以非 root 用户身份运行 monit

Question

我不相信monit只要对它的访问受到正确限制，以 root 身份运行就会出现问题。查看配置文件，/etc/monit/monitrc我注意到文件中的这一部分：

## Monit has an embedded web server which can be used to view status of 
## services monitored and manage services from a web interface. See the
## Monit Wiki if you want to enable SSL for the web server. 
#
# set httpd port 2812 and
#    use address localhost  # only accept connection from localhost
#    allow localhost        # allow localhost to connect to the server and
#    allow admin:monit      # require user 'admin' with password 'monit'
#    allow @monit           # allow users of group 'monit' to connect (rw)
#    allow @users readonly  # allow users of group 'users' to connect readonly
#

您只需允许通过 localhost 访问 HTTP 服务器即可。这将完全隔离monit，以便只允许在本地访问它。ssh -R 8080:monitserver:80 monitserver例如，如果您稍后需要访问它，则可以设置 SSH 隧道。

Answer 1

我不相信monit只要对它的访问受到正确限制，以 root 身份运行就会出现问题。查看配置文件，/etc/monit/monitrc我注意到文件中的这一部分：

## Monit has an embedded web server which can be used to view status of 
## services monitored and manage services from a web interface. See the
## Monit Wiki if you want to enable SSL for the web server. 
#
# set httpd port 2812 and
#    use address localhost  # only accept connection from localhost
#    allow localhost        # allow localhost to connect to the server and
#    allow admin:monit      # require user 'admin' with password 'monit'
#    allow @monit           # allow users of group 'monit' to connect (rw)
#    allow @users readonly  # allow users of group 'users' to connect readonly
#

您只需允许通过 localhost 访问 HTTP 服务器即可。这将完全隔离monit，以便只允许在本地访问它。ssh -R 8080:monitserver:80 monitserver例如，如果您稍后需要访问它，则可以设置 SSH 隧道。

以非 root 用户身份运行 monit

答案1

相关内容