我似乎无法获得monit status或其他CLI命令的工作。
我已经构build了monit v5.8在Raspberry Pi上运行。 我可以添加服务进行监控,并可以访问networking界面就好,因为我已经设置为公共只读访问(这是一个testing服务器,而不是我最终的生产设置,所以不是一个大的现在处理)。
问题是,当我以root monit status login时运行monit status 时,得到:
# monit status monit: cannot read status from the monit daemon
我也有启动通过这个/etc/inittab文件条目启动:
mo:2345:respawn:/usr/local/bin/monit -Ic /etc/monitrc
我已经validation了monit正在运行,并且在我手动杀死monit进程或重新启动我的覆盆子pi的时候收到了电子邮件警报。 所以,接下来我检查我的monitrc文件权限,看看哪个组被允许访问。
# ls -al /etc/monitrc -rw------- 1 root root 2359 Aug 24 14:48 /etc/monitrc
这里是我的控制文件的相关允许部分。
set httpd port 80 allow [omitted] readonly allow @root allow localhost allow 0.0.0.0/0.0.0.0
此外尝试将此文件上的设置权限设置为640以允许组读取权限,但是无论我尝试如何,我都会得到与上述相同的错误,或者权限设置为640我会得到:
# monit status monit: The control file '/etc/monitrc' must have permissions no more than -rwx------ (0700); right now permissions are -rw-r----- (0640).
我在这里错过了什么? 我知道httpd必须启用,因为这是CLI用来获取信息的界面(或者我已经阅读过),所以我已经完成了。 而在监控工作和发送电子邮件警报方面,这一切都是有效的。
这是我的整个monitrc文件 – 同样,这是版本v5.8,它是与PAM和SSL支持构build。 该进程在root用户下运行:
# Global settings set daemon 300 with start delay 5 set logfile /var/log/monit.log set pidfile /var/run/monit.pid set idfile /var/run/.monit.id set statefile /var/run/.monit.state # Mail alerts ## Set the list of mail servers for alert delivery. Multiple servers may be ## specified using a comma separator. If the first mail server fails, Monit # will use the second mail server in the list and so on. By default Monit uses # port 25 - it is possible to override this with the PORT option. # set mailserver smtp.gmail.com port 587 username [omitted] password [omitted] using tlsv1 ## Send status and events to M/Monit (for more informations about M/Monit ## see http://mmonit.com/). By default Monit registers credentials with ## M/Monit so M/Monit can smoothly communicate back to Monit and you don't ## have to register Monit credentials manually in M/Monit. It is possible to ## disable credential registration using the commented out option below. ## Though, if safety is a concern we recommend instead using https when ## communicating with M/Monit and send credentials encrypted. # # set mmonit http://monit:[email protected]:8080/collector # # and register without credentials # Don't register credentials # # ## Monit by default uses the following format for alerts if the the mail-format ## statement is missing:: set mail-format { from: [email protected] subject: $SERVICE $DESCRIPTION message: $EVENT Service: $SERVICE Date: $DATE Action: $ACTION Host: $HOST Description: $DESCRIPTION Monit instance provided by chicagomeshnet.com } # Web status page set httpd port 80 allow [omitted] readonly allow @root allow localhost allow 0.0.0.0/0.0.0.0 ## You can set alert recipients whom will receive alerts if/when a ## service defined in this file has errors. Alerts may be restricted on ## events by using a filter as in the second example below.
尝试使用-v和-vv标志来增加状态命令的详细程度。 下一个伟大的工具来debugging这样的问题是strace 。 安装并运行:
strace -efile -o trace.log monit status
很可能你会在日志结尾附近find原因。 如果这没有帮助,请运行:
strace -f -o trace.log monit status
看到所有的系统调用程序和它的孩子正在做。 search未find , 连接被拒绝 ,以及这样的错误。
为了让我的工作,我必须有一个allow admin:monit规则。
set httpd port 2812 and use address 0.0.0.0 allow 0.0.0.0/0 allow localhost allow admin:monit allow guest:guest read-only