how much beer do I need to get this patch applied?

Daniel Bond db at danielbond.org
Wed Jun 20 20:49:08 UTC 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I like Kurt's approach, having a mailfilter/script-pipe which could
remove dynamic variables like timestamps etc, and checksum it against
against a "empty" template to see if its deletable.

This also verifies that mail-delivery is working, and machine is not dead.

What also could be done is feed this information into a database, and
show more information, ie: group portaudits on host like:

www/apache2:
(apache-2.0.55_3,apache-2.0.58)
host1,host2,host3,host4,....,[see all]

For portaudit I use a small ruby-program w/Net::SSH which runs
portaudit-threads on machines, and groups it like somewhat like above on
a web-interface. I intend to publish this when it's more "production
ready", and not so specific for my use.

Sorry for going off-topic.

- -DB.

Jo Rhett wrote:
> On Jun 20, 2007, at 12:56 PM, Kurt Buff wrote:
>> Currently, if you get no message from that box, *something* is broken.
> 
> I am not capable as a human being of noticing the lack of one message,
> when without this patch I would get more than 2,000 each day.
> 
>>> The more likely is that the OP starts deleting the messages unread
>>> each day and thus never sees an actual failure report.
>>
>> Failure of imagination.
> 
> No.  Having done the work to verify that failures will be reported, I
> configure the mail system to only send me mail on errors.  Better design.
> 
>> Perhaps a separate mailbox dedicated to this task, with a script
>> (grep?) that parses the emails in that mailbox daily looking for
>> expected messages, noting and deleting them, with unsent messages
>> noted via an email and messages with unexpected content forwarded as
>> well?
> 
> This doesn't solve the "lack of a message" problem you mentioned above.
> 
> It also requires a new system to be designed and configured, which could
> have failures of its own.  This is more abstraction and zero gain for
> our environment.  Any error should be read in our situation.  A
> non-error does not need to be read.
> 
> In any case, the primary consideration with this patch is that it allows
> either model to work.  You can do it your way, and we can do it our way.
> 
> --Jo Rhett
> senior geek
> 
> Silicon Valley Colocation
> Support Phone: 408-400-0550
> 
> 
> 
> 
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGeYyAUR3pKhqN0EoRAgbUAJ93Rq0FwoYRZfL2PnUGaDHwl8jbbgCfcc22
uUkANgaHrRsY9RQrDKLUbKk=
=N5D4
-----END PGP SIGNATURE-----


More information about the freebsd-stable mailing list