr; + struct pam_response *response; + + /* Sanity checking */ + if (!msg || !resp || !user ) + return PAM_CONV_ERR; + + response = xcalloc(sizeof(struct pam_response), num_msg); + + for (i = 0; i < num_msg; i++) { + response[i].resp = NULL; + response[i].resp_retcode = 0; + + switch ((*(msg[i])).msg_style) { + case PAM_PROMPT_ECHO_ON: + /* Store the login as the response. This likely never gets called, since login was on pam_start() */ + response[i].resp= appdata_ptr ? xstrdup(user->login) : NULL; + break; + + case PAM_PROMPT_ECHO_OFF: + /* Store the password as the response */ + response[i].resp= appdata_ptr ? xstrdup(user->passwd) : NULL; + break; + + case PAM_TEXT_INFO: + case PAM_ERROR_MSG: + /* Shouldn't happen since we have PAM_SILENT set. If it happens anyway, ignore it. */ + break; + + default: + /* Something strange... */ + if (response != NULL) + FREE(response); + return PAM_CONV_ERR; } - c=c->next; + } + /* On success, return the response structure */ + *resp = response; + return PAM_SUCCESS; +} + + +/** + * Validate login/passwd via PAM service "monit" + */ +static int PAMcheckPasswd(const char *login, const char *passwd) { + int rv; + pam_handle_t *pamh = NULL; + struct ad_user user_info = { + login, + passwd + }; + struct pam_conv conv = { + PAMquery, + &user_info + }; + + if ((rv = pam_start("monit", login, &conv, &pamh) != PAM_SUCCESS)) { + DEBUG("PAM authentication start failed -- %d\n", rv); + return FALSE; + } + + rv = pam_authenticate(pamh, PAM_SILENT); + + if (pam_end(pamh, rv) != PAM_SUCCESS) + pamh = NULL; + + return(rv == PAM_SUCCESS ? TRUE : FALSE); +} + + +/** + * Check whether the user is member of allowed groups + */ +static Auth_T PAMcheckUserGroup(const char *uname) { + Auth_T c = Run.credentials; + struct passwd *pwd = NULL; + struct group *grp = NULL; + + ASSERT(uname); + + if (!(pwd = getpwnam(uname))) + return NULL; + + if (!(grp = getgrgid(pwd->pw_gid))) + return NULL; + + while (c) { + if (c->groupname) { + struct group *sgrp = NULL; + + /* check for primary group match */ + if (IS(c->groupname, grp->gr_name)) + return c; + + /* check secondary groups match */ + if ((sgrp = getgrnam(c->groupname))) { + char **g = NULL; + + for (g = sgrp->gr_mem; *g; g++) + if (IS(*g, uname)) + return c; + } + } + c = c->next; } return NULL; } +#endif /** @@ -1581,28 +1871,33 @@ return FALSE; } switch (c->digesttype) { - case DIGEST_CLEARTEXT: - { - strncpy(outside_crypt, outside, STRLEN); + case DIGEST_CLEARTEXT: + outside_crypt[sizeof(outside_crypt) - 1] = 0; + strncpy(outside_crypt, outside, sizeof(outside_crypt) - 1); break; - } - case DIGEST_MD5: + case DIGEST_MD5: { char id[STRLEN]; char salt[STRLEN]; - char * temp; + char *temp; /* A password looks like this, * $id$salt$digest * the '$' around the id are still part of the id. */ - strncpy(id, c->passwd, STRLEN); - temp= strchr(id+1, '$'); - ASSERT(temp); + id[sizeof(id) - 1] = 0; + strncpy(id, c->passwd, sizeof(id) - 1); + if(! (temp= strchr(id+1, '$'))) { + LogError("Password not in MD5 format.\n"); + return FALSE; + } temp += 1; *temp= '\0'; - strncpy(salt, c->passwd+strlen(id), STRLEN); - temp= strchr(salt, '$'); - ASSERT(temp); + salt[sizeof(salt) - 1] = 0; + strncpy(salt, c->passwd+strlen(id), sizeof(salt) - 1); + if(! (temp= strchr(salt, '$'))) { + LogError("Password not in MD5 format.\n"); + return FALSE; + } *temp= '\0'; if (md5_crypt(outside, id, salt, outside_crypt, STRLEN) == NULL) { LogError("Cannot generate MD5 digest error.\n"); @@ -1610,18 +1905,24 @@ } break; } - case DIGEST_CRYPT: + case DIGEST_CRYPT: { char salt[3]; char * temp; snprintf(salt, 3, "%c%c", c->passwd[0], c->passwd[1]); temp= crypt(outside, salt); - strncpy(outside_crypt, temp, STRLEN); + outside_crypt[sizeof(outside_crypt) - 1] = 0; + strncpy(outside_crypt, temp, sizeof(outside_crypt) - 1); break; } - default: - LogError("Unknown password digestion method.\n"); - return FALSE; +#ifdef HAVE_LIBPAM + case DIGEST_PAM: + return PAMcheckPasswd(uname, outside); + break; +#endif + default: + LogError("Unknown password digestion method.\n"); + return FALSE; } if (strcmp(outside_crypt,c->passwd)==0) { @@ -1709,8 +2010,10 @@ memset(s->inf, 0, sizeof *(s->inf)); s->inf->_pid= -1; s->inf->_ppid= -1; + s->inf->_flags= -1; s->inf->pid= -1; s->inf->ppid= -1; + s->inf->flags= -1; s->inf->st_ino_prev= 0; s->inf->readpos= 0; } @@ -1730,24 +2033,18 @@ /** * Construct a HTTP/1.1 Host header utilizing information from the - * socket. The returned hostBuf is set to "hostname:port" or to the - * empty string if information is not available or not applicable. + * socket. The returned hostBuf is set to "hostname" or "hostname:port". + * if port is not equal to the default HTTP port number * @param s A connected socket * @param hostBuf the buffer to write the host-header to * @param len Length of the hostBuf * @return the hostBuffer */ char *Util_getHTTPHostHeader(Socket_T s, char *hostBuf, int len) { - if(! strcmp(LOCALHOST, socket_get_remote_host(s)) || - inet_aton(socket_get_remote_host(s), NULL)) { - *hostBuf= 0; - } else { - if(socket_get_remote_port(s)==80) - snprintf(hostBuf, len, "%s", socket_get_remote_host(s)); - else - snprintf(hostBuf, len, "%s:%d", socket_get_remote_host(s), - socket_get_remote_port(s)); - } + if(socket_get_remote_port(s)==80) + snprintf(hostBuf, len, "%s", socket_get_remote_host(s)); + else + snprintf(hostBuf, len, "%s:%d", socket_get_remote_host(s), socket_get_remote_port(s)); return hostBuf; } @@ -1759,7 +2056,7 @@ * @param rightExpression rval * Returns the boolean value of the expression */ -int Util_evalQExpression(int operator, int left, int right) { +int Util_evalQExpression(int operator, long long left, long long right) { switch(operator) { case OPERATOR_GREATER: @@ -1820,6 +2117,8 @@ s->nstart= 0; s->ncycle= 0; s->error = EVENT_NULL; + if(s->eventlist) + gc_event(&s->eventlist); Util_resetInfo(s); } @@ -1831,19 +2130,19 @@ */ int Util_getAction(const char *action) { - char *name; /* the ACTION_IGNORE has index 0 => we will start on next item */ int i = 1; ASSERT(action); - for(name = actionnames[i]; strlen(actionnames[i]); i++) + while(strlen(actionnames[i])) { if(IS(action, actionnames[i])) { /* supported action found */ return i; } + i++; } /* the action was not found */ return ACTION_IGNORE; @@ -1932,19 +2231,25 @@ * Print registered events list */ static void printevents(unsigned int events) { - if(events == (~((unsigned int)0))) { + if(events == EVENT_NULL) { + printf("No events"); + } else if(events == EVENT_ALL) { printf("All events"); } else { - if(IS_EVENT_SET(events, EVENT_CHANGED)) - printf("Change "); + if(IS_EVENT_SET(events, EVENT_ACTION)) + printf("Action "); if(IS_EVENT_SET(events, EVENT_CHECKSUM)) printf("Checksum "); if(IS_EVENT_SET(events, EVENT_CONNECTION)) printf("Connection "); + if(IS_EVENT_SET(events, EVENT_CONTENT)) + printf("Content "); if(IS_EVENT_SET(events, EVENT_DATA)) printf("Data "); if(IS_EVENT_SET(events, EVENT_EXEC)) printf("Exec "); + if(IS_EVENT_SET(events, EVENT_FSFLAG)) + printf("Fsflags "); if(IS_EVENT_SET(events, EVENT_GID)) printf("Gid "); if(IS_EVENT_SET(events, EVENT_ICMP)) @@ -1953,12 +2258,14 @@ printf("Instance "); if(IS_EVENT_SET(events, EVENT_INVALID)) printf("Invalid "); - if(IS_EVENT_SET(events, EVENT_MATCH)) - printf("Match "); if(IS_EVENT_SET(events, EVENT_NONEXIST)) printf("Nonexist "); if(IS_EVENT_SET(events, EVENT_PERMISSION)) printf("Permission "); + if(IS_EVENT_SET(events, EVENT_PID)) + printf("PID "); + if(IS_EVENT_SET(events, EVENT_PPID)) + printf("PPID "); if(IS_EVENT_SET(events, EVENT_RESOURCE)) printf("Resource "); if(IS_EVENT_SET(events, EVENT_SIZE)) @@ -1973,4 +2280,3 @@ printf("\n"); } - diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/util.h /tmp/QeMlhPoI46/monit-5.0.3/util.h --- monit-4.8.1/util.h 2006-04-13 22:27:01.000000000 +0100 +++ monit-5.0.3/util.h 2009-03-14 21:20:35.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -30,7 +40,7 @@ * @author Christian Hopp * @author Michael Amster, * - * @version \$Id: util.h,v 1.15 2006/04/11 23:23:26 hauk Exp $ + * @version \$Id: util.h,v 1.27 2009/03/11 20:31:27 hauk Exp $ * @file */ @@ -85,6 +95,25 @@ /** + * Truncate s at n and add a trailing "..." + * to the end of s. If s is shorter than + * n or has no space for the trail, s is left + * untouched otherwise this function modifies s. + * 
    + * Example: 
+ *  char s[]= "Hello World!";
+ *  Util_trunc(s, strlen(s)); --> "Hello World!" 
+ *  Util_trunc(s, 5); --> "Hello..."
+ *  Util_trunc(s, 0); --> "..."
+ *
    + * @param s String to truncate at n + * @param n number of bytes from where s is truncated + * @return A pointer to s + */ +char *Util_trunc(char *s, int n); + + +/** * Replace all occurrences of the old char in the string * s with the new char. * @param s A string @@ -144,6 +173,16 @@ */ int Util_handle0Escapes(char *buf); + +/** + * Convert a digest buffer to a char string + * @param digest buffer containing a MD digest + * @param mdlen digest length + * @param result buffer to write the result to. Must be at least + * 41 bytes long. + */ +char *Util_digest2Bytes(unsigned char *digest, int mdlen, MD_T result); + /** * @param name A service name as stated in the config file @@ -194,6 +233,15 @@ /** + * Open and read the id from the given idfile. If the idfile doesn't exist, + * generate new id and store it in the id file. + * @param idfile An idfile with full path + * @return the id or NULL + */ +char *Util_monitId(char *idfile); + + +/** * Open and read the pid from the given pidfile. * @param pidfile A pidfile with full path * @return the pid (TRUE) or FALSE if the pid could @@ -268,7 +316,14 @@ * @return a Basic Authentication Authorization string (RFC 2617), * with credentials from the Run object, NULL if credentials are not defined. */ -char *Util_getBasicAuthHeader(); +char *Util_getBasicAuthHeaderMonit(); + + +/** + * @return a Basic Authentication Authorization string (RFC 2617), + * NULL if username is not defined. + */ +char *Util_getBasicAuthHeader(char *username, char *password); /** @@ -371,7 +426,7 @@ * @param rightExpression rval * @return the boolean value of the expression */ -int Util_evalQExpression(int operator, int left, int right); +int Util_evalQExpression(int operator, long long left, long long right); /* diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/validate.c /tmp/QeMlhPoI46/monit-5.0.3/validate.c --- monit-4.8.1/validate.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/validate.c 2009-05-25 20:02:57.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -80,6 +90,7 @@ #include "net.h" #include "device.h" #include "process.h" +#include "protocol.h" /** @@ -90,7 +101,7 @@ * @author Martin Pala * @author Christian Hopp * - * @version \$Id: validate.c,v 1.152 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: validate.c,v 1.200 2009/05/04 21:07:34 martinp Exp $ * @file */ @@ -113,8 +124,10 @@ static void check_process_pid(Service_T); static void check_process_ppid(Service_T); static void check_connection(Service_T, Port_T); -static void check_device_resources(Service_T, Device_T); +static void check_filesystem_flags(Service_T); +static void check_filesystem_resources(Service_T, Filesystem_T); static void check_process_resources(Service_T, Resource_T); +static int do_scheduled_action(Service_T); ProcessTree_T *ptree=NULL; int ptreesize=0; @@ -134,26 +147,38 @@ void validate() { Service_T s; - sigset_t ns, os; - Run.handler_flag = HANDLER_PASSED; - Event_queue_process(Run.eventlist); + Run.handler_flag = HANDLER_SUCCEEDED; + Event_queue_process(); if(Run.doprocess) { initprocesstree(&ptree, &ptreesize, &oldptree, &oldptreesize); update_system_load(ptree, ptreesize); } - time(&systeminfo.collected); + gettimeofday(&systeminfo.collected, NULL); + + /* In the case that at least one action is pending, perform quick + * loop to handle the actions ASAP */ + if(Run.doaction) { + Run.doaction = 0; + for(s= servicelist; s; s= s->next) { + LOCK(s->mutex) + do_scheduled_action(s); + END_LOCK; + } + } - for(s= servicelist; s; s= s->next) { + /* Check the services */ + for(s= servicelist; s && !Run.stopped; s= s->next) { LOCK(s->mutex) - set_signal_block(&ns, &os); - if(s->monitor && !check_skip(s) && !check_timeout(s)) { + if(!do_scheduled_action(s) && s->monitor && !check_skip(s) && !check_timeout(s)) { s->check(s); - s->monitor= MONITOR_YES; + /* The monitoring may be disabled by some matching rule in s->check + * so we have to check again before setting to MONITOR_YES */ + if(s->monitor != MONITOR_NOT) + s->monitor= MONITOR_YES; } - time(&s->collected); - unset_signal_block(&os); + gettimeofday(&s->collected, NULL); END_LOCK; } @@ -162,6 +187,8 @@ reset_depend(); + handle_mmonit(NULL); + } @@ -181,13 +208,10 @@ if(!(pid= Util_isProcessRunning(s))) { /* Reset the service info object to prevent false data in the first run */ Util_resetInfo(s); - Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, - "'%s' process is not running", s->name); + Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, "process is not running"); return FALSE; - } else { - Event_post(s, EVENT_NONEXIST, STATE_PASSED, s->action_NONEXIST, - "'%s' process is running with pid %d", s->name, (int)pid); - } + } else + Event_post(s, EVENT_NONEXIST, STATE_SUCCEEDED, s->action_NONEXIST, "process is running with pid %d", (int)pid); s->inf->uptime= Util_getProcessUptime(s->path); @@ -196,12 +220,10 @@ check_process_state(s); check_process_pid(s); check_process_ppid(s); - for(pr= s->resourcelist; pr; pr= pr->next) { + for(pr= s->resourcelist; pr; pr= pr->next) check_process_resources(s, pr); - } - } else { + } else LogError("'%s' failed to get service data\n", s->name); - } } @@ -216,44 +238,52 @@ /** - * Validate a given device service s. Events are posted according to + * Validate a given filesystem service s. Events are posted according to * its configuration. In case of a fatal event FALSE is returned. */ -int check_device(Service_T s) { - - Device_T td; +int check_filesystem(Service_T s) { + char *p; + char path_buf[PATH_MAX+1]; + Filesystem_T td; struct stat stat_buf; ASSERT(s); - if(stat(s->path, &stat_buf) != 0) { - Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, - "'%s' device doesn't exist", s->name); + p = s->path; + + /* We need to resolve symbolic link so if it points to device, + * we'll be able to find it in mnttab */ + if(lstat(s->path, &stat_buf) != 0) { + Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, "filesystem doesn't exist"); return FALSE; - } else { - s->inf->st_mode= stat_buf.st_mode; - s->inf->st_uid= stat_buf.st_uid; - s->inf->st_gid= stat_buf.st_gid; - Event_post(s, EVENT_NONEXIST, STATE_PASSED, s->action_NONEXIST, - "'%s' device exist", s->name); } + if(S_ISLNK(stat_buf.st_mode)) { + if(! realpath(s->path, path_buf)) { + Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, "symbolic filesystem link error -- %s", STRERROR); + return FALSE; + } + p = path_buf; + Event_post(s, EVENT_NONEXIST, STATE_SUCCEEDED, s->action_NONEXIST, "symbolic filesystem link %s -> %s", s->path, p); + if(stat(p, &stat_buf) != 0) { + Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, "filesystem doesn't exist"); + return FALSE; + } + } + Event_post(s, EVENT_NONEXIST, STATE_SUCCEEDED, s->action_NONEXIST, "filesystem exist"); + + s->inf->st_mode= stat_buf.st_mode; + s->inf->st_uid= stat_buf.st_uid; + s->inf->st_gid= stat_buf.st_gid; - if(!device_usage(s->inf, s->path)) { - Event_post(s, EVENT_DATA, STATE_FAILED, s->action_DATA, - "'%s' unable to read device %s state", s->name, s->path); + if(!filesystem_usage(s->inf, p)) { + Event_post(s, EVENT_DATA, STATE_FAILED, s->action_DATA, "unable to read filesystem %s state", p); return FALSE; - } else { - s->inf->inode_percent= - (int)((1000.0 * (s->inf->f_files - s->inf->f_filesfree)) / - (float)s->inf->f_files); - s->inf->space_percent= - (int)((1000.0 * (s->inf->f_blocks - s->inf->f_blocksfree)) / - (float)s->inf->f_blocks); - s->inf->inode_total= s->inf->f_files - s->inf->f_filesfree; - s->inf->space_total= s->inf->f_blocks - s->inf->f_blocksfreetotal; - Event_post(s, EVENT_DATA, STATE_PASSED, s->action_DATA, - "'%s' succeeded getting device statistic for %s", s->name, s->path); } + s->inf->inode_percent= (int)((1000.0 * (s->inf->f_files - s->inf->f_filesfree)) / (float)s->inf->f_files); + s->inf->space_percent= (int)((1000.0 * (s->inf->f_blocks - s->inf->f_blocksfree)) / (float)s->inf->f_blocks); + s->inf->inode_total= s->inf->f_files - s->inf->f_filesfree; + s->inf->space_total= s->inf->f_blocks - s->inf->f_blocksfreetotal; + Event_post(s, EVENT_DATA, STATE_SUCCEEDED, s->action_DATA, "succeeded getting filesystem statistic for %s", p); if(s->perm) check_perm(s); @@ -264,12 +294,13 @@ if(s->gid) check_gid(s); - if(s->devicelist) - for(td= s->devicelist; td; td= td->next) - check_device_resources(s, td); + check_filesystem_flags(s); - return TRUE; + if(s->filesystemlist) + for(td= s->filesystemlist; td; td= td->next) + check_filesystem_resources(s, td); + return TRUE; } @@ -278,41 +309,35 @@ * its configuration. In case of a fatal event FALSE is returned. */ int check_file(Service_T s) { - struct stat stat_buf; ASSERT(s); if(stat(s->path, &stat_buf) != 0) { - Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, - "'%s' file doesn't exist", s->name); + Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, "file doesn't exist"); return FALSE; } else { s->inf->st_mode= stat_buf.st_mode; if (s->inf->st_ino==0) { s->inf->st_ino_prev= stat_buf.st_ino; s->inf->readpos= stat_buf.st_size; - } else { + } else s->inf->st_ino_prev= s->inf->st_ino; - } s->inf->st_ino= stat_buf.st_ino; s->inf->st_uid= stat_buf.st_uid; s->inf->st_gid= stat_buf.st_gid; s->inf->st_size= stat_buf.st_size; s->inf->timestamp= MAX(stat_buf.st_mtime, stat_buf.st_ctime); - DEBUG("'%s' file existence check passed\n", s->name); - Event_post(s, EVENT_NONEXIST, STATE_PASSED, s->action_NONEXIST, - "'%s' file exist", s->name); + DEBUG("'%s' file existence check succeeded\n", s->name); + Event_post(s, EVENT_NONEXIST, STATE_SUCCEEDED, s->action_NONEXIST, "file exist"); } if(!S_ISREG(s->inf->st_mode)) { - Event_post(s, EVENT_INVALID, STATE_FAILED, s->action_INVALID, - "'%s' is not regular file", s->name); + Event_post(s, EVENT_INVALID, STATE_FAILED, s->action_INVALID, "is not a regular file"); return FALSE; } else { - DEBUG("'%s' is regular file\n", s->name); - Event_post(s, EVENT_INVALID, STATE_PASSED, s->action_INVALID, - "'%s' is regular file", s->name); + DEBUG("'%s' is a regular file\n", s->name); + Event_post(s, EVENT_INVALID, STATE_SUCCEEDED, s->action_INVALID, "is a regular file"); } if(s->checksum) @@ -352,27 +377,23 @@ ASSERT(s); if(stat(s->path, &stat_buf) != 0) { - Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, - "'%s' directory doesn't exist", s->name); + Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, "directory doesn't exist"); return FALSE; } else { s->inf->st_mode= stat_buf.st_mode; s->inf->st_uid= stat_buf.st_uid; s->inf->st_gid= stat_buf.st_gid; s->inf->timestamp= MAX(stat_buf.st_mtime, stat_buf.st_ctime); - DEBUG("'%s' directory existence check passed\n", s->name); - Event_post(s, EVENT_NONEXIST, STATE_PASSED, s->action_NONEXIST, - "'%s' directory exist", s->name); + DEBUG("'%s' directory existence check succeeded\n", s->name); + Event_post(s, EVENT_NONEXIST, STATE_SUCCEEDED, s->action_NONEXIST, "directory exist"); } if(!S_ISDIR(s->inf->st_mode)) { - Event_post(s, EVENT_INVALID, STATE_FAILED, s->action_INVALID, - "'%s' is not directory", s->name); + Event_post(s, EVENT_INVALID, STATE_FAILED, s->action_INVALID, "is not directory"); return FALSE; } else { DEBUG("'%s' is directory\n", s->name); - Event_post(s, EVENT_INVALID, STATE_PASSED, s->action_INVALID, - "'%s' is directory", s->name); + Event_post(s, EVENT_INVALID, STATE_SUCCEEDED, s->action_INVALID, "is directory"); } if(s->perm) @@ -403,27 +424,23 @@ ASSERT(s); if(stat(s->path, &stat_buf) != 0) { - Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, - "'%s' fifo doesn't exist", s->name); + Event_post(s, EVENT_NONEXIST, STATE_FAILED, s->action_NONEXIST, "fifo doesn't exist"); return FALSE; } else { s->inf->st_mode= stat_buf.st_mode; s->inf->st_uid= stat_buf.st_uid; s->inf->st_gid= stat_buf.st_gid; s->inf->timestamp= MAX(stat_buf.st_mtime, stat_buf.st_ctime); - DEBUG("'%s' fifo existence check passed\n", s->name); - Event_post(s, EVENT_NONEXIST, STATE_PASSED, s->action_NONEXIST, - "'%s' fifo exist", s->name); + DEBUG("'%s' fifo existence check succeeded\n", s->name); + Event_post(s, EVENT_NONEXIST, STATE_SUCCEEDED, s->action_NONEXIST, "fifo exist"); } if(!S_ISFIFO(s->inf->st_mode)) { - Event_post(s, EVENT_INVALID, STATE_FAILED, s->action_INVALID, - "'%s' is not fifo", s->name); + Event_post(s, EVENT_INVALID, STATE_FAILED, s->action_INVALID, "is not fifo"); return FALSE; } else { DEBUG("'%s' is fifo\n", s->name); - Event_post(s, EVENT_INVALID, STATE_PASSED, s->action_INVALID, - "'%s' is fifo", s->name); + Event_post(s, EVENT_INVALID, STATE_SUCCEEDED, s->action_INVALID, "is fifo"); } if(s->perm) @@ -444,12 +461,22 @@ /** + * Validate a given status service s. Events are posted according to + * its configuration. In case of a fatal event FALSE is returned. + */ +int check_status(Service_T s) { + // TODO Call external script and validate return value + return TRUE; + +} + + +/** * Validate a remote service. * @param s The remote service to validate * @return FALSE if there was an error otherwise TRUE */ int check_remote_host(Service_T s) { - Port_T p = NULL; Icmp_T icmp = NULL; Icmp_T last_ping = NULL; @@ -468,21 +495,17 @@ if(icmp->response < 0) { icmp->is_available= FALSE; DEBUG("'%s' icmp ping failed\n", s->name); - Event_post(s, EVENT_ICMP, STATE_FAILED, icmp->action, - "'%s' failed ICMP test [%s]", s->name, icmpnames[icmp->type]); + Event_post(s, EVENT_ICMP, STATE_FAILED, icmp->action, "failed ICMP test [%s]", icmpnames[icmp->type]); } else { icmp->is_available= TRUE; - DEBUG("'%s' icmp ping succeeded [response time %.3fs]\n", - s->name, icmp->response); - Event_post(s, EVENT_ICMP, STATE_PASSED, icmp->action, - "'%s' passed ICMP test [%s]", s->name, icmpnames[icmp->type]); + DEBUG("'%s' icmp ping succeeded [response time %.3fs]\n", s->name, icmp->response); + Event_post(s, EVENT_ICMP, STATE_SUCCEEDED, icmp->action, "succeeded ICMP test [%s]", icmpnames[icmp->type]); } last_ping = icmp; break; default: - LogError("'%s' error -- unknown ICMP type: [%d]\n", - s->name, icmp->type); + LogError("'%s' error -- unknown ICMP type: [%d]\n", s->name, icmp->type); return FALSE; } @@ -492,8 +515,7 @@ /* If we could not ping the host we assume it's down and do not * continue to check any port connections */ if(last_ping && !last_ping->is_available) { - DEBUG("'%s' icmp ping failed, skipping any port connection tests\n", - s->name); + DEBUG("'%s' icmp ping failed, skipping any port connection tests\n", s->name); return FALSE; } @@ -512,7 +534,6 @@ * FALSE is returned. */ int check_system(Service_T s) { - Resource_T r= NULL; ASSERT(s); @@ -532,7 +553,6 @@ * Test the connection and protocol */ static void check_connection(Service_T s, Port_T p) { - Socket_T socket; volatile int rv= TRUE; char report[STRLEN]={0}; @@ -549,36 +569,29 @@ /* Open a socket to the destination INET[hostname:port] or UNIX[pathname] */ socket= socket_create(p); if(!socket) { - snprintf(report, STRLEN, - "'%s' failed, cannot open a connection to %s via %s", - s->name, p->address, Util_portTypeDescription(p)); + snprintf(report, STRLEN, "failed, cannot open a connection to %s%s%s", p->address, p->family==AF_INET?" via ":"", p->family==AF_INET?Util_portTypeDescription(p):""); rv= FALSE; goto error; - } else { - DEBUG("'%s' succeeded connecting to %s via %s\n", - s->name, p->address, Util_portTypeDescription(p)); - } + } else + DEBUG("'%s' succeeded connecting to %s%s%s\n", s->name, p->address, p->family==AF_INET?" via ":"", p->family==AF_INET?Util_portTypeDescription(p):""); - /* Verify that the socket is ready for i|o */ - if(! socket_is_ready(socket)) { - snprintf(report, STRLEN, - "'%s' failed, the socket at %s via %s is not ready for i|o -- %s", - s->name, p->address, Util_portTypeDescription(p), STRERROR); + /* Verify that the socket is ready for i|o. TCP sockets are checked anytime, UDP + * sockets just when there is no specific protocol test used since the socket_is_ready() + * adds 2s delay when used with UDP socket. When there is specific protocol used, we + * don't need it for UDP, since the protocol test is sufficient */ + if((socket_get_type(socket) != SOCK_DGRAM || p->protocol->check == check_default) && !socket_is_ready(socket)) { + snprintf(report, STRLEN, "failed, the socket at %s%s%s is not ready for i|o -- %s", p->address, p->family==AF_INET?" via ":"", p->family==AF_INET?Util_portTypeDescription(p):"", STRERROR); rv= FALSE; goto error; } /* Run the protocol verification routine through the socket */ if(! p->protocol->check(socket)) { - snprintf(report, STRLEN, - "'%s' failed protocol test [%s] at %s via %s", - s->name, p->protocol->name, p->address, Util_portTypeDescription(p)); + snprintf(report, STRLEN, "failed protocol test [%s] at %s%s%s", p->protocol->name, p->address, p->family==AF_INET?" via ":"", p->family==AF_INET?Util_portTypeDescription(p):""); rv= FALSE; goto error; - } else { - DEBUG("'%s' succeeded testing protocol [%s] at %s via %s\n", - s->name, p->protocol->name, p->address, Util_portTypeDescription(p)); - } + } else + DEBUG("'%s' succeeded testing protocol [%s] at %s%s%s\n", s->name, p->protocol->name, p->address, p->family==AF_INET?" via ":"", p->family==AF_INET?Util_portTypeDescription(p):""); /* Get time of connection attempt finish */ gettimeofday(&t2, NULL); @@ -595,9 +608,7 @@ Event_post(s, EVENT_CONNECTION, STATE_FAILED, p->action, report); } else { p->is_available= TRUE; - Event_post(s, EVENT_CONNECTION, STATE_PASSED, p->action, - "'%s' connection passed to %s via %s", s->name, - p->address, Util_portTypeDescription(p)); + Event_post(s, EVENT_CONNECTION, STATE_SUCCEEDED, p->action, "connection succeeded to %s%s%s", p->address, p->family==AF_INET?" via ":"", p->family==AF_INET?Util_portTypeDescription(p):""); } } @@ -610,17 +621,11 @@ ASSERT(s); - if(s->inf->status_flag & PROCESS_ZOMBIE) { - /* We do not check the process anymore if it's a zombie - since such a process is (usually) unmanageable */ - Util_monitorUnset(s); - Event_post(s, EVENT_DATA, STATE_FAILED, s->action_DATA, - "'%s' process with pid %d is a zombie", s->name, s->inf->pid); - } else { - DEBUG("'%s' zombie check passed [status_flag=%04x]\n", - s->name, s->inf->status_flag); - Event_post(s, EVENT_DATA, STATE_PASSED, s->action_DATA, - "'%s' check process state passed", s->name); + if(s->inf->status_flag & PROCESS_ZOMBIE) + Event_post(s, EVENT_DATA, STATE_FAILED, s->action_DATA, "process with pid %d is a zombie", s->inf->pid); + else { + DEBUG("'%s' zombie check succeeded [status_flag=%04x]\n", s->name, s->inf->status_flag); + Event_post(s, EVENT_DATA, STATE_SUCCEEDED, s->action_DATA, "check process state succeeded"); } } @@ -637,14 +642,10 @@ if(s->inf->_pid == -1) return; - if(s->inf->_pid != s->inf->pid) { - Event_post(s, EVENT_CHANGED, STATE_FAILED, s->action_PID, - "'%s' process PID changed to %d", s->name, s->inf->pid); - } else { - DEBUG("'%s' PID has not changed since last cycle\n", s->name); - Event_post(s, EVENT_CHANGED, STATE_PASSED, s->action_PID, - "'%s' PID has not changed", s->name); - } + if(s->inf->_pid != s->inf->pid) + Event_post(s, EVENT_PID, STATE_CHANGED, s->action_PID, "process PID changed to %d", s->inf->pid); + else + Event_post(s, EVENT_PID, STATE_CHANGEDNOT, s->action_PID, "process PID has not changed since last cycle"); } @@ -659,14 +660,10 @@ if(s->inf->_ppid == -1) return; - if(s->inf->_ppid != s->inf->ppid) { - Event_post(s, EVENT_CHANGED, STATE_FAILED, s->action_PPID, - "'%s' process PPID changed to %d", s->name, s->inf->ppid); - } else { - DEBUG("'%s' PPID has not changed since last cycle\n", s->name); - Event_post(s, EVENT_CHANGED, STATE_PASSED, s->action_PPID, - "'%s' PPID has not changed", s->name); - } + if(s->inf->_ppid != s->inf->ppid) + Event_post(s, EVENT_PPID, STATE_CHANGED, s->action_PPID, "process PPID changed to %d", s->inf->ppid); + else + Event_post(s, EVENT_PPID, STATE_CHANGEDNOT, s->action_PPID, "process PPID has not changed since last cycle"); } @@ -683,206 +680,140 @@ switch(r->resource_id) { case RESOURCE_ID_CPU_PERCENT: - if(Util_evalQExpression(r->operator, s->inf->cpu_percent, r->limit)) { - snprintf(report, STRLEN, - "'%s' cpu usage of %.1f%% matches resource limit [cpu usage%s%.1f%%]", - s->name, s->inf->cpu_percent/10.0, operatorshortnames[r->operator], - r->limit/10.0); + if(s->monitor == MONITOR_INIT) { + DEBUG("'%s' cpu usage check skipped (initializing)\n", s->name); + } else if(Util_evalQExpression(r->operator, s->inf->cpu_percent, r->limit)) { + snprintf(report, STRLEN, "cpu usage of %.1f%% matches resource limit [cpu usage%s%.1f%%]", s->inf->cpu_percent/10.0, operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' cpu usage check passed [current cpu usage=%.1f%%]\n", - s->name, s->inf->cpu_percent/10.0); - } + } else + snprintf(report, STRLEN, "'%s' cpu usage check succeeded [current cpu usage=%.1f%%]\n", s->name, s->inf->cpu_percent/10.0); + break; + + case RESOURCE_ID_TOTAL_CPU_PERCENT: + if(s->monitor == MONITOR_INIT) { + DEBUG("'%s' total cpu usage check skipped (initializing)\n", s->name); + } else if(Util_evalQExpression(r->operator, s->inf->total_cpu_percent, r->limit)) { + snprintf(report, STRLEN, "total cpu usage of %.1f%% matches resource limit [cpu usage%s%.1f%%]", s->inf->total_cpu_percent/10.0, operatorshortnames[r->operator], r->limit/10.0); + okay= FALSE; + } else + snprintf(report, STRLEN, "'%s' total cpu usage check succeeded [current cpu usage=%.1f%%]\n", s->name, s->inf->total_cpu_percent/10.0); break; case RESOURCE_ID_CPUUSER: if(Util_evalQExpression(r->operator, systeminfo.total_cpu_user_percent, r->limit)) { - snprintf(report, STRLEN, - "'%s' cpu user usage of %.1f%% matches resource limit [cpu user usage%s%.1f%%]", - s->name, systeminfo.total_cpu_user_percent/10.0, operatorshortnames[r->operator], - r->limit/10.0); + snprintf(report, STRLEN, "cpu user usage of %.1f%% matches resource limit [cpu user usage%s%.1f%%]", systeminfo.total_cpu_user_percent/10.0, operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' cpu user usage check passed [current cpu user usage=%.1f%%]\n", - s->name, systeminfo.total_cpu_user_percent/10.0); - } + } else + snprintf(report, STRLEN, "'%s' cpu user usage check succeeded [current cpu user usage=%.1f%%]\n", s->name, systeminfo.total_cpu_user_percent/10.0); break; case RESOURCE_ID_CPUSYSTEM: if(Util_evalQExpression(r->operator, systeminfo.total_cpu_syst_percent, r->limit)) { - snprintf(report, STRLEN, - "'%s' cpu system usage of %.1f%% matches resource limit [cpu system usage%s%.1f%%]", - s->name, systeminfo.total_cpu_syst_percent/10.0, operatorshortnames[r->operator], - r->limit/10.0); + snprintf(report, STRLEN, "cpu system usage of %.1f%% matches resource limit [cpu system usage%s%.1f%%]", systeminfo.total_cpu_syst_percent/10.0, operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' cpu system usage check passed [current cpu system usage=%.1f%%]\n", - s->name, systeminfo.total_cpu_syst_percent/10.0); - } + } else + snprintf(report, STRLEN, "'%s' cpu system usage check succeeded [current cpu system usage=%.1f%%]\n", s->name, systeminfo.total_cpu_syst_percent/10.0); break; case RESOURCE_ID_CPUWAIT: if(Util_evalQExpression(r->operator, systeminfo.total_cpu_wait_percent, r->limit)) { - snprintf(report, STRLEN, - "'%s' cpu wait usage of %.1f%% matches resource limit [cpu wait usage%s%.1f%%]", - s->name, systeminfo.total_cpu_wait_percent/10.0, operatorshortnames[r->operator], - r->limit/10.0); + snprintf(report, STRLEN, "cpu wait usage of %.1f%% matches resource limit [cpu wait usage%s%.1f%%]", systeminfo.total_cpu_wait_percent/10.0, operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' cpu wait usage check passed [current cpu wait usage=%.1f%%]\n", - s->name, systeminfo.total_cpu_wait_percent/10.0); - } + } else + snprintf(report, STRLEN, "'%s' cpu wait usage check succeeded [current cpu wait usage=%.1f%%]\n", s->name, systeminfo.total_cpu_wait_percent/10.0); break; case RESOURCE_ID_MEM_PERCENT: if(s->type == TYPE_SYSTEM) { if(Util_evalQExpression(r->operator, systeminfo.total_mem_percent, r->limit)) { - snprintf(report, STRLEN, - "'%s' mem usage of %.1f%% matches resource limit [mem usage%s%.1f%%]", - s->name, systeminfo.total_mem_percent/10.0, operatorshortnames[r->operator], - r->limit/10.0); + snprintf(report, STRLEN, "mem usage of %.1f%% matches resource limit [mem usage%s%.1f%%]", systeminfo.total_mem_percent/10.0, operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' mem usage check passed [current mem usage=%.1f%%]\n", - s->name, systeminfo.total_mem_percent/10.0); - } + } else + snprintf(report, STRLEN, "'%s' mem usage check succeeded [current mem usage=%.1f%%]\n", s->name, systeminfo.total_mem_percent/10.0); } else { if(Util_evalQExpression(r->operator, s->inf->mem_percent, r->limit)) { - snprintf(report, STRLEN, - "'%s' mem usage of %.1f%% matches resource limit [mem usage%s%.1f%%]", - s->name, s->inf->mem_percent/10.0, operatorshortnames[r->operator], - r->limit/10.0); + snprintf(report, STRLEN, "mem usage of %.1f%% matches resource limit [mem usage%s%.1f%%]", s->inf->mem_percent/10.0, operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' mem usage check passed [current mem usage=%.1f%%]\n", - s->name, s->inf->mem_percent/10.0); - } + } else + snprintf(report, STRLEN, "'%s' mem usage check succeeded [current mem usage=%.1f%%]\n", s->name, s->inf->mem_percent/10.0); } break; case RESOURCE_ID_MEM_KBYTE: if(s->type == TYPE_SYSTEM) { if(Util_evalQExpression(r->operator, systeminfo.total_mem_kbyte, r->limit)) { - snprintf(report, STRLEN, - "'%s' mem amount of %ldkB matches resource limit [mem amount%s%ldkB]", - s->name, systeminfo.total_mem_kbyte, operatorshortnames[r->operator], r->limit); + snprintf(report, STRLEN, "mem amount of %ldkB matches resource limit [mem amount%s%ldkB]", systeminfo.total_mem_kbyte, operatorshortnames[r->operator], r->limit); okay= FALSE; - } else { - DEBUG("'%s' mem amount check passed [current mem amount=%ldkB]\n", - s->name, systeminfo.total_mem_kbyte); - } + } else + snprintf(report, STRLEN, "'%s' mem amount check succeeded [current mem amount=%ldkB]\n", s->name, systeminfo.total_mem_kbyte); } else { if(Util_evalQExpression(r->operator, s->inf->mem_kbyte, r->limit)) { - snprintf(report, STRLEN, - "'%s' mem amount of %ldkB matches resource limit [mem amount%s%ldkB]", - s->name, s->inf->mem_kbyte, operatorshortnames[r->operator], r->limit); + snprintf(report, STRLEN, "mem amount of %ldkB matches resource limit [mem amount%s%ldkB]", s->inf->mem_kbyte, operatorshortnames[r->operator], r->limit); okay= FALSE; - } else { - DEBUG("'%s' mem amount check passed [current mem amount=%ldkB]\n", - s->name, s->inf->mem_kbyte); - } + } else + snprintf(report, STRLEN, "'%s' mem amount check succeeded [current mem amount=%ldkB]\n", s->name, s->inf->mem_kbyte); } break; case RESOURCE_ID_LOAD1: - if(Util_evalQExpression(r->operator, - (int)(systeminfo.loadavg[0]*10.0), r->limit)) { - snprintf(report, STRLEN, - "'%s' loadavg(1min) of %.1f matches resource limit " - "[loadavg(1min)%s%.1f]", - s->name, systeminfo.loadavg[0], operatorshortnames[r->operator], - r->limit/10.0); + if(Util_evalQExpression(r->operator, (int)(systeminfo.loadavg[0]*10.0), r->limit)) { + snprintf(report, STRLEN, "loadavg(1min) of %.1f matches resource limit " "[loadavg(1min)%s%.1f]", systeminfo.loadavg[0], operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' loadavg(1min) check passed [current loadavg(1min)=%.1f]\n", - s->name, systeminfo.loadavg[0]); - } + } else + snprintf(report, STRLEN, "'%s' loadavg(1min) check succeeded [current loadavg(1min)=%.1f]\n", s->name, systeminfo.loadavg[0]); break; case RESOURCE_ID_LOAD5: - if(Util_evalQExpression(r->operator, - (int)(systeminfo.loadavg[1]*10.0), r->limit)) { - snprintf(report, STRLEN, - "'%s' loadavg(5min) of %.1f matches resource limit " - "[loadavg(5min)%s%.1f]", - s->name, systeminfo.loadavg[1], operatorshortnames[r->operator], - r->limit/10.0); + if(Util_evalQExpression(r->operator, (int)(systeminfo.loadavg[1]*10.0), r->limit)) { + snprintf(report, STRLEN, "loadavg(5min) of %.1f matches resource limit " "[loadavg(5min)%s%.1f]", systeminfo.loadavg[1], operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' loadavg(5min) check passed [current loadavg(5min)=%.1f]\n", - s->name, systeminfo.loadavg[1]); - } + } else + snprintf(report, STRLEN, "'%s' loadavg(5min) check succeeded [current loadavg(5min)=%.1f]\n", s->name, systeminfo.loadavg[1]); break; case RESOURCE_ID_LOAD15: - if(Util_evalQExpression(r->operator, - (int)(systeminfo.loadavg[2]*10.0), r->limit)) { - snprintf(report, STRLEN, - "'%s' loadavg(15min) of %.1f matches resource limit " - "[loadavg(15min)%s%.1f]", - s->name, systeminfo.loadavg[2], operatorshortnames[r->operator], - r->limit/10.0); + if(Util_evalQExpression(r->operator, (int)(systeminfo.loadavg[2]*10.0), r->limit)) { + snprintf(report, STRLEN, "loadavg(15min) of %.1f matches resource limit " "[loadavg(15min)%s%.1f]", systeminfo.loadavg[2], operatorshortnames[r->operator], r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' loadavg(15min) check passed [current loadavg(15min)=%.1f]\n", - s->name, systeminfo.loadavg[2]); - } + } else + snprintf(report, STRLEN, "'%s' loadavg(15min) check succeeded [current loadavg(15min)=%.1f]\n", s->name, systeminfo.loadavg[2]); break; case RESOURCE_ID_CHILDREN: if(Util_evalQExpression(r->operator, s->inf->children, r->limit)) { - snprintf(report, STRLEN, - "'%s' children of %i matches resource limit [children%s%ld]", - s->name, s->inf->children, operatorshortnames[r->operator], r->limit); + snprintf(report, STRLEN, "children of %i matches resource limit [children%s%ld]", s->inf->children, operatorshortnames[r->operator], r->limit); okay= FALSE; - } else { - DEBUG("'%s' children check passed [current children=%i]\n", - s->name, s->inf->children); - } + } else + snprintf(report, STRLEN, "'%s' children check succeeded [current children=%i]\n", s->name, s->inf->children); break; case RESOURCE_ID_TOTAL_MEM_KBYTE: if(Util_evalQExpression(r->operator, s->inf->total_mem_kbyte, r->limit)) { - snprintf(report, STRLEN, - "'%s' total mem amount of %ldkB matches resource limit" - " [total mem amount%s%ldkB]", - s->name, s->inf->total_mem_kbyte, operatorshortnames[r->operator], - r->limit); + snprintf(report, STRLEN, "total mem amount of %ldkB matches resource limit" " [total mem amount%s%ldkB]", s->inf->total_mem_kbyte, operatorshortnames[r->operator], r->limit); okay= FALSE; - } else { - DEBUG("'%s' total mem amount check passed " - "[current total mem amount=%ldkB]\n", s->name, s->inf->total_mem_kbyte); - } + } else + snprintf(report, STRLEN, "'%s' total mem amount check succeeded " "[current total mem amount=%ldkB]\n", s->name, s->inf->total_mem_kbyte); break; case RESOURCE_ID_TOTAL_MEM_PERCENT: if(Util_evalQExpression(r->operator, s->inf->total_mem_percent, r->limit)) { - snprintf(report, STRLEN, - "'%s' total mem amount of %.1f%% matches resource limit" - " [total mem amount%s%.1f%%]", - s->name, (float)s->inf->total_mem_percent/10.0, - operatorshortnames[r->operator], (float)r->limit/10.0); + snprintf(report, STRLEN, "total mem amount of %.1f%% matches resource limit" " [total mem amount%s%.1f%%]", (float)s->inf->total_mem_percent/10.0, operatorshortnames[r->operator], (float)r->limit/10.0); okay= FALSE; - } else { - DEBUG("'%s' total mem amount check passed " - "[current total mem amount=%.1f%%]\n", s->name, - s->inf->total_mem_percent/10.0); - } + } else + snprintf(report, STRLEN, "'%s' total mem amount check succeeded " "[current total mem amount=%.1f%%]\n", s->name, s->inf->total_mem_percent/10.0); break; default: - LogError("'%s' error -- unknown resource ID: [%d]\n", - s->name, r->resource_id); + LogError("'%s' error -- unknown resource ID: [%d]\n", s->name, r->resource_id); return; } - if(! okay) { + if (! okay) Event_post(s, EVENT_RESOURCE, STATE_FAILED, r->action, "%s", report); - } else { - Event_post(s, EVENT_RESOURCE, STATE_PASSED, r->action, - "'%s' resource passed", s->name); + else { + Event_post(s, EVENT_RESOURCE, STATE_SUCCEEDED, r->action, "%s", report); + DEBUG("%s", report); } - } @@ -890,9 +821,8 @@ * Test for associated path checksum change */ static void check_checksum(Service_T s) { - - Checksum_T cs; int changed; + Checksum_T cs; ASSERT(s && s->path && s->checksum && s->checksum->hash); @@ -903,8 +833,7 @@ if(s->inf->cs_sum) { - Event_post(s, EVENT_DATA, STATE_PASSED, s->action_DATA, - "'%s' checksum computed for %s", s->name, s->path); + Event_post(s, EVENT_DATA, STATE_SUCCEEDED, s->action_DATA, "checksum computed for %s", s->path); switch(cs->type) { case HASH_MD5: @@ -923,37 +852,37 @@ /* if we are testing for changes only, the value is variable */ if(cs->test_changes) { - Event_post(s, EVENT_CHANGED, STATE_FAILED, cs->action, - "'%s' checksum was changed for %s", s->name, s->path); + char *tmphash = xstrdup(s->inf->cs_sum); + + if(!cs->test_changes_ok) + /* the checksum was not initialized during monit start, so set the checksum now and allow further checksum change testing */ + cs->test_changes_ok = TRUE; + else + Event_post(s, EVENT_CHECKSUM, STATE_CHANGED, cs->action, "checksum was changed for %s", s->path); + /* reset expected value for next cycle */ FREE(cs->hash); - cs->hash= xstrdup(s->inf->cs_sum); - } else { - /* we are testing constant value for failed or passed state */ - Event_post(s, EVENT_CHECKSUM, STATE_FAILED, cs->action, - "'%s' checksum test failed for %s", s->name, s->path); - } + cs->hash= tmphash; + + } else + /* we are testing constant value for failed or succeeded state */ + Event_post(s, EVENT_CHECKSUM, STATE_FAILED, cs->action, "checksum test failed for %s", s->path); } else if(cs->test_changes) { DEBUG("'%s' checksum has not changed\n", s->name); - Event_post(s, EVENT_CHANGED, STATE_PASSED, cs->action, - "'%s' checksum has not changed", s->name); + Event_post(s, EVENT_CHECKSUM, STATE_CHANGEDNOT, cs->action, "checksum has not changed"); } else { DEBUG("'%s' has valid checksums\n", s->name); - Event_post(s, EVENT_CHECKSUM, STATE_PASSED, cs->action, - "'%s' checksum passed", s->name); + Event_post(s, EVENT_CHECKSUM, STATE_SUCCEEDED, cs->action, "checksum succeeded"); } - return; - } - Event_post(s, EVENT_DATA, STATE_FAILED, s->action_DATA, - "'%s' cannot compute checksum for %s", s->name, s->path); + Event_post(s, EVENT_DATA, STATE_FAILED, s->action_DATA, "cannot compute checksum for %s", s->path); } @@ -962,18 +891,13 @@ * Test for associated path permission change */ static void check_perm(Service_T s) { - ASSERT(s && s->perm); - if((s->inf->st_mode & 07777) != s->perm->perm) { - Event_post(s, EVENT_PERMISSION, STATE_FAILED, s->perm->action, - "'%s' permission test failed for %s -- current permission is %o", - s->name, s->path, s->inf->st_mode&07777); - } else { - DEBUG("'%s' permission check passed [current permission=%o]\n", - s->name, s->inf->st_mode&07777); - Event_post(s, EVENT_PERMISSION, STATE_PASSED, s->perm->action, - "'%s' permission passed", s->name); + if((s->inf->st_mode & 07777) != s->perm->perm) + Event_post(s, EVENT_PERMISSION, STATE_FAILED, s->perm->action, "permission test failed for %s -- current permission is %04o", s->path, s->inf->st_mode&07777); + else { + DEBUG("'%s' permission check succeeded [current permission=%04o]\n", s->name, s->inf->st_mode&07777); + Event_post(s, EVENT_PERMISSION, STATE_SUCCEEDED, s->perm->action, "permission succeeded"); } } @@ -982,19 +906,14 @@ * Test for associated path uid change */ static void check_uid(Service_T s) { - ASSERT(s && s->uid); - if(s->inf->st_uid != s->uid->uid) { - Event_post(s, EVENT_UID, STATE_FAILED, s->uid->action, - "'%s' uid test failed for %s -- current uid is %d", - s->name, s->path, (int)s->inf->st_uid); - } else { - DEBUG("'%s' uid check passed [current uid=%d]\n", s->name, - (int)s->inf->st_uid); - Event_post(s, EVENT_UID, STATE_PASSED, s->uid->action, "'%s' uid passed", s->name); + if(s->inf->st_uid != s->uid->uid) + Event_post(s, EVENT_UID, STATE_FAILED, s->uid->action, "uid test failed for %s -- current uid is %d", s->path, (int)s->inf->st_uid); + else { + DEBUG("'%s' uid check succeeded [current uid=%d]\n", s->name, (int)s->inf->st_uid); + Event_post(s, EVENT_UID, STATE_SUCCEEDED, s->uid->action, "uid succeeded"); } - } @@ -1002,19 +921,14 @@ * Test for associated path gid change */ static void check_gid(Service_T s) { - ASSERT(s && s->gid); - if(s->inf->st_gid != s->gid->gid ) { - Event_post(s, EVENT_GID, STATE_FAILED, s->gid->action, - "'%s' gid test failed for %s -- current gid is %d", - s->name, s->path, (int)s->inf->st_gid); - } else { - DEBUG("'%s' gid check passed [current gid=%d]\n", s->name, - (int)s->inf->st_gid); - Event_post(s, EVENT_GID, STATE_PASSED, s->gid->action, "'%s' gid passed", s->name); + if(s->inf->st_gid != s->gid->gid ) + Event_post(s, EVENT_GID, STATE_FAILED, s->gid->action, "gid test failed for %s -- current gid is %d", s->path, (int)s->inf->st_gid); + else { + DEBUG("'%s' gid check succeeded [current gid=%d]\n", s->name, (int)s->inf->st_gid); + Event_post(s, EVENT_GID, STATE_SUCCEEDED, s->gid->action, "gid succeeded"); } - } @@ -1022,20 +936,16 @@ * Validate timestamps of a service s */ static void check_timestamp(Service_T s) { - Timestamp_T t; time_t now; ASSERT(s && s->timestamplist); if((int)time(&now) == -1) { - Event_post(s, EVENT_DATA, STATE_FAILED, s->action_DATA, - "'%s' can't obtain actual system time", s->name); + Event_post(s, EVENT_DATA, STATE_FAILED, s->action_DATA, "can't obtain actual system time"); return; - } else { - Event_post(s, EVENT_DATA, STATE_PASSED, s->action_DATA, - "'%s' actual system time obtained", s->name); - } + } else + Event_post(s, EVENT_DATA, STATE_SUCCEEDED, s->action_DATA, "actual system time obtained"); for(t= s->timestamplist; t; t= t->next) { if(t->test_changes) { @@ -1043,27 +953,23 @@ /* if we are testing for changes only, the value is variable */ if(t->timestamp != s->inf->timestamp) { - t->timestamp= s->inf->timestamp; - Event_post(s, EVENT_CHANGED, STATE_FAILED, t->action, - "'%s' timestamp was changed for %s", s->name, s->path); /* reset expected value for next cycle */ + t->timestamp= s->inf->timestamp; + Event_post(s, EVENT_TIMESTAMP, STATE_CHANGED, t->action, "timestamp was changed for %s", s->path); } else { DEBUG("'%s' timestamp was not changed for %s\n", s->name, s->path); - Event_post(s, EVENT_CHANGED, STATE_PASSED, t->action, - "'%s' timestamp was not changed for %s", s->name, s->path); + Event_post(s, EVENT_TIMESTAMP, STATE_CHANGEDNOT, t->action, "timestamp was not changed for %s", s->path); } break; } else { - /* we are testing constant value for failed or passed state */ + /* we are testing constant value for failed or succeeded state */ - if(Util_evalQExpression(t->operator, (int)(now - s->inf->timestamp), t->time)) { - Event_post(s, EVENT_TIMESTAMP, STATE_FAILED, t->action, - "'%s' timestamp test failed for %s", s->name, s->path); - } else { - DEBUG("'%s' timestamp test passed for %s\n", s->name, s->path); - Event_post(s, EVENT_TIMESTAMP, STATE_PASSED, t->action, - "'%s' timestamp passed", s->name); + if(Util_evalQExpression(t->operator, (int)(now - s->inf->timestamp), t->time)) + Event_post(s, EVENT_TIMESTAMP, STATE_FAILED, t->action, "timestamp test failed for %s", s->path); + else { + DEBUG("'%s' timestamp test succeeded for %s\n", s->name, s->path); + Event_post(s, EVENT_TIMESTAMP, STATE_SUCCEEDED, t->action, "timestamp succeeded"); } } } @@ -1074,7 +980,6 @@ * Test size */ static void check_size(Service_T s) { - Size_T sl; ASSERT(s && s->sizelist); @@ -1083,29 +988,30 @@ /* if we are testing for changes only, the value is variable */ if(sl->test_changes) { - if(sl->size != s->inf->st_size) { - Event_post(s, EVENT_CHANGED, STATE_FAILED, sl->action, - "'%s' size was changed for %s", s->name, s->path); - /* reset expected value for next cycle */ + if(!sl->test_changes_ok) { + /* the size was not initialized during monit start, so set the size now + * and allow further size change testing */ + sl->test_changes_ok = TRUE; sl->size= s->inf->st_size; } else { - DEBUG("'%s' size has not changed [current size=%lu B]\n", s->name, - s->inf->st_size); - Event_post(s, EVENT_CHANGED, STATE_PASSED, sl->action, - "'%s' size was not changed", s->name, s->path); + if(sl->size != s->inf->st_size) { + Event_post(s, EVENT_SIZE, STATE_CHANGED, sl->action, "size was changed for %s", s->path); + /* reset expected value for next cycle */ + sl->size= s->inf->st_size; + } else { + DEBUG("'%s' size has not changed [current size=%llu B]\n", s->name, s->inf->st_size); + Event_post(s, EVENT_SIZE, STATE_CHANGEDNOT, sl->action, "size was not changed", s->path); + } } break; } - /* we are testing constant value for failed or passed state */ - if(Util_evalQExpression(sl->operator, s->inf->st_size, sl->size)) { - Event_post(s, EVENT_SIZE, STATE_FAILED, sl->action, - "'%s' size test failed for %s -- current size is %lu B", - s->name, s->path, s->inf->st_size); - } else { - DEBUG("'%s' file size check passed [current size=%lu B]\n", s->name, - s->inf->st_size); - Event_post(s, EVENT_SIZE, STATE_PASSED, sl->action, "'%s' size passed", s->name); + /* we are testing constant value for failed or succeeded state */ + if(Util_evalQExpression(sl->operator, s->inf->st_size, sl->size)) + Event_post(s, EVENT_SIZE, STATE_FAILED, sl->action, "size test failed for %s -- current size is %llu B", s->path, s->inf->st_size); + else { + DEBUG("'%s' file size check succeeded [current size=%llu B]\n", s->name, s->inf->st_size); + Event_post(s, EVENT_SIZE, STATE_SUCCEEDED, sl->action, "size succeeded"); } } } @@ -1114,102 +1020,80 @@ * Match content */ static void check_match(Service_T s) { - char line[MATCH_LINE_LENGTH]; - FILE *file; - int inode_checked=FALSE; - int advance=0; - int ignore; + int advance = 0; + int length = 0; + FILE *file; + char line[MATCH_LINE_LENGTH]; ASSERT(s && s->matchlist); - /* did inode change -> read position = 0 */ - if((inode_checked==FALSE) && (s->inf->st_ino != s->inf->st_ino_prev)) { - s->inf->readpos= 0; - } - inode_checked= TRUE; + /* If inode changed or size shrinked -> set read position = 0 */ + if (s->inf->st_ino != s->inf->st_ino_prev || s->inf->readpos > s->inf->st_size) + s->inf->readpos = 0; - /* did file decrease (readpos > file_size) -> read position = 0 */ - if(s->inf->readpos > s->inf->st_size) { - s->inf->readpos= 0; - } - - /* Do we need to match? (readpos < file_size) */ - if(!(s->inf->readpos < s->inf->st_size)){ + /* Do we need to match? */ + if (s->inf->readpos == s->inf->st_size) return; - } /* Open the file */ - if(NULL==(file=fopen(s->path, "r"))) { - /* We can't open the file */ - DEBUG("FILE: cannot open file %s: %s!\n", s->path, strerror(errno)); + if (! (file = fopen(s->path, "r"))) { + LogError("'%s' cannot open file %s: %s\n", s->name, s->path, STRERROR); return; } while (TRUE) { - ignore=FALSE; /* Seek to the read position */ - if (fseek(file, s->inf->readpos, SEEK_SET)!=0) { - /* We can not seek to the read position */ - DEBUG("FILE: cannot seek file %s: %s!\n", s->path, strerror(errno)); + if (fseek(file, s->inf->readpos, SEEK_SET)) { + LogError("'%s' cannot seek file %s: %s\n", s->name, s->path, STRERROR); goto final; } - if(NULL==fgets(line, MATCH_LINE_LENGTH, file)) { - /* We can not read the content! */ - if (!feof(file)) { - DEBUG("FILE: cannot read file %s: %s!\n", s->path, strerror(errno)); - } + if (! fgets(line, MATCH_LINE_LENGTH, file)) { + if (! feof(file)) + LogError("'%s' cannot read file %s: %s\n", s->name, s->path, STRERROR); goto final; } - /* Close the file */ - + length = strlen(line); + /* Empty line? Should not happen... but who knows */ - if (strlen(line) == 0) { - /* ==> ERROR */ + if (length == 0) goto final; - } - /* Complete line oder just beginning? (igore full buffers) */ - if ((strlen(line)<(MATCH_LINE_LENGTH)-1) && - (line[strlen(line)-1] != '\n')) { - /* we gonna read it next time */ - goto final; - } + /* Complete line or just beginning? (ignore full buffers) */ + if (length < MATCH_LINE_LENGTH-1 && line[length-1] != '\n') + goto final; /* we gonna read it next time */ - advance=strlen(line); + advance = length; /* - Does this line end with '\n'? Otherwise ignore and check it - as soon as it is complete - */ - if (strlen(line)==(MATCH_LINE_LENGTH)-1) { - int rv=0; + * Does this line end with '\n'? Otherwise ignore and check it + * as soon as it is complete + */ + if (length == MATCH_LINE_LENGTH-1) { + int rv = 0; - while (((unsigned char) rv != '\n') && (rv!