Re: check_postgresql.pl for zabbix

On Wed, Apr 4, 2012 at 10:12 AM, Bèrto ëd Sèra <berto(dot)d(dot)sera(at)gmail(dot)com>wrote:

> Hi Matheus,
>
> thanks but, as said before "there is not enough information for us to be
> sure that we can add read permission to the group without impact"... any
> other way to extract the same info?
>
> Bèrto
>
> On 4 April 2012 12:24, Matheus de Oliveira <matioli(dot)matheus(at)gmail(dot)com>wrote:
>
>> Give read permissions to the group on the data directory and archives:
>>
>> chmod g+r -R /var/lib/pgsql/data
>>
>> I think just that will solve the problem, as you said that the agent is
>> already been executed with postgres group.
>>
>> Regards,
>> --
>> Matheus de Oliveira
>>
>> Bacharelado em Ciências de Computação
>> Laboratório de Computação de Alto Desempenho - LCAD<http://www.lcad.icmc.usp.br/>
>> Instituto de Ciências Matemáticas e de Computação - ICMC<http://www.icmc.usp.br/>
>> Universidade de São Paulo - USP <http://www.sc.usp.br/>
>>
>>
>>
>>
>>
>> On Wed, Apr 4, 2012 at 6:53 AM, Bèrto ëd Sèra <berto(dot)d(dot)sera(at)gmail(dot)com>wrote:
>>
>>> Hi all,
>>>
>>> I'm implementing a PG monitoring system on zabbix, using
>>> http://bucardo.org/wiki/Check_postgres
>>>
>>> Everything's fine, however I cannot seem to use action=checkpoint
>>> without some intervention on permissions.
>>> See http://bucardo.org/check_postgres/check_postgres.pl.html#checkpoint
>>>
>>> The data directory is
>>> drwx------+ 11 postgres postgres 4096 Apr 2 13:37 /var/lib/pgsql/data
>>>
>>> so putting zabbix in the postgres group won't have any effect, and there
>>> is not enough information for us to be sure that we can add read permission
>>> to the group without impact, once the template I'm making is ported to a
>>> large number of boxes, some of which may have local policies we are not
>>> aware of.
>>>
>>> I'm left with the option of giving the zabbix agent daemon a limited
>>> sudo right, which I quite do not like because it will need to be replicated
>>> on all single boxes... is anyone aware of an alternative solution?
>>>
>>> Cheerio
>>> Bèrto
>>>
>>> --
>>> ==============================
>>> If Pac-Man had affected us as kids, we'd all be running around in a
>>> darkened room munching pills and listening to repetitive music.
>>>
>>
>>
>
>
> --
> ==============================
> If Pac-Man had affected us as kids, we'd all be running around in a
> darkened room munching pills and listening to repetitive music.
>

Sorry, I read it wrong.

But, in general, I see no problem giving read permission to a group, as if
some user has postgres group it should at least be able to read the files.

--
Matheus de Oliveira

Bacharelado em Ciências de Computação
Laboratório de Computação de Alto Desempenho -
LCAD<http://www.lcad.icmc.usp.br/>
Instituto de Ciências Matemáticas e de Computação -
ICMC<http://www.icmc.usp.br/>
Universidade de São Paulo - USP <http://www.sc.usp.br/>