Closed precurse closed 8 years ago
I think you need need:
check "if does not exist then restart
if does not exist then exec /etc/monit/slack.rb as uid \"nobody\" and gid \"nobody\""
or alternately (same effect, maybe a little easier to read):
check [
'if does not exist then restart'
'if does not exist then exec /etc/monit/slack.rb as uid "nobody" and gid "nobody"',
]
But the key point in either case is the names are in double quotes. Also make sure your Monit is new enough to support the feature.
That one particular example showed them with quotes, but others don't.. So I think it's optional (just not consistent in the examples).
I just tried with escaped quotes but it failed too.
Should the version of monit really matter if it's the cookbook that is failing to run? Stackoverflow looks like it has examples from 2010 using "as uid and guid": http://serverfault.com/questions/50628/how-i-configure-monit-to-start-a-process-with-a-specific-user
Thanks
What's the error from the cookbook? The only thing I would expect from that is a validation failure which means that monit -t
is rejecting the config as invalid.
Ah good point. Error is:
Error executing action `create` on resource 'monit_check[nginx]'
================================================================================
Chef::Exceptions::ValidationFailed
----------------------------------
file[/etc/monit/conf.d/nginx.conf] (/var/chef/cache/cookbooks/poise-monit/files/halite_gem/poise_monit/resources/monit_config.rb line 90) had an error: Chef::Exceptions::ValidationFailed: Proposed content for /etc/monit/con
f.d/nginx.conf failed verification #<Chef::Resource::File::Verification:0x00000003dc3ae0>
Cookbook Trace:
---------------
/var/chef/cache/cookbooks/poise/files/halite_gem/poise/helpers/notifying_block.rb:69:in `notifying_block'
/var/chef/cache/cookbooks/poise-monit/files/halite_gem/poise_monit/resources/monit_config.rb:72:in `action_create'```
I'll try manually validating it with monit -t
Yep, Monit itself says it isn't a valid config, the cookbook is just the messenger :)
hah, good call.
# /opt/monit-5.16/bin/monit -t -c /etc/monit/monitrc /etc/monit/conf.d/nginx.conf:5: Requested group not found on the system 'nobody'
user nobody exists on ubuntu, but group doesn't.
Thanks!
Glad I could help. We should probably improve the validation feature in Chef to expose that message out to the user :)
Hello,
I'm trying to specify a user to run a specific script as since it's better practice to run things with the least necessary privileges. However, when I try to specify it in the check, the cookbook fails to run.
Example that works:
Example that does not work:
However, according to the Monit documentation, this is a valid check: https://mmonit.com/monit/documentation/monit.html#ACTION
Thanks!