=EOF)) { - rv=fgetc(file); + while ((unsigned char)rv != '\n' && rv != EOF) { + rv = fgetc(file); advance++; } - if (rv==EOF) { + if (rv == EOF) break; - } } /* Set read position to the end of last read */ - s->inf->readpos+=advance; + s->inf->readpos += advance; /* Remove appending newline */ - if (line[strlen(line)-1] == '\n') { - line[strlen(line)-1] = 0; - } + if (line[length-1] == '\n') + line[length-1] = 0; check_match_if(s, line); } final: - fclose(file); } @@ -1217,36 +1101,27 @@ * Match line for "ignore" statements */ static int check_match_ignore(Service_T s, char *line) { - - int rv=FALSE; - Match_T ml; - Match_T prev=NULL; + int rv = FALSE; int match_return; + Match_T ml; + Match_T prev = NULL; /* Check ignores */ - for(ml= s->matchlist; ml; prev=ml, ml= ml->next) { + for (ml = s->matchlist; ml; prev = ml, ml = ml->next) { if (ml->ignore) { #ifdef HAVE_REGEX_H - match_return=regexec(ml->regex_comp, - line, - 0, - NULL, - 0); + match_return = regexec(ml->regex_comp, line, 0, NULL, 0); #else - if (strstr(line, ml->match_string) == NULL) { - match_return= -1; - } else { - match_return= 0; - } + if (strstr(line, ml->match_string) == NULL) + match_return = -1; + else + match_return = 0; #endif - if((match_return==0) ^ (ml->not)) { + if ((match_return == 0) ^ (ml->not)) { /* We match! -> line is ignored! */ - DEBUG("FILE: Regular expression %s\"%s\" " - "ignore match on content line\n", - ml->not?"not ":"", - ml->match_string); - rv=TRUE; + DEBUG("'%s' Regular expression %s'%s' ignore match on content line\n", s->name, ml->not?"not ":"", ml->match_string); + rv = TRUE; break; } } @@ -1254,10 +1129,10 @@ /* Optimize match list => put recent match in front */ - if (prev!=NULL && rv==TRUE) { - prev->next=ml->next; - ml->next=s->matchlist; - s->matchlist=ml; + if (prev != NULL && rv == TRUE) { + prev->next = ml->next; + ml->next = s->matchlist; + s->matchlist = ml; } return rv; @@ -1267,50 +1142,35 @@ * Match line for "if" statements */ static void check_match_if(Service_T s, char *line) { - - Match_T ml; int match_return; - int ignore_tested= FALSE; + int ignore_tested = FALSE; + Match_T ml; /* Check non ignores */ - for(ml= s->matchlist; ml; ml= ml->next) { + for (ml = s->matchlist; ml; ml = ml->next) { - if (!(ml->ignore)) { + if (! ml->ignore) { #ifdef HAVE_REGEX_H - match_return=regexec(ml->regex_comp, - line, - 0, - NULL, - 0); + match_return = regexec(ml->regex_comp, line, 0, NULL, 0); #else - if (strstr(line, ml->match_string) == NULL) { - match_return= -1; - } else { - match_return= 0; - } + if (strstr(line, ml->match_string) == NULL) + match_return = -1; + else + match_return = 0; #endif - if((match_return==0) ^ (ml->not)) { + if ((match_return==0) ^ (ml->not)) { /* Check if we have to test for ignores! */ - if (!ignore_tested && check_match_ignore(s, line)) { + if (! ignore_tested && check_match_ignore(s, line)) return; - } - Event_post(s, EVENT_MATCH, STATE_FAILED, ml->action, - "'%s' content match " - "[%s]", - s->name, line); - DEBUG("FILE: Regular expression %s\"%s\" " - "DOES match on content line\n", - ml->not?"not ":"", - ml->match_string); + DEBUG("'%s' Regular expression %s'%s' match on content line\n", s->name, ml->not?"not ":"", ml->match_string); + Event_post(s, EVENT_CONTENT, STATE_CHANGED, ml->action, "content match [%s]", line); } else { - DEBUG("FILE: Regular expression %s\"%s\" " - "does not match on content line\n", - ml->not?"not ":"", - ml->match_string); + DEBUG("'%s' Regular expression %s'%s' doesn't match on content line\n", s->name, ml->not?"not ":"", ml->match_string); + Event_post(s, EVENT_CONTENT, STATE_CHANGEDNOT, ml->action, "content doesn't match [%s]", line); } } } @@ -1319,14 +1179,27 @@ } /** - * Device test + * Test filesystem flags for possible change since last cycle */ -static void check_device_resources(Service_T s, Device_T td) { +static void check_filesystem_flags(Service_T s) { + ASSERT(s && s->inf); + /* filesystem flags were not initialized yet */ + if(s->inf->_flags == -1) + return; + + if(s->inf->_flags != s->inf->flags) + Event_post(s, EVENT_FSFLAG, STATE_CHANGED, s->action_FSFLAG, "filesytem flags changed to %#lx", s->inf->flags); +} + +/** + * Filesystem test + */ +static void check_filesystem_resources(Service_T s, Filesystem_T td) { ASSERT(s && td); if( (td->limit_percent < 0) && (td->limit_absolute < 0) ) { - LogError("'%s' error: device limit not set\n", s->name); + LogError("'%s' error: filesystem limit not set\n", s->name); return; } @@ -1340,63 +1213,37 @@ if(td->limit_percent >= 0) { if(Util_evalQExpression( td->operator, s->inf->inode_percent, td->limit_percent)) { - Event_post(s, EVENT_RESOURCE, STATE_FAILED, td->action, - "'%s' inode usage %.1f%% matches resource limit [inode usage%s%.1f%%]", - s->name, - s->inf->inode_percent/10., - operatorshortnames[td->operator], - td->limit_percent/10.); + Event_post(s, EVENT_RESOURCE, STATE_FAILED, td->action, "inode usage %.1f%% matches resource limit [inode usage%s%.1f%%]", s->inf->inode_percent/10., operatorshortnames[td->operator], td->limit_percent/10.); return; } } else { if(Util_evalQExpression(td->operator, s->inf->inode_total, td->limit_absolute)) { - Event_post(s, EVENT_RESOURCE, STATE_FAILED, td->action, - "'%s' inode usage %ld matches resource limit [inode usage%s%ld]", - s->name, - s->inf->inode_total, - operatorshortnames[td->operator], - td->limit_absolute); + Event_post(s, EVENT_RESOURCE, STATE_FAILED, td->action, "inode usage %ld matches resource limit [inode usage%s%ld]", s->inf->inode_total, operatorshortnames[td->operator], td->limit_absolute); return; } } - DEBUG("'%s' inode usage check passed [current inode usage=%.1f%%]\n", - s->name, s->inf->inode_percent/10.); - Event_post(s, EVENT_RESOURCE, STATE_PASSED, td->action, - "'%s' device resources passed", s->name); + DEBUG("'%s' inode usage check succeeded [current inode usage=%.1f%%]\n", s->name, s->inf->inode_percent/10.); + Event_post(s, EVENT_RESOURCE, STATE_SUCCEEDED, td->action, "filesystem resources succeeded"); return; case RESOURCE_ID_SPACE: if(td->limit_percent >= 0) { if(Util_evalQExpression( td->operator, s->inf->space_percent, td->limit_percent)) { - Event_post(s, EVENT_RESOURCE, STATE_FAILED, td->action, - "'%s' space usage %.1f%% matches resource limit [space usage%s%.1f%%]", - s->name, - s->inf->space_percent/10., - operatorshortnames[td->operator], - td->limit_percent/10.); + Event_post(s, EVENT_RESOURCE, STATE_FAILED, td->action, "space usage %.1f%% matches resource limit [space usage%s%.1f%%]", s->inf->space_percent/10., operatorshortnames[td->operator], td->limit_percent/10.); return; } } else { if(Util_evalQExpression(td->operator, s->inf->space_total, td->limit_absolute)) { - Event_post(s, EVENT_RESOURCE, STATE_FAILED, td->action, - "'%s' space usage %ld blocks matches resource limit " - "[space usage%s%ld blocks]", - s->name, - s->inf->space_total, - operatorshortnames[td->operator], - td->limit_absolute); + Event_post(s, EVENT_RESOURCE, STATE_FAILED, td->action, "space usage %ld blocks matches resource limit " "[space usage%s%ld blocks]", s->inf->space_total, operatorshortnames[td->operator], td->limit_absolute); return; } } - DEBUG("'%s' space usage check passed [current space usage=%.1f%%]\n", - s->name, s->inf->space_percent/10.); - Event_post(s, EVENT_RESOURCE, STATE_PASSED, td->action, - "'%s' device resources passed", s->name); + DEBUG("'%s' space usage check succeeded [current space usage=%.1f%%]\n", s->name, s->inf->space_percent/10.); + Event_post(s, EVENT_RESOURCE, STATE_SUCCEEDED, td->action, "filesystem resources succeeded"); return; default: - LogError("'%s' error -- unknown resource type: [%d]\n", s->name, - td->resource); + LogError("'%s' error -- unknown resource type: [%d]\n", s->name, td->resource); return; } @@ -1423,15 +1270,13 @@ * Check timeout */ if(s->nstart >= s->to_start && s->ncycle <= s->to_cycle) { - Event_post(s, EVENT_TIMEOUT, STATE_FAILED, s->action_TIMEOUT, - "'%s' service timed out and will not be checked anymore", - s->name); + Event_post(s, EVENT_TIMEOUT, STATE_FAILED, s->action_TIMEOUT, "service timed out and will not be checked anymore"); return TRUE; } /* * Stop counting and reset if the - * cycle interval is passed + * cycle interval is succeeded */ if(s->ncycle > s->to_cycle) { s->ncycle= 0; @@ -1451,15 +1296,14 @@ ASSERT(s); - if(!s->def_every) - return FALSE; - if(s->visited) { - DEBUG("'%s' check skipped -- service already handled " - "in a dependency chain\n", s->name); + DEBUG("'%s' check skipped -- service already handled in a dependency chain\n", s->name); return TRUE; } + if(!s->def_every) + return FALSE; + if(++s->nevery < s->every) return TRUE; @@ -1470,3 +1314,17 @@ } +/** + * Returns TRUE if scheduled action was performed + */ +static int do_scheduled_action(Service_T s) { + if (s->doaction != ACTION_IGNORE) { + control_service(s->name, s->doaction); + Event_post(s, EVENT_ACTION, STATE_CHANGED, s->action_ACTION, "%s action done", actionnames[s->doaction]); + s->doaction = ACTION_IGNORE; + FREE(s->token); + return TRUE; + } + return FALSE; +} + diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/xmalloc.c /tmp/QeMlhPoI46/monit-5.0.3/xmalloc.c --- monit-4.8.1/xmalloc.c 2006-04-27 21:16:03.000000000 +0100 +++ monit-5.0.3/xmalloc.c 2009-02-13 13:06:33.000000000 +0000 @@ -1,20 +1,30 @@ /* - * Copyright (C), 1998 by Eric S. Raymond. - * Copyright (C), 2000-2006 by the monit project group. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -48,7 +58,7 @@ * @author Eric S. Raymond * @author Jan-Henrik Haukeland, * - * @version \$Id: xmalloc.c,v 1.14 2006/04/27 20:16:03 martinp Exp $ + * @version \$Id: xmalloc.c,v 1.21 2009/02/13 09:18:11 hauk Exp $ * * @file */ @@ -69,7 +79,7 @@ #if ! HAVE_MALLOC if ( n == 0) { - LogError("%s: passed a broken malloc 0\n", prog); + LogError("%s: succeeded a broken malloc 0\n", prog); exit(1); } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/xml.c /tmp/QeMlhPoI46/monit-5.0.3/xml.c --- monit-4.8.1/xml.c 2006-04-07 21:00:47.000000000 +0100 +++ monit-5.0.3/xml.c 2009-04-22 13:39:23.000000000 +0100 @@ -1,20 +1,30 @@ /* - * Copyright (C), 2000-2006 by the monit project group. - * All Rights Reserved. + * Copyright (C) 2009 Tildeslash Ltd. All rights reserved. * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ @@ -50,7 +60,7 @@ * * @author Martin Pala, * - * @version \$Id: xml.c,v 1.23 2006/04/07 11:46:00 martinp Exp $ + * @version \$Id: xml.c,v 1.56 2009/04/21 21:32:10 martinp Exp $ * * @file */ @@ -129,12 +139,22 @@ "\r\n" "\r\n" "\t\r\n" + "\t\t%s\r\n" "\t\t%ld\r\n" "\t\t%s\r\n" - "\t\t%ld\r\n", + "\t\t%ld\r\n" + "\t\t%d\r\n" + "\t\t%d\r\n" + "\t\t%s\r\n" + "\t\t%s\r\n", + Run.id, Run.incarnation, VERSION, - (long)Util_getProcessUptime(Run.pidfile)); + (long)Util_getProcessUptime(Run.pidfile), + Run.polltime, + Run.startdelay, + Run.localhostname ? Run.localhostname : "", + Run.controlfile ? Run.controlfile : ""); if(Run.dohttpd) { @@ -150,7 +170,21 @@ } buf_print(B, - "\t\r\n"); + "\t\r\n" + "\t\r\n" + "\t\t%s\r\n" + "\t\t%s\r\n" + "\t\t%s\r\n" + "\t\t%s\r\n" + "\t\t%d\r\n" + "\t\t%lu\r\n" + "\t\r\n", + systeminfo.uname.sysname, + systeminfo.uname.release, + systeminfo.uname.version, + systeminfo.uname.machine, + systeminfo.cpus, + systeminfo.mem_kbyte_max); } @@ -173,26 +207,43 @@ * @param L Status information level */ static void status_service(Service_T S, Buffer_T *B, short L) { + Event_T E = S->eventlist; buf_print(B, "\t\r\n" - "\t\t%ld\r\n" + "\t\t%ld\r\n" + "\t\t%ld\r\n" "\t\t%s\r\n" "\t\t%llu\r\n" + "\t\t%llu\r\n" "\t\t%d\r\n" + "\t\t%d\r\n" + "\t\t%d\r\n" "\t\t%s\r\n", S->type, - S->collected, + S->collected.tv_sec, + S->collected.tv_usec, S->name?S->name:"", S->error, + S->error_hint, S->monitor, + S->mode, + S->doaction, S->group?S->group:""); + /* if the service is in error state, display first active error message to provide more details */ + while (E) { + if ((E->state == STATE_FAILED || E->state == STATE_CHANGED) && (S->error & E->id) && E->message) { + buf_print(B, "\t\t%s\r\n", E->message); + break; + } + E = E->next; + } if(L == LEVEL_FULL) { if(Util_hasServiceStatus(S)) { if(S->type == TYPE_FILE || S->type == TYPE_DIRECTORY || S->type == TYPE_FIFO || - S->type == TYPE_DEVICE) { + S->type == TYPE_FILESYSTEM) { buf_print(B, "\t\t%o\r\n" "\t\t%d\r\n" @@ -210,34 +261,36 @@ } if(S->type == TYPE_FILE) { buf_print(B, - "\t\t%lu\r\n", - (unsigned long) S->inf->st_size); + "\t\t%llu\r\n", + (unsigned long long) S->inf->st_size); if(S->checksum) { buf_print(B, "\t\t%s\r\n", checksumnames[S->checksum->type], S->inf->cs_sum); } } - if(S->type == TYPE_DEVICE) { + if(S->type == TYPE_FILESYSTEM) { buf_print(B, + "\t\t%ld\r\n" "\t\t\r\n" - "\t\t\t%ld\r\n" - "\t\t\t%ld\r\n" - "\t\t\t%ld\r\n" - "\t\t\t%ld\r\n" + "\t\t\t%.1f\r\n" + "\t\t\t%.1f MB\r\n" + "\t\t\t%.1f MB\r\n" "\t\t\r\n", - S->inf->f_bsize, - S->inf->f_blocks, - S->inf->f_blocksfree, - S->inf->f_blocksfreetotal); + S->inf->flags, + S->inf->space_percent/10., + (float)S->inf->space_total / (float)1048576 * (float)S->inf->f_bsize, + (float)S->inf->f_blocks / (float)1048576 * (float)S->inf->f_bsize); if(S->inf->f_files > 0) { buf_print(B, "\t\t\r\n" - "\t\t\t%ld\r\n" - "\t\t\t%ld\r\n" + "\t\t\t%.1f\r\n" + "\t\t\t%ld\r\n" + "\t\t\t%ld\r\n" "\t\t\r\n", - S->inf->f_files, - S->inf->f_filesfree); + S->inf->inode_percent/10., + S->inf->inode_total, + S->inf->f_files); } } if(S->type == TYPE_PROCESS) { @@ -252,20 +305,20 @@ buf_print(B, "\t\t%d\r\n" "\t\t\r\n" - "\t\t\t%ld\r\n" - "\t\t\t%ld\r\n" "\t\t\t%.1f\r\n" "\t\t\t%.1f\r\n" + "\t\t\t%ld\r\n" + "\t\t\t%ld\r\n" "\t\t\r\n" "\t\t\r\n" "\t\t\t%.1f\r\n" "\t\t\t%.1f\r\n" "\t\t\r\n", S->inf->children, - S->inf->mem_kbyte, - S->inf->total_mem_kbyte, S->inf->mem_percent/10.0, S->inf->total_mem_percent/10.0, + S->inf->mem_kbyte, + S->inf->total_mem_kbyte, S->inf->cpu_percent/10.0, S->inf->total_cpu_percent/10.0); } @@ -289,17 +342,17 @@ buf_print(B, "\t\t\r\n" "\t\t\t%s\r\n" - "\t\t\t%d\r\n" + "\t\t\t%d\r\n" "\t\t\t%s\r\n" - "\t\t\t%s\r\n" "\t\t\t%s\r\n" + "\t\t\t%s\r\n" "\t\t\t%.3f\r\n" "\t\t\r\n", p->hostname?p->hostname:"", p->port, p->request?p->request:"", - Util_portTypeDescription(p), p->protocol->name?p->protocol->name:"", + Util_portTypeDescription(p), p->is_available?p->response:-1.); } else if(p->family == AF_UNIX) { @@ -316,33 +369,35 @@ } } if(S->type == TYPE_SYSTEM && Run.doprocess) { - buf_print(B, - "\t\t\r\n" - "\t\t\t%.2f\r\n" - "\t\t\t%.2f\r\n" - "\t\t\t%.2f\r\n" - "\t\t\r\n" - "\t\t\r\n" - "\t\t\t%.1f\r\n" - "\t\t\t%.1f\r\n" - #ifdef HAVE_CPU_WAIT - "\t\t\t%.1f\r\n" - #endif - "\t\t\r\n" - "\t\t\r\n" - "\t\t\t%ld\r\n" - "\t\t\t%.1f\r\n" - "\t\t\r\n", - systeminfo.loadavg[0], - systeminfo.loadavg[1], - systeminfo.loadavg[2], - systeminfo.total_cpu_user_percent/10., - systeminfo.total_cpu_syst_percent/10., - #ifdef HAVE_CPU_WAIT - systeminfo.total_cpu_wait_percent/10., - #endif - systeminfo.total_mem_kbyte, - systeminfo.total_mem_percent/10.); + buf_print(B, + "\t\t\r\n" + "\t\t\t\r\n" + "\t\t\t\t%.2f\r\n" + "\t\t\t\t%.2f\r\n" + "\t\t\t\t%.2f\r\n" + "\t\t\t\r\n" + "\t\t\t\r\n" + "\t\t\t\t%.1f\r\n" + "\t\t\t\t%.1f\r\n" +#ifdef HAVE_CPU_WAIT + "\t\t\t\t%.1f\r\n" +#endif + "\t\t\t\r\n" + "\t\t\t\r\n" + "\t\t\t\t%.1f\r\n" + "\t\t\t\t%ld\r\n" + "\t\t\t\r\n" + "\t\t\r\n", + systeminfo.loadavg[0], + systeminfo.loadavg[1], + systeminfo.loadavg[2], + systeminfo.total_cpu_user_percent/10., + systeminfo.total_cpu_syst_percent/10., + #ifdef HAVE_CPU_WAIT + systeminfo.total_cpu_wait_percent/10., + #endif + systeminfo.total_mem_percent/10., + systeminfo.total_mem_kbyte); } } } @@ -357,27 +412,43 @@ */ static void status_event(Event_T E, Buffer_T *B) { + Service_T s; + struct timeval *tv; + ASSERT(E); + if(!(s = Event_get_source(E))) + return; + + tv = Event_get_collected(E); + buf_print(B, "\t\r\n" - "\t\t%ld\r\n" + "\t\t%ld\r\n" + "\t\t%ld\r\n" "\t\t%s\r\n" "\t\t%d\r\n" "\t\t%s\r\n" "\t\t%d\r\n" "\t\t%d\r\n" "\t\t%d\r\n" - "\t\t%s\r\n" - "\t\r\n", - Event_get_collected(E), - Event_get_source_name(E), + "\t\t%s\r\n", + tv->tv_sec, + tv->tv_usec, + Event_get_id(E) == EVENT_INSTANCE ? "Monit" : Event_get_source_name(E), Event_get_source_type(E), Event_get_source_group(E), Event_get_id(E), Event_get_state(E), Event_get_action(E), Event_get_message(E)); + if (s->token) { + buf_print(B, + "\t\t%s\r\n", + s->token); + } + buf_print(B, + "\t\r\n"); } diff -Nru /tmp/mTIqZj4ofw/monit-4.8.1/y.output /tmp/QeMlhPoI46/monit-5.0.3/y.output --- monit-4.8.1/y.output 1970-01-01 01:00:00.000000000 +0100 +++ monit-5.0.3/y.output 2009-08-24 16:12:09.000000000 +0100 @@ -0,0 +1,8895 @@ + 0 $accept : cfgfile $end + + 1 cfgfile : + 2 | statement_list + + 3 statement_list : statement + 4 | statement_list statement + + 5 statement : setalert + 6 | setdaemon + 7 | setlog + 8 | seteventqueue + 9 | setmmonits + 10 | setmailservers + 11 | setmailformat + 12 | sethttpd + 13 | setpid + 14 | setidfile + 15 | setstatefile + 16 | setexpectbuffer + 17 | setinit + 18 | checkproc optproclist + 19 | checkfile optfilelist + 20 | checkfilesys optfilesyslist + 21 | checkdir optdirlist + 22 | checkhost opthostlist + 23 | checksystem optsystemlist + 24 | checkfifo optfifolist + 25 | checkstatus optstatuslist + + 26 optproclist : + 27 | optproclist optproc + + 28 optproc : start + 29 | stop + 30 | pid + 31 | ppid + 32 | connection + 33 | connectionunix + 34 | timeout + 35 | alert + 36 | every + 37 | mode + 38 | group + 39 | depend + 40 | resourceprocess + + 41 optfilelist : + 42 | optfilelist optfile + + 43 optfile : start + 44 | stop + 45 | timestamp + 46 | timeout + 47 | every + 48 | alert + 49 | permission + 50 | uid + 51 | gid + 52 | checksum + 53 | size + 54 | match + 55 | mode + 56 | group + 57 | depend + + 58 optfilesyslist : + 59 | optfilesyslist optfilesys + + 60 optfilesys : start + 61 | stop + 62 | timeout + 63 | every + 64 | alert + 65 | permission + 66 | uid + 67 | gid + 68 | mode + 69 | group + 70 | depend + 71 | inode + 72 | space + 73 | fsflag + + 74 optdirlist : + 75 | optdirlist optdir + + 76 optdir : start + 77 | stop + 78 | timestamp + 79 | timeout + 80 | every + 81 | alert + 82 | permission + 83 | uid + 84 | gid + 85 | mode + 86 | group + 87 | depend + + 88 opthostlist : opthost + 89 | opthostlist opthost + + 90 opthost : start + 91 | stop + 92 | connection + 93 | icmp + 94 | timeout + 95 | alert + 96 | every + 97 | mode + 98 | group + 99 | depend + + 100 optsystemlist : + 101 | optsystemlist optsystem + + 102 optsystem : timeout + 103 | alert + 104 | every + 105 | group + 106 | depend + 107 | resourcesystem + + 108 optfifolist : + 109 | optfifolist optfifo + + 110 optfifo : start + 111 | stop + 112 | timestamp + 113 | timeout + 114 | every + 115 | alert + 116 | permission + 117 | uid + 118 | gid + 119 | mode + 120 | group + 121 | depend + + 122 optstatuslist : + 123 | optstatuslist optstatus + + 124 optstatus : timeout + 125 | alert + 126 | every + 127 | group + 128 | depend + + 129 setalert : SET alertmail '{' eventoptionlist '}' formatlist reminder + 130 | SET alertmail formatlist reminder + 131 | SET alertmail NOT '{' eventoptionlist '}' formatlist reminder + + 132 setdaemon : SET DAEMON NUMBER startdelay + + 133 startdelay : + 134 | START DELAY NUMBER + + 135 setexpectbuffer : SET EXPECTBUFFER NUMBER unit + + 136 setinit : SET INIT + + 137 setlog : SET LOGFILE PATH + 138 | SET LOGFILE SYSLOG + 139 | SET LOGFILE SYSLOG FACILITY STRING + + 140 seteventqueue : SET EVENTQUEUE BASEDIR PATH + 141 | SET EVENTQUEUE BASEDIR PATH SLOT NUMBER + 142 | SET EVENTQUEUE SLOT NUMBER + + 143 setidfile : SET IDFILE PATH + + 144 setstatefile : SET STATEFILE PATH + + 145 setpid : SET PIDFILE PATH + + 146 setmmonits : SET MMONIT mmonitlist + + 147 mmonitlist : mmonit + 148 | mmonitlist mmonit + + 149 mmonit : URLOBJECT nettimeout sslversion certmd5 + + 150 setmailservers : SET MAILSERVER mailserverlist nettimeout hostname + + 151 setmailformat : SET MAILFORMAT '{' formatoptionlist '}' + + 152 sethttpd : SET HTTPD PORT NUMBER httpdlist + + 153 mailserverlist : mailserver + 154 | mailserverlist mailserver + + 155 mailserver : STRING username password sslversion certmd5 + 156 | STRING PORT NUMBER username password sslversion certmd5 + + 157 httpdlist : + 158 | httpdlist httpdoption + + 159 httpdoption : ssl + 160 | signature + 161 | bindaddress + 162 | allow + + 163 ssl : ssldisable + 164 | sslenable pemfile clientpemfile allowselfcert + + 165 sslenable : HTTPDSSL + 166 | HTTPDSSL ENABLE + 167 | ENABLE HTTPDSSL + + 168 ssldisable : HTTPDSSL DISABLE + 169 | DISABLE HTTPDSSL + 170 | ssldisable PEMFILE PATH + 171 | ssldisable CLIENTPEMFILE PATH + 172 | ssldisable ALLOWSELFCERTIFICATION + + 173 signature : sigenable + 174 | sigdisable + + 175 sigenable : SIGNATURE ENABLE + 176 | ENABLE SIGNATURE + + 177 sigdisable : SIGNATURE DISABLE + 178 | DISABLE SIGNATURE + + 179 bindaddress : ADDRESS STRING + + 180 pemfile : PEMFILE PATH + + 181 clientpemfile : + 182 | CLIENTPEMFILE PATH + + 183 allowselfcert : + 184 | ALLOWSELFCERTIFICATION + + 185 allow : ALLOW STRING ':' STRING readonly + 186 | ALLOW '@' STRING readonly + 187 | ALLOW PATH + 188 | ALLOW CLEARTEXT PATH + 189 | ALLOW MD5HASH PATH + 190 | ALLOW CRYPT PATH + + 191 $$1 : + + 192 allow : ALLOW PATH $$1 allowuserlist + + 193 $$2 : + + 194 allow : ALLOW CLEARTEXT PATH $$2 allowuserlist + + 195 $$3 : + + 196 allow : ALLOW MD5HASH PATH $$3 allowuserlist + + 197 $$4 : + + 198 allow : ALLOW CRYPT PATH $$4 allowuserlist + 199 | ALLOW STRING + + 200 allowuserlist : allowuser + 201 | allowuserlist allowuser + + 202 allowuser : STRING + + 203 readonly : + 204 | READONLY + + 205 checkproc : CHECKPROC SERVICENAME PIDFILE PATH + 206 | CHECKPROC SERVICENAME PATHTOK PATH + + 207 checkfile : CHECKFILE SERVICENAME PATHTOK PATH + + 208 checkfilesys : CHECKFILESYS SERVICENAME PATHTOK PATH + + 209 checkdir : CHECKDIR SERVICENAME PATHTOK PATH + + 210 checkhost : CHECKHOST SERVICENAME ADDRESS STRING + + 211 checksystem : CHECKSYSTEM SERVICENAME + + 212 checkfifo : CHECKFIFO SERVICENAME PATHTOK PATH + + 213 checkstatus : CHECKSTATUS SERVICENAME PATHTOK PATH + + 214 start : START argumentlist exectimeout + 215 | START argumentlist useroptionlist exectimeout + + 216 stop : STOP argumentlist exectimeout + 217 | STOP argumentlist useroptionlist exectimeout + + 218 argumentlist : argument + 219 | argumentlist argument + + 220 useroptionlist : useroption + 221 | useroptionlist useroption + + 222 argument : STRING + 223 | PATH + + 224 useroption : UID STRING + 225 | GID STRING + 226 | UID NUMBER + 227 | GID NUMBER + + 228 username : + 229 | USERNAME MAILADDR + 230 | USERNAME STRING + + 231 password : + 232 | PASSWORD STRING + + 233 hostname : + 234 | HOSTNAME STRING + + 235 connection : IF FAILED host port type protocol nettimeout rate1 THEN action1 recovery + 236 | IF FAILED URL URLOBJECT urloption nettimeout rate1 THEN action1 recovery + + 237 connectionunix : IF FAILED unixsocket type protocol nettimeout rate1 THEN action1 recovery + + 238 icmp : IF FAILED ICMP icmptype icmpcount nettimeout rate1 THEN action1 recovery + + 239 host : + 240 | HOST STRING + + 241 port : PORT NUMBER + + 242 unixsocket : UNIXSOCKET PATH + + 243 type : + 244 | TYPE TCP + 245 | TYPE TCPSSL sslversion certmd5 + 246 | TYPE UDP + + 247 certmd5 : + 248 | CERTMD5 STRING + + 249 sslversion : + 250 | SSLV2 + 251 | SSLV3 + 252 | TLSV1 + 253 | SSLAUTO + + 254 protocol : + 255 | PROTOCOL APACHESTATUS apache_stat_list + 256 | PROTOCOL DEFAULT + 257 | PROTOCOL DNS + 258 | PROTOCOL DWP + 259 | PROTOCOL FTP + 260 | PROTOCOL HTTP request + 261 | PROTOCOL IMAP + 262 | PROTOCOL CLAMAV + 263 | PROTOCOL LDAP2 + 264 | PROTOCOL LDAP3 + 265 | PROTOCOL MYSQL + 266 | PROTOCOL SIP target maxforward + 267 | PROTOCOL NNTP + 268 | PROTOCOL NTP3 + 269 | PROTOCOL POSTFIXPOLICY + 270 | PROTOCOL POP + 271 | PROTOCOL SMTP + 272 | PROTOCOL SSH + 273 | PROTOCOL RDATE + 274 | PROTOCOL RSYNC + 275 | PROTOCOL TNS + 276 | PROTOCOL PGSQL + 277 | PROTOCOL LMTP + 278 | sendexpectlist + + 279 sendexpectlist : sendexpect + 280 | sendexpectlist sendexpect + + 281 sendexpect : SEND STRING + 282 | EXPECT STRING + + 283 target : + 284 | TARGET MAILADDR + 285 | TARGET STRING + + 286 maxforward : + 287 | MAXFORWARD NUMBER + + 288 request : + 289 | REQUEST PATH + 290 | REQUEST PATH CHECKSUM STRING + + 291 apache_stat_list : apache_stat + 292 | apache_stat_list OR apache_stat + + 293 apache_stat : LOGLIMIT operator NUMBER PERCENT + 294 | CLOSELIMIT operator NUMBER PERCENT + 295 | DNSLIMIT operator NUMBER PERCENT + 296 | KEEPALIVELIMIT operator NUMBER PERCENT + 297 | REPLYLIMIT operator NUMBER PERCENT + 298 | REQUESTLIMIT operator NUMBER PERCENT + 299 | STARTLIMIT operator NUMBER PERCENT + 300 | WAITLIMIT operator NUMBER PERCENT + 301 | GRACEFULLIMIT operator NUMBER PERCENT + 302 | CLEANUPLIMIT operator NUMBER PERCENT + + 303 pid : IF CHANGED PID rate1 THEN action1 + + 304 ppid : IF CHANGED PPID rate1 THEN action1 + + 305 icmpcount : + 306 | COUNT NUMBER + + 307 exectimeout : + 308 | TIMEOUT NUMBER SECOND + + 309 nettimeout : + 310 | TIMEOUT NUMBER SECOND + + 311 timeout : IF NUMBER RESTART NUMBER CYCLE THEN TIMEOUT + + 312 urloption : + 313 | CONTENT urloperator STRING + + 314 urloperator : EQUAL + 315 | NOTEQUAL + + 316 alert : alertmail '{' eventoptionlist '}' formatlist reminder + 317 | alertmail formatlist reminder + 318 | alertmail NOT '{' eventoptionlist '}' formatlist reminder + 319 | noalertmail + + 320 alertmail : ALERT MAILADDR + + 321 noalertmail : NOALERT MAILADDR + + 322 eventoptionlist : eventoption + 323 | eventoptionlist eventoption + + 324 eventoption : ACTION + 325 | CHECKSUM + 326 | CONNECTION + 327 | CONTENT + 328 | DATA + 329 | EXEC + 330 | FSFLAG + 331 | GID + 332 | ICMP + 333 | INSTANCE + 334 | INVALID + 335 | NONEXIST + 336 | PERMISSION + 337 | PID + 338 | PPID + 339 | RESOURCE + 340 | SIZE + 341 | TIMEOUT + 342 | TIMESTAMP + 343 | UID + + 344 formatlist : + 345 | MAILFORMAT '{' formatoptionlist '}' + + 346 formatoptionlist : formatoption + 347 | formatoptionlist formatoption + + 