diff options
author | Vyacheslav Pedash <vyacheslav.pedash@globallogic.com> | 2021-02-24 00:19:42 +0200 |
---|---|---|
committer | John Klug <john.klug@multitech.com> | 2021-02-24 16:10:49 -0600 |
commit | 3e012e80ee564cf5408e23188261acadbb5e5f90 (patch) | |
tree | 75d260edf9a09ab96d9d047eb0bbc4ccd8739987 /recipes-extended | |
parent | d2a28c4c3f1d2d7814672e80d24ee053cee49b1d (diff) | |
download | meta-mlinux-3e012e80ee564cf5408e23188261acadbb5e5f90.tar.gz meta-mlinux-3e012e80ee564cf5408e23188261acadbb5e5f90.tar.bz2 meta-mlinux-3e012e80ee564cf5408e23188261acadbb5e5f90.zip |
MTX-3853 Update monit to v 5.26.0
Diffstat (limited to 'recipes-extended')
-rwxr-xr-x | recipes-extended/monit/monit/monit | 53 | ||||
-rwxr-xr-x | recipes-extended/monit/monit/monit.init | 37 | ||||
-rw-r--r-- | recipes-extended/monit/monit/monitrc | 174 | ||||
-rw-r--r-- | recipes-extended/monit/monit_5.22.0.bb | 51 | ||||
-rw-r--r-- | recipes-extended/monit/monit_5.26.0.bbappend | 18 |
5 files changed, 177 insertions, 156 deletions
diff --git a/recipes-extended/monit/monit/monit b/recipes-extended/monit/monit/monit new file mode 100755 index 0000000..a6d0e95 --- /dev/null +++ b/recipes-extended/monit/monit/monit @@ -0,0 +1,53 @@ +#! /bin/sh +# +# This is an init script for openembedded +# Copy it to /etc/init.d/monit and type +# > update-rc.d monit defaults 89 +# + +## mlinux +ENABLED=yes +[ -f /etc/default/monit ] && . /etc/default/monit + +if [ "$ENABLED" != "yes" ]; then + echo "monit: disabled in /etc/default" + exit +fi +## mlinux + +monit=/usr/bin/monit +pidfile=/var/run/monit.pid +monit_args="-c /etc/monitrc" + +test -x "$monit" || exit 0 + +case "$1" in + start) + echo -n "Starting Monit" + start-stop-daemon --start --quiet --exec $monit -- $monit_args + RETVAL=$? + echo "." + ;; + stop) + echo -n "Stopping Monit" + start-stop-daemon --stop --quiet --pidfile $pidfile + RETVAL=$? + echo "." + ;; + restart) + $0 stop + $0 start + RETVAL=$? + ;; + status) + $monit $monit_args status + RETVAL=$? + echo "." + ;; + *) + echo "Usage: $0 {start|stop|restart|status}" + exit 1 +esac + +exit $RETVAL + diff --git a/recipes-extended/monit/monit/monit.init b/recipes-extended/monit/monit/monit.init deleted file mode 100755 index 0a3c2ea..0000000 --- a/recipes-extended/monit/monit/monit.init +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh - -NAME=monit - -ENABLED=yes -[ -f /etc/default/$NAME ] && . /etc/default/$NAME - -if [ "$ENABLED" != "yes" ]; then - echo "$NAME: disabled in /etc/default" - exit -fi - -case $1 in - start) - echo "Starting monit" - monit - ;; - - stop) - echo "Stopping monit" - monit quit - ;; - - restart) - echo "Stopping monit" - monit quit - echo "Starting monit" - monit - ;; - - *) - echo "Usage: $0 {start|stop|restart}" - exit 2 - ;; -esac - - diff --git a/recipes-extended/monit/monit/monitrc b/recipes-extended/monit/monit/monitrc index d04b115..492f529 100644 --- a/recipes-extended/monit/monit/monitrc +++ b/recipes-extended/monit/monit/monitrc @@ -5,8 +5,8 @@ ## Comments begin with a '#' and extend through the end of the line. Keywords ## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. ## -## Below you will find examples of some frequently used statements. For -## information about the control file and a complete list of statements and +## Below you will find examples of some frequently used statements. For +## information about the control file and a complete list of statements and ## options, please have a look in the Monit manual. ## ## @@ -17,15 +17,15 @@ ## Start Monit in the background (run as a daemon): # set daemon 30 # check services at 30 seconds intervals -# with start delay 240 # optional: delay the first check by 4-minutes (by +# with start delay 240 # optional: delay the first check by 4-minutes (by # # default Monit check immediately after Monit start) # # -## Set syslog logging with the 'daemon' facility. If the FACILITY option is -## omitted, Monit will use 'user' facility by default. If you want to log to -## a standalone log file instead, specify the full path to the log file +## Set syslog logging. If you want to log to a standalone log file instead, +## specify the full path to the log file # -set logfile syslog facility log_daemon +set log syslog + # # ## Set the location of the Monit lock file which stores the process id of the @@ -34,7 +34,7 @@ set logfile syslog facility log_daemon # set pidfile /var/run/monit.pid # ## Set the location of the Monit id file which stores the unique id for the -## Monit instance. The id is generated and stored on first Monit start. By +## Monit instance. The id is generated and stored on first Monit start. By ## default the file is placed in $HOME/.monit.id. # # set idfile /var/.monit.id @@ -47,9 +47,34 @@ set logfile syslog facility log_daemon # # set statefile /var/.monit.state # -## Set the list of mail servers for alert delivery. Multiple servers may be -## specified using a comma separator. If the first mail server fails, Monit -# will use the second mail server in the list and so on. By default Monit uses +# + +## Set limits for various tests. The following example shows the default values: +## +# set limits { +# programOutput: 512 B, # check program's output truncate limit +# sendExpectBuffer: 256 B, # limit for send/expect protocol test +# fileContentBuffer: 512 B, # limit for file content test +# httpContentBuffer: 1 MB, # limit for HTTP content test +# networkTimeout: 5 seconds # timeout for network I/O +# programTimeout: 300 seconds # timeout for check program +# stopTimeout: 30 seconds # timeout for service stop +# startTimeout: 30 seconds # timeout for service start +# restartTimeout: 30 seconds # timeout for service restart +# } + +## Set global SSL options (just most common options showed, see manual for +## full list). +# +# set ssl { +# verify : enable, # verify SSL certificates (disabled by default but STRONGLY RECOMMENDED) +# selfsigned : allow # allow self signed SSL certificates (reject by default) +# } +# +# +## Set the list of mail servers for alert delivery. Multiple servers may be +## specified using a comma separator. If the first mail server fails, Monit +# will use the second mail server in the list and so on. By default Monit uses # port 25 - it is possible to override this with the PORT option. # # set mailserver mail.bar.baz, # primary mailserver @@ -57,10 +82,10 @@ set logfile syslog facility log_daemon # localhost # fallback relay # # -## By default Monit will drop alert events if no mail servers are available. -## If you want to keep the alerts for later delivery retry, you can use the -## EVENTQUEUE statement. The base directory where undelivered alerts will be -## stored is specified by the BASEDIR option. You can limit the queue size +## By default Monit will drop alert events if no mail servers are available. +## If you want to keep the alerts for later delivery retry, you can use the +## EVENTQUEUE statement. The base directory where undelivered alerts will be +## stored is specified by the BASEDIR option. You can limit the queue size ## by using the SLOTS option (if omitted, the queue is limited by space ## available in the back end filesystem). # @@ -69,23 +94,27 @@ set logfile syslog facility log_daemon # slots 100 # optionally limit the queue size # # -## Send status and events to M/Monit (for more informations about M/Monit -## see http://mmonit.com/). By default Monit registers credentials with +## Send status and events to M/Monit (for more information about M/Monit +## see https://mmonit.com/). By default Monit registers credentials with ## M/Monit so M/Monit can smoothly communicate back to Monit and you don't ## have to register Monit credentials manually in M/Monit. It is possible to -## disable credential registration using the commented out option below. +## disable credential registration using the commented out option below. ## Though, if safety is a concern we recommend instead using https when -## communicating with M/Monit and send credentials