I installed inotify and incrond to watch a directory and set the job as '/mnt/dir IN_ATTRIB chmod 0660 $@/$#' which worked very well except that as expected, IN_ATTRIB is to broad of a watch class as it caused an enormous amount of contention with the filemonitor and/or db server and the client side app was less than happy. Not to mention top showed it working away like mad...
Is there any way to look for permission changes only, or something else that might work?
Thanks! jlc
On Fri, May 01, 2009, Joseph L. Casale wrote:
I installed inotify and incrond to watch a directory and set the job as '/mnt/dir IN_ATTRIB chmod 0660 $@/$#' which worked very well except that as expected, IN_ATTRIB is to broad of a watch class as it caused an enormous amount of contention with the filemonitor and/or db server and the client side app was less than happy. Not to mention top showed it working away like mad...
Is there any way to look for permission changes only, or something else that might work?
Are you looking for real-time changes, or would an intrusion detection system such as aide or tripwire be sufficient?
Bill
On Fri, 2009-05-01 at 12:08 -0700, Bill Campbell wrote:
On Fri, May 01, 2009, Joseph L. Casale wrote:
I installed inotify and incrond to watch a directory and set the job as '/mnt/dir IN_ATTRIB chmod 0660 $@/$#' which worked very well except that as expected, IN_ATTRIB is to broad of a watch class as it caused an enormous amount of contention with the filemonitor and/or db server and the client side app was less than happy. Not to mention top showed it working away like mad...
Is there any way to look for permission changes only, or something else that might work?
Are you looking for real-time changes, or would an intrusion detection system such as aide or tripwire be sufficient?
Bill
--- I think tripwire would give him the results he needs. A real time app would be better to monitor the file change process while the client access the QB database. After the client exits the data base with the QB client the files are changed and the client can't work with them.
The changes are being done on the Linux side by gamin (filemon).
I do question what would happen if you stopped the "qbmonitord" daemon??
JohnStanley
After the client exits the data base with the QB client the files are changed and the client can't work with them.
Actually, they can but they can't delete files when they make test companies for example.
The changes are being done on the Linux side by gamin (filemon).
I do question what would happen if you stopped the "qbmonitord" daemon??
Well, then the two qb daemons are needed for the Enterprise version to run in multi user mode, so it would break if I stopped it, files set to multi user are no longer accessible iirc.
Realtime is not needed, I could just script it manually but I was hoping for a prettier solution.
jlc
On Fri, 2009-05-01 at 20:07 +0000, Joseph L. Casale wrote:
After the client exits the data base with the QB client the files are changed and the client can't work with them.
Actually, they can but they can't delete files when they make test companies for example.
Ahh now you say! They are not supposed to be able to delete it? I would just assuming here, would think there is a QB Administrator to do that job and not a regular user. Although I took the time to read the Canadian and US docs for the linux side I did not see anything pertaining to that. Maybe there is something in the Windows side Client Application?
BUT: As long as your AD authenticated user can w&r,they should be able to delete a file from the mapped share. But in essence what is happening is QBs Daemons are taking over and changing perms on the files.
I really think you need to have a heart to heart with Intuit. Here is another but. All the docs I read support SUSE EntL. RHEL and CentOS uses gamin and Suse uses fam-server. All the docs refer to fam-server and not gamin.
The changes are being done on the Linux side by gamin (filemon).
I do question what would happen if you stopped the "qbmonitord" daemon??
Well, then the two qb daemons are needed for the Enterprise version to run in multi user mode, so it would break if I stopped it, files set to multi user are no longer accessible iirc.
Realtime is not needed, I could just script it manually but I was hoping for a prettier solution.
jlc _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Gamin is a drop in replacement for FAM (with far less bugs). You should be able to build and install FAM with a added virtual provide for Gamin and it should just work.
-- Gary L. Greene, Jr. IT Operations Minerva Networks, Inc. Cell: (650) 704-6633 Phone: (408) 240-1239
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of JohnS Sent: Friday, May 01, 2009 2:38 PM To: CentOS mailing list Subject: Re: [CentOS] Inotify or equivalent
On Fri, 2009-05-01 at 20:07 +0000, Joseph L. Casale wrote:
After the client exits the data base with the QB client the files are changed and the client can't work with them.
Actually, they can but they can't delete files when they make test companies for example.
Ahh now you say! They are not supposed to be able to delete it? I would just assuming here, would think there is a QB Administrator to do that job and not a regular user. Although I took the time to read the Canadian and US docs for the linux side I did not see anything pertaining to that. Maybe there is something in the Windows side Client Application?
BUT: As long as your AD authenticated user can w&r,they should be able to delete a file from the mapped share. But in essence what is happening is QBs Daemons are taking over and changing perms on the files.
I really think you need to have a heart to heart with Intuit. Here is another but. All the docs I read support SUSE EntL. RHEL and CentOS uses gamin and Suse uses fam-server. All the docs refer to fam-server and not gamin.
The changes are being done on the Linux side by gamin (filemon).
I do question what would happen if you stopped the
"qbmonitord" daemon??
Well, then the two qb daemons are needed for the Enterprise version to run in multi user mode, so it would break if I stopped
it, files set to
multi user are no longer accessible iirc.
Realtime is not needed, I could just script it manually but
I was hoping
for a prettier solution.
jlc _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Joseph L. Casale wrote:
I installed inotify and incrond to watch a directory and set the job as '/mnt/dir IN_ATTRIB chmod 0660 $@/$#' which worked very well except that as expected, IN_ATTRIB is to broad of a watch class as it caused an enormous amount of contention with the filemonitor and/or db server and the client side app was less than happy. Not to mention top showed it working away like mad...
Is there any way to look for permission changes only, or something else that might work?
I used the example 2 in the inotifywait manpage as the starting point for my script. Using the close_write, create & move events worked well for me. Looked at incrond - seemed overkill/overcomplicated - chose not to use it.
But if it's fighting with something else in the background trying to do the same thing - it going to be a circular battle.
I used the example 2 in the inotifywait manpage as the starting point for my script. Using the close_write, create & move events worked well for me. Looked at incrond - seemed overkill/overcomplicated - chose not to use it.
But if it's fighting with something else in the background trying to do the same thing - it going to be a circular battle.
Well incrond was as easy as easy gets, but didn't seem to provide the level of control I need.
Taking your suggestion, I read that man page and setup a couple consoles with one running this: inotifywait -m --exclude "lost+found" --exclude "qbdir.dat" -e close --format "%:e %w" /mnt/Intuit_Data/*.*
And made some files, and used the client to access/edit/close a company file. Well, qbdbfilemon polls the directory endlessly and not mention there is a bloody myriad of close_write/close_nowrite that take place.
/me Throwing hands in the air...
Aside from a manual cron job, or explicit admin intervention each time a company is made, I'm at a loss.
Thanks everyone! jlc
Joseph L. Casale wrote:
/me Throwing hands in the air...
Aside from a manual cron job, or explicit admin intervention each time a company is made, I'm at a loss.
I think some people have gone so far as running a windows server under vmware to run the quickbooks share....
-
Bill Campbell -
Gary Greene -
JohnS -
Joseph L. Casale -
Les Mikesell -
Toby Bluhm