348 formatoption : MAILFROM + 349 | MAILSUBJECT + 350 | MAILBODY + + 351 every : EVERY NUMBER CYCLE + + 352 mode : MODE ACTIVE + 353 | MODE PASSIVE + 354 | MODE MANUAL + + 355 group : GROUP STRINGNAME + + 356 depend : DEPENDS dependlist + + 357 dependlist : dependant + 358 | dependlist dependant + + 359 dependant : SERVICENAME + + 360 resourceprocess : IF resourceprocesslist rate1 THEN action1 recovery + + 361 resourceprocesslist : resourceprocessopt + 362 | resourceprocesslist resourceprocessopt + + 363 resourceprocessopt : resourcecpuproc + 364 | resourcemem + 365 | resourcechild + 366 | resourceload + + 367 resourcesystem : IF resourcesystemlist rate1 THEN action1 recovery + + 368 resourcesystemlist : resourcesystemopt + 369 | resourcesystemlist resourcesystemopt + + 370 resourcesystemopt : resourceload + 371 | resourcemem + 372 | resourcecpu + + 373 resourcecpuproc : CPU operator NUMBER PERCENT + 374 | TOTALCPU operator NUMBER PERCENT + + 375 resourcecpu : resourcecpuid operator NUMBER PERCENT + + 376 resourcecpuid : CPUUSER + 377 | CPUSYSTEM + 378 | CPUWAIT + + 379 resourcemem : MEMORY operator value unit + 380 | MEMORY operator NUMBER PERCENT + 381 | TOTALMEMORY operator value unit + 382 | TOTALMEMORY operator NUMBER PERCENT + + 383 resourcechild : CHILDREN operator NUMBER + + 384 resourceload : resourceloadavg operator value + + 385 resourceloadavg : LOADAVG1 + 386 | LOADAVG5 + 387 | LOADAVG15 + + 388 value : REAL + 389 | NUMBER + + 390 timestamp : IF TIMESTAMP operator NUMBER time rate1 THEN action1 recovery + 391 | IF CHANGED TIMESTAMP rate1 THEN action1 + + 392 operator : + 393 | GREATER + 394 | LESS + 395 | EQUAL + 396 | NOTEQUAL + 397 | CHANGED + + 398 time : + 399 | SECOND + 400 | MINUTE + 401 | HOUR + 402 | DAY + + 403 action : ALERT + 404 | EXEC argumentlist + 405 | EXEC argumentlist useroptionlist + 406 | RESTART + 407 | START + 408 | STOP + 409 | UNMONITOR + + 410 action1 : action + + 411 action2 : action + + 412 rate1 : + 413 | NUMBER CYCLE + 414 | NUMBER NUMBER CYCLE + + 415 rate2 : + 416 | NUMBER CYCLE + 417 | NUMBER NUMBER CYCLE + + 418 recovery : + 419 | ELSE IF RECOVERED rate2 THEN action2 + 420 | ELSE IF PASSED rate2 THEN action2 + 421 | ELSE IF SUCCEEDED rate2 THEN action2 + + 422 checksum : IF FAILED hashtype CHECKSUM rate1 THEN action1 recovery + 423 | IF FAILED hashtype CHECKSUM EXPECT STRING rate1 THEN action1 recovery + 424 | IF CHANGED hashtype CHECKSUM rate1 THEN action1 + + 425 hashtype : + 426 | MD5HASH + 427 | SHA1HASH + + 428 inode : IF INODE operator NUMBER rate1 THEN action1 recovery + 429 | IF INODE operator NUMBER PERCENT rate1 THEN action1 recovery + + 430 space : IF SPACE operator value unit rate1 THEN action1 recovery + 431 | IF SPACE operator NUMBER PERCENT rate1 THEN action1 recovery + + 432 fsflag : IF CHANGED FSFLAG rate1 THEN action1 + + 433 unit : + 434 | BYTE + 435 | KILOBYTE + 436 | MEGABYTE + 437 | GIGABYTE + + 438 permission : IF FAILED PERMISSION NUMBER rate1 THEN action1 recovery + + 439 match : IF matchflagnot MATCH PATH rate1 THEN action1 + 440 | IF matchflagnot MATCH STRING rate1 THEN action1 + 441 | IGNORE matchflagnot MATCH PATH + 442 | IGNORE matchflagnot MATCH STRING + + 443 matchflagnot : + 444 | NOT + + 445 size : IF SIZE operator NUMBER unit rate1 THEN action1 recovery + 446 | IF CHANGED SIZE rate1 THEN action1 + + 447 uid : IF FAILED UID STRING rate1 THEN action1 recovery + 448 | IF FAILED UID NUMBER rate1 THEN action1 recovery + + 449 gid : IF FAILED GID STRING rate1 THEN action1 recovery + 450 | IF FAILED GID NUMBER rate1 THEN action1 recovery + + 451 icmptype : TYPE ICMPECHO + + 452 reminder : + 453 | REMINDER NUMBER + 454 | REMINDER NUMBER CYCLE + +state 0 + $accept : . cfgfile $end (0) + cfgfile : . (1) + + SET shift 1 + CHECKPROC shift 2 + CHECKFILESYS shift 3 + CHECKFILE shift 4 + CHECKDIR shift 5 + CHECKHOST shift 6 + CHECKSYSTEM shift 7 + CHECKFIFO shift 8 + CHECKSTATUS shift 9 + $end reduce 1 + + cfgfile goto 10 + statement_list goto 11 + statement goto 12 + setalert goto 13 + setdaemon goto 14 + setlog goto 15 + seteventqueue goto 16 + setmmonits goto 17 + setmailservers goto 18 + setmailformat goto 19 + sethttpd goto 20 + setpid goto 21 + setidfile goto 22 + setstatefile goto 23 + setexpectbuffer goto 24 + setinit goto 25 + checkproc goto 26 + checkfile goto 27 + checkfilesys goto 28 + checkdir goto 29 + checkhost goto 30 + checksystem goto 31 + checkfifo goto 32 + checkstatus goto 33 + + +state 1 + setalert : SET . alertmail '{' eventoptionlist '}' formatlist reminder (129) + setalert : SET . alertmail formatlist reminder (130) + setalert : SET . alertmail NOT '{' eventoptionlist '}' formatlist reminder (131) + setdaemon : SET . DAEMON NUMBER startdelay (132) + setexpectbuffer : SET . EXPECTBUFFER NUMBER unit (135) + setinit : SET . INIT (136) + setlog : SET . LOGFILE PATH (137) + setlog : SET . LOGFILE SYSLOG (138) + setlog : SET . LOGFILE SYSLOG FACILITY STRING (139) + seteventqueue : SET . EVENTQUEUE BASEDIR PATH (140) + seteventqueue : SET . EVENTQUEUE BASEDIR PATH SLOT NUMBER (141) + seteventqueue : SET . EVENTQUEUE SLOT NUMBER (142) + setidfile : SET . IDFILE PATH (143) + setstatefile : SET . STATEFILE PATH (144) + setpid : SET . PIDFILE PATH (145) + setmmonits : SET . MMONIT mmonitlist (146) + setmailservers : SET . MAILSERVER mailserverlist nettimeout hostname (150) + setmailformat : SET . MAILFORMAT '{' formatoptionlist '}' (151) + sethttpd : SET . HTTPD PORT NUMBER httpdlist (152) + + LOGFILE shift 34 + DAEMON shift 35 + MAILSERVER shift 36 + HTTPD shift 37 + INIT shift 38 + IDFILE shift 39 + STATEFILE shift 40 + EXPECTBUFFER shift 41 + PIDFILE shift 42 + ALERT shift 43 + MAILFORMAT shift 44 + EVENTQUEUE shift 45 + MMONIT shift 46 + . error + + alertmail goto 47 + + +state 2 + checkproc : CHECKPROC . SERVICENAME PIDFILE PATH (205) + checkproc : CHECKPROC . SERVICENAME PATHTOK PATH (206) + + SERVICENAME shift 48 + . error + + +state 3 + checkfilesys : CHECKFILESYS . SERVICENAME PATHTOK PATH (208) + + SERVICENAME shift 49 + . error + + +state 4 + checkfile : CHECKFILE . SERVICENAME PATHTOK PATH (207) + + SERVICENAME shift 50 + . error + + +state 5 + checkdir : CHECKDIR . SERVICENAME PATHTOK PATH (209) + + SERVICENAME shift 51 + . error + + +state 6 + checkhost : CHECKHOST . SERVICENAME ADDRESS STRING (210) + + SERVICENAME shift 52 + . error + + +state 7 + checksystem : CHECKSYSTEM . SERVICENAME (211) + + SERVICENAME shift 53 + . error + + +state 8 + checkfifo : CHECKFIFO . SERVICENAME PATHTOK PATH (212) + + SERVICENAME shift 54 + . error + + +state 9 + checkstatus : CHECKSTATUS . SERVICENAME PATHTOK PATH (213) + + SERVICENAME shift 55 + . error + + +state 10 + $accept : cfgfile . $end (0) + + $end accept + + +state 11 + cfgfile : statement_list . (2) + statement_list : statement_list . statement (4) + + SET shift 1 + CHECKPROC shift 2 + CHECKFILESYS shift 3 + CHECKFILE shift 4 + CHECKDIR shift 5 + CHECKHOST shift 6 + CHECKSYSTEM shift 7 + CHECKFIFO shift 8 + CHECKSTATUS shift 9 + $end reduce 2 + + statement goto 56 + setalert goto 13 + setdaemon goto 14 + setlog goto 15 + seteventqueue goto 16 + setmmonits goto 17 + setmailservers goto 18 + setmailformat goto 19 + sethttpd goto 20 + setpid goto 21 + setidfile goto 22 + setstatefile goto 23 + setexpectbuffer goto 24 + setinit goto 25 + checkproc goto 26 + checkfile goto 27 + checkfilesys goto 28 + checkdir goto 29 + checkhost goto 30 + checksystem goto 31 + checkfifo goto 32 + checkstatus goto 33 + + +state 12 + statement_list : statement . (3) + + . reduce 3 + + +state 13 + statement : setalert . (5) + + . reduce 5 + + +state 14 + statement : setdaemon . (6) + + . reduce 6 + + +state 15 + statement : setlog . (7) + + . reduce 7 + + +state 16 + statement : seteventqueue . (8) + + . reduce 8 + + +state 17 + statement : setmmonits . (9) + + . reduce 9 + + +state 18 + statement : setmailservers . (10) + + . reduce 10 + + +state 19 + statement : setmailformat . (11) + + . reduce 11 + + +state 20 + statement : sethttpd . (12) + + . reduce 12 + + +state 21 + statement : setpid . (13) + + . reduce 13 + + +state 22 + statement : setidfile . (14) + + . reduce 14 + + +state 23 + statement : setstatefile . (15) + + . reduce 15 + + +state 24 + statement : setexpectbuffer . (16) + + . reduce 16 + + +state 25 + statement : setinit . (17) + + . reduce 17 + + +state 26 + statement : checkproc . optproclist (18) + optproclist : . (26) + + . reduce 26 + + optproclist goto 57 + + +state 27 + statement : checkfile . optfilelist (19) + optfilelist : . (41) + + . reduce 41 + + optfilelist goto 58 + + +state 28 + statement : checkfilesys . optfilesyslist (20) + optfilesyslist : . (58) + + . reduce 58 + + optfilesyslist goto 59 + + +state 29 + statement : checkdir . optdirlist (21) + optdirlist : . (74) + + . reduce 74 + + optdirlist goto 60 + + +state 30 + statement : checkhost . opthostlist (22) + + IF shift 61 + START shift 62 + STOP shift 63 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + MODE shift 66 + GROUP shift 67 + DEPENDS shift 68 + . error + + opthostlist goto 69 + start goto 70 + stop goto 71 + connection goto 72 + timeout goto 73 + alert goto 74 + every goto 75 + mode goto 76 + group goto 77 + depend goto 78 + opthost goto 79 + icmp goto 80 + alertmail goto 81 + noalertmail goto 82 + + +state 31 + statement : checksystem . optsystemlist (23) + optsystemlist : . (100) + + . reduce 100 + + optsystemlist goto 83 + + +state 32 + statement : checkfifo . optfifolist (24) + optfifolist : . (108) + + . reduce 108 + + optfifolist goto 84 + + +state 33 + statement : checkstatus . optstatuslist (25) + optstatuslist : . (122) + + . reduce 122 + + optstatuslist goto 85 + + +state 34 + setlog : SET LOGFILE . PATH (137) + setlog : SET LOGFILE . SYSLOG (138) + setlog : SET LOGFILE . SYSLOG FACILITY STRING (139) + + SYSLOG shift 86 + PATH shift 87 + . error + + +state 35 + setdaemon : SET DAEMON . NUMBER startdelay (132) + + NUMBER shift 88 + . error + + +state 36 + setmailservers : SET MAILSERVER . mailserverlist nettimeout hostname (150) + + STRING shift 89 + . error + + mailserverlist goto 90 + mailserver goto 91 + + +state 37 + sethttpd : SET HTTPD . PORT NUMBER httpdlist (152) + + PORT shift 92 + . error + + +state 38 + setinit : SET INIT . (136) + + . reduce 136 + + +state 39 + setidfile : SET IDFILE . PATH (143) + + PATH shift 93 + . error + + +state 40 + setstatefile : SET STATEFILE . PATH (144) + + PATH shift 94 + . error + + +state 41 + setexpectbuffer : SET EXPECTBUFFER . NUMBER unit (135) + + NUMBER shift 95 + . error + + +state 42 + setpid : SET PIDFILE . PATH (145) + + PATH shift 96 + . error + + +state 43 + alertmail : ALERT . MAILADDR (320) + + MAILADDR shift 97 + . error + + +state 44 + setmailformat : SET MAILFORMAT . '{' formatoptionlist '}' (151) + + '{' shift 98 + . error + + +state 45 + seteventqueue : SET EVENTQUEUE . BASEDIR PATH (140) + seteventqueue : SET EVENTQUEUE . BASEDIR PATH SLOT NUMBER (141) + seteventqueue : SET EVENTQUEUE . SLOT NUMBER (142) + + BASEDIR shift 99 + SLOT shift 100 + . error + + +state 46 + setmmonits : SET MMONIT . mmonitlist (146) + + URLOBJECT shift 101 + . error + + mmonitlist goto 102 + mmonit goto 103 + + +state 47 + setalert : SET alertmail . '{' eventoptionlist '}' formatlist reminder (129) + setalert : SET alertmail . formatlist reminder (130) + setalert : SET alertmail . NOT '{' eventoptionlist '}' formatlist reminder (131) + formatlist : . (344) + + MAILFORMAT shift 104 + NOT shift 105 + '{' shift 106 + $end reduce 344 + SET reduce 344 + REMINDER reduce 344 + CHECKPROC reduce 344 + CHECKFILESYS reduce 344 + CHECKFILE reduce 344 + CHECKDIR reduce 344 + CHECKHOST reduce 344 + CHECKSYSTEM reduce 344 + CHECKFIFO reduce 344 + CHECKSTATUS reduce 344 + + formatlist goto 107 + + +state 48 + checkproc : CHECKPROC SERVICENAME . PIDFILE PATH (205) + checkproc : CHECKPROC SERVICENAME . PATHTOK PATH (206) + + PIDFILE shift 108 + PATHTOK shift 109 + . error + + +state 49 + checkfilesys : CHECKFILESYS SERVICENAME . PATHTOK PATH (208) + + PATHTOK shift 110 + . error + + +state 50 + checkfile : CHECKFILE SERVICENAME . PATHTOK PATH (207) + + PATHTOK shift 111 + . error + + +state 51 + checkdir : CHECKDIR SERVICENAME . PATHTOK PATH (209) + + PATHTOK shift 112 + . error + + +state 52 + checkhost : CHECKHOST SERVICENAME . ADDRESS STRING (210) + + ADDRESS shift 113 + . error + + +state 53 + checksystem : CHECKSYSTEM SERVICENAME . (211) + + . reduce 211 + + +state 54 + checkfifo : CHECKFIFO SERVICENAME . PATHTOK PATH (212) + + PATHTOK shift 114 + . error + + +state 55 + checkstatus : CHECKSTATUS SERVICENAME . PATHTOK PATH (213) + + PATHTOK shift 115 + . error + + +state 56 + statement_list : statement_list statement . (4) + + . reduce 4 + + +state 57 + statement : checkproc optproclist . (18) + optproclist : optproclist . optproc (27) + + IF shift 116 + START shift 62 + STOP shift 63 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + MODE shift 66 + GROUP shift 67 + DEPENDS shift 68 + $end reduce 18 + SET reduce 18 + CHECKPROC reduce 18 + CHECKFILESYS reduce 18 + CHECKFILE reduce 18 + CHECKDIR reduce 18 + CHECKHOST reduce 18 + CHECKSYSTEM reduce 18 + CHECKFIFO reduce 18 + CHECKSTATUS reduce 18 + + optproc goto 117 + start goto 118 + stop goto 119 + pid goto 120 + ppid goto 121 + connection goto 122 + connectionunix goto 123 + timeout goto 124 + alert goto 125 + every goto 126 + mode goto 127 + group goto 128 + depend goto 129 + resourceprocess goto 130 + alertmail goto 81 + noalertmail goto 82 + + +state 58 + statement : checkfile optfilelist . (19) + optfilelist : optfilelist . optfile (42) + + IF shift 131 + START shift 62 + STOP shift 63 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + MODE shift 66 + GROUP shift 67 + DEPENDS shift 68 + IGNORE shift 132 + $end reduce 19 + SET reduce 19 + CHECKPROC reduce 19 + CHECKFILESYS reduce 19 + CHECKFILE reduce 19 + CHECKDIR reduce 19 + CHECKHOST reduce 19 + CHECKSYSTEM reduce 19 + CHECKFIFO reduce 19 + CHECKSTATUS reduce 19 + + start goto 133 + stop goto 134 + timeout goto 135 + alert goto 136 + every goto 137 + mode goto 138 + group goto 139 + depend goto 140 + optfile goto 141 + timestamp goto 142 + permission goto 143 + uid goto 144 + gid goto 145 + checksum goto 146 + size goto 147 + match goto 148 + alertmail goto 81 + noalertmail goto 82 + + +state 59 + statement : checkfilesys optfilesyslist . (20) + optfilesyslist : optfilesyslist . optfilesys (59) + + IF shift 149 + START shift 62 + STOP shift 63 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + MODE shift 66 + GROUP shift 67 + DEPENDS shift 68 + $end reduce 20 + SET reduce 20 + CHECKPROC reduce 20 + CHECKFILESYS reduce 20 + CHECKFILE reduce 20 + CHECKDIR reduce 20 + CHECKHOST reduce 20 + CHECKSYSTEM reduce 20 + CHECKFIFO reduce 20 + CHECKSTATUS reduce 20 + + start goto 150 + stop goto 151 + timeout goto 152 + alert goto 153 + every goto 154 + mode goto 155 + group goto 156 + depend goto 157 + permission goto 158 + uid goto 159 + gid goto 160 + optfilesys goto 161 + inode goto 162 + space goto 163 + fsflag goto 164 + alertmail goto 81 + noalertmail goto 82 + + +state 60 + statement : checkdir optdirlist . (21) + optdirlist : optdirlist . optdir (75) + + IF shift 165 + START shift 62 + STOP shift 63 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + MODE shift 66 + GROUP shift 67 + DEPENDS shift 68 + $end reduce 21 + SET reduce 21 + CHECKPROC reduce 21 + CHECKFILESYS reduce 21 + CHECKFILE reduce 21 + CHECKDIR reduce 21 + CHECKHOST reduce 21 + CHECKSYSTEM reduce 21 + CHECKFIFO reduce 21 + CHECKSTATUS reduce 21 + + start goto 166 + stop goto 167 + timeout goto 168 + alert goto 169 + every goto 170 + mode goto 171 + group goto 172 + depend goto 173 + timestamp goto 174 + permission goto 175 + uid goto 176 + gid goto 177 + optdir goto 178 + alertmail goto 81 + noalertmail goto 82 + + +state 61 + connection : IF . FAILED host port type protocol nettimeout rate1 THEN action1 recovery (235) + connection : IF . FAILED URL URLOBJECT urloption nettimeout rate1 THEN action1 recovery (236) + icmp : IF . FAILED ICMP icmptype icmpcount nettimeout rate1 THEN action1 recovery (238) + timeout : IF . NUMBER RESTART NUMBER CYCLE THEN TIMEOUT (311) + + FAILED shift 179 + NUMBER shift 180 + . error + + +state 62 + start : START . argumentlist exectimeout (214) + start : START . argumentlist useroptionlist exectimeout (215) + + STRING shift 181 + PATH shift 182 + . error + + argumentlist goto 183 + argument goto 184 + + +state 63 + stop : STOP . argumentlist exectimeout (216) + stop : STOP . argumentlist useroptionlist exectimeout (217) + + STRING shift 181 + PATH shift 182 + . error + + argumentlist goto 185 + argument goto 184 + + +state 64 + noalertmail : NOALERT . MAILADDR (321) + + MAILADDR shift 186 + . error + + +state 65 + every : EVERY . NUMBER CYCLE (351) + + NUMBER shift 187 + . error + + +state 66 + mode : MODE . ACTIVE (352) + mode : MODE . PASSIVE (353) + mode : MODE . MANUAL (354) + + ACTIVE shift 188 + PASSIVE shift 189 + MANUAL shift 190 + . error + + +state 67 + group : GROUP . STRINGNAME (355) + + STRINGNAME shift 191 + . error + + +state 68 + depend : DEPENDS . dependlist (356) + + SERVICENAME shift 192 + . error + + dependlist goto 193 + dependant goto 194 + + +state 69 + statement : checkhost opthostlist . (22) + opthostlist : opthostlist . opthost (89) + + IF shift 61 + START shift 62 + STOP shift 63 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + MODE shift 66 + GROUP shift 67 + DEPENDS shift 68 + $end reduce 22 + SET reduce 22 + CHECKPROC reduce 22 + CHECKFILESYS reduce 22 + CHECKFILE reduce 22 + CHECKDIR reduce 22 + CHECKHOST reduce 22 + CHECKSYSTEM reduce 22 + CHECKFIFO reduce 22 + CHECKSTATUS reduce 22 + + start goto 70 + stop goto 71 + connection goto 72 + timeout goto 73 + alert goto 74 + every goto 75 + mode goto 76 + group goto 77 + depend goto 78 + opthost goto 195 + icmp goto 80 + alertmail goto 81 + noalertmail goto 82 + + +state 70 + opthost : start . (90) + + . reduce 90 + + +state 71 + opthost : stop . (91) + + . reduce 91 + + +state 72 + opthost : connection . (92) + + . reduce 92 + + +state 73 + opthost : timeout . (94) + + . reduce 94 + + +state 74 + opthost : alert . (95) + + . reduce 95 + + +state 75 + opthost : every . (96) + + . reduce 96 + + +state 76 + opthost : mode . (97) + + . reduce 97 + + +state 77 + opthost : group . (98) + + . reduce 98 + + +state 78 + opthost : depend . (99) + + . reduce 99 + + +state 79 + opthostlist : opthost . (88) + + . reduce 88 + + +state 80 + opthost : icmp . (93) + + . reduce 93 + + +state 81 + alert : alertmail . '{' eventoptionlist '}' formatlist reminder (316) + alert : alertmail . formatlist reminder (317) + alert : alertmail . NOT '{' eventoptionlist '}' formatlist reminder (318) + formatlist : . (344) + + MAILFORMAT shift 104 + NOT shift 196 + '{' shift 197 + $end reduce 344 + IF reduce 344 + SET reduce 344 + REMINDER reduce 344 + START reduce 344 + STOP reduce 344 + ALERT reduce 344 + NOALERT reduce 344 + EVERY reduce 344 + CHECKPROC reduce 344 + CHECKFILESYS reduce 344 + CHECKFILE reduce 344 + CHECKDIR reduce 344 + CHECKHOST reduce 344 + CHECKSYSTEM reduce 344 + CHECKFIFO reduce 344 + CHECKSTATUS reduce 344 + MODE reduce 344 + GROUP reduce 344 + DEPENDS reduce 344 + IGNORE reduce 344 + + formatlist goto 198 + + +state 82 + alert : noalertmail . (319) + + . reduce 319 + + +state 83 + statement : checksystem optsystemlist . (23) + optsystemlist : optsystemlist . optsystem (101) + + IF shift 199 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + GROUP shift 67 + DEPENDS shift 68 + $end reduce 23 + SET reduce 23 + CHECKPROC reduce 23 + CHECKFILESYS reduce 23 + CHECKFILE reduce 23 + CHECKDIR reduce 23 + CHECKHOST reduce 23 + CHECKSYSTEM reduce 23 + CHECKFIFO reduce 23 + CHECKSTATUS reduce 23 + + timeout goto 200 + alert goto 201 + every goto 202 + group goto 203 + depend goto 204 + optsystem goto 205 + resourcesystem goto 206 + alertmail goto 81 + noalertmail goto 82 + + +state 84 + statement : checkfifo optfifolist . (24) + optfifolist : optfifolist . optfifo (109) + + IF shift 165 + START shift 62 + STOP shift 63 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + MODE shift 66 + GROUP shift 67 + DEPENDS shift 68 + $end reduce 24 + SET reduce 24 + CHECKPROC reduce 24 + CHECKFILESYS reduce 24 + CHECKFILE reduce 24 + CHECKDIR reduce 24 + CHECKHOST reduce 24 + CHECKSYSTEM reduce 24 + CHECKFIFO reduce 24 + CHECKSTATUS reduce 24 + + start goto 207 + stop goto 208 + timeout goto 209 + alert goto 210 + every goto 211 + mode goto 212 + group goto 213 + depend goto 214 + timestamp goto 215 + permission goto 216 + uid goto 217 + gid goto 218 + optfifo goto 219 + alertmail goto 81 + noalertmail goto 82 + + +state 85 + statement : checkstatus optstatuslist . (25) + optstatuslist : optstatuslist . optstatus (123) + + IF shift 220 + ALERT shift 43 + NOALERT shift 64 + EVERY shift 65 + GROUP shift 67 + DEPENDS shift 68 + $end reduce 25 + SET reduce 25 + CHECKPROC reduce 25 + CHECKFILESYS reduce 25 + CHECKFILE reduce 25 + CHECKDIR reduce 25 + CHECKHOST reduce 25 + CHECKSYSTEM reduce 25 + CHECKFIFO reduce 25 + CHECKSTATUS reduce 25 + + timeout goto 221 + alert goto 222 + every goto 223 + group goto 224 + depend goto 225 + optstatus goto 226 + alertmail goto 81 + noalertmail goto 82 + + +state 86 + setlog : SET LOGFILE SYSLOG . (138) + setlog : SET LOGFILE SYSLOG . FACILITY STRING (139) + + FACILITY shift 227 + $end reduce 138 + SET reduce 138 + CHECKPROC reduce 138 + CHECKFILESYS reduce 138 + CHECKFILE reduce 138 + CHECKDIR reduce 138 + CHECKHOST reduce 138 + CHECKSYSTEM reduce 138 + CHECKFIFO reduce 138 + CHECKSTATUS reduce 138 + + +state 87 + setlog : SET LOGFILE PATH . (137) + + . reduce 137 + + +state 88 + setdaemon : SET DAEMON NUMBER . startdelay (132) + startdelay : . (133) + + START shift 228 + $end reduce 133 + SET reduce 133 + CHECKPROC reduce 133 + CHECKFILESYS reduce 133 + CHECKFILE reduce 133 + CHECKDIR reduce 133 + CHECKHOST reduce 133 + CHECKSYSTEM reduce 133 + CHECKFIFO reduce 133 + CHECKSTATUS reduce 133 + + startdelay goto 229 + + +state 89 + mailserver : STRING . username password sslversion certmd5 (155) + mailserver : STRING . PORT NUMBER username password sslversion certmd5 (156) + username : . (228) + + PORT shift 230 + USERNAME shift 231 + $end reduce 228 + SET reduce 228 + HOSTNAME reduce 228 + TIMEOUT reduce 228 + STRING reduce 228 + CHECKPROC reduce 228 + CHECKFILESYS reduce 228 + CHECKFILE reduce 228 + CHECKDIR reduce 228 + CHECKHOST reduce 228 + CHECKSYSTEM reduce 228 + CHECKFIFO reduce 228 + CHECKSTATUS reduce 228 + PASSWORD reduce 228 + SSLAUTO reduce 228 + SSLV2 reduce 228 + SSLV3 reduce 228 + TLSV1 reduce 228 + CERTMD5 reduce 228 + + username goto 232 + + +state 90 + setmailservers : SET MAILSERVER mailserverlist . nettimeout hostname (150) + mailserverlist : mailserverlist . mailserver (154) + nettimeout : . (309) + + TIMEOUT shift 233 + STRING shift 89 + $end reduce 309 + SET reduce 309 + HOSTNAME reduce 309 + CHECKPROC reduce 309 + CHECKFILESYS reduce 309 + CHECKFILE reduce 309 + CHECKDIR reduce 309 + CHECKHOST reduce 309 + CHECKSYSTEM reduce 309 + CHECKFIFO reduce 309 + CHECKSTATUS reduce 309 + + nettimeout goto 234 + mailserver goto 235 + + +state 91 + mailserverlist : mailserver . (153) + + . reduce 153 + + +state 92 + sethttpd : SET HTTPD PORT . NUMBER httpdlist (152) + + NUMBER shift 236 + . error + + +state 93 + setidfile : SET IDFILE PATH . (143) + + . reduce 143 + + +state 94 + setstatefile : SET STATEFILE PATH . (144) + + . reduce 144 + + +state 95 + setexpectbuffer : SET EXPECTBUFFER NUMBER . unit (135) + unit : . (433) + + BYTE shift 237 + KILOBYTE shift 238 + MEGABYTE shift 239 + GIGABYTE shift 240 + $end reduce 433 + SET reduce 433 + CHECKPROC reduce 433 + CHECKFILESYS reduce 433 + CHECKFILE reduce 433 + CHECKDIR reduce 433 + CHECKHOST reduce 433 + CHECKSYSTEM reduce 433 + CHECKFIFO reduce 433 + CHECKSTATUS reduce 433 + + unit goto 241 + + +state 96 + setpid : SET PIDFILE PATH . (145) + + . reduce 145 + + +state 97 + alertmail : ALERT MAILADDR . (320) + + . reduce 320 + + +state 98 + setmailformat : SET MAILFORMAT '{' . formatoptionlist '}' (151) + + MAILFROM shift 242 + MAILSUBJECT shift 243 + MAILBODY shift 244 + . error + + formatoptionlist goto 245 + formatoption goto 246 + + +state 99 + seteventqueue : SET EVENTQUEUE BASEDIR . PATH (140) + seteventqueue : SET EVENTQUEUE BASEDIR . PATH SLOT NUMBER (141) + + PATH shift 247 + . error + + +state 100 + seteventqueue : SET EVENTQUEUE SLOT . NUMBER (142) + + NUMBER shift 248 + . error + + +state 101 + mmonit : URLOBJECT . nettimeout sslversion certmd5 (149) + nettimeout : . (309) + + TIMEOUT shift 233 + $end reduce 309 + SET reduce 309 + CHECKPROC reduce 309 + CHECKFILESYS reduce 309 + CHECKFILE reduce 309 + CHECKDIR reduce 309 + CHECKHOST reduce 309 + CHECKSYSTEM reduce 309 + CHECKFIFO reduce 309 + CHECKSTATUS reduce 309 + SSLAUTO reduce 309 + SSLV2 reduce 309 + SSLV3 reduce 309 + TLSV1 reduce 309 + CERTMD5 reduce 309 + URLOBJECT reduce 309 + + nettimeout goto 249 + + +state 102 + setmmonits : SET MMONIT mmonitlist . (146) + mmonitlist : mmonitlist . mmonit (148) + + URLOBJECT shift 101 + $end reduce 146 + SET reduce 146 + CHECKPROC reduce 146 + CHECKFILESYS reduce 146 + CHECKFILE reduce 146 + CHECKDIR reduce 146 + CHECKHOST reduce 146 + CHECKSYSTEM reduce 146 + CHECKFIFO reduce 146 + CHECKSTATUS reduce 146 + + mmonit goto 250 + + +state 103 + mmonitlist : mmonit . (147) + + . reduce 147 + + +state 104 + formatlist : MAILFORMAT . '{' formatoptionlist '}' (345) + + '{' shift 251 + . error + + +state 105 + setalert : SET alertmail NOT . '{' eventoptionlist '}' formatlist reminder (131) + + '{' shift 252 + . error + + +state 106 + setalert : SET alertmail '{' . eventoptionlist '}' formatlist reminder (129) + + CONNECTION shift 253 + TIMEOUT shift 254 + CHECKSUM shift 255 + RESOURCE shift 256 + UID shift 257 + GID shift 258 + INSTANCE shift 259 + TIMESTAMP shift 260 + PERMISSION shift 261 + SIZE shift 262 + ACTION shift 263 + EXEC shift 264 + ICMP shift 265 + NONEXIST shift 266 + INVALID shift 267 + DATA shift 268 + CONTENT shift 269 + PID shift 270 + PPID shift 271 + FSFLAG shift 272 + . error + + eventoptionlist goto 273 + eventoption goto 274 + + +state 107 + setalert : SET alertmail formatlist . reminder (130) + reminder : . (452) + + REMINDER shift 275 + $end reduce 452 + SET reduce 452 + CHECKPROC reduce 452 + CHECKFILESYS reduce 452 + CHECKFILE reduce 452 + CHECKDIR reduce 452 + CHECKHOST reduce 452 + CHECKSYSTEM reduce 452 + CHECKFIFO reduce 452 + CHECKSTATUS reduce 452 + + reminder goto 276 + + +state 108 + checkproc : CHECKPROC SERVICENAME PIDFILE . PATH (205) + + PATH shift 277 + . error + + +state 109 + checkproc : CHECKPROC SERVICENAME PATHTOK . PATH (206) + + PATH shift 278 + . error + + +state 110 + checkfilesys : CHECKFILESYS SERVICENAME PATHTOK . PATH (208) + + PATH shift 279 + . error + + +state 111 + checkfile : CHECKFILE SERVICENAME PATHTOK . PATH (207) + + PATH shift 280 + . error + + +state 112 + checkdir : CHECKDIR SERVICENAME PATHTOK . PATH (209) + + PATH shift 281 + . error + + +state 113 + checkhost : CHECKHOST SERVICENAME ADDRESS . STRING (210) + + STRING shift 282 + . error + + +state 114 + checkfifo : CHECKFIFO SERVICENAME PATHTOK . PATH (212) + + PATH shift 283 + . error + + +state 115 + checkstatus : CHECKSTATUS SERVICENAME PATHTOK . PATH (213) + + PATH shift 284 + . error + + +state 116 + connection : IF . FAILED host port type protocol nettimeout rate1 THEN action1 recovery (235) + connection : IF . FAILED URL URLOBJECT urloption nettimeout rate1 THEN action1 recovery (236) + connectionunix : IF . FAILED unixsocket type protocol nettimeout rate1 THEN action1 recovery (237) + pid : IF . CHANGED PID rate1 THEN action1 (303) + ppid : IF . CHANGED PPID rate1 THEN action1 (304) + timeout : IF . NUMBER RESTART NUMBER CYCLE THEN TIMEOUT (311) + resourceprocess : IF . resourceprocesslist rate1 THEN action1 recovery (360) + + FAILED shift 285 + NUMBER shift 180 + CHILDREN shift 286 + MEMORY shift 287 + TOTALMEMORY shift 288 + LOADAVG1 shift 289 + LOADAVG5 shift 290 + LOADAVG15 shift 291 + CPU shift 292 + TOTALCPU shift 293 + CHANGED shift 294 + . error + + resourceprocesslist goto 295 + resourceprocessopt goto 296 + resourcecpuproc goto 297 + resourcemem goto 298 + resourcechild goto 299 + resourceload goto 300 + resourceloadavg goto 301 + + +state 117 + optproclist : optproclist optproc . (27) + + . reduce 27 + + +state 118 + optproc : start . (28) + + . reduce 28 + + +state 119 + optproc : stop . (29) + + . reduce 29 + + +state 120 + optproc : pid . (30) + + . reduce 30 + + +state 121 + optproc : ppid . (31) + + . reduce 31 + + +state 122 + optproc : connection . (32) + + . reduce 32 + + +state 123 + optproc : connectionunix . (33) + + . reduce 33 + + +state 124 + optproc : timeout . (34) + + . reduce 34 + + +state 125 + optproc : alert . (35) + + . reduce 35 + + +state 126 + optproc : every . (36) + + . reduce 36 + + +state 127 + optproc : mode . (37) + + . reduce 37 + + +state 128 + optproc : group . (38) + + . reduce 38 + + +state 129 + optproc : depend . (39) + + . reduce 39 + + +state 130 + optproc : resourceprocess . (40) + + . reduce 40 + + +state 131 + timeout : IF . NUMBER RESTART NUMBER CYCLE THEN TIMEOUT (311) + timestamp : IF . TIMESTAMP operator NUMBER time rate1 THEN action1 recovery (390) + timestamp : IF . CHANGED TIMESTAMP rate1 THEN action1 (391) + checksum : IF . FAILED hashtype CHECKSUM rate1 THEN action1 recovery (422) + checksum : IF . FAILED hashtype CHECKSUM EXPECT STRING rate1 THEN action1 recovery (423) + checksum : IF . CHANGED hashtype CHECKSUM rate1 THEN action1 (424) + permission : IF . FAILED PERMISSION NUMBER rate1 THEN action1 recovery (438) + match : IF . matchflagnot MATCH PATH rate1 THEN action1 (439) + match : IF . matchflagnot MATCH STRING rate1 THEN action1 (440) + size : IF . SIZE operator NUMBER unit rate1 THEN action1 recovery (445) + size : IF . CHANGED SIZE rate1 THEN action1 (446) + uid : IF . FAILED UID STRING rate1 THEN action1 recovery (447) + uid : IF . FAILED UID NUMBER rate1 THEN action1 recovery (448) + gid : IF . FAILED GID STRING rate1 THEN action1 recovery (449) + gid : IF . FAILED GID NUMBER rate1 THEN action1 recovery (450) + matchflagnot : . (443) + + FAILED shift 302 + NUMBER shift 180 + TIMESTAMP shift 303 + CHANGED shift 304 + SIZE shift 305 + NOT shift 306 + MATCH reduce 443 + + matchflagnot goto 307 + + +state 132 + match : IGNORE . matchflagnot MATCH PATH (441) + match : IGNORE . matchflagnot MATCH STRING (442) + matchflagnot : . (443) + + NOT shift 306 + MATCH reduce 443 + + matchflagnot goto 308 + + +state 133 + optfile : start . (43) + + . reduce 43 + + +state 134 + optfile : stop . (44) + + . reduce 44 + + +state 135 + optfile : timeout . (46) + + . reduce 46 + + +state 136 + optfile : alert . (48) + + . reduce 48 + + +state 137 + optfile : every . (47) + + . reduce 47 + + +state 138 + optfile : mode . (55) + + . reduce 55 + + +state 139 + optfile : group . (56) + + . reduce 56 + + +state 140 + optfile : depend . (57) + + . reduce 57 + + +state 141 + optfilelist : optfilelist optfile . (42) + + . reduce 42 + + +state 142 + optfile : timestamp . (45) + + . reduce 45 + + +state 143 + optfile : permission . (49) + + . reduce 49 + + +state 144 + optfile : uid . (50) + + . reduce 50 + + +state 145 + optfile : gid . (51) + + . reduce 51 + + +state 146 + optfile : checksum . (52) + + . reduce 52 + + +state 147 + optfile : size . (53) + + . reduce 53 + + +state 148 + optfile : match . (54) + + . reduce 54 + + +state 149 + timeout : IF . NUMBER RESTART NUMBER CYCLE THEN TIMEOUT (311) + inode : IF . INODE operator NUMBER rate1 THEN action1 recovery (428) + inode : IF . INODE operator NUMBER PERCENT rate1 THEN action1 recovery (429) + space : IF . SPACE operator value unit rate1 THEN action1 recovery (430) + space : IF . SPACE operator NUMBER PERCENT rate1 THEN action1 recovery (431) + fsflag : IF . CHANGED FSFLAG rate1 THEN action1 (432) + permission : IF . FAILED PERMISSION NUMBER rate1 THEN action1 recovery (438) + uid : IF . FAILED UID STRING rate1 THEN action1 recovery (447) + uid : IF . FAILED UID NUMBER rate1 THEN action1 recovery (448) + gid : IF . FAILED GID STRING rate1 THEN action1 recovery (449) + gid : IF . FAILED GID NUMBER rate1 THEN action1 recovery (450) + + FAILED shift 309 + NUMBER shift 180 + CHANGED shift 310 + INODE shift 311 + SPACE shift 312 + . error + + +state 150 + optfilesys : start . (60) + + . reduce 60 + + +state 151 + optfilesys : stop . (61) + + . reduce 61 + + +state 152 + optfilesys : timeout . (62) + + . reduce 62 + + +state 153 + optfilesys : alert . (64) + + . reduce 64 + + +state 154 + optfilesys : every . (63) + + . reduce 63 + + +state 155 + optfilesys : mode . (68) + + . reduce 68 + + +state 156 + optfilesys : group . (69) + + . reduce 69 + + +state 157 + optfilesys : depend . (70) + + . reduce 70 + + +state 158 + optfilesys : permission . (65) + + . reduce 65 + + +state 159 + optfilesys : uid . (66) + + . reduce 66 + + +state 160 + optfilesys : gid . (67) + + . reduce 67 + + +state 161 + optfilesyslist : optfilesyslist optfilesys . (59) + + . reduce 59 + + +state 162 + optfilesys : inode . (71) + + . reduce 71 + + +state 163 + optfilesys : space . (72) + + . reduce 72 + + +state 164 + optfilesys : fsflag . (73) + + . reduce 73 + + +state 165 + timeout : IF . NUMBER RESTART NUMBER CYCLE THEN TIMEOUT (311) + timestamp : IF . TIMESTAMP operator NUMBER time rate1 THEN action1 recovery (390) + timestamp : IF . CHANGED TIMESTAMP rate1 THEN action1 (391) + permission : IF . FAILED PERMISSION NUMBER rate1 THEN action1 recovery (438) + uid : IF . FAILED UID STRING rate1 THEN action1 recovery (447) + uid : IF . FAILED UID NUMBER rate1 THEN action1 recovery (448) + gid : IF . FAILED GID STRING rate1 THEN action1 recovery (449) + gid : IF . FAILED GID NUMBER rate1 THEN action1 recovery (450) + + FAILED shift 309 + NUMBER shift 180 + TIMESTAMP shift 303 + CHANGED shift 313 + . error + + +state 166 + optdir : start . (76) + + . reduce 76 + + +state 167 + optdir : stop . (77) + + . reduce 77 + + +state 168 + optdir : timeout . (79) + + . reduce 79 + + +state 169 + optdir : alert . (81) + + . reduce 81 + + +state 170 + optdir : every . (80) + + . reduce 80 + + +state 171 + optdir : mode . (85) + + . reduce 85 + + +state 172 + optdir : group . (86) + + . reduce 86 + + +state 173 + optdir : depend . (87) + + . reduce 87 + + +state 174 + optdir : timestamp . (78) + + . reduce 78 + + +state 175 + optdir : permission . (82) + + . reduce 82 + + +state 176 + optdir : uid . (83) + + . reduce 83 + + +state 177 + optdir : gid . (84) + + . reduce 84 + + +state 178 + optdirlist : optdirlist optdir . (75) + + . reduce 75 + + +state 179 + connection : IF FAILED . host port type protocol nettimeout rate1 THEN action1 recovery (235) + connection : IF FAILED . URL URLOBJECT urloption nettimeout rate1 THEN action1 recovery (236) + icmp : IF FAILED . ICMP icmptype icmpcount nettimeout rate1 THEN action1 recovery (238) + host : . (239) + + HOST shift 314 + ICMP shift 315 + URL shift 316 + PORT reduce 239 + + host goto 317 + + +state 180 + timeout : IF NUMBER . RESTART NUMBER CYCLE THEN TIMEOUT (311) + + RESTART shift 318 + . error + + +state 181 + argument : STRING . (222) + + . reduce 222 + + +state 182 + argument : PATH . (223) + + . reduce 223 + + +state 183 + start : START argumentlist . exectimeout (214) + start : START argumentlist . useroptionlist exectimeout (215) + argumentlist : argumentlist . argument (219) + exectimeout : . (307) + + TIMEOUT shift 319 + STRING shift 181 + PATH shift 182 + UID shift 320 + GID shift 321 + $end reduce 307 + IF reduce 307 + SET reduce 307 + START reduce 307 + STOP reduce 307 + ALERT reduce 307 + NOALERT reduce 307 + EVERY reduce 307 + CHECKPROC reduce 307 + CHECKFILESYS reduce 307 + CHECKFILE reduce 307 + CHECKDIR reduce 307 + CHECKHOST reduce 307 + CHECKSYSTEM reduce 307 + CHECKFIFO reduce 307 + CHECKSTATUS reduce 307 + MODE reduce 307 + GROUP reduce 307 + DEPENDS reduce 307 + IGNORE reduce 307 + + exectimeout goto 322 + useroptionlist goto 323 + argument goto 324 + useroption goto 325 + + +state 184 + argumentlist : argument . (218) + + . reduce 218 + + +state 185 + stop : STOP argumentlist . exectimeout (216) + stop : STOP argumentlist . useroptionlist exectimeout (217) + argumentlist : argumentlist . argument (219) + exectimeout : . (307) + + TIMEOUT shift 319 + STRING shift 181 + PATH shift 182 + UID shift 320 + GID shift 321 + $end reduce 307 + IF reduce 307 + SET reduce 307 + START reduce 307 + STOP reduce 307 + ALERT reduce 307 + NOALERT reduce 307 + EVERY reduce 307 + CHECKPROC reduce 307 + CHECKFILESYS reduce 307 + CHECKFILE reduce 307 + CHECKDIR reduce 307 + CHECKHOST reduce 307 + CHECKSYSTEM reduce 307 + CHECKFIFO reduce 307 + CHECKSTATUS reduce 307 + MODE reduce 307 + GROUP reduce 307 + DEPENDS reduce 307 + IGNORE reduce 307 + + exectimeout goto 326 + useroptionlist goto 327 + argument goto 324 + useroption goto 325 + + +state 186 + noalertmail : NOALERT MAILADDR . (321) + + . reduce 321 + + +state 187 + every : EVERY NUMBER . CYCLE (351) + + CYCLE shift 328 + . error + + +state 188 + mode : MODE ACTIVE . (352) + + . reduce 352 + + +state 189 + mode : MODE PASSIVE . (353) + + . reduce 353 + + +state 190 + mode : MODE MANUAL . (354) + + . reduce 354 + + +state 191 + group : GROUP STRINGNAME . (355) + + . reduce 355 + + +state 192 + dependant : SERVICENAME . (359) + + . reduce 359 + + +state 193 + depend : DEPENDS dependlist . (356) + dependlist : dependlist . dependant (358) + + SERVICENAME shift 192 + $end reduce 356 + IF reduce 356 + SET reduce 356 + START reduce 356 + STOP reduce 356 + ALERT reduce 356 + NOALERT reduce 356 + EVERY reduce 356 + CHECKPROC reduce 356 + CHECKFILESYS reduce 356 + CHECKFILE reduce 356 + CHECKDIR reduce 356 + CHECKHOST reduce 356 + CHECKSYSTEM reduce 356 + CHECKFIFO reduce 356 + CHECKSTATUS reduce 356 + MODE reduce 356 + GROUP reduce 356 + DEPENDS reduce 356 + IGNORE reduce 356 + + dependant goto 329 + + +state 194 + dependlist : dependant . (357) + + . reduce 357 + + +state 195 + opthostlist : opthostlist opthost . (89) + + . reduce 89 + + +state 196 + alert : alertmail NOT . '{' eventoptionlist '}' formatlist reminder (318) + + '{' shift 330 + . error + + +state 197 + alert : alertmail '{' . eventoptionlist '}' formatlist reminder (316) + + CONNECTION shift 253 + TIMEOUT shift 254 + CHECKSUM shift 255 + RESOURCE shift 256 + UID shift 257 + GID shift 258 + INSTANCE shift 259 + TIMESTAMP shift 260 + PERMISSION shift 261 + SIZE shift 262 + ACTION shift 263 + EXEC shift 264 + ICMP shift 265 + NONEXIST shift 266 + INVALID shift 267 + DATA shift 268 + CONTENT shift 269 + PID shift 270 + PPID shift 271 + FSFLAG shift 272 + . error + + eventoptionlist goto 331 + eventoption goto 274 + + +state 198 + alert : alertmail formatlist . reminder (317) + reminder : . (452) + + REMINDER shift 275 + $end reduce 452 + IF reduce 452 + SET reduce 452 + START reduce 452 + STOP reduce 452 + ALERT reduce 452 + NOALERT reduce 452 + EVERY reduce 452 + CHECKPROC reduce 452 + CHECKFILESYS reduce 452 + CHECKFILE reduce 452 + CHECKDIR reduce 452 + CHECKHOST reduce 452 + CHECKSYSTEM reduce 452 + CHECKFIFO reduce 452 + CHECKSTATUS reduce 452 + MODE reduce 452 + GROUP reduce 452 + DEPENDS reduce 452 + IGNORE reduce 452 + + reminder goto 332 + + +state 199 + timeout : IF . NUMBER RESTART NUMBER CYCLE THEN TIMEOUT (311) + resourcesystem : IF . resourcesystemlist rate1 THEN action1 recovery (367) + + NUMBER shift 180 + MEMORY shift 287 + TOTALMEMORY shift 288 + LOADAVG1 shift 289 + LOADAVG5 shift 290 + LOADAVG15 shift 291 + CPUUSER shift 333 + CPUSYSTEM shift 334 + CPUWAIT shift 335 + . error + + resourcemem goto 336 + resourceload goto 337 + resourcesystemlist goto 338 + resourcesystemopt goto 339 + resourcecpu goto 340 + resourcecpuid goto 341 + resourceloadavg goto 301 + + +state 200 + optsystem : timeout . (102) + + . reduce 102 + + +state 201 + optsystem : alert . (103) + + . reduce 103 + + +state 202 + optsystem : every . (104) + + . reduce 104 + + +state 203 + optsystem : group . (105) + + . reduce 105 + + +state 204 + optsystem : depend . (106) + + . reduce 106 + + +state 205 + optsystemlist : optsystemlist optsystem . (101) + + . reduce 101 + + +state 206 + optsystem : resourcesystem . (107) + + . reduce 107 + + +state 207 + optfifo : start . (110) + + . reduce 110 + + +state 208 + optfifo : stop . (111) + + . reduce 111 + + +state 209 + optfifo : timeout . (113) + + . reduce 113 + + +state 210 + optfifo : alert . (115) + + . reduce 115 + + +state 211 + optfifo : every . (114) + + . reduce 114 + + +state 212 + optfifo : mode . (119) + + . reduce 119 + + +state 213 + optfifo : group . (120) + + . reduce 120 + + +state 214 + optfifo : depend . (121) + + . reduce 121 + + +state 215 + optfifo : timestamp . (112) + + . reduce 112 + + +state 216 + optfifo : permission . (116) + + . reduce 116 + + +state 217 + optfifo : uid . (117) + + . reduce 117 + + +state 218 + optfifo : gid . (118) + + . reduce 118 + + +state 219 + optfifolist : optfifolist optfifo . (109) + + . reduce 109 + + +state 220 + timeout : IF . NUMBER RESTART NUMBER CYCLE THEN TIMEOUT (311) + + NUMBER shift 180 + . error + + +state 221 + optstatus : timeout . (124) + + . reduce 124 + + +state 222 + optstatus : alert . (125) + + . reduce 125 + + +state 223 + optstatus : every . (126) + + . reduce 126 + + +state 224 + optstatus : group . (127) + + . reduce 127 + + +state 225 + optstatus : depend . (128) + + . reduce 128 + + +state 226 + optstatuslist : optstatuslist optstatus . (123) + + . reduce 123 + + +state 227 + setlog : SET LOGFILE SYSLOG FACILITY . STRING (139) + + STRING shift 342 + . error + + +state 228 + startdelay : START . DELAY NUMBER (134) + + DELAY shift 343 + . error + + +state 229 + setdaemon : SET DAEMON NUMBER startdelay . (132) + + . reduce 132 + + +state 230 + mailserver : STRING PORT . NUMBER username password sslversion certmd5 (156) + + NUMBER shift 344 + . error + + +state 231 + username : USERNAME . MAILADDR (229) + username : USERNAME . STRING (230) + + STRING shift 345 + MAILADDR shift 346 + . error + + +state 232 + mailserver : STRING username . password sslversion certmd5 (155) + password : . (231) + + PASSWORD shift 347 + $end reduce 231 + SET reduce 231 + HOSTNAME reduce 231 + TIMEOUT reduce 231 + STRING reduce 231 + CHECKPROC reduce 231 + CHECKFILESYS reduce 231 + CHECKFILE reduce 231 + CHECKDIR reduce 231 + CHECKHOST reduce 231 + CHECKSYSTEM reduce 231 + CHECKFIFO reduce 231 + CHECKSTATUS reduce 231 + SSLAUTO reduce 231 + SSLV2 reduce 231 + SSLV3 reduce 231 + TLSV1 reduce 231 + CERTMD5 reduce 231 + + password goto 348 + + +state 233 + nettimeout : TIMEOUT . NUMBER SECOND (310) + + NUMBER shift 349 + . error + + +state 234 + setmailservers : SET MAILSERVER mailserverlist nettimeout . hostname (150) + hostname : . (233) + + HOSTNAME shift 350 + $end reduce 233 + SET reduce 233 + CHECKPROC reduce 233 + CHECKFILESYS reduce 233 + CHECKFILE reduce 233 + CHECKDIR reduce 233 + CHECKHOST reduce 233 + CHECKSYSTEM reduce 233 + CHECKFIFO reduce 233 + CHECKSTATUS reduce 233 + + hostname goto 351 + + +state 235 + mailserverlist : mailserverlist mailserver . (154) + + . reduce 154 + + +state 236 + sethttpd : SET HTTPD PORT NUMBER . httpdlist (152) + httpdlist : . (157) + + . reduce 157 + + httpdlist goto 352 + + +state 237 + unit : BYTE . (434) + + . reduce 434 + + +state 238 + unit : KILOBYTE . (435) + + . reduce 435 + + +state 239 + unit : MEGABYTE . (436) + + . reduce 436 + + +state 240 + unit : GIGABYTE . (437) + + . reduce 437 + + +state 241 + setexpectbuffer : SET EXPECTBUFFER NUMBER unit . (135) + + . reduce 135 + + +state 242 + formatoption : MAILFROM . (348) + + . reduce 348 + + +state 243 + formatoption : MAILSUBJECT . (349) + + . reduce 349 + + +state 244 + formatoption : MAILBODY . (350) + + . reduce 350 + + +state 245 + setmailformat : SET MAILFORMAT '{' formatoptionlist . '}' (151) + formatoptionlist : formatoptionlist . formatoption (347) + + MAILFROM shift 242 + MAILSUBJECT shift 243 + MAILBODY shift 244 + '}' shift 353 + . error + + formatoption goto 354 + + +state 246 + formatoptionlist : formatoption . (346) + + . reduce 346 + + +state 247 + seteventqueue : SET EVENTQUEUE BASEDIR PATH . (140) + seteventqueue : SET EVENTQUEUE BASEDIR PATH . SLOT NUMBER (141) + + SLOT shift 355 + $end reduce 140 + SET reduce 140 + CHECKPROC reduce 140 + CHECKFILESYS reduce 140 + CHECKFILE reduce 140 + CHECKDIR reduce 140 + CHECKHOST reduce 140 + CHECKSYSTEM reduce 140 + CHECKFIFO reduce 140 + CHECKSTATUS reduce 140 + + +state 248 + seteventqueue : SET EVENTQUEUE SLOT NUMBER . (142) + + . reduce 142 + + +state 249 + mmonit : URLOBJECT nettimeout . sslversion certmd5 (149) + sslversion : . (249) + + SSLAUTO shift 356 + SSLV2 shift 357 + SSLV3 shift 358 + TLSV1 shift 359 + $end reduce 249 + SET reduce 249 + CHECKPROC reduce 249 + CHECKFILESYS reduce 249 + CHECKFILE reduce 249 + CHECKDIR reduce 249 + CHECKHOST reduce 249 + CHECKSYSTEM reduce 249 + CHECKFIFO reduce 249 + CHECKSTATUS reduce 249 + CERTMD5 reduce 249 + URLOBJECT reduce 249 + + sslversion goto 360 + + +state 250 + mmonitlist : mmonitlist mmonit . (148) + + . reduce 148 + + +state 251 + formatlist : MAILFORMAT '{' . formatoptionlist '}' (345) + + MAILFROM shift 242 + MAILSUBJECT shift 243 + MAILBODY shift 244 + . error + + formatoptionlist goto 361 + formatoption goto 246 + + +state 252 + setalert : SET alertmail NOT '{' . eventoptionlist '}' formatlist reminder (131) + + CONNECTION shift 253 + TIMEOUT shift 254 + CHECKSUM shift 255 + RESOURCE shift 256 + UID shift 257 + GID shift 258 + INSTANCE shift 259 + TIMESTAMP shift 260 + PERMISSION shift 261 + SIZE shift 262 + ACTION shift 263 + EXEC shift 264 + ICMP shift 265 + NONEXIST shift 266 + INVALID shift 267 + DATA shift 268 + CONTENT shift 269 + PID shift 270 + PPID shift 271 + FSFLAG shift 272 + . error + + eventoptionlist goto 362 + eventoption goto 274 + + +state 253 + eventoption : CONNECTION . (326) + + . reduce 326 + + +state 254 + eventoption : TIMEOUT . (341) + + . reduce 341 + + +state 255 + eventoption : CHECKSUM . (325) + + . reduce 325 + + +state 256 + eventoption : RESOURCE . (339) + + . reduce 339 + + +state 257 + eventoption : UID . (343) + + . reduce 343 + + +state 258 + eventoption : GID . (331) + + . reduce 331 + + +state 259 + eventoption : INSTANCE . (333) + + . reduce 333 + + +state 260 + eventoption : TIMESTAMP . (342) + + . reduce 342 + + +state 261 + eventoption : PERMISSION . (336) + + . reduce 336 + + +state 262 + eventoption : SIZE . (340) + + . reduce 340 + + +state 263 + eventoption : ACTION . (324) + + . reduce 324 + + +state 264 + eventoption : EXEC . (329) + + . reduce 329 + + +state 265 + eventoption : ICMP . (332) + + . reduce 332 + + +state 266 + eventoption : NONEXIST . (335) + + . reduce 335 + + +state 267 + eventoption : INVALID . (334) + + . reduce 334 + + +state 268 + eventoption : DATA . (328) + + . reduce 328 + + +state 269 + eventoption : CONTENT . (327) + + . reduce 327 + + +state 270 + eventoption : PID . (337) + + . reduce 337 + + +state 271 + eventoption : PPID . (338) + + . reduce 338 + + +state 272 + eventoption : FSFLAG . (330) + + . reduce 330 + + +state 273 + setalert : SET alertmail '{' eventoptionlist . '}' formatlist reminder (129) + eventoptionlist : eventoptionlist . eventoption (323) + + CONNECTION shift 253 + TIMEOUT shift 254 + CHECKSUM shift 255 + RESOURCE shift 256 + UID shift 257 + GID shift 258 + INSTANCE shift 259 + TIMESTAMP shift 260 + PERMISSION shift 261 + SIZE shift 262 + ACTION shift 263 + EXEC shift 264 + ICMP shift 265 + NONEXIST shift 266 + INVALID shift 267 + DATA shift 268 + CONTENT shift 269 + PID shift 270 + PPID shift 271 + FSFLAG shift 272 + '}' shift 363 + . error + + eventoption goto 364 + + +state 274 + eventoptionlist : eventoption . (322) + + . reduce 322 + + +state 275 + reminder : REMINDER . NUMBER (453) + reminder : REMINDER . NUMBER CYCLE (454) + + NUMBER shift 365 + . error + + +state 276 + setalert : SET alertmail formatlist reminder . (130) + + . reduce 130 + + +state 277 + checkproc : CHECKPROC SERVICENAME PIDFILE PATH . (205) + + . reduce 205 + + +state 278 + checkproc : CHECKPROC SERVICENAME PATHTOK PATH . (206) + + . reduce 206 + + +state 279 + checkfilesys : CHECKFILESYS SERVICENAME PATHTOK PATH . (208) + + . reduce 208 + + +state 280 + checkfile : CHECKFILE SERVICENAME PATHTOK PATH . (207) + + . reduce 207 + + +state 281 + checkdir : CHECKDIR SERVICENAME PATHTOK PATH . (209) + + . reduce 209 + + +state 282 + checkhost : CHECKHOST SERVICENAME ADDRESS STRING . (210) + + . reduce 210 + + +state 283 + checkfifo : CHECKFIFO SERVICENAME PATHTOK PATH . (212) + + . reduce 212 + + +state 284 + checkstatus : CHECKSTATUS SERVICENAME PATHTOK PATH . (213) + + . reduce 213 + + +state 285 + connection : IF FAILED . host port type protocol nettimeout rate1 THEN action1 recovery (235) + connection : IF FAILED . URL URLOBJECT urloption nettimeout rate1 THEN action1 recovery (236) + connectionunix : IF FAILED . unixsocket type protocol nettimeout rate1 THEN action1 recovery (237) + host : . (239) + + HOST shift 314 + UNIXSOCKET shift 366 + URL shift 316 + PORT reduce 239 + + host goto 317 + unixsocket goto 367 + + +state 286 + resourcechild : CHILDREN . operator NUMBER (383) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 373 + + +state 287 + resourcemem : MEMORY . operator value unit (379) + resourcemem : MEMORY . operator NUMBER PERCENT (380) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + REAL reduce 392 + + operator goto 374 + + +state 288 + resourcemem : TOTALMEMORY . operator value unit (381) + resourcemem : TOTALMEMORY . operator NUMBER PERCENT (382) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + REAL reduce 392 + + operator goto 375 + + +state 289 + resourceloadavg : LOADAVG1 . (385) + + . reduce 385 + + +state 290 + resourceloadavg : LOADAVG5 . (386) + + . reduce 386 + + +state 291 + resourceloadavg : LOADAVG15 . (387) + + . reduce 387 + + +state 292 + resourcecpuproc : CPU . operator NUMBER PERCENT (373) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 376 + + +state 293 + resourcecpuproc : TOTALCPU . operator NUMBER PERCENT (374) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 377 + + +state 294 + pid : IF CHANGED . PID rate1 THEN action1 (303) + ppid : IF CHANGED . PPID rate1 THEN action1 (304) + + PID shift 378 + PPID shift 379 + . error + + +state 295 + resourceprocess : IF resourceprocesslist . rate1 THEN action1 recovery (360) + resourceprocesslist : resourceprocesslist . resourceprocessopt (362) + rate1 : . (412) + + NUMBER shift 380 + CHILDREN shift 286 + MEMORY shift 287 + TOTALMEMORY shift 288 + LOADAVG1 shift 289 + LOADAVG5 shift 290 + LOADAVG15 shift 291 + CPU shift 292 + TOTALCPU shift 293 + THEN reduce 412 + + rate1 goto 381 + resourceprocessopt goto 382 + resourcecpuproc goto 297 + resourcemem goto 298 + resourcechild goto 299 + resourceload goto 300 + resourceloadavg goto 301 + + +state 296 + resourceprocesslist : resourceprocessopt . (361) + + . reduce 361 + + +state 297 + resourceprocessopt : resourcecpuproc . (363) + + . reduce 363 + + +state 298 + resourceprocessopt : resourcemem . (364) + + . reduce 364 + + +state 299 + resourceprocessopt : resourcechild . (365) + + . reduce 365 + + +state 300 + resourceprocessopt : resourceload . (366) + + . reduce 366 + + +state 301 + resourceload : resourceloadavg . operator value (384) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + REAL reduce 392 + + operator goto 383 + + +state 302 + checksum : IF FAILED . hashtype CHECKSUM rate1 THEN action1 recovery (422) + checksum : IF FAILED . hashtype CHECKSUM EXPECT STRING rate1 THEN action1 recovery (423) + permission : IF FAILED . PERMISSION NUMBER rate1 THEN action1 recovery (438) + uid : IF FAILED . UID STRING rate1 THEN action1 recovery (447) + uid : IF FAILED . UID NUMBER rate1 THEN action1 recovery (448) + gid : IF FAILED . GID STRING rate1 THEN action1 recovery (449) + gid : IF FAILED . GID NUMBER rate1 THEN action1 recovery (450) + hashtype : . (425) + + MD5HASH shift 384 + SHA1HASH shift 385 + UID shift 386 + GID shift 387 + PERMISSION shift 388 + CHECKSUM reduce 425 + + hashtype goto 389 + + +state 303 + timestamp : IF TIMESTAMP . operator NUMBER time rate1 THEN action1 recovery (390) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 390 + + +state 304 + timestamp : IF CHANGED . TIMESTAMP