encrypted. +## communicating with M/Monit and send credentials encrypted. The password +## should be URL encoded if it contains URL-significant characters like +## ":", "?", "@". Default timeout is 5 seconds, you can customize it by +## adding the timeout option. # # set mmonit http://monit:monit@192.168.1.10:8080/collector +# # with timeout 30 seconds # Default timeout is 5 seconds # # and register without credentials # Don't register credentials # # -## Monit by default uses the following format for alerts if the the mail-format +## Monit by default uses the following format for alerts if the mail-format ## statement is missing:: ## --8<-- ## set mail-format { -## from: monit@$HOST +## from: Monit <monit@$HOST> ## subject: monit alert -- $EVENT $SERVICE ## message: $EVENT Service $SERVICE ## Date: $DATE @@ -105,8 +134,8 @@ set logfile syslog facility log_daemon # set mail-format { from: monit@foo.bar } # # -## You can set alert recipients whom will receive alerts if/when a -## service defined in this file has errors. Alerts may be restricted on +## You can set alert recipients whom will receive alerts if/when a +## service defined in this file has errors. Alerts may be restricted on ## events by using a filter as in the second example below. # # set alert sysadm@foo.bar # receive all alerts @@ -117,18 +146,27 @@ set logfile syslog facility log_daemon # set alert your-name@your.domain not on { instance, action } # # -## Monit has an embedded HTTP interface which can be used to view status of -## services monitored and manage services from a web interface. The HTTP +## Monit has an embedded HTTP interface which can be used to view status of +## services monitored and manage services from a web interface. The HTTP ## interface is also required if you want to issue Monit commands from the ## command line, such as 'monit status' or 'monit restart service' The reason ## for this is that the Monit client uses the HTTP interface to send these -## commands to a running Monit daemon. See the Monit Wiki if you want to -## enable SSL for the HTTP interface. +## commands to a running Monit daemon. See the Monit Wiki if you want to +## enable SSL for the HTTP interface. # set httpd port 2812 and - use address localhost # only accept connection from localhost + use address localhost # only accept connection from localhost (drop if you use M/Monit) allow localhost # allow localhost to connect to the server and allow admin:monit # require user 'admin' with password 'monit' + #with ssl { # enable SSL/TLS and set path to server certificate + # pemfile: /etc/ssl/certs/monit.pem + #} +# +## Monit can perform act differently regarding services previous state when +## going back in duty. By default, Monit will 'start' all services. Monit can +## also takes no action to start services in 'nostart' mode. Monit can try to +## restore the 'laststate' of the service when Monit was shutdown. +# set onreboot start # start, nostart, laststart ############################################################################### ## Services @@ -138,42 +176,40 @@ set httpd port 2812 and ## usage. Each test specifies a resource, conditions and the action to be ## performed should a test fail. # -# check system myhost.mydomain.tld -# if loadavg (1min) > 4 then alert -# if loadavg (5min) > 2 then alert +# check system $HOST +# if loadavg (1min) per core > 2 for 5 cycles then alert +# if loadavg (5min) per core > 1.5 for 10 cycles then alert +# if cpu usage > 95% for 10 cycles then alert # if memory usage > 75% then alert # if swap usage > 25% then alert -# if cpu usage (user) > 70% then alert -# if cpu usage (system) > 30% then alert -# if cpu usage (wait) > 20% then alert # -# +# ## Check if a file exists, checksum, permissions, uid and gid. In addition -## to alert recipients in the global section, customized alert can be sent to -## additional recipients by specifying a local alert handler. The service may +## to alert recipients in the global section, customized