hi, i just installed zenoss from RPM on a Redhat Enterprise 5 box. i saw it at a demonstration last december in washington and am looking forward to trying it out.
however, i do have some minor gripes about the RPM install process. a) i want to be able to use a database other than localhost. standard practice, doesn't make sense to me to not be able to do so. b) when starting zenoss for the first time, it prompts for the root password whish is then displayed in plain text on the screen!!! try adding 'stty -echo' before the 'read response' line (line 68) in $ZENHOME/bin/install-functions.sh and 'stty echo' after that line. that turns off terminal echoes, cf also http://tldp.org/LDP/abs/html/system.html#SECRETPW . c) another security gripe: http://community.zenoss.com/docs/install-guides/install-on-redhat-enterprise-linux/ mr. huckins suggests turning off iptables altogether. please don't suggest this. any inexperienced user following those instructions will do so and offer an open box to the world. not a good idea. as this page is specific for RHEL, better to offer instructions on how to edit /etc/sysconfig/iptables to add those ports. d) a brief glance through the installation scripts seems to suggest that zenoss replaces without taking into account any previous content /etc/sudoers and /etc/snmp.conf. i haven't verified this yet, but it seems to be very wrong if it is doing so. e) zenoss installs scripts into the sysV boot directories. good idea, better idea even to make it support chkconfig for RedHat derived systems. also a brief check of my rc*.d directories makes me also assume that kill links aren't installed. i can offer patches for problems b), c) and e) fairly immediately if required. a) is beyond my knowledge, as i know almost zilch about zope. for d), i'd probably have to dig deeper into the code and know more about the installation process. i'm assuming this only happens with RPM based installations. sorry for firing off these gripes in such a huffy manner, i feel a monitoring application should be more security aware. otherwise, i'm actually quite excited about having a look at zenoss now to see if it's everything i hope it is. the propaganda seems to say so. :) regards, sb -- Simon Bailey Systems Administrator Institut fuer Informatik Universitaet Innsbruck Technikerstrasse 21a/2 A-6020 Innsbruck Tel: +43 (0) 512 507 - 6433 Mob: +43 (0) 664 812 5267 Fax: +43 (0) 512 507 - 2887 http://informatik.uibk.ac.at/
signature.asc
Description: Digital signature
_______________________________________________ zenoss-users mailing list [email protected] http://lists.zenoss.org/mailman/listinfo/zenoss-users