rate1 THEN action1 (391) + checksum : IF CHANGED . hashtype CHECKSUM rate1 THEN action1 (424) + size : IF CHANGED . SIZE rate1 THEN action1 (446) + hashtype : . (425) + + MD5HASH shift 384 + SHA1HASH shift 385 + TIMESTAMP shift 391 + SIZE shift 392 + CHECKSUM reduce 425 + + hashtype goto 393 + + +state 305 + size : IF SIZE . operator NUMBER unit rate1 THEN action1 recovery (445) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 394 + + +state 306 + matchflagnot : NOT . (444) + + . reduce 444 + + +state 307 + match : IF matchflagnot . MATCH PATH rate1 THEN action1 (439) + match : IF matchflagnot . MATCH STRING rate1 THEN action1 (440) + + MATCH shift 395 + . error + + +state 308 + match : IGNORE matchflagnot . MATCH PATH (441) + match : IGNORE matchflagnot . MATCH STRING (442) + + MATCH shift 396 + . error + + +state 309 + permission : IF FAILED . PERMISSION NUMBER rate1 THEN action1 recovery (438) + uid : IF FAILED . UID STRING rate1 THEN action1 recovery (447) + uid : IF FAILED . UID NUMBER rate1 THEN action1 recovery (448) + gid : IF FAILED . GID STRING rate1 THEN action1 recovery (449) + gid : IF FAILED . GID NUMBER rate1 THEN action1 recovery (450) + + UID shift 386 + GID shift 387 + PERMISSION shift 388 + . error + + +state 310 + fsflag : IF CHANGED . FSFLAG rate1 THEN action1 (432) + + FSFLAG shift 397 + . error + + +state 311 + inode : IF INODE . operator NUMBER rate1 THEN action1 recovery (428) + inode : IF INODE . operator NUMBER PERCENT rate1 THEN action1 recovery (429) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 398 + + +state 312 + space : IF SPACE . operator value unit rate1 THEN action1 recovery (430) + space : IF SPACE . operator NUMBER PERCENT rate1 THEN action1 recovery (431) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + REAL reduce 392 + + operator goto 399 + + +state 313 + timestamp : IF CHANGED . TIMESTAMP rate1 THEN action1 (391) + + TIMESTAMP shift 391 + . error + + +state 314 + host : HOST . STRING (240) + + STRING shift 400 + . error + + +state 315 + icmp : IF FAILED ICMP . icmptype icmpcount nettimeout rate1 THEN action1 recovery (238) + + TYPE shift 401 + . error + + icmptype goto 402 + + +state 316 + connection : IF FAILED URL . URLOBJECT urloption nettimeout rate1 THEN action1 recovery (236) + + URLOBJECT shift 403 + . error + + +state 317 + connection : IF FAILED host . port type protocol nettimeout rate1 THEN action1 recovery (235) + + PORT shift 404 + . error + + port goto 405 + + +state 318 + timeout : IF NUMBER RESTART . NUMBER CYCLE THEN TIMEOUT (311) + + NUMBER shift 406 + . error + + +state 319 + exectimeout : TIMEOUT . NUMBER SECOND (308) + + NUMBER shift 407 + . error + + +state 320 + useroption : UID . STRING (224) + useroption : UID . NUMBER (226) + + STRING shift 408 + NUMBER shift 409 + . error + + +state 321 + useroption : GID . STRING (225) + useroption : GID . NUMBER (227) + + STRING shift 410 + NUMBER shift 411 + . error + + +state 322 + start : START argumentlist exectimeout . (214) + + . reduce 214 + + +state 323 + start : START argumentlist useroptionlist . exectimeout (215) + useroptionlist : useroptionlist . useroption (221) + exectimeout : . (307) + + TIMEOUT shift 319 + UID shift 320 + GID shift 321 + $end reduce 307 + IF reduce 307 + SET reduce 307 + START reduce 307 + STOP reduce 307 + ALERT reduce 307 + NOALERT reduce 307 + EVERY reduce 307 + CHECKPROC reduce 307 + CHECKFILESYS reduce 307 + CHECKFILE reduce 307 + CHECKDIR reduce 307 + CHECKHOST reduce 307 + CHECKSYSTEM reduce 307 + CHECKFIFO reduce 307 + CHECKSTATUS reduce 307 + MODE reduce 307 + GROUP reduce 307 + DEPENDS reduce 307 + IGNORE reduce 307 + + exectimeout goto 412 + useroption goto 413 + + +state 324 + argumentlist : argumentlist argument . (219) + + . reduce 219 + + +state 325 + useroptionlist : useroption . (220) + + . reduce 220 + + +state 326 + stop : STOP argumentlist exectimeout . (216) + + . reduce 216 + + +state 327 + stop : STOP argumentlist useroptionlist . exectimeout (217) + useroptionlist : useroptionlist . useroption (221) + exectimeout : . (307) + + TIMEOUT shift 319 + UID shift 320 + GID shift 321 + $end reduce 307 + IF reduce 307 + SET reduce 307 + START reduce 307 + STOP reduce 307 + ALERT reduce 307 + NOALERT reduce 307 + EVERY reduce 307 + CHECKPROC reduce 307 + CHECKFILESYS reduce 307 + CHECKFILE reduce 307 + CHECKDIR reduce 307 + CHECKHOST reduce 307 + CHECKSYSTEM reduce 307 + CHECKFIFO reduce 307 + CHECKSTATUS reduce 307 + MODE reduce 307 + GROUP reduce 307 + DEPENDS reduce 307 + IGNORE reduce 307 + + exectimeout goto 414 + useroption goto 413 + + +state 328 + every : EVERY NUMBER CYCLE . (351) + + . reduce 351 + + +state 329 + dependlist : dependlist dependant . (358) + + . reduce 358 + + +state 330 + alert : alertmail NOT '{' . eventoptionlist '}' formatlist reminder (318) + + CONNECTION shift 253 + TIMEOUT shift 254 + CHECKSUM shift 255 + RESOURCE shift 256 + UID shift 257 + GID shift 258 + INSTANCE shift 259 + TIMESTAMP shift 260 + PERMISSION shift 261 + SIZE shift 262 + ACTION shift 263 + EXEC shift 264 + ICMP shift 265 + NONEXIST shift 266 + INVALID shift 267 + DATA shift 268 + CONTENT shift 269 + PID shift 270 + PPID shift 271 + FSFLAG shift 272 + . error + + eventoptionlist goto 415 + eventoption goto 274 + + +state 331 + alert : alertmail '{' eventoptionlist . '}' formatlist reminder (316) + eventoptionlist : eventoptionlist . eventoption (323) + + CONNECTION shift 253 + TIMEOUT shift 254 + CHECKSUM shift 255 + RESOURCE shift 256 + UID shift 257 + GID shift 258 + INSTANCE shift 259 + TIMESTAMP shift 260 + PERMISSION shift 261 + SIZE shift 262 + ACTION shift 263 + EXEC shift 264 + ICMP shift 265 + NONEXIST shift 266 + INVALID shift 267 + DATA shift 268 + CONTENT shift 269 + PID shift 270 + PPID shift 271 + FSFLAG shift 272 + '}' shift 416 + . error + + eventoption goto 364 + + +state 332 + alert : alertmail formatlist reminder . (317) + + . reduce 317 + + +state 333 + resourcecpuid : CPUUSER . (376) + + . reduce 376 + + +state 334 + resourcecpuid : CPUSYSTEM . (377) + + . reduce 377 + + +state 335 + resourcecpuid : CPUWAIT . (378) + + . reduce 378 + + +state 336 + resourcesystemopt : resourcemem . (371) + + . reduce 371 + + +state 337 + resourcesystemopt : resourceload . (370) + + . reduce 370 + + +state 338 + resourcesystem : IF resourcesystemlist . rate1 THEN action1 recovery (367) + resourcesystemlist : resourcesystemlist . resourcesystemopt (369) + rate1 : . (412) + + NUMBER shift 380 + MEMORY shift 287 + TOTALMEMORY shift 288 + LOADAVG1 shift 289 + LOADAVG5 shift 290 + LOADAVG15 shift 291 + CPUUSER shift 333 + CPUSYSTEM shift 334 + CPUWAIT shift 335 + THEN reduce 412 + + rate1 goto 417 + resourcemem goto 336 + resourceload goto 337 + resourcesystemopt goto 418 + resourcecpu goto 340 + resourcecpuid goto 341 + resourceloadavg goto 301 + + +state 339 + resourcesystemlist : resourcesystemopt . (368) + + . reduce 368 + + +state 340 + resourcesystemopt : resourcecpu . (372) + + . reduce 372 + + +state 341 + resourcecpu : resourcecpuid . operator NUMBER PERCENT (375) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 419 + + +state 342 + setlog : SET LOGFILE SYSLOG FACILITY STRING . (139) + + . reduce 139 + + +state 343 + startdelay : START DELAY . NUMBER (134) + + NUMBER shift 420 + . error + + +state 344 + mailserver : STRING PORT NUMBER . username password sslversion certmd5 (156) + username : . (228) + + USERNAME shift 231 + $end reduce 228 + SET reduce 228 + HOSTNAME reduce 228 + TIMEOUT reduce 228 + STRING reduce 228 + CHECKPROC reduce 228 + CHECKFILESYS reduce 228 + CHECKFILE reduce 228 + CHECKDIR reduce 228 + CHECKHOST reduce 228 + CHECKSYSTEM reduce 228 + CHECKFIFO reduce 228 + CHECKSTATUS reduce 228 + PASSWORD reduce 228 + SSLAUTO reduce 228 + SSLV2 reduce 228 + SSLV3 reduce 228 + TLSV1 reduce 228 + CERTMD5 reduce 228 + + username goto 421 + + +state 345 + username : USERNAME STRING . (230) + + . reduce 230 + + +state 346 + username : USERNAME MAILADDR . (229) + + . reduce 229 + + +state 347 + password : PASSWORD . STRING (232) + + STRING shift 422 + . error + + +state 348 + mailserver : STRING username password . sslversion certmd5 (155) + sslversion : . (249) + + SSLAUTO shift 356 + SSLV2 shift 357 + SSLV3 shift 358 + TLSV1 shift 359 + $end reduce 249 + SET reduce 249 + HOSTNAME reduce 249 + TIMEOUT reduce 249 + STRING reduce 249 + CHECKPROC reduce 249 + CHECKFILESYS reduce 249 + CHECKFILE reduce 249 + CHECKDIR reduce 249 + CHECKHOST reduce 249 + CHECKSYSTEM reduce 249 + CHECKFIFO reduce 249 + CHECKSTATUS reduce 249 + CERTMD5 reduce 249 + + sslversion goto 423 + + +state 349 + nettimeout : TIMEOUT NUMBER . SECOND (310) + + SECOND shift 424 + . error + + +state 350 + hostname : HOSTNAME . STRING (234) + + STRING shift 425 + . error + + +state 351 + setmailservers : SET MAILSERVER mailserverlist nettimeout hostname . (150) + + . reduce 150 + + +state 352 + sethttpd : SET HTTPD PORT NUMBER httpdlist . (152) + httpdlist : httpdlist . httpdoption (158) + + ALLOW shift 426 + ADDRESS shift 427 + ENABLE shift 428 + DISABLE shift 429 + HTTPDSSL shift 430 + SIGNATURE shift 431 + $end reduce 152 + SET reduce 152 + CHECKPROC reduce 152 + CHECKFILESYS reduce 152 + CHECKFILE reduce 152 + CHECKDIR reduce 152 + CHECKHOST reduce 152 + CHECKSYSTEM reduce 152 + CHECKFIFO reduce 152 + CHECKSTATUS reduce 152 + + httpdoption goto 432 + ssl goto 433 + signature goto 434 + bindaddress goto 435 + allow goto 436 + ssldisable goto 437 + sslenable goto 438 + sigenable goto 439 + sigdisable goto 440 + + +state 353 + setmailformat : SET MAILFORMAT '{' formatoptionlist '}' . (151) + + . reduce 151 + + +state 354 + formatoptionlist : formatoptionlist formatoption . (347) + + . reduce 347 + + +state 355 + seteventqueue : SET EVENTQUEUE BASEDIR PATH SLOT . NUMBER (141) + + NUMBER shift 441 + . error + + +state 356 + sslversion : SSLAUTO . (253) + + . reduce 253 + + +state 357 + sslversion : SSLV2 . (250) + + . reduce 250 + + +state 358 + sslversion : SSLV3 . (251) + + . reduce 251 + + +state 359 + sslversion : TLSV1 . (252) + + . reduce 252 + + +state 360 + mmonit : URLOBJECT nettimeout sslversion . certmd5 (149) + certmd5 : . (247) + + CERTMD5 shift 442 + $end reduce 247 + SET reduce 247 + CHECKPROC reduce 247 + CHECKFILESYS reduce 247 + CHECKFILE reduce 247 + CHECKDIR reduce 247 + CHECKHOST reduce 247 + CHECKSYSTEM reduce 247 + CHECKFIFO reduce 247 + CHECKSTATUS reduce 247 + URLOBJECT reduce 247 + + certmd5 goto 443 + + +state 361 + formatlist : MAILFORMAT '{' formatoptionlist . '}' (345) + formatoptionlist : formatoptionlist . formatoption (347) + + MAILFROM shift 242 + MAILSUBJECT shift 243 + MAILBODY shift 244 + '}' shift 444 + . error + + formatoption goto 354 + + +state 362 + setalert : SET alertmail NOT '{' eventoptionlist . '}' formatlist reminder (131) + eventoptionlist : eventoptionlist . eventoption (323) + + CONNECTION shift 253 + TIMEOUT shift 254 + CHECKSUM shift 255 + RESOURCE shift 256 + UID shift 257 + GID shift 258 + INSTANCE shift 259 + TIMESTAMP shift 260 + PERMISSION shift 261 + SIZE shift 262 + ACTION shift 263 + EXEC shift 264 + ICMP shift 265 + NONEXIST shift 266 + INVALID shift 267 + DATA shift 268 + CONTENT shift 269 + PID shift 270 + PPID shift 271 + FSFLAG shift 272 + '}' shift 445 + . error + + eventoption goto 364 + + +state 363 + setalert : SET alertmail '{' eventoptionlist '}' . formatlist reminder (129) + formatlist : . (344) + + MAILFORMAT shift 104 + $end reduce 344 + SET reduce 344 + REMINDER reduce 344 + CHECKPROC reduce 344 + CHECKFILESYS reduce 344 + CHECKFILE reduce 344 + CHECKDIR reduce 344 + CHECKHOST reduce 344 + CHECKSYSTEM reduce 344 + CHECKFIFO reduce 344 + CHECKSTATUS reduce 344 + + formatlist goto 446 + + +state 364 + eventoptionlist : eventoptionlist eventoption . (323) + + . reduce 323 + + +state 365 + reminder : REMINDER NUMBER . (453) + reminder : REMINDER NUMBER . CYCLE (454) + + CYCLE shift 447 + $end reduce 453 + IF reduce 453 + SET reduce 453 + START reduce 453 + STOP reduce 453 + ALERT reduce 453 + NOALERT reduce 453 + EVERY reduce 453 + CHECKPROC reduce 453 + CHECKFILESYS reduce 453 + CHECKFILE reduce 453 + CHECKDIR reduce 453 + CHECKHOST reduce 453 + CHECKSYSTEM reduce 453 + CHECKFIFO reduce 453 + CHECKSTATUS reduce 453 + MODE reduce 453 + GROUP reduce 453 + DEPENDS reduce 453 + IGNORE reduce 453 + + +state 366 + unixsocket : UNIXSOCKET . PATH (242) + + PATH shift 448 + . error + + +state 367 + connectionunix : IF FAILED unixsocket . type protocol nettimeout rate1 THEN action1 recovery (237) + type : . (243) + + TYPE shift 449 + THEN reduce 243 + SEND reduce 243 + EXPECT reduce 243 + PROTOCOL reduce 243 + TIMEOUT reduce 243 + NUMBER reduce 243 + + type goto 450 + + +state 368 + operator : CHANGED . (397) + + . reduce 397 + + +state 369 + operator : GREATER . (393) + + . reduce 393 + + +state 370 + operator : LESS . (394) + + . reduce 394 + + +state 371 + operator : EQUAL . (395) + + . reduce 395 + + +state 372 + operator : NOTEQUAL . (396) + + . reduce 396 + + +state 373 + resourcechild : CHILDREN operator . NUMBER (383) + + NUMBER shift 451 + . error + + +state 374 + resourcemem : MEMORY operator . value unit (379) + resourcemem : MEMORY operator . NUMBER PERCENT (380) + + NUMBER shift 452 + REAL shift 453 + . error + + value goto 454 + + +state 375 + resourcemem : TOTALMEMORY operator . value unit (381) + resourcemem : TOTALMEMORY operator . NUMBER PERCENT (382) + + NUMBER shift 455 + REAL shift 453 + . error + + value goto 456 + + +state 376 + resourcecpuproc : CPU operator . NUMBER PERCENT (373) + + NUMBER shift 457 + . error + + +state 377 + resourcecpuproc : TOTALCPU operator . NUMBER PERCENT (374) + + NUMBER shift 458 + . error + + +state 378 + pid : IF CHANGED PID . rate1 THEN action1 (303) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 459 + + +state 379 + ppid : IF CHANGED PPID . rate1 THEN action1 (304) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 460 + + +state 380 + rate1 : NUMBER . CYCLE (413) + rate1 : NUMBER . NUMBER CYCLE (414) + + CYCLE shift 461 + NUMBER shift 462 + . error + + +state 381 + resourceprocess : IF resourceprocesslist rate1 . THEN action1 recovery (360) + + THEN shift 463 + . error + + +state 382 + resourceprocesslist : resourceprocesslist resourceprocessopt . (362) + + . reduce 362 + + +state 383 + resourceload : resourceloadavg operator . value (384) + + NUMBER shift 464 + REAL shift 453 + . error + + value goto 465 + + +state 384 + hashtype : MD5HASH . (426) + + . reduce 426 + + +state 385 + hashtype : SHA1HASH . (427) + + . reduce 427 + + +state 386 + uid : IF FAILED UID . STRING rate1 THEN action1 recovery (447) + uid : IF FAILED UID . NUMBER rate1 THEN action1 recovery (448) + + STRING shift 466 + NUMBER shift 467 + . error + + +state 387 + gid : IF FAILED GID . STRING rate1 THEN action1 recovery (449) + gid : IF FAILED GID . NUMBER rate1 THEN action1 recovery (450) + + STRING shift 468 + NUMBER shift 469 + . error + + +state 388 + permission : IF FAILED PERMISSION . NUMBER rate1 THEN action1 recovery (438) + + NUMBER shift 470 + . error + + +state 389 + checksum : IF FAILED hashtype . CHECKSUM rate1 THEN action1 recovery (422) + checksum : IF FAILED hashtype . CHECKSUM EXPECT STRING rate1 THEN action1 recovery (423) + + CHECKSUM shift 471 + . error + + +state 390 + timestamp : IF TIMESTAMP operator . NUMBER time rate1 THEN action1 recovery (390) + + NUMBER shift 472 + . error + + +state 391 + timestamp : IF CHANGED TIMESTAMP . rate1 THEN action1 (391) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 473 + + +state 392 + size : IF CHANGED SIZE . rate1 THEN action1 (446) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 474 + + +state 393 + checksum : IF CHANGED hashtype . CHECKSUM rate1 THEN action1 (424) + + CHECKSUM shift 475 + . error + + +state 394 + size : IF SIZE operator . NUMBER unit rate1 THEN action1 recovery (445) + + NUMBER shift 476 + . error + + +state 395 + match : IF matchflagnot MATCH . PATH rate1 THEN action1 (439) + match : IF matchflagnot MATCH . STRING rate1 THEN action1 (440) + + STRING shift 477 + PATH shift 478 + . error + + +state 396 + match : IGNORE matchflagnot MATCH . PATH (441) + match : IGNORE matchflagnot MATCH . STRING (442) + + STRING shift 479 + PATH shift 480 + . error + + +state 397 + fsflag : IF CHANGED FSFLAG . rate1 THEN action1 (432) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 481 + + +state 398 + inode : IF INODE operator . NUMBER rate1 THEN action1 recovery (428) + inode : IF INODE operator . NUMBER PERCENT rate1 THEN action1 recovery (429) + + NUMBER shift 482 + . error + + +state 399 + space : IF SPACE operator . value unit rate1 THEN action1 recovery (430) + space : IF SPACE operator . NUMBER PERCENT rate1 THEN action1 recovery (431) + + NUMBER shift 483 + REAL shift 453 + . error + + value goto 484 + + +state 400 + host : HOST STRING . (240) + + . reduce 240 + + +state 401 + icmptype : TYPE . ICMPECHO (451) + + ICMPECHO shift 485 + . error + + +state 402 + icmp : IF FAILED ICMP icmptype . icmpcount nettimeout rate1 THEN action1 recovery (238) + icmpcount : . (305) + + COUNT shift 486 + THEN reduce 305 + TIMEOUT reduce 305 + NUMBER reduce 305 + + icmpcount goto 487 + + +state 403 + connection : IF FAILED URL URLOBJECT . urloption nettimeout rate1 THEN action1 recovery (236) + urloption : . (312) + + CONTENT shift 488 + THEN reduce 312 + TIMEOUT reduce 312 + NUMBER reduce 312 + + urloption goto 489 + + +state 404 + port : PORT . NUMBER (241) + + NUMBER shift 490 + . error + + +state 405 + connection : IF FAILED host port . type protocol nettimeout rate1 THEN action1 recovery (235) + type : . (243) + + TYPE shift 449 + THEN reduce 243 + SEND reduce 243 + EXPECT reduce 243 + PROTOCOL reduce 243 + TIMEOUT reduce 243 + NUMBER reduce 243 + + type goto 491 + + +state 406 + timeout : IF NUMBER RESTART NUMBER . CYCLE THEN TIMEOUT (311) + + CYCLE shift 492 + . error + + +state 407 + exectimeout : TIMEOUT NUMBER . SECOND (308) + + SECOND shift 493 + . error + + +state 408 + useroption : UID STRING . (224) + + . reduce 224 + + +state 409 + useroption : UID NUMBER . (226) + + . reduce 226 + + +state 410 + useroption : GID STRING . (225) + + . reduce 225 + + +state 411 + useroption : GID NUMBER . (227) + + . reduce 227 + + +state 412 + start : START argumentlist useroptionlist exectimeout . (215) + + . reduce 215 + + +state 413 + useroptionlist : useroptionlist useroption . (221) + + . reduce 221 + + +state 414 + stop : STOP argumentlist useroptionlist exectimeout . (217) + + . reduce 217 + + +state 415 + alert : alertmail NOT '{' eventoptionlist . '}' formatlist reminder (318) + eventoptionlist : eventoptionlist . eventoption (323) + + CONNECTION shift 253 + TIMEOUT shift 254 + CHECKSUM shift 255 + RESOURCE shift 256 + UID shift 257 + GID shift 258 + INSTANCE shift 259 + TIMESTAMP shift 260 + PERMISSION shift 261 + SIZE shift 262 + ACTION shift 263 + EXEC shift 264 + ICMP shift 265 + NONEXIST shift 266 + INVALID shift 267 + DATA shift 268 + CONTENT shift 269 + PID shift 270 + PPID shift 271 + FSFLAG shift 272 + '}' shift 494 + . error + + eventoption goto 364 + + +state 416 + alert : alertmail '{' eventoptionlist '}' . formatlist reminder (316) + formatlist : . (344) + + MAILFORMAT shift 104 + $end reduce 344 + IF reduce 344 + SET reduce 344 + REMINDER reduce 344 + START reduce 344 + STOP reduce 344 + ALERT reduce 344 + NOALERT reduce 344 + EVERY reduce 344 + CHECKPROC reduce 344 + CHECKFILESYS reduce 344 + CHECKFILE reduce 344 + CHECKDIR reduce 344 + CHECKHOST reduce 344 + CHECKSYSTEM reduce 344 + CHECKFIFO reduce 344 + CHECKSTATUS reduce 344 + MODE reduce 344 + GROUP reduce 344 + DEPENDS reduce 344 + IGNORE reduce 344 + + formatlist goto 495 + + +state 417 + resourcesystem : IF resourcesystemlist rate1 . THEN action1 recovery (367) + + THEN shift 496 + . error + + +state 418 + resourcesystemlist : resourcesystemlist resourcesystemopt . (369) + + . reduce 369 + + +state 419 + resourcecpu : resourcecpuid operator . NUMBER PERCENT (375) + + NUMBER shift 497 + . error + + +state 420 + startdelay : START DELAY NUMBER . (134) + + . reduce 134 + + +state 421 + mailserver : STRING PORT NUMBER username . password sslversion certmd5 (156) + password : . (231) + + PASSWORD shift 347 + $end reduce 231 + SET reduce 231 + HOSTNAME reduce 231 + TIMEOUT reduce 231 + STRING reduce 231 + CHECKPROC reduce 231 + CHECKFILESYS reduce 231 + CHECKFILE reduce 231 + CHECKDIR reduce 231 + CHECKHOST reduce 231 + CHECKSYSTEM reduce 231 + CHECKFIFO reduce 231 + CHECKSTATUS reduce 231 + SSLAUTO reduce 231 + SSLV2 reduce 231 + SSLV3 reduce 231 + TLSV1 reduce 231 + CERTMD5 reduce 231 + + password goto 498 + + +state 422 + password : PASSWORD STRING . (232) + + . reduce 232 + + +state 423 + mailserver : STRING username password sslversion . certmd5 (155) + certmd5 : . (247) + + CERTMD5 shift 442 + $end reduce 247 + SET reduce 247 + HOSTNAME reduce 247 + TIMEOUT reduce 247 + STRING reduce 247 + CHECKPROC reduce 247 + CHECKFILESYS reduce 247 + CHECKFILE reduce 247 + CHECKDIR reduce 247 + CHECKHOST reduce 247 + CHECKSYSTEM reduce 247 + CHECKFIFO reduce 247 + CHECKSTATUS reduce 247 + + certmd5 goto 499 + + +state 424 + nettimeout : TIMEOUT NUMBER SECOND . (310) + + . reduce 310 + + +state 425 + hostname : HOSTNAME STRING . (234) + + . reduce 234 + + +state 426 + allow : ALLOW . STRING ':' STRING readonly (185) + allow : ALLOW . '@' STRING readonly (186) + allow : ALLOW . PATH (187) + allow : ALLOW . CLEARTEXT PATH (188) + allow : ALLOW . MD5HASH PATH (189) + allow : ALLOW . CRYPT PATH (190) + allow : ALLOW . PATH $$1 allowuserlist (192) + allow : ALLOW . CLEARTEXT PATH $$2 allowuserlist (194) + allow : ALLOW . MD5HASH PATH $$3 allowuserlist (196) + allow : ALLOW . CRYPT PATH $$4 allowuserlist (198) + allow : ALLOW . STRING (199) + + CLEARTEXT shift 500 + MD5HASH shift 501 + CRYPT shift 502 + STRING shift 503 + PATH shift 504 + '@' shift 505 + . error + + +state 427 + bindaddress : ADDRESS . STRING (179) + + STRING shift 506 + . error + + +state 428 + sslenable : ENABLE . HTTPDSSL (167) + sigenable : ENABLE . SIGNATURE (176) + + HTTPDSSL shift 507 + SIGNATURE shift 508 + . error + + +state 429 + ssldisable : DISABLE . HTTPDSSL (169) + sigdisable : DISABLE . SIGNATURE (178) + + HTTPDSSL shift 509 + SIGNATURE shift 510 + . error + + +state 430 + sslenable : HTTPDSSL . (165) + sslenable : HTTPDSSL . ENABLE (166) + ssldisable : HTTPDSSL . DISABLE (168) + + ENABLE shift 511 + DISABLE shift 512 + PEMFILE reduce 165 + + +state 431 + sigenable : SIGNATURE . ENABLE (175) + sigdisable : SIGNATURE . DISABLE (177) + + ENABLE shift 513 + DISABLE shift 514 + . error + + +state 432 + httpdlist : httpdlist httpdoption . (158) + + . reduce 158 + + +state 433 + httpdoption : ssl . (159) + + . reduce 159 + + +state 434 + httpdoption : signature . (160) + + . reduce 160 + + +state 435 + httpdoption : bindaddress . (161) + + . reduce 161 + + +state 436 + httpdoption : allow . (162) + + . reduce 162 + + +state 437 + ssl : ssldisable . (163) + ssldisable : ssldisable . PEMFILE PATH (170) + ssldisable : ssldisable . CLIENTPEMFILE PATH (171) + ssldisable : ssldisable . ALLOWSELFCERTIFICATION (172) + + PEMFILE shift 515 + CLIENTPEMFILE shift 516 + ALLOWSELFCERTIFICATION shift 517 + $end reduce 163 + SET reduce 163 + ALLOW reduce 163 + ADDRESS reduce 163 + ENABLE reduce 163 + DISABLE reduce 163 + HTTPDSSL reduce 163 + SIGNATURE reduce 163 + CHECKPROC reduce 163 + CHECKFILESYS reduce 163 + CHECKFILE reduce 163 + CHECKDIR reduce 163 + CHECKHOST reduce 163 + CHECKSYSTEM reduce 163 + CHECKFIFO reduce 163 + CHECKSTATUS reduce 163 + + +state 438 + ssl : sslenable . pemfile clientpemfile allowselfcert (164) + + PEMFILE shift 518 + . error + + pemfile goto 519 + + +state 439 + signature : sigenable . (173) + + . reduce 173 + + +state 440 + signature : sigdisable . (174) + + . reduce 174 + + +state 441 + seteventqueue : SET EVENTQUEUE BASEDIR PATH SLOT NUMBER . (141) + + . reduce 141 + + +state 442 + certmd5 : CERTMD5 . STRING (248) + + STRING shift 520 + . error + + +state 443 + mmonit : URLOBJECT nettimeout sslversion certmd5 . (149) + + . reduce 149 + + +state 444 + formatlist : MAILFORMAT '{' formatoptionlist '}' . (345) + + . reduce 345 + + +state 445 + setalert : SET alertmail NOT '{' eventoptionlist '}' . formatlist reminder (131) + formatlist : . (344) + + MAILFORMAT shift 104 + $end reduce 344 + SET reduce 344 + REMINDER reduce 344 + CHECKPROC reduce 344 + CHECKFILESYS reduce 344 + CHECKFILE reduce 344 + CHECKDIR reduce 344 + CHECKHOST reduce 344 + CHECKSYSTEM reduce 344 + CHECKFIFO reduce 344 + CHECKSTATUS reduce 344 + + formatlist goto 521 + + +state 446 + setalert : SET alertmail '{' eventoptionlist '}' formatlist . reminder (129) + reminder : . (452) + + REMINDER shift 275 + $end reduce 452 + SET reduce 452 + CHECKPROC reduce 452 + CHECKFILESYS reduce 452 + CHECKFILE reduce 452 + CHECKDIR reduce 452 + CHECKHOST reduce 452 + CHECKSYSTEM reduce 452 + CHECKFIFO reduce 452 + CHECKSTATUS reduce 452 + + reminder goto 522 + + +state 447 + reminder : REMINDER NUMBER CYCLE . (454) + + . reduce 454 + + +state 448 + unixsocket : UNIXSOCKET PATH . (242) + + . reduce 242 + + +state 449 + type : TYPE . TCP (244) + type : TYPE . TCPSSL sslversion certmd5 (245) + type : TYPE . UDP (246) + + UDP shift 523 + TCP shift 524 + TCPSSL shift 525 + . error + + +state 450 + connectionunix : IF FAILED unixsocket type . protocol nettimeout rate1 THEN action1 recovery (237) + protocol : . (254) + + SEND shift 526 + EXPECT shift 527 + PROTOCOL shift 528 + THEN reduce 254 + TIMEOUT reduce 254 + NUMBER reduce 254 + + protocol goto 529 + sendexpectlist goto 530 + sendexpect goto 531 + + +state 451 + resourcechild : CHILDREN operator NUMBER . (383) + + . reduce 383 + + +state 452 + resourcemem : MEMORY operator NUMBER . PERCENT (380) + value : NUMBER . (389) + + PERCENT shift 532 + THEN reduce 389 + NUMBER reduce 389 + CHILDREN reduce 389 + MEMORY reduce 389 + TOTALMEMORY reduce 389 + LOADAVG1 reduce 389 + LOADAVG5 reduce 389 + LOADAVG15 reduce 389 + CPU reduce 389 + TOTALCPU reduce 389 + CPUUSER reduce 389 + CPUSYSTEM reduce 389 + CPUWAIT reduce 389 + BYTE reduce 389 + KILOBYTE reduce 389 + MEGABYTE reduce 389 + GIGABYTE reduce 389 + + +state 453 + value : REAL . (388) + + . reduce 