[icinga-users] illegal_object_name_chars option

Michael Friedrich michael.friedrich at univie.ac.at
Wed Mar 7 12:31:32 CET 2012


Tomas Macek wrote:
> On Wed, 7 Mar 2012, Michael Friedrich wrote:
>
>> Tomas Macek wrote:
>>> I know, that I can use "illegal_object_name_chars" option in icinga.cfg
>>> and I have there: "`~!$%^&*|'"<>?,()=". It's the default value.
>>> But the question for me is why shouldn't I just to leave this option
>>> blank? Why should I restrict the short name of the host name or service
>>> name?
>> imagine what such characters could cause in an interpreter / a shell
>> being called by the given macros you are using in your commands.
>>
>> http://docs.icinga.org/latest/en/configmain.html#configmain-illegal_object_name_chars
>>
>> the illegal macro chars only affect the macros which are dynamically
>> generated by external input (such as a check or a comment (author)) and
>> not being read from the configs.
>>
>>
>>> The documentation says "When used properly, the $HOSTNAME$ macro will
>>> contain this short name.". What means the "properly"?
>> given the examples above, you will learn that removing the ' from the
>> illegal object name chars will let define the following.
>>
>> define host {
>>      name foo'bar
>>      ...
>>      check_command check_foo
>> }
>>
>> define command {
>>      name check_foo
>>      command_line /bin/echo '$HOSTNAME$'
>> }
>>
>> will result in the command - see raw command line
>> https://wiki.icinga.org/display/testing/Icinga+Plugin+Testing
>>
>> $ /bin/echo 'foo'bar'
>>
>> run that and see yourself.
>>
>> so given the example, you will most likely understand that such basic
>> object attributes being reused as macros on commands (checks,
>> notifications, eventhandlers) can cause *dangerous* things and it is NOT
>> advised to blank this option.
>>
>> kind regards,
>> michael
>>
> Thank you for explanation! It seems now like a stupid question... :-/

docs could add more insights. can you please add an issue at 
https://dev.icinga.org - docs section and mention that the explaination 
could be a bit more telling (and mention the location where you read it 
now or quote the mails here).

i'm pretty sure wolfgang will be happy to add more input to make it more 
clear.

>
> Regards, Tomas
>
>
> ------------------------------------------------------------------------------
> Virtualization&  Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
> _______________________________________________
> icinga-users mailing list
> icinga-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/icinga-users


-- 
DI (FH) Michael Friedrich

Vienna University Computer Center
Universitaetsstrasse 7 A-1010 Vienna, Austria

email:  michael.friedrich at univie.ac.at
phone:  +43 1 4277 14359
mobile: +43 664 60277 14359
fax:    +43 1 4277 14338
web:    http://www.univie.ac.at/zid
         http://www.aco.net

Lead Icinga Core Developer
http://www.icinga.org





More information about the icinga-users mailing list