Thanks for patch, very nice feature :) PAM support added to CVS, you can get it here: http://savannah.nongnu.org/cvs/?group=monit
(verified PAM support on Linux, Mac OS X, FreeBSD, NetBSD ... works well :)
Thanks, Martin P.S. sorry for long delay On Apr 1, 2008, at 9:18 PM, Wilhelm Meier wrote:
Hello, here is a small patch for monit-4.10.1 to make monit Linux-PAM aware. With this patch it is possible to setup monit to use the posix-group-membership to distinguish between user who 1) can't see any information from the monit webserver 2) get a readonly view 3) can restart services, enable/disable monitoring, etc. together with autorization via Linux-PAM. Therefore one can define in the monitrc: -- # to give users of posix-group 'group' readonly view allow @group readonly # to give users of posix-group 'service' full view allow @service -- Users who are not authenticated via pam don't see anything. The patch is most usefull if the system where monit runs is setup with nss (name service switch) and PAM using a centralized user database. In most cases this would be LDAP. Group membership is resolved via nss and authorization is done via PAM-Service 'monit'. If one uses LDAP as centralized user-DB nss-ldap and pam-ldap are necessary components. Enjoy, -- Wilhelm <monit-4.10.1-pam.patch>-- To unsubscribe: http://lists.nongnu.org/mailman/listinfo/monit-general
-- To unsubscribe: http://lists.nongnu.org/mailman/listinfo/monit-general