388 + + +state 454 + resourcemem : MEMORY operator value . unit (379) + unit : . (433) + + BYTE shift 237 + KILOBYTE shift 238 + MEGABYTE shift 239 + GIGABYTE shift 240 + THEN reduce 433 + NUMBER reduce 433 + CHILDREN reduce 433 + MEMORY reduce 433 + TOTALMEMORY reduce 433 + LOADAVG1 reduce 433 + LOADAVG5 reduce 433 + LOADAVG15 reduce 433 + CPU reduce 433 + TOTALCPU reduce 433 + CPUUSER reduce 433 + CPUSYSTEM reduce 433 + CPUWAIT reduce 433 + + unit goto 533 + + +state 455 + resourcemem : TOTALMEMORY operator NUMBER . PERCENT (382) + value : NUMBER . (389) + + PERCENT shift 534 + THEN reduce 389 + NUMBER reduce 389 + CHILDREN reduce 389 + MEMORY reduce 389 + TOTALMEMORY reduce 389 + LOADAVG1 reduce 389 + LOADAVG5 reduce 389 + LOADAVG15 reduce 389 + CPU reduce 389 + TOTALCPU reduce 389 + CPUUSER reduce 389 + CPUSYSTEM reduce 389 + CPUWAIT reduce 389 + BYTE reduce 389 + KILOBYTE reduce 389 + MEGABYTE reduce 389 + GIGABYTE reduce 389 + + +state 456 + resourcemem : TOTALMEMORY operator value . unit (381) + unit : . (433) + + BYTE shift 237 + KILOBYTE shift 238 + MEGABYTE shift 239 + GIGABYTE shift 240 + THEN reduce 433 + NUMBER reduce 433 + CHILDREN reduce 433 + MEMORY reduce 433 + TOTALMEMORY reduce 433 + LOADAVG1 reduce 433 + LOADAVG5 reduce 433 + LOADAVG15 reduce 433 + CPU reduce 433 + TOTALCPU reduce 433 + CPUUSER reduce 433 + CPUSYSTEM reduce 433 + CPUWAIT reduce 433 + + unit goto 535 + + +state 457 + resourcecpuproc : CPU operator NUMBER . PERCENT (373) + + PERCENT shift 536 + . error + + +state 458 + resourcecpuproc : TOTALCPU operator NUMBER . PERCENT (374) + + PERCENT shift 537 + . error + + +state 459 + pid : IF CHANGED PID rate1 . THEN action1 (303) + + THEN shift 538 + . error + + +state 460 + ppid : IF CHANGED PPID rate1 . THEN action1 (304) + + THEN shift 539 + . error + + +state 461 + rate1 : NUMBER CYCLE . (413) + + . reduce 413 + + +state 462 + rate1 : NUMBER NUMBER . CYCLE (414) + + CYCLE shift 540 + . error + + +state 463 + resourceprocess : IF resourceprocesslist rate1 THEN . action1 recovery (360) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 547 + action goto 548 + + +state 464 + value : NUMBER . (389) + + . reduce 389 + + +state 465 + resourceload : resourceloadavg operator value . (384) + + . reduce 384 + + +state 466 + uid : IF FAILED UID STRING . rate1 THEN action1 recovery (447) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 549 + + +state 467 + uid : IF FAILED UID NUMBER . rate1 THEN action1 recovery (448) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 550 + + +state 468 + gid : IF FAILED GID STRING . rate1 THEN action1 recovery (449) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 551 + + +state 469 + gid : IF FAILED GID NUMBER . rate1 THEN action1 recovery (450) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 552 + + +state 470 + permission : IF FAILED PERMISSION NUMBER . rate1 THEN action1 recovery (438) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 553 + + +state 471 + checksum : IF FAILED hashtype CHECKSUM . rate1 THEN action1 recovery (422) + checksum : IF FAILED hashtype CHECKSUM . EXPECT STRING rate1 THEN action1 recovery (423) + rate1 : . (412) + + EXPECT shift 554 + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 555 + + +state 472 + timestamp : IF TIMESTAMP operator NUMBER . time rate1 THEN action1 recovery (390) + time : . (398) + + SECOND shift 556 + MINUTE shift 557 + HOUR shift 558 + DAY shift 559 + THEN reduce 398 + NUMBER reduce 398 + + time goto 560 + + +state 473 + timestamp : IF CHANGED TIMESTAMP rate1 . THEN action1 (391) + + THEN shift 561 + . error + + +state 474 + size : IF CHANGED SIZE rate1 . THEN action1 (446) + + THEN shift 562 + . error + + +state 475 + checksum : IF CHANGED hashtype CHECKSUM . rate1 THEN action1 (424) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 563 + + +state 476 + size : IF SIZE operator NUMBER . unit rate1 THEN action1 recovery (445) + unit : . (433) + + BYTE shift 237 + KILOBYTE shift 238 + MEGABYTE shift 239 + GIGABYTE shift 240 + THEN reduce 433 + NUMBER reduce 433 + + unit goto 564 + + +state 477 + match : IF matchflagnot MATCH STRING . rate1 THEN action1 (440) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 565 + + +state 478 + match : IF matchflagnot MATCH PATH . rate1 THEN action1 (439) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 566 + + +state 479 + match : IGNORE matchflagnot MATCH STRING . (442) + + . reduce 442 + + +state 480 + match : IGNORE matchflagnot MATCH PATH . (441) + + . reduce 441 + + +state 481 + fsflag : IF CHANGED FSFLAG rate1 . THEN action1 (432) + + THEN shift 567 + . error + + +state 482 + inode : IF INODE operator NUMBER . rate1 THEN action1 recovery (428) + inode : IF INODE operator NUMBER . PERCENT rate1 THEN action1 recovery (429) + rate1 : . (412) + + NUMBER shift 380 + PERCENT shift 568 + THEN reduce 412 + + rate1 goto 569 + + +state 483 + value : NUMBER . (389) + space : IF SPACE operator NUMBER . PERCENT rate1 THEN action1 recovery (431) + + PERCENT shift 570 + THEN reduce 389 + NUMBER reduce 389 + BYTE reduce 389 + KILOBYTE reduce 389 + MEGABYTE reduce 389 + GIGABYTE reduce 389 + + +state 484 + space : IF SPACE operator value . unit rate1 THEN action1 recovery (430) + unit : . (433) + + BYTE shift 237 + KILOBYTE shift 238 + MEGABYTE shift 239 + GIGABYTE shift 240 + THEN reduce 433 + NUMBER reduce 433 + + unit goto 571 + + +state 485 + icmptype : TYPE ICMPECHO . (451) + + . reduce 451 + + +state 486 + icmpcount : COUNT . NUMBER (306) + + NUMBER shift 572 + . error + + +state 487 + icmp : IF FAILED ICMP icmptype icmpcount . nettimeout rate1 THEN action1 recovery (238) + nettimeout : . (309) + + TIMEOUT shift 233 + THEN reduce 309 + NUMBER reduce 309 + + nettimeout goto 573 + + +state 488 + urloption : CONTENT . urloperator STRING (313) + + EQUAL shift 574 + NOTEQUAL shift 575 + . error + + urloperator goto 576 + + +state 489 + connection : IF FAILED URL URLOBJECT urloption . nettimeout rate1 THEN action1 recovery (236) + nettimeout : . (309) + + TIMEOUT shift 233 + THEN reduce 309 + NUMBER reduce 309 + + nettimeout goto 577 + + +state 490 + port : PORT NUMBER . (241) + + . reduce 241 + + +state 491 + connection : IF FAILED host port type . protocol nettimeout rate1 THEN action1 recovery (235) + protocol : . (254) + + SEND shift 526 + EXPECT shift 527 + PROTOCOL shift 528 + THEN reduce 254 + TIMEOUT reduce 254 + NUMBER reduce 254 + + protocol goto 578 + sendexpectlist goto 530 + sendexpect goto 531 + + +state 492 + timeout : IF NUMBER RESTART NUMBER CYCLE . THEN TIMEOUT (311) + + THEN shift 579 + . error + + +state 493 + exectimeout : TIMEOUT NUMBER SECOND . (308) + + . reduce 308 + + +state 494 + alert : alertmail NOT '{' eventoptionlist '}' . formatlist reminder (318) + formatlist : . (344) + + MAILFORMAT shift 104 + $end reduce 344 + IF reduce 344 + SET reduce 344 + REMINDER reduce 344 + START reduce 344 + STOP reduce 344 + ALERT reduce 344 + NOALERT reduce 344 + EVERY reduce 344 + CHECKPROC reduce 344 + CHECKFILESYS reduce 344 + CHECKFILE reduce 344 + CHECKDIR reduce 344 + CHECKHOST reduce 344 + CHECKSYSTEM reduce 344 + CHECKFIFO reduce 344 + CHECKSTATUS reduce 344 + MODE reduce 344 + GROUP reduce 344 + DEPENDS reduce 344 + IGNORE reduce 344 + + formatlist goto 580 + + +state 495 + alert : alertmail '{' eventoptionlist '}' formatlist . reminder (316) + reminder : . (452) + + REMINDER shift 275 + $end reduce 452 + IF reduce 452 + SET reduce 452 + START reduce 452 + STOP reduce 452 + ALERT reduce 452 + NOALERT reduce 452 + EVERY reduce 452 + CHECKPROC reduce 452 + CHECKFILESYS reduce 452 + CHECKFILE reduce 452 + CHECKDIR reduce 452 + CHECKHOST reduce 452 + CHECKSYSTEM reduce 452 + CHECKFIFO reduce 452 + CHECKSTATUS reduce 452 + MODE reduce 452 + GROUP reduce 452 + DEPENDS reduce 452 + IGNORE reduce 452 + + reminder goto 581 + + +state 496 + resourcesystem : IF resourcesystemlist rate1 THEN . action1 recovery (367) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 582 + action goto 548 + + +state 497 + resourcecpu : resourcecpuid operator NUMBER . PERCENT (375) + + PERCENT shift 583 + . error + + +state 498 + mailserver : STRING PORT NUMBER username password . sslversion certmd5 (156) + sslversion : . (249) + + SSLAUTO shift 356 + SSLV2 shift 357 + SSLV3 shift 358 + TLSV1 shift 359 + $end reduce 249 + SET reduce 249 + HOSTNAME reduce 249 + TIMEOUT reduce 249 + STRING reduce 249 + CHECKPROC reduce 249 + CHECKFILESYS reduce 249 + CHECKFILE reduce 249 + CHECKDIR reduce 249 + CHECKHOST reduce 249 + CHECKSYSTEM reduce 249 + CHECKFIFO reduce 249 + CHECKSTATUS reduce 249 + CERTMD5 reduce 249 + + sslversion goto 584 + + +state 499 + mailserver : STRING username password sslversion certmd5 . (155) + + . reduce 155 + + +state 500 + allow : ALLOW CLEARTEXT . PATH (188) + allow : ALLOW CLEARTEXT . PATH $$2 allowuserlist (194) + + PATH shift 585 + . error + + +state 501 + allow : ALLOW MD5HASH . PATH (189) + allow : ALLOW MD5HASH . PATH $$3 allowuserlist (196) + + PATH shift 586 + . error + + +state 502 + allow : ALLOW CRYPT . PATH (190) + allow : ALLOW CRYPT . PATH $$4 allowuserlist (198) + + PATH shift 587 + . error + + +state 503 + allow : ALLOW STRING . ':' STRING readonly (185) + allow : ALLOW STRING . (199) + + ':' shift 588 + $end reduce 199 + SET reduce 199 + ALLOW reduce 199 + ADDRESS reduce 199 + ENABLE reduce 199 + DISABLE reduce 199 + HTTPDSSL reduce 199 + SIGNATURE reduce 199 + CHECKPROC reduce 199 + CHECKFILESYS reduce 199 + CHECKFILE reduce 199 + CHECKDIR reduce 199 + CHECKHOST reduce 199 + CHECKSYSTEM reduce 199 + CHECKFIFO reduce 199 + CHECKSTATUS reduce 199 + + +state 504 + allow : ALLOW PATH . (187) + allow : ALLOW PATH . $$1 allowuserlist (192) + $$1 : . (191) + + $end reduce 187 + SET reduce 187 + ALLOW reduce 187 + ADDRESS reduce 187 + ENABLE reduce 187 + DISABLE reduce 187 + HTTPDSSL reduce 187 + SIGNATURE reduce 187 + STRING reduce 191 + CHECKPROC reduce 187 + CHECKFILESYS reduce 187 + CHECKFILE reduce 187 + CHECKDIR reduce 187 + CHECKHOST reduce 187 + CHECKSYSTEM reduce 187 + CHECKFIFO reduce 187 + CHECKSTATUS reduce 187 + + $$1 goto 589 + + +state 505 + allow : ALLOW '@' . STRING readonly (186) + + STRING shift 590 + . error + + +state 506 + bindaddress : ADDRESS STRING . (179) + + . reduce 179 + + +state 507 + sslenable : ENABLE HTTPDSSL . (167) + + . reduce 167 + + +state 508 + sigenable : ENABLE SIGNATURE . (176) + + . reduce 176 + + +state 509 + ssldisable : DISABLE HTTPDSSL . (169) + + . reduce 169 + + +state 510 + sigdisable : DISABLE SIGNATURE . (178) + + . reduce 178 + + +state 511 + sslenable : HTTPDSSL ENABLE . (166) + + . reduce 166 + + +state 512 + ssldisable : HTTPDSSL DISABLE . (168) + + . reduce 168 + + +state 513 + sigenable : SIGNATURE ENABLE . (175) + + . reduce 175 + + +state 514 + sigdisable : SIGNATURE DISABLE . (177) + + . reduce 177 + + +state 515 + ssldisable : ssldisable PEMFILE . PATH (170) + + PATH shift 591 + . error + + +state 516 + ssldisable : ssldisable CLIENTPEMFILE . PATH (171) + + PATH shift 592 + . error + + +state 517 + ssldisable : ssldisable ALLOWSELFCERTIFICATION . (172) + + . reduce 172 + + +state 518 + pemfile : PEMFILE . PATH (180) + + PATH shift 593 + . error + + +state 519 + ssl : sslenable pemfile . clientpemfile allowselfcert (164) + clientpemfile : . (181) + + CLIENTPEMFILE shift 594 + $end reduce 181 + SET reduce 181 + ALLOW reduce 181 + ADDRESS reduce 181 + ENABLE reduce 181 + DISABLE reduce 181 + HTTPDSSL reduce 181 + ALLOWSELFCERTIFICATION reduce 181 + SIGNATURE reduce 181 + CHECKPROC reduce 181 + CHECKFILESYS reduce 181 + CHECKFILE reduce 181 + CHECKDIR reduce 181 + CHECKHOST reduce 181 + CHECKSYSTEM reduce 181 + CHECKFIFO reduce 181 + CHECKSTATUS reduce 181 + + clientpemfile goto 595 + + +state 520 + certmd5 : CERTMD5 STRING . (248) + + . reduce 248 + + +state 521 + setalert : SET alertmail NOT '{' eventoptionlist '}' formatlist . reminder (131) + reminder : . (452) + + REMINDER shift 275 + $end reduce 452 + SET reduce 452 + CHECKPROC reduce 452 + CHECKFILESYS reduce 452 + CHECKFILE reduce 452 + CHECKDIR reduce 452 + CHECKHOST reduce 452 + CHECKSYSTEM reduce 452 + CHECKFIFO reduce 452 + CHECKSTATUS reduce 452 + + reminder goto 596 + + +state 522 + setalert : SET alertmail '{' eventoptionlist '}' formatlist reminder . (129) + + . reduce 129 + + +state 523 + type : TYPE UDP . (246) + + . reduce 246 + + +state 524 + type : TYPE TCP . (244) + + . reduce 244 + + +state 525 + type : TYPE TCPSSL . sslversion certmd5 (245) + sslversion : . (249) + + SSLAUTO shift 356 + SSLV2 shift 357 + SSLV3 shift 358 + TLSV1 shift 359 + THEN reduce 249 + SEND reduce 249 + EXPECT reduce 249 + PROTOCOL reduce 249 + TIMEOUT reduce 249 + NUMBER reduce 249 + CERTMD5 reduce 249 + + sslversion goto 597 + + +state 526 + sendexpect : SEND . STRING (281) + + STRING shift 598 + . error + + +state 527 + sendexpect : EXPECT . STRING (282) + + STRING shift 599 + . error + + +state 528 + protocol : PROTOCOL . APACHESTATUS apache_stat_list (255) + protocol : PROTOCOL . DEFAULT (256) + protocol : PROTOCOL . DNS (257) + protocol : PROTOCOL . DWP (258) + protocol : PROTOCOL . FTP (259) + protocol : PROTOCOL . HTTP request (260) + protocol : PROTOCOL . IMAP (261) + protocol : PROTOCOL . CLAMAV (262) + protocol : PROTOCOL . LDAP2 (263) + protocol : PROTOCOL . LDAP3 (264) + protocol : PROTOCOL . MYSQL (265) + protocol : PROTOCOL . SIP target maxforward (266) + protocol : PROTOCOL . NNTP (267) + protocol : PROTOCOL . NTP3 (268) + protocol : PROTOCOL . POSTFIXPOLICY (269) + protocol : PROTOCOL . POP (270) + protocol : PROTOCOL . SMTP (271) + protocol : PROTOCOL . SSH (272) + protocol : PROTOCOL . RDATE (273) + protocol : PROTOCOL . RSYNC (274) + protocol : PROTOCOL . TNS (275) + protocol : PROTOCOL . PGSQL (276) + protocol : PROTOCOL . LMTP (277) + + DEFAULT shift 600 + HTTP shift 601 + APACHESTATUS shift 602 + FTP shift 603 + SMTP shift 604 + POP shift 605 + IMAP shift 606 + CLAMAV shift 607 + NNTP shift 608 + NTP3 shift 609 + MYSQL shift 610 + DNS shift 611 + SSH shift 612 + DWP shift 613 + LDAP2 shift 614 + LDAP3 shift 615 + RDATE shift 616 + RSYNC shift 617 + TNS shift 618 + PGSQL shift 619 + POSTFIXPOLICY shift 620 + SIP shift 621 + LMTP shift 622 + . error + + +state 529 + connectionunix : IF FAILED unixsocket type protocol . nettimeout rate1 THEN action1 recovery (237) + nettimeout : . (309) + + TIMEOUT shift 233 + THEN reduce 309 + NUMBER reduce 309 + + nettimeout goto 623 + + +state 530 + protocol : sendexpectlist . (278) + sendexpectlist : sendexpectlist . sendexpect (280) + + SEND shift 526 + EXPECT shift 527 + THEN reduce 278 + TIMEOUT reduce 278 + NUMBER reduce 278 + + sendexpect goto 624 + + +state 531 + sendexpectlist : sendexpect . (279) + + . reduce 279 + + +state 532 + resourcemem : MEMORY operator NUMBER PERCENT . (380) + + . reduce 380 + + +state 533 + resourcemem : MEMORY operator value unit . (379) + + . reduce 379 + + +state 534 + resourcemem : TOTALMEMORY operator NUMBER PERCENT . (382) + + . reduce 382 + + +state 535 + resourcemem : TOTALMEMORY operator value unit . (381) + + . reduce 381 + + +state 536 + resourcecpuproc : CPU operator NUMBER PERCENT . (373) + + . reduce 373 + + +state 537 + resourcecpuproc : TOTALCPU operator NUMBER PERCENT . (374) + + . reduce 374 + + +state 538 + pid : IF CHANGED PID rate1 THEN . action1 (303) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 625 + action goto 548 + + +state 539 + ppid : IF CHANGED PPID rate1 THEN . action1 (304) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 626 + action goto 548 + + +state 540 + rate1 : NUMBER NUMBER CYCLE . (414) + + . reduce 414 + + +state 541 + action : START . (407) + + . reduce 407 + + +state 542 + action : STOP . (408) + + . reduce 408 + + +state 543 + action : ALERT . (403) + + . reduce 403 + + +state 544 + action : RESTART . (406) + + . reduce 406 + + +state 545 + action : EXEC . argumentlist (404) + action : EXEC . argumentlist useroptionlist (405) + + STRING shift 181 + PATH shift 182 + . error + + argumentlist goto 627 + argument goto 184 + + +state 546 + action : UNMONITOR . (409) + + . reduce 409 + + +state 547 + resourceprocess : IF resourceprocesslist rate1 THEN action1 . recovery (360) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 629 + + +state 548 + action1 : action . (410) + + . reduce 410 + + +state 549 + uid : IF FAILED UID STRING rate1 . THEN action1 recovery (447) + + THEN shift 630 + . error + + +state 550 + uid : IF FAILED UID NUMBER rate1 . THEN action1 recovery (448) + + THEN shift 631 + . error + + +state 551 + gid : IF FAILED GID STRING rate1 . THEN action1 recovery (449) + + THEN shift 632 + . error + + +state 552 + gid : IF FAILED GID NUMBER rate1 . THEN action1 recovery (450) + + THEN shift 633 + . error + + +state 553 + permission : IF FAILED PERMISSION NUMBER rate1 . THEN action1 recovery (438) + + THEN shift 634 + . error + + +state 554 + checksum : IF FAILED hashtype CHECKSUM EXPECT . STRING rate1 THEN action1 recovery (423) + + STRING shift 635 + . error + + +state 555 + checksum : IF FAILED hashtype CHECKSUM rate1 . THEN action1 recovery (422) + + THEN shift 636 + . error + + +state 556 + time : SECOND . (399) + + . reduce 399 + + +state 557 + time : MINUTE . (400) + + . reduce 400 + + +state 558 + time : HOUR . (401) + + . reduce 401 + + +state 559 + time : DAY . (402) + + . reduce 402 + + +state 560 + timestamp : IF TIMESTAMP operator NUMBER time . rate1 THEN action1 recovery (390) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 637 + + +state 561 + timestamp : IF CHANGED TIMESTAMP rate1 THEN . action1 (391) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 638 + action goto 548 + + +state 562 + size : IF CHANGED SIZE rate1 THEN . action1 (446) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 639 + action goto 548 + + +state 563 + checksum : IF CHANGED hashtype CHECKSUM rate1 . THEN action1 (424) + + THEN shift 640 + . error + + +state 564 + size : IF SIZE operator NUMBER unit . rate1 THEN action1 recovery (445) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 641 + + +state 565 + match : IF matchflagnot MATCH STRING rate1 . THEN action1 (440) + + THEN shift 642 + . error + + +state 566 + match : IF matchflagnot MATCH PATH rate1 . THEN action1 (439) + + THEN shift 643 + . error + + +state 567 + fsflag : IF CHANGED FSFLAG rate1 THEN . action1 (432) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 644 + action goto 548 + + +state 568 + inode : IF INODE operator NUMBER PERCENT . rate1 THEN action1 recovery (429) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 645 + + +state 569 + inode : IF INODE operator NUMBER rate1 . THEN action1 recovery (428) + + THEN shift 646 + . error + + +state 570 + space : IF SPACE operator NUMBER PERCENT . rate1 THEN action1 recovery (431) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 647 + + +state 571 + space : IF SPACE operator value unit . rate1 THEN action1 recovery (430) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 648 + + +state 572 + icmpcount : COUNT NUMBER . (306) + + . reduce 306 + + +state 573 + icmp : IF FAILED ICMP icmptype icmpcount nettimeout . rate1 THEN action1 recovery (238) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 649 + + +state 574 + urloperator : EQUAL . (314) + + . reduce 314 + + +state 575 + urloperator : NOTEQUAL . (315) + + . reduce 315 + + +state 576 + urloption : CONTENT urloperator . STRING (313) + + STRING shift 650 + . error + + +state 577 + connection : IF FAILED URL URLOBJECT urloption nettimeout . rate1 THEN action1 recovery (236) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 651 + + +state 578 + connection : IF FAILED host port type protocol . nettimeout rate1 THEN action1 recovery (235) + nettimeout : . (309) + + TIMEOUT shift 233 + THEN reduce 309 + NUMBER reduce 309 + + nettimeout goto 652 + + +state 579 + timeout : IF NUMBER RESTART NUMBER CYCLE THEN . TIMEOUT (311) + + TIMEOUT shift 653 + . error + + +state 580 + alert : alertmail NOT '{' eventoptionlist '}' formatlist . reminder (318) + reminder : . (452) + + REMINDER shift 275 + $end reduce 452 + IF reduce 452 + SET reduce 452 + START reduce 452 + STOP reduce 452 + ALERT reduce 452 + NOALERT reduce 452 + EVERY reduce 452 + CHECKPROC reduce 452 + CHECKFILESYS reduce 452 + CHECKFILE reduce 452 + CHECKDIR reduce 452 + CHECKHOST reduce 452 + CHECKSYSTEM reduce 452 + CHECKFIFO reduce 452 + CHECKSTATUS reduce 452 + MODE reduce 452 + GROUP reduce 452 + DEPENDS reduce 452 + IGNORE reduce 452 + + reminder goto 654 + + +state 581 + alert : alertmail '{' eventoptionlist '}' formatlist reminder . (316) + + . reduce 316 + + +state 582 + resourcesystem : IF resourcesystemlist rate1 THEN action1 . recovery (367) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 655 + + +state 583 + resourcecpu : resourcecpuid operator NUMBER PERCENT . (375) + + . reduce 375 + + +state 584 + mailserver : STRING PORT NUMBER username password sslversion . certmd5 (156) + certmd5 : . (247) + + CERTMD5 shift 442 + $end reduce 247 + SET reduce 247 + HOSTNAME reduce 247 + TIMEOUT reduce 247 + STRING reduce 247 + CHECKPROC reduce 247 + CHECKFILESYS reduce 247 + CHECKFILE reduce 247 + CHECKDIR reduce 247 + CHECKHOST reduce 247 + CHECKSYSTEM reduce 247 + CHECKFIFO reduce 247 + CHECKSTATUS reduce 247 + + certmd5 goto 656 + + +state 585 + allow : ALLOW CLEARTEXT PATH . (188) + allow : ALLOW CLEARTEXT PATH . $$2 allowuserlist (194) + $$2 : . (193) + + $end reduce 188 + SET reduce 188 + ALLOW reduce 188 + ADDRESS reduce 188 + ENABLE reduce 188 + DISABLE reduce 188 + HTTPDSSL reduce 188 + SIGNATURE reduce 188 + STRING reduce 193 + CHECKPROC reduce 188 + CHECKFILESYS reduce 188 + CHECKFILE reduce 188 + CHECKDIR reduce 188 + CHECKHOST reduce 188 + CHECKSYSTEM reduce 188 + CHECKFIFO reduce 188 + CHECKSTATUS reduce 188 + + $$2 goto 657 + + +state 586 + allow : ALLOW MD5HASH PATH . (189) + allow : ALLOW MD5HASH PATH . $$3 allowuserlist (196) + $$3 : . (195) + + $end reduce 189 + SET reduce 189 + ALLOW reduce 189 + ADDRESS reduce 189 + ENABLE reduce 189 + DISABLE reduce 189 + HTTPDSSL reduce 189 + SIGNATURE reduce 189 + STRING reduce 195 + CHECKPROC reduce 189 + CHECKFILESYS reduce 189 + CHECKFILE reduce 189 + CHECKDIR reduce 189 + CHECKHOST reduce 189 + CHECKSYSTEM reduce 189 + CHECKFIFO reduce 189 + CHECKSTATUS reduce 189 + + $$3 goto 658 + + +state 587 + allow : ALLOW CRYPT PATH . (190) + allow : ALLOW CRYPT PATH . $$4 allowuserlist (198) + $$4 : . (197) + + $end reduce 190 + SET reduce 190 + ALLOW reduce 190 + ADDRESS reduce 190 + ENABLE reduce 190 + DISABLE reduce 190 + HTTPDSSL reduce 190 + SIGNATURE reduce 190 + STRING reduce 197 + CHECKPROC reduce 190 + CHECKFILESYS reduce 190 + CHECKFILE reduce 190 + CHECKDIR reduce 190 + CHECKHOST reduce 190 + CHECKSYSTEM reduce 190 + CHECKFIFO reduce 190 + CHECKSTATUS reduce 190 + + $$4 goto 659 + + +state 588 + allow : ALLOW STRING ':' . STRING readonly (185) + + STRING shift 660 + . error + + +state 589 + allow : ALLOW PATH $$1 . allowuserlist (192) + + STRING shift 661 + . error + + allowuserlist goto 662 + allowuser goto 663 + + +state 590 + allow : ALLOW '@' STRING . readonly (186) + readonly : . (203) + + READONLY shift 664 + $end reduce 203 + SET reduce 203 + ALLOW reduce 203 + ADDRESS reduce 203 + ENABLE reduce 203 + DISABLE reduce 203 + HTTPDSSL reduce 203 + SIGNATURE reduce 203 + CHECKPROC reduce 203 + CHECKFILESYS reduce 203 + CHECKFILE reduce 203 + CHECKDIR reduce 203 + CHECKHOST reduce 203 + CHECKSYSTEM reduce 203 + CHECKFIFO reduce 203 + CHECKSTATUS reduce 203 + + readonly goto 665 + + +state 591 + ssldisable : ssldisable PEMFILE PATH . (170) + + . reduce 170 + + +state 592 + ssldisable : ssldisable CLIENTPEMFILE PATH . (171) + + . reduce 171 + + +state 593 + pemfile : PEMFILE PATH . (180) + + . reduce 180 + + +state 594 + clientpemfile : CLIENTPEMFILE . PATH (182) + + PATH shift 666 + . error + + +state 595 + ssl : sslenable pemfile clientpemfile . allowselfcert (164) + allowselfcert : . (183) + + ALLOWSELFCERTIFICATION shift 667 + $end reduce 183 + SET reduce 183 + ALLOW reduce 183 + ADDRESS reduce 183 + ENABLE reduce 183 + DISABLE reduce 183 + HTTPDSSL reduce 183 + SIGNATURE reduce 183 + CHECKPROC reduce 183 + CHECKFILESYS reduce 183 + CHECKFILE reduce 183 + CHECKDIR reduce 183 + CHECKHOST reduce 183 + CHECKSYSTEM reduce 183 + CHECKFIFO reduce 183 + CHECKSTATUS reduce 183 + + allowselfcert goto 668 + + +state 596 + setalert : SET alertmail NOT '{' eventoptionlist '}' formatlist reminder . (131) + + . reduce 131 + + +state 597 + type : TYPE TCPSSL sslversion . certmd5 (245) + certmd5 : . (247) + + CERTMD5 shift 442 + THEN reduce 247 + SEND reduce 247 + EXPECT reduce 247 + PROTOCOL reduce 247 + TIMEOUT reduce 247 + NUMBER reduce 247 + + certmd5 goto 669 + + +state 598 + sendexpect : SEND STRING . (281) + + . reduce 281 + + +state 599 + sendexpect : EXPECT STRING . (282) + + . reduce 282 + + +state 600 + protocol : PROTOCOL DEFAULT . (256) + + . reduce 256 + + +state 601 + protocol : PROTOCOL HTTP . request (260) + request : . (288) + + REQUEST shift 670 + THEN reduce 288 + TIMEOUT reduce 288 + NUMBER reduce 288 + + request goto 671 + + +state 602 + protocol : PROTOCOL APACHESTATUS . apache_stat_list (255) + + LOGLIMIT shift 672 + CLOSELIMIT shift 673 + DNSLIMIT shift 674 + KEEPALIVELIMIT shift 675 + REPLYLIMIT shift 676 + REQUESTLIMIT shift 677 + STARTLIMIT shift 678 + WAITLIMIT shift 679 + GRACEFULLIMIT shift 680 + CLEANUPLIMIT shift 681 + . error + + apache_stat_list goto 682 + apache_stat goto 683 + + +state 603 + protocol : PROTOCOL FTP . (259) + + . reduce 259 + + +state 604 + protocol : PROTOCOL SMTP . (271) + + . reduce 271 + + +state 605 + protocol : PROTOCOL POP . (270) + + . reduce 270 + + +state 606 + protocol : PROTOCOL IMAP . (261) + + . reduce 261 + + +state 607 + protocol : PROTOCOL CLAMAV . (262) + + . reduce 262 + + +state 608 + protocol : PROTOCOL NNTP . (267) + + . reduce 267 + + +state 609 + protocol : PROTOCOL NTP3 . (268) + + . reduce 268 + + +state 610 + protocol : PROTOCOL MYSQL . (265) + + . reduce 265 + + +state 611 + protocol : PROTOCOL DNS . (257) + + . reduce 257 + + +state 612 + protocol : PROTOCOL SSH . (272) + + . reduce 272 + + +state 613 + protocol : PROTOCOL DWP . (258) + + . reduce 258 + + +state 614 + protocol : PROTOCOL