On Sun, May 30, 2010 at 8:11 PM, Ravi Jaya <[email protected]> wrote: > I am sharing a snippet of perl code which I wrote last night to monitor the > mysql server. If the server is down it would alert the system admin by > sending email.
First option is to use a monitoring application like monit to check if your mysql server is running. Putting a robust monitoring system is nearly always better than using a hacked together script. Second option is to use Perl DBI and try connecting to the MySQL instance. You can extend this option by querying various DB parameters to ensure that the server is running within tolerance limits. > you check out the code in the link mention below. I appreciate you comment > or if you need of any feature request, please revert to the list. > http://bit.ly/bnsEgc, Here are 3 comments on your Perl code: quote: my $status = `lsof -i | grep mysql | tr -s ' ' | cut -f 1 -d ' '`; It's bad Perl style to rely on external apps like grep/tr/cut to manipulate text. Replace them with Perl's internal routines. The Camel Book has details on why this practice should be followed. quote: my $logfile = 'file'; quote: open (LOGFILE, ">>$logfile"); You are writing to "file" in the current working directory from where this script is invoked. This is insecure code and vulnerable to the following exploit: 1. attacker creates a sym link using "ln -s /etc/passwd ~/file" 2. Root does "cd ~attacker; /path/to/mysqlmon" will corrupt /etc/passwd Solution is to use absolute path for $logfile, or better yet use syslog or a proper logging module from CPAN. Check return value of open() and other system calls. Eg. open($fname) or die "Error opening $fname: $!". - Raja _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
