how much beer do I need to get this patch applied?
Daniel Bond
db at danielbond.org
Wed Jun 20 20:49:08 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I like Kurt's approach, having a mailfilter/script-pipe which could
remove dynamic variables like timestamps etc, and checksum it against
against a "empty" template to see if its deletable.
This also verifies that mail-delivery is working, and machine is not dead.
What also could be done is feed this information into a database, and
show more information, ie: group portaudits on host like:
www/apache2:
(apache-2.0.55_3,apache-2.0.58)
host1,host2,host3,host4,....,[see all]
For portaudit I use a small ruby-program w/Net::SSH which runs
portaudit-threads on machines, and groups it like somewhat like above on
a web-interface. I intend to publish this when it's more "production
ready", and not so specific for my use.
Sorry for going off-topic.
- -DB.
Jo Rhett wrote:
> On Jun 20, 2007, at 12:56 PM, Kurt Buff wrote:
>> Currently, if you get no message from that box, *something* is broken.
>
> I am not capable as a human being of noticing the lack of one message,
> when without this patch I would get more than 2,000 each day.
>
>>> The more likely is that the OP starts deleting the messages unread
>>> each day and thus never sees an actual failure report.
>>
>> Failure of imagination.
>
> No. Having done the work to verify that failures will be reported, I
> configure the mail system to only send me mail on errors. Better design.
>
>> Perhaps a separate mailbox dedicated to this task, with a script
>> (grep?) that parses the emails in that mailbox daily looking for
>> expected messages, noting and deleting them, with unsent messages
>> noted via an email and messages with unexpected content forwarded as
>> well?
>
> This doesn't solve the "lack of a message" problem you mentioned above.
>
> It also requires a new system to be designed and configured, which could
> have failures of its own. This is more abstraction and zero gain for
> our environment. Any error should be read in our situation. A
> non-error does not need to be read.
>
> In any case, the primary consideration with this patch is that it allows
> either model to work. You can do it your way, and we can do it our way.
>
> --Jo Rhett
> senior geek
>
> Silicon Valley Colocation
> Support Phone: 408-400-0550
>
>
>
>
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGeYyAUR3pKhqN0EoRAgbUAJ93Rq0FwoYRZfL2PnUGaDHwl8jbbgCfcc22
uUkANgaHrRsY9RQrDKLUbKk=
=N5D4
-----END PGP SIGNATURE-----
More information about the freebsd-stable
mailing list