alert can be sent to +## additional recipients by specifying a local alert handler. The service may ## be grouped using the GROUP option. More than one group can be specified by ## repeating the 'group name' statement. -# +# # check file apache_bin with path /usr/local/apache/bin/httpd -# if failed checksum and +# if failed checksum and # expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor # if failed permission 755 then unmonitor -# if failed uid root then unmonitor -# if failed gid root then unmonitor +# if failed uid "root" then unmonitor +# if failed gid "root" then unmonitor # alert security@foo.bar on { # checksum, permission, uid, gid, unmonitor # } with the mail-format { subject: Alarm! } # group server # -# +# ## Check that a process is running, in this case Apache, and that it respond ## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory, -## and number of children. If the process is not running, Monit will restart -## it by default. In case the service is restarted very often and the +## and number of children. If the process is not running, Monit will restart +## it by default. In case the service is restarted very often and the ## problem remains, it is possible to disable monitoring using the TIMEOUT ## statement. This service depends on another service (apache_bin) which ## is defined above. -# +# # check process apache with pidfile /usr/local/apache/logs/httpd.pid # start program = "/etc/init.d/httpd start" with timeout 60 seconds # stop program = "/etc/init.d/httpd stop" @@ -181,50 +217,52 @@ set httpd port 2812 and # if cpu > 80% for 5 cycles then restart # if totalmem > 200.0 MB for 5 cycles then restart # if children > 250 then restart -# if loadavg(5min) greater than 10 for 8 cycles then stop -# if failed host www.tildeslash.com port 80 protocol http -# and request "/somefile.html" -# then restart -# if failed port 443 type tcpssl protocol http -# with timeout 15 seconds -# then restart -# if 3 restarts within 5 cycles then timeout +# if disk read > 500 kb/s for 10 cycles then alert +# if disk write > 500 kb/s for 10 cycles then alert +# if failed host www.tildeslash.com port 80 protocol http and request "/somefile.html" then restart +# if failed port 443 protocol https with timeout 15 seconds then restart +# if 3 restarts within 5 cycles then unmonitor # depends on apache_bin # group server -# -# -## Check filesystem permissions, uid, gid, space and inode usage. Other services, -## such as databases, may depend on this resource and an automatically graceful -## stop may be cascaded to them before the filesystem will become full and data +# +# +## Check filesystem permissions, uid, gid, space usage, inode usage and disk I/O. +## Other services, such as databases, may depend on this resource and an automatically +## graceful stop may be cascaded to them before the filesystem will become full and data ## lost. # # check filesystem datafs with path /dev/sdb1 # start program = "/bin/mount /data" # stop program = "/bin/umount /data" # if failed permission 660 then unmonitor -# if failed uid root then unmonitor -# if failed gid disk then unmonitor +# if failed uid "root" then unmonitor +# if failed gid "disk" then unmonitor # if space usage > 80% for 5 times within 15 cycles then alert # if space usage > 99% then stop # if inode usage > 30000 then alert # if inode usage > 99% then stop +# if read rate > 1 MB/s for 5 cycles then alert +# if read rate > 500 operations/s for 5 cycles then alert +# if write rate > 1 MB/s for 5 cycles then alert +# if write rate > 500 operations/s for 5 cycles then alert +# if service time > 10 milliseconds for 3 times within 5 cycles then alert # group server # # -## Check a file's timestamp. In this example, we test if a file is older +## Check a file's timestamp. In this example, we test if a file is older ## than 15 minutes and assume something is wrong if its not updated. Also, ## if the file size exceed a given limit, execute a script # # check file database with path /data/mydatabase.db # if failed permission 700 then alert -# if failed uid data then alert -# if failed gid data then alert +# if failed uid "data" then alert +# if failed gid "data" then alert # if timestamp > 15 minutes then alert # if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba # # -## Check directory permission, uid and gid. An event is triggered if the -## directory does not belong to the user with uid 0 and gid 0. In addition, +## Check directory permission, uid and gid. An event is triggered if the +## directory does not belong to the user with uid 0 and gid 0. In addition, ## the permissions have to match the octal description of 755 (see chmod(1)). # # check directory bin with path /bin @@ -233,8 +271,8 @@ set httpd port 2812 and # if failed gid 0 then unmonitor # # -## Check a remote host availability by issuing a ping test and check the -## content of a response from a web server. Up to three pings are sent and +## Check a remote host availability by issuing a ping test and check the +## content of a response from a web server. Up to three pings are sent and ## connection to a port and an application level network check is performed. # # check host myserver with address 192.168.1.1 @@ -253,7 +291,7 @@ set httpd port 2812 and # if changed link then alert # if saturation > 90% then alert # if download > 10 MB/s then alert -# if total upload > 1 GB in last hour then alert +# if total uploaded > 1 GB in last hour then alert # # ## Check custom program status output. diff --git a/recipes-extended/monit/monit_5.22.0.bb b/recipes-extended/monit/monit_5.22.0.bb deleted file mode 100644 index 3ad3074..0000000 --- a/recipes-extended/monit/monit_5.22.0.bb +++ /dev/null @@ -1,51 +0,0 @@ -DESCRIPTION = "Monit" -HOMEPAGE = "http://mmonit.com/" -LICENSE = "AGPL-3.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=ea116a7defaf0e93b3bb73b2a34a3f51" -DEPENDS = "libpam zlib openssl" - -PR = "r0" - -SRC_URI = "http://mmonit.com/monit/dist/monit-5.22.0.tar.gz \ - file://monitrc \ - file://monit.init \ - file://monit.default \ - " - -SRC_URI[md5sum] = "768a637b8d23b6cbce271a8ff125c61f" -SRC_URI[sha256sum] = "9fc58b5e3caafd64f0b6fff3e65ae757239fab37d04fb33efce177da15176183" - -inherit autotools-brokensep - -EXTRA_OECONF += "--with-ssl-lib-dir=${STAGING_LIBDIR} \ - --with-ssl-incl-dir=${STAGING_INCDIR} \ - " - -# Regenerate autoconfig generated aclocal.m4/m4 contained in the tarball -EXTRA_AUTORECONF += " --force" - -do_configure_prepend() { - rm ${S}/aclocal.m4 - rm -Rf ${S}/m4 -} - -EXTRA_OECONF_append_arm = " libmonit_cv_setjmp_available=yes libmonit_cv_vsnprintf_c99_conformant=yes " - -inherit update-rc.d - -INITSCRIPT_NAME = "monit" -INITSCRIPT_PARAMS = "defaults 99 10" - -do_install_append() { - install -d ${D}${sysconfdir} - install -d ${D}${sysconfdir}/monit.d - install -m 0600 ${WORKDIR}/monitrc ${D}${sysconfdir}/ - - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/monit.init ${D}${sysconfdir}/init.d/monit - - install -d ${D}${sysconfdir}/default - install -m 0644 ${WORKDIR}/monit.default ${D}${sysconfdir}/default/monit -} - -CONFFILES_${PN} += "${sysconfdir}/monitrc ${sysconfdir}/default/monit" diff --git a/recipes-extended/monit/monit_5.26.0.bbappend b/recipes-extended/monit/monit_5.26.0.bbappend new file mode 100644 index 0000000..e35bb64 --- /dev/null +++ b/recipes-extended/monit/monit_5.26.0.bbappend @@ -0,0 +1,18 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/monit:" + +SRC_URI += "file://monit.default \ + " + +EXTRA_OECONF_remove_arm = "libmonit_cv_setjmp_available=no libmonit_cv_vsnprintf_c99_conformant=no" +EXTRA_OECONF_append_arm = " libmonit_cv_setjmp_available=yes libmonit_cv_vsnprintf_c99_conformant=yes " + +INITSCRIPT_PARAMS = "defaults 99 10" + +do_install_append() { + install -d ${D}${sysconfdir}/monit.d + + install -d ${D}${sysconfdir}/default + install -m 0644 ${WORKDIR}/monit.default ${D}${sysconfdir}/default/monit +} + +CONFFILES_${PN} += "${sysconfdir}/monitrc ${sysconfdir}/default/monit" |