Обсуждение: check_postgresql.pl for zabbix

Поиск
Список
Период
Сортировка

check_postgresql.pl for zabbix

От
Bèrto ëd Sèra
Дата:
Hi all,

I'm implementing a PG monitoring system on zabbix, using http://bucardo.org/wiki/Check_postgres 

Everything's fine, however I cannot seem to use action=checkpoint without some intervention on permissions. 

The data directory is 
drwx------+ 11 postgres postgres 4096 Apr  2 13:37 /var/lib/pgsql/data

so putting zabbix in the postgres group won't have any effect, and there is not enough information for us to be sure that we can add read permission to the group without impact, once the template I'm making is ported to a large number of boxes, some of which may have local policies we are not aware of.

I'm left with the option of giving the zabbix agent daemon a limited sudo right, which I quite do not like because it will need to be replicated on all single boxes... is anyone aware of an alternative solution?

Cheerio
Bèrto

--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.

Re: check_postgresql.pl for zabbix

От
Matheus de Oliveira
Дата:
Give read permissions to the group on the data directory and archives:

chmod g+r -R /var/lib/pgsql/data

I think just that will solve the problem, as you said that the agent is already been executed with postgres group.

Regards,
--
Matheus de Oliveira

Bacharelado em Ciências de Computação
Laboratório de Computação de Alto Desempenho - LCAD
Instituto de Ciências Matemáticas e de Computação - ICMC
Universidade de São Paulo - USP




On Wed, Apr 4, 2012 at 6:53 AM, Bèrto ëd Sèra <berto.d.sera@gmail.com> wrote:
Hi all,

I'm implementing a PG monitoring system on zabbix, using http://bucardo.org/wiki/Check_postgres 

Everything's fine, however I cannot seem to use action=checkpoint without some intervention on permissions. 

The data directory is 
drwx------+ 11 postgres postgres 4096 Apr  2 13:37 /var/lib/pgsql/data

so putting zabbix in the postgres group won't have any effect, and there is not enough information for us to be sure that we can add read permission to the group without impact, once the template I'm making is ported to a large number of boxes, some of which may have local policies we are not aware of.

I'm left with the option of giving the zabbix agent daemon a limited sudo right, which I quite do not like because it will need to be replicated on all single boxes... is anyone aware of an alternative solution?

Cheerio
Bèrto

--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.

Re: check_postgresql.pl for zabbix

От
Bèrto ëd Sèra
Дата:
Hi Matheus,

thanks but, as said before "there is not enough information for us to be sure that we can add read permission to the group without impact"... any other way to extract the same info?

Bèrto

On 4 April 2012 12:24, Matheus de Oliveira <matioli.matheus@gmail.com> wrote:
Give read permissions to the group on the data directory and archives:

chmod g+r -R /var/lib/pgsql/data

I think just that will solve the problem, as you said that the agent is already been executed with postgres group.

Regards,
--
Matheus de Oliveira

Bacharelado em Ciências de Computação
Laboratório de Computação de Alto Desempenho - LCAD
Instituto de Ciências Matemáticas e de Computação - ICMC
Universidade de São Paulo - USP





On Wed, Apr 4, 2012 at 6:53 AM, Bèrto ëd Sèra <berto.d.sera@gmail.com> wrote:
Hi all,

I'm implementing a PG monitoring system on zabbix, using http://bucardo.org/wiki/Check_postgres 

Everything's fine, however I cannot seem to use action=checkpoint without some intervention on permissions. 

The data directory is 
drwx------+ 11 postgres postgres 4096 Apr  2 13:37 /var/lib/pgsql/data

so putting zabbix in the postgres group won't have any effect, and there is not enough information for us to be sure that we can add read permission to the group without impact, once the template I'm making is ported to a large number of boxes, some of which may have local policies we are not aware of.

I'm left with the option of giving the zabbix agent daemon a limited sudo right, which I quite do not like because it will need to be replicated on all single boxes... is anyone aware of an alternative solution?

Cheerio
Bèrto

--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.




--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.

Re: check_postgresql.pl for zabbix

От
Matheus de Oliveira
Дата:

On Wed, Apr 4, 2012 at 10:12 AM, Bèrto ëd Sèra <berto.d.sera@gmail.com> wrote:
Hi Matheus,

thanks but, as said before "there is not enough information for us to be sure that we can add read permission to the group without impact"... any other way to extract the same info?

Bèrto

On 4 April 2012 12:24, Matheus de Oliveira <matioli.matheus@gmail.com> wrote:
Give read permissions to the group on the data directory and archives:

chmod g+r -R /var/lib/pgsql/data

I think just that will solve the problem, as you said that the agent is already been executed with postgres group.

Regards,
--
Matheus de Oliveira

Bacharelado em Ciências de Computação
Laboratório de Computação de Alto Desempenho - LCAD
Instituto de Ciências Matemáticas e de Computação - ICMC
Universidade de São Paulo - USP





On Wed, Apr 4, 2012 at 6:53 AM, Bèrto ëd Sèra <berto.d.sera@gmail.com> wrote:
Hi all,

I'm implementing a PG monitoring system on zabbix, using http://bucardo.org/wiki/Check_postgres 

Everything's fine, however I cannot seem to use action=checkpoint without some intervention on permissions. 

The data directory is 
drwx------+ 11 postgres postgres 4096 Apr  2 13:37 /var/lib/pgsql/data

so putting zabbix in the postgres group won't have any effect, and there is not enough information for us to be sure that we can add read permission to the group without impact, once the template I'm making is ported to a large number of boxes, some of which may have local policies we are not aware of.

I'm left with the option of giving the zabbix agent daemon a limited sudo right, which I quite do not like because it will need to be replicated on all single boxes... is anyone aware of an alternative solution?

Cheerio
Bèrto

--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.




--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.

Sorry, I read it wrong.

But, in general, I see no problem giving read permission to a group, as if some user has postgres group it should at least be able to read the files.

--
Matheus de Oliveira

Bacharelado em Ciências de Computação
Laboratório de Computação de Alto Desempenho - LCAD
Instituto de Ciências Matemáticas e de Computação - ICMC
Universidade de São Paulo - USP


Re: check_postgresql.pl for zabbix

От
Bèrto ëd Sèra
Дата:
Hi,

On 26 July 2012 08:03, <chirag.dave@gmail.com> wrote:
Interesting. so have you also created zabbix postgres template to go with it ?
 
I used to have one for zabbix 1.8, the main problem being that I had to manually create items for each single database. We assist a large number of customers and pretty often we have no clear idea of what they servers contain, hence we are now moving to zabbix 2.0 and trying to make it a self-discovery thing, so we do not need to have any manual alignment (and we do not risk having entire databases going unnoticed). 

I'll post something as soon as I have it working.

Bèrto

--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.