[Nagiosplug-devel] Checking for unknown NIS servers?

[Andreas Ericsson]

C. Bensend wrote:
>>contact the individual addresses?  my assumption was that for
>>NIS broadcasting you simply put some noise on the wire, and any
>>masters on the local network segment responded.
> 
> 
> As best I understand it, yes, that's the way it works.
> 
> 
>>more to the point, i was thinking a tool like the following might be
>>nice:
>>
>>check_nis -d domain1,domain2 -H host1    <--- check master for serving
>>domain
>>check_nis -d domain1,domain2 -b [addr]   <--- same, but broadcast
>>check_nis -d domain1,domain2 -x          <--- same, but invert matching
>>sense
>>
>>the last is what the OP was talking about, i guess.  unfortunately my
>>NIS/YP/RPC-foo isn't nearly up to the challenge, at least without
>>a couple RTFM pointers.
> 
> 
> Personally, I need something like:
> 
> check_nis -d domain1,domain2 -x -s server1,server2
> 
> ... that will return a non-OK value if any _more_ servers respond,


And this is where the trouble lies. How long should we wait for any 
other server to respond, and how many broadcasts should we send?

> other than server1 or server2, such as an unintentional or rogue
> server3 answering the broadcast.
> 
> I know I can't code it, but I could certainly help test it if
> someone were to take a shot.  :)
> 

A much better way is to set up a daemon which listens to broadcasts and 
shouts out loud if it hears one from the wrong server. You still have to 
implement the NIS protocol (partially) but you can get rid of the 
problem of having plugins run with elevated privileges and determining 
how long to wait.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231