LDAP2 . (263) + + . reduce 263 + + +state 615 + protocol : PROTOCOL LDAP3 . (264) + + . reduce 264 + + +state 616 + protocol : PROTOCOL RDATE . (273) + + . reduce 273 + + +state 617 + protocol : PROTOCOL RSYNC . (274) + + . reduce 274 + + +state 618 + protocol : PROTOCOL TNS . (275) + + . reduce 275 + + +state 619 + protocol : PROTOCOL PGSQL . (276) + + . reduce 276 + + +state 620 + protocol : PROTOCOL POSTFIXPOLICY . (269) + + . reduce 269 + + +state 621 + protocol : PROTOCOL SIP . target maxforward (266) + target : . (283) + + TARGET shift 684 + THEN reduce 283 + TIMEOUT reduce 283 + NUMBER reduce 283 + MAXFORWARD reduce 283 + + target goto 685 + + +state 622 + protocol : PROTOCOL LMTP . (277) + + . reduce 277 + + +state 623 + connectionunix : IF FAILED unixsocket type protocol nettimeout . rate1 THEN action1 recovery (237) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 686 + + +state 624 + sendexpectlist : sendexpectlist sendexpect . (280) + + . reduce 280 + + +state 625 + pid : IF CHANGED PID rate1 THEN action1 . (303) + + . reduce 303 + + +state 626 + ppid : IF CHANGED PPID rate1 THEN action1 . (304) + + . reduce 304 + + +state 627 + argumentlist : argumentlist . argument (219) + action : EXEC argumentlist . (404) + action : EXEC argumentlist . useroptionlist (405) + + STRING shift 181 + PATH shift 182 + UID shift 320 + GID shift 321 + $end reduce 404 + IF reduce 404 + ELSE reduce 404 + SET reduce 404 + START reduce 404 + STOP reduce 404 + ALERT reduce 404 + NOALERT reduce 404 + EVERY reduce 404 + CHECKPROC reduce 404 + CHECKFILESYS reduce 404 + CHECKFILE reduce 404 + CHECKDIR reduce 404 + CHECKHOST reduce 404 + CHECKSYSTEM reduce 404 + CHECKFIFO reduce 404 + CHECKSTATUS reduce 404 + MODE reduce 404 + GROUP reduce 404 + DEPENDS reduce 404 + IGNORE reduce 404 + + useroptionlist goto 687 + argument goto 324 + useroption goto 325 + + +state 628 + recovery : ELSE . IF RECOVERED rate2 THEN action2 (419) + recovery : ELSE . IF PASSED rate2 THEN action2 (420) + recovery : ELSE . IF SUCCEEDED rate2 THEN action2 (421) + + IF shift 688 + . error + + +state 629 + resourceprocess : IF resourceprocesslist rate1 THEN action1 recovery . (360) + + . reduce 360 + + +state 630 + uid : IF FAILED UID STRING rate1 THEN . action1 recovery (447) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 689 + action goto 548 + + +state 631 + uid : IF FAILED UID NUMBER rate1 THEN . action1 recovery (448) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 690 + action goto 548 + + +state 632 + gid : IF FAILED GID STRING rate1 THEN . action1 recovery (449) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 691 + action goto 548 + + +state 633 + gid : IF FAILED GID NUMBER rate1 THEN . action1 recovery (450) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 692 + action goto 548 + + +state 634 + permission : IF FAILED PERMISSION NUMBER rate1 THEN . action1 recovery (438) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 693 + action goto 548 + + +state 635 + checksum : IF FAILED hashtype CHECKSUM EXPECT STRING . rate1 THEN action1 recovery (423) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 694 + + +state 636 + checksum : IF FAILED hashtype CHECKSUM rate1 THEN . action1 recovery (422) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 695 + action goto 548 + + +state 637 + timestamp : IF TIMESTAMP operator NUMBER time rate1 . THEN action1 recovery (390) + + THEN shift 696 + . error + + +state 638 + timestamp : IF CHANGED TIMESTAMP rate1 THEN action1 . (391) + + . reduce 391 + + +state 639 + size : IF CHANGED SIZE rate1 THEN action1 . (446) + + . reduce 446 + + +state 640 + checksum : IF CHANGED hashtype CHECKSUM rate1 THEN . action1 (424) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 697 + action goto 548 + + +state 641 + size : IF SIZE operator NUMBER unit rate1 . THEN action1 recovery (445) + + THEN shift 698 + . error + + +state 642 + match : IF matchflagnot MATCH STRING rate1 THEN . action1 (440) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 699 + action goto 548 + + +state 643 + match : IF matchflagnot MATCH PATH rate1 THEN . action1 (439) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 700 + action goto 548 + + +state 644 + fsflag : IF CHANGED FSFLAG rate1 THEN action1 . (432) + + . reduce 432 + + +state 645 + inode : IF INODE operator NUMBER PERCENT rate1 . THEN action1 recovery (429) + + THEN shift 701 + . error + + +state 646 + inode : IF INODE operator NUMBER rate1 THEN . action1 recovery (428) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 702 + action goto 548 + + +state 647 + space : IF SPACE operator NUMBER PERCENT rate1 . THEN action1 recovery (431) + + THEN shift 703 + . error + + +state 648 + space : IF SPACE operator value unit rate1 . THEN action1 recovery (430) + + THEN shift 704 + . error + + +state 649 + icmp : IF FAILED ICMP icmptype icmpcount nettimeout rate1 . THEN action1 recovery (238) + + THEN shift 705 + . error + + +state 650 + urloption : CONTENT urloperator STRING . (313) + + . reduce 313 + + +state 651 + connection : IF FAILED URL URLOBJECT urloption nettimeout rate1 . THEN action1 recovery (236) + + THEN shift 706 + . error + + +state 652 + connection : IF FAILED host port type protocol nettimeout . rate1 THEN action1 recovery (235) + rate1 : . (412) + + NUMBER shift 380 + THEN reduce 412 + + rate1 goto 707 + + +state 653 + timeout : IF NUMBER RESTART NUMBER CYCLE THEN TIMEOUT . (311) + + . reduce 311 + + +state 654 + alert : alertmail NOT '{' eventoptionlist '}' formatlist reminder . (318) + + . reduce 318 + + +state 655 + resourcesystem : IF resourcesystemlist rate1 THEN action1 recovery . (367) + + . reduce 367 + + +state 656 + mailserver : STRING PORT NUMBER username password sslversion certmd5 . (156) + + . reduce 156 + + +state 657 + allow : ALLOW CLEARTEXT PATH $$2 . allowuserlist (194) + + STRING shift 661 + . error + + allowuserlist goto 708 + allowuser goto 663 + + +state 658 + allow : ALLOW MD5HASH PATH $$3 . allowuserlist (196) + + STRING shift 661 + . error + + allowuserlist goto 709 + allowuser goto 663 + + +state 659 + allow : ALLOW CRYPT PATH $$4 . allowuserlist (198) + + STRING shift 661 + . error + + allowuserlist goto 710 + allowuser goto 663 + + +state 660 + allow : ALLOW STRING ':' STRING . readonly (185) + readonly : . (203) + + READONLY shift 664 + $end reduce 203 + SET reduce 203 + ALLOW reduce 203 + ADDRESS reduce 203 + ENABLE reduce 203 + DISABLE reduce 203 + HTTPDSSL reduce 203 + SIGNATURE reduce 203 + CHECKPROC reduce 203 + CHECKFILESYS reduce 203 + CHECKFILE reduce 203 + CHECKDIR reduce 203 + CHECKHOST reduce 203 + CHECKSYSTEM reduce 203 + CHECKFIFO reduce 203 + CHECKSTATUS reduce 203 + + readonly goto 711 + + +state 661 + allowuser : STRING . (202) + + . reduce 202 + + +state 662 + allow : ALLOW PATH $$1 allowuserlist . (192) + allowuserlist : allowuserlist . allowuser (201) + + STRING shift 661 + $end reduce 192 + SET reduce 192 + ALLOW reduce 192 + ADDRESS reduce 192 + ENABLE reduce 192 + DISABLE reduce 192 + HTTPDSSL reduce 192 + SIGNATURE reduce 192 + CHECKPROC reduce 192 + CHECKFILESYS reduce 192 + CHECKFILE reduce 192 + CHECKDIR reduce 192 + CHECKHOST reduce 192 + CHECKSYSTEM reduce 192 + CHECKFIFO reduce 192 + CHECKSTATUS reduce 192 + + allowuser goto 712 + + +state 663 + allowuserlist : allowuser . (200) + + . reduce 200 + + +state 664 + readonly : READONLY . (204) + + . reduce 204 + + +state 665 + allow : ALLOW '@' STRING readonly . (186) + + . reduce 186 + + +state 666 + clientpemfile : CLIENTPEMFILE PATH . (182) + + . reduce 182 + + +state 667 + allowselfcert : ALLOWSELFCERTIFICATION . (184) + + . reduce 184 + + +state 668 + ssl : sslenable pemfile clientpemfile allowselfcert . (164) + + . reduce 164 + + +state 669 + type : TYPE TCPSSL sslversion certmd5 . (245) + + . reduce 245 + + +state 670 + request : REQUEST . PATH (289) + request : REQUEST . PATH CHECKSUM STRING (290) + + PATH shift 713 + . error + + +state 671 + protocol : PROTOCOL HTTP request . (260) + + . reduce 260 + + +state 672 + apache_stat : LOGLIMIT . operator NUMBER PERCENT (293) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 714 + + +state 673 + apache_stat : CLOSELIMIT . operator NUMBER PERCENT (294) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 715 + + +state 674 + apache_stat : DNSLIMIT . operator NUMBER PERCENT (295) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 716 + + +state 675 + apache_stat : KEEPALIVELIMIT . operator NUMBER PERCENT (296) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 717 + + +state 676 + apache_stat : REPLYLIMIT . operator NUMBER PERCENT (297) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 718 + + +state 677 + apache_stat : REQUESTLIMIT . operator NUMBER PERCENT (298) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 719 + + +state 678 + apache_stat : STARTLIMIT . operator NUMBER PERCENT (299) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 720 + + +state 679 + apache_stat : WAITLIMIT . operator NUMBER PERCENT (300) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 721 + + +state 680 + apache_stat : GRACEFULLIMIT . operator NUMBER PERCENT (301) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 722 + + +state 681 + apache_stat : CLEANUPLIMIT . operator NUMBER PERCENT (302) + operator : . (392) + + CHANGED shift 368 + GREATER shift 369 + LESS shift 370 + EQUAL shift 371 + NOTEQUAL shift 372 + NUMBER reduce 392 + + operator goto 723 + + +state 682 + protocol : PROTOCOL APACHESTATUS apache_stat_list . (255) + apache_stat_list : apache_stat_list . OR apache_stat (292) + + OR shift 724 + THEN reduce 255 + TIMEOUT reduce 255 + NUMBER reduce 255 + + +state 683 + apache_stat_list : apache_stat . (291) + + . reduce 291 + + +state 684 + target : TARGET . MAILADDR (284) + target : TARGET . STRING (285) + + STRING shift 725 + MAILADDR shift 726 + . error + + +state 685 + protocol : PROTOCOL SIP target . maxforward (266) + maxforward : . (286) + + MAXFORWARD shift 727 + THEN reduce 286 + TIMEOUT reduce 286 + NUMBER reduce 286 + + maxforward goto 728 + + +state 686 + connectionunix : IF FAILED unixsocket type protocol nettimeout rate1 . THEN action1 recovery (237) + + THEN shift 729 + . error + + +state 687 + useroptionlist : useroptionlist . useroption (221) + action : EXEC argumentlist useroptionlist . (405) + + UID shift 320 + GID shift 321 + $end reduce 405 + IF reduce 405 + ELSE reduce 405 + SET reduce 405 + START reduce 405 + STOP reduce 405 + ALERT reduce 405 + NOALERT reduce 405 + EVERY reduce 405 + CHECKPROC reduce 405 + CHECKFILESYS reduce 405 + CHECKFILE reduce 405 + CHECKDIR reduce 405 + CHECKHOST reduce 405 + CHECKSYSTEM reduce 405 + CHECKFIFO reduce 405 + CHECKSTATUS reduce 405 + MODE reduce 405 + GROUP reduce 405 + DEPENDS reduce 405 + IGNORE reduce 405 + + useroption goto 413 + + +state 688 + recovery : ELSE IF . RECOVERED rate2 THEN action2 (419) + recovery : ELSE IF . PASSED rate2 THEN action2 (420) + recovery : ELSE IF . SUCCEEDED rate2 THEN action2 (421) + + RECOVERED shift 730 + PASSED shift 731 + SUCCEEDED shift 732 + . error + + +state 689 + uid : IF FAILED UID STRING rate1 THEN action1 . recovery (447) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 733 + + +state 690 + uid : IF FAILED UID NUMBER rate1 THEN action1 . recovery (448) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 734 + + +state 691 + gid : IF FAILED GID STRING rate1 THEN action1 . recovery (449) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 735 + + +state 692 + gid : IF FAILED GID NUMBER rate1 THEN action1 . recovery (450) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 736 + + +state 693 + permission : IF FAILED PERMISSION NUMBER rate1 THEN action1 . recovery (438) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 737 + + +state 694 + checksum : IF FAILED hashtype CHECKSUM EXPECT STRING rate1 . THEN action1 recovery (423) + + THEN shift 738 + . error + + +state 695 + checksum : IF FAILED hashtype CHECKSUM rate1 THEN action1 . recovery (422) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 739 + + +state 696 + timestamp : IF TIMESTAMP operator NUMBER time rate1 THEN . action1 recovery (390) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 740 + action goto 548 + + +state 697 + checksum : IF CHANGED hashtype CHECKSUM rate1 THEN action1 . (424) + + . reduce 424 + + +state 698 + size : IF SIZE operator NUMBER unit rate1 THEN . action1 recovery (445) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 741 + action goto 548 + + +state 699 + match : IF matchflagnot MATCH STRING rate1 THEN action1 . (440) + + . reduce 440 + + +state 700 + match : IF matchflagnot MATCH PATH rate1 THEN action1 . (439) + + . reduce 439 + + +state 701 + inode : IF INODE operator NUMBER PERCENT rate1 THEN . action1 recovery (429) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 742 + action goto 548 + + +state 702 + inode : IF INODE operator NUMBER rate1 THEN action1 . recovery (428) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 743 + + +state 703 + space : IF SPACE operator NUMBER PERCENT rate1 THEN . action1 recovery (431) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 744 + action goto 548 + + +state 704 + space : IF SPACE operator value unit rate1 THEN . action1 recovery (430) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 745 + action goto 548 + + +state 705 + icmp : IF FAILED ICMP icmptype icmpcount nettimeout rate1 THEN . action1 recovery (238) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 746 + action goto 548 + + +state 706 + connection : IF FAILED URL URLOBJECT urloption nettimeout rate1 THEN . action1 recovery (236) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 747 + action goto 548 + + +state 707 + connection : IF FAILED host port type protocol nettimeout rate1 . THEN action1 recovery (235) + + THEN shift 748 + . error + + +state 708 + allow : ALLOW CLEARTEXT PATH $$2 allowuserlist . (194) + allowuserlist : allowuserlist . allowuser (201) + + STRING shift 661 + $end reduce 194 + SET reduce 194 + ALLOW reduce 194 + ADDRESS reduce 194 + ENABLE reduce 194 + DISABLE reduce 194 + HTTPDSSL reduce 194 + SIGNATURE reduce 194 + CHECKPROC reduce 194 + CHECKFILESYS reduce 194 + CHECKFILE reduce 194 + CHECKDIR reduce 194 + CHECKHOST reduce 194 + CHECKSYSTEM reduce 194 + CHECKFIFO reduce 194 + CHECKSTATUS reduce 194 + + allowuser goto 712 + + +state 709 + allow : ALLOW MD5HASH PATH $$3 allowuserlist . (196) + allowuserlist : allowuserlist . allowuser (201) + + STRING shift 661 + $end reduce 196 + SET reduce 196 + ALLOW reduce 196 + ADDRESS reduce 196 + ENABLE reduce 196 + DISABLE reduce 196 + HTTPDSSL reduce 196 + SIGNATURE reduce 196 + CHECKPROC reduce 196 + CHECKFILESYS reduce 196 + CHECKFILE reduce 196 + CHECKDIR reduce 196 + CHECKHOST reduce 196 + CHECKSYSTEM reduce 196 + CHECKFIFO reduce 196 + CHECKSTATUS reduce 196 + + allowuser goto 712 + + +state 710 + allow : ALLOW CRYPT PATH $$4 allowuserlist . (198) + allowuserlist : allowuserlist . allowuser (201) + + STRING shift 661 + $end reduce 198 + SET reduce 198 + ALLOW reduce 198 + ADDRESS reduce 198 + ENABLE reduce 198 + DISABLE reduce 198 + HTTPDSSL reduce 198 + SIGNATURE reduce 198 + CHECKPROC reduce 198 + CHECKFILESYS reduce 198 + CHECKFILE reduce 198 + CHECKDIR reduce 198 + CHECKHOST reduce 198 + CHECKSYSTEM reduce 198 + CHECKFIFO reduce 198 + CHECKSTATUS reduce 198 + + allowuser goto 712 + + +state 711 + allow : ALLOW STRING ':' STRING readonly . (185) + + . reduce 185 + + +state 712 + allowuserlist : allowuserlist allowuser . (201) + + . reduce 201 + + +state 713 + request : REQUEST PATH . (289) + request : REQUEST PATH . CHECKSUM STRING (290) + + CHECKSUM shift 749 + THEN reduce 289 + TIMEOUT reduce 289 + NUMBER reduce 289 + + +state 714 + apache_stat : LOGLIMIT operator . NUMBER PERCENT (293) + + NUMBER shift 750 + . error + + +state 715 + apache_stat : CLOSELIMIT operator . NUMBER PERCENT (294) + + NUMBER shift 751 + . error + + +state 716 + apache_stat : DNSLIMIT operator . NUMBER PERCENT (295) + + NUMBER shift 752 + . error + + +state 717 + apache_stat : KEEPALIVELIMIT operator . NUMBER PERCENT (296) + + NUMBER shift 753 + . error + + +state 718 + apache_stat : REPLYLIMIT operator . NUMBER PERCENT (297) + + NUMBER shift 754 + . error + + +state 719 + apache_stat : REQUESTLIMIT operator . NUMBER PERCENT (298) + + NUMBER shift 755 + . error + + +state 720 + apache_stat : STARTLIMIT operator . NUMBER PERCENT (299) + + NUMBER shift 756 + . error + + +state 721 + apache_stat : WAITLIMIT operator . NUMBER PERCENT (300) + + NUMBER shift 757 + . error + + +state 722 + apache_stat : GRACEFULLIMIT operator . NUMBER PERCENT (301) + + NUMBER shift 758 + . error + + +state 723 + apache_stat : CLEANUPLIMIT operator . NUMBER PERCENT (302) + + NUMBER shift 759 + . error + + +state 724 + apache_stat_list : apache_stat_list OR . apache_stat (292) + + LOGLIMIT shift 672 + CLOSELIMIT shift 673 + DNSLIMIT shift 674 + KEEPALIVELIMIT shift 675 + REPLYLIMIT shift 676 + REQUESTLIMIT shift 677 + STARTLIMIT shift 678 + WAITLIMIT shift 679 + GRACEFULLIMIT shift 680 + CLEANUPLIMIT shift 681 + . error + + apache_stat goto 760 + + +state 725 + target : TARGET STRING . (285) + + . reduce 285 + + +state 726 + target : TARGET MAILADDR . (284) + + . reduce 284 + + +state 727 + maxforward : MAXFORWARD . NUMBER (287) + + NUMBER shift 761 + . error + + +state 728 + protocol : PROTOCOL SIP target maxforward . (266) + + . reduce 266 + + +state 729 + connectionunix : IF FAILED unixsocket type protocol nettimeout rate1 THEN . action1 recovery (237) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 762 + action goto 548 + + +state 730 + recovery : ELSE IF RECOVERED . rate2 THEN action2 (419) + rate2 : . (415) + + NUMBER shift 763 + THEN reduce 415 + + rate2 goto 764 + + +state 731 + recovery : ELSE IF PASSED . rate2 THEN action2 (420) + rate2 : . (415) + + NUMBER shift 763 + THEN reduce 415 + + rate2 goto 765 + + +state 732 + recovery : ELSE IF SUCCEEDED . rate2 THEN action2 (421) + rate2 : . (415) + + NUMBER shift 763 + THEN reduce 415 + + rate2 goto 766 + + +state 733 + uid : IF FAILED UID STRING rate1 THEN action1 recovery . (447) + + . reduce 447 + + +state 734 + uid : IF FAILED UID NUMBER rate1 THEN action1 recovery . (448) + + . reduce 448 + + +state 735 + gid : IF FAILED GID STRING rate1 THEN action1 recovery . (449) + + . reduce 449 + + +state 736 + gid : IF FAILED GID NUMBER rate1 THEN action1 recovery . (450) + + . reduce 450 + + +state 737 + permission : IF FAILED PERMISSION NUMBER rate1 THEN action1 recovery . (438) + + . reduce 438 + + +state 738 + checksum : IF FAILED hashtype CHECKSUM EXPECT STRING rate1 THEN . action1 recovery (423) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 767 + action goto 548 + + +state 739 + checksum : IF FAILED hashtype CHECKSUM rate1 THEN action1 recovery . (422) + + . reduce 422 + + +state 740 + timestamp : IF TIMESTAMP operator NUMBER time rate1 THEN action1 . recovery (390) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 768 + + +state 741 + size : IF SIZE operator NUMBER unit rate1 THEN action1 . recovery (445) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 769 + + +state 742 + inode : IF INODE operator NUMBER PERCENT rate1 THEN action1 . recovery (429) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 770 + + +state 743 + inode : IF INODE operator NUMBER rate1 THEN action1 recovery . (428) + + . reduce 428 + + +state 744 + space : IF SPACE operator NUMBER PERCENT rate1 THEN action1 . recovery (431) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 771 + + +state 745 + space : IF SPACE operator value unit rate1 THEN action1 . recovery (430) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 772 + + +state 746 + icmp : IF FAILED ICMP icmptype icmpcount nettimeout rate1 THEN action1 . recovery (238) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 773 + + +state 747 + connection : IF FAILED URL URLOBJECT urloption nettimeout rate1 THEN action1 . recovery (236) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 774 + + +state 748 + connection : IF FAILED host port type protocol nettimeout rate1 THEN . action1 recovery (235) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action1 goto 775 + action goto 548 + + +state 749 + request : REQUEST PATH CHECKSUM . STRING (290) + + STRING shift 776 + . error + + +state 750 + apache_stat : LOGLIMIT operator NUMBER . PERCENT (293) + + PERCENT shift 777 + . error + + +state 751 + apache_stat : CLOSELIMIT operator NUMBER . PERCENT (294) + + PERCENT shift 778 + . error + + +state 752 + apache_stat : DNSLIMIT operator NUMBER . PERCENT (295) + + PERCENT shift 779 + . error + + +state 753 + apache_stat : KEEPALIVELIMIT operator NUMBER . PERCENT (296) + + PERCENT shift 780 + . error + + +state 754 + apache_stat : REPLYLIMIT operator NUMBER . PERCENT (297) + + PERCENT shift 781 + . error + + +state 755 + apache_stat : REQUESTLIMIT operator NUMBER . PERCENT (298) + + PERCENT shift 782 + . error + + +state 756 + apache_stat : STARTLIMIT operator NUMBER . PERCENT (299) + + PERCENT shift 783 + . error + + +state 757 + apache_stat : WAITLIMIT operator NUMBER . PERCENT (300) + + PERCENT shift 784 + . error + + +state 758 + apache_stat : GRACEFULLIMIT operator NUMBER . PERCENT (301) + + PERCENT shift 785 + . error + + +state 759 + apache_stat : CLEANUPLIMIT operator NUMBER . PERCENT (302) + + PERCENT shift 786 + . error + + +state 760 + apache_stat_list : apache_stat_list OR apache_stat . (292) + + . reduce 292 + + +state 761 + maxforward : MAXFORWARD NUMBER . (287) + + . reduce 287 + + +state 762 + connectionunix : IF FAILED unixsocket type protocol nettimeout rate1 THEN action1 . recovery (237) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 787 + + +state 763 + rate2 : NUMBER . CYCLE (416) + rate2 : NUMBER . NUMBER CYCLE (417) + + CYCLE shift 788 + NUMBER shift 789 + . error + + +state 764 + recovery : ELSE IF RECOVERED rate2 . THEN action2 (419) + + THEN shift 790 + . error + + +state 765 + recovery : ELSE IF PASSED rate2 . THEN action2 (420) + + THEN shift 791 + . error + + +state 766 + recovery : ELSE IF SUCCEEDED rate2 . THEN action2 (421) + + THEN shift 792 + . error + + +state 767 + checksum : IF FAILED hashtype CHECKSUM EXPECT STRING rate1 THEN action1 . recovery (423) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + IGNORE reduce 418 + + recovery goto 793 + + +state 768 + timestamp : IF TIMESTAMP operator NUMBER time rate1 THEN action1 recovery . (390) + + . reduce 390 + + +state 769 + size : IF SIZE operator NUMBER unit rate1 THEN action1 recovery . (445) + + . reduce 445 + + +state 770 + inode : IF INODE operator NUMBER PERCENT rate1 THEN action1 recovery . (429) + + . reduce 429 + + +state 771 + space : IF SPACE operator NUMBER PERCENT rate1 THEN action1 recovery . (431) + + . reduce 431 + + +state 772 + space : IF SPACE operator value unit rate1 THEN action1 recovery . (430) + + . reduce 430 + + +state 773 + icmp : IF FAILED ICMP icmptype icmpcount nettimeout rate1 THEN action1 recovery . (238) + + . reduce 238 + + +state 774 + connection : IF FAILED URL URLOBJECT urloption nettimeout rate1 THEN action1 recovery . (236) + + . reduce 236 + + +state 775 + connection : IF FAILED host port type protocol nettimeout rate1 THEN action1 . recovery (235) + recovery : . (418) + + ELSE shift 628 + $end reduce 418 + IF reduce 418 + SET reduce 418 + START reduce 418 + STOP reduce 418 + ALERT reduce 418 + NOALERT reduce 418 + EVERY reduce 418 + CHECKPROC reduce 418 + CHECKFILESYS reduce 418 + CHECKFILE reduce 418 + CHECKDIR reduce 418 + CHECKHOST reduce 418 + CHECKSYSTEM reduce 418 + CHECKFIFO reduce 418 + CHECKSTATUS reduce 418 + MODE reduce 418 + GROUP reduce 418 + DEPENDS reduce 418 + + recovery goto 794 + + +state 776 + request : REQUEST PATH CHECKSUM STRING . (290) + + . reduce 290 + + +state 777 + apache_stat : LOGLIMIT operator NUMBER PERCENT . (293) + + . reduce 293 + + +state 778 + apache_stat : CLOSELIMIT operator NUMBER PERCENT . (294) + + . reduce 294 + + +state 779 + apache_stat : DNSLIMIT operator NUMBER PERCENT . (295) + + . reduce 295 + + +state 780 + apache_stat : KEEPALIVELIMIT operator NUMBER PERCENT . (296) + + . reduce 296 + + +state 781 + apache_stat : REPLYLIMIT operator NUMBER PERCENT . (297) + + . reduce 297 + + +state 782 + apache_stat : REQUESTLIMIT operator NUMBER PERCENT . (298) + + . reduce 298 + + +state 783 + apache_stat : STARTLIMIT operator NUMBER PERCENT . (299) + + . reduce 299 + + +state 784 + apache_stat : WAITLIMIT operator NUMBER PERCENT . (300) + + . reduce 300 + + +state 785 + apache_stat : GRACEFULLIMIT operator NUMBER PERCENT . (301) + + . reduce 301 + + +state 786 + apache_stat : CLEANUPLIMIT operator NUMBER PERCENT . (302) + + . reduce 302 + + +state 787 + connectionunix : IF FAILED unixsocket type protocol nettimeout rate1 THEN action1 recovery . (237) + + . reduce 237 + + +state 788 + rate2 : NUMBER CYCLE . (416) + + . reduce 416 + + +state 789 + rate2 : NUMBER NUMBER . CYCLE (417) + + CYCLE shift 795 + . error + + +state 790 + recovery : ELSE IF RECOVERED rate2 THEN . action2 (419) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action goto 796 + action2 goto 797 + + +state 791 + recovery : ELSE IF PASSED rate2 THEN . action2 (420) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action goto 796 + action2 goto 798 + + +state 792 + recovery : ELSE IF SUCCEEDED rate2 THEN . action2 (421) + + START shift 541 + STOP shift 542 + ALERT shift 543 + RESTART shift 544 + EXEC shift 545 + UNMONITOR shift 546 + . error + + action goto 796 + action2 goto 799 + + +state 793 + checksum : IF FAILED hashtype CHECKSUM EXPECT STRING rate1 THEN action1 recovery . (423) + + . reduce 423 + + +state 794 + connection : IF FAILED host port type protocol nettimeout rate1 THEN action1 recovery . (235) + + . reduce 235 + + +state 795 + rate2 : NUMBER NUMBER CYCLE . (417) + + . reduce 417 + + +state 796 + action2 : action . (411) + + . reduce 411 + + +state 797 + recovery : ELSE IF RECOVERED rate2 THEN action2 . (419) + + . reduce 419 + + +state 798 + recovery : ELSE IF PASSED rate2 THEN action2 . (420) + + . reduce 420 + + +state 799 + recovery : ELSE IF SUCCEEDED rate2 THEN action2 . (421) + + . reduce 421 + + +189 terminals, 151 nonterminals +455 grammar rules, 800 states