| mar98.tar |
Questions and Answers
Bjorn Satdeva This month, I'd like to mention some conferences coming up in 1998 that might be useful to system administrators. Here is a sampling:
IT Forum Conference
Networld+Interop Conference
System Administration, Networking & Security
Linux Expo
Networks Expo
USENIX Annual Technical Conference
WEB.X Conference
Large Installation System Administration
1st International System Administration and
12th Systems Administration Conference (LISA '98)
ftp://ftp.sysadmin.com/pub/sysadmin/tools/host/swatch
You might also want to look at a paper by Carl Shipley and Chingyow Wang from the LISA V conference proceedings, "Monitoring Activity on a Large UNIX Network with Perl and sysogd." Both of these are passive tools, so they cannot take any action, such as restarting a daemon. However, it is fairly trivial to write a small Perl program to do what you want. The simplest thing to implement is a program that does an exec of the daemon, and then waits for the child to exit. In Perl, the rudimentary version of what you want would look something like this (you will need to add checks for various failure modes, such as to frequent forks):
while ( 1 ) {
unless (fork) {
# This is the child process
exec ( YOUR_DAEMON_HERE ):
}
# Make the parent wait
wait;
sleep 5;
}
Or, you could write a Perl script that sends signal 0 (zero) to the process. If the process has gone away, this will cause a failure, and you can then restart the daemon. The advantage of the first solution is that you get an instant restart of the daemon, but at the cost of a second process.
There are other books that do provide detail, but which ones you should read depends on your situation. I've listed a few here, which, incidentally, are all from O'Reilly and Associates. DNS and BIND by Paul Albitz and Cricket Liu explains much of the working and configuration of the name server. The Sendmail Book, by Bryan Costales with Eric Allman and Neil Rickert, gives a very good overview of sendmail - how it works, and how it can be configured. Don't worry too much about the sendmail configuration rules in the beginning; the M4 configuration macros described in Appendix E will suffice in nearly all cases. Focus on getting a general understanding of how sendmail works and where the security potholes are located (in addition to the the programming flaws of sendmail itself, of course). Finally, TCP/IP Network Administration by Craig Hunt gives a very good introduction to how to administer TCP/IP networks. Unlike most other networking books, its focus is on the administration part of networking, and it more or less ignores the programming issues - exactly what is needed for an emerging TCP/IP administrator.
It is my plan to make them all available in my copious spare time. In the meantime, however, I suggest you check the library for copies of the old issues. About the Author
Bjorn Satdeva is the president of /sys/admin, inc., a consulting firm which specializes in large installation system administration. Bjorn is also co-founder and former president of Bay-LISA, a San Francisco Bay Area user's group for system administrators of large sites. Bjorn can be contacted at /sys/admin, inc., 2787 Moorpark Ave., San Jose, CA 95128; electronically at bjorn@sysadmin.com; or by phone at (408) 241-3111.
|
I've been trying to find a tool/utility/package that will allow an administrator to remotely monitor, unattended, a Sun-based TCP/IP network connected to the Internet. I need something that can be configured to send alerts, alarms, etc. to the monitoring system as well as page the administrator - maybe something that can monitor HTTP processes and alert/restart when they go down. Do you know of anything like this?
It looks to me as if the tool you want is swatch. This tool looks for messages appearing in the syslog output and is able to take various actions, determined by a configuration file. swatch is described in the LISA VII proceedings. The paper is also included in the source.