argus command-line parameter handling
yotamr at bezeqint.net
Mon Jun 17 11:13:37 EDT 2002
On Fri, Jun 14, 2002 at 04:36:03PM -0400, Carter Bullard wrote:
> Hey Chris,
> How bout we do a better job with the user supplied
> parameters overriding default behavior? If you specify
> an interface, we should use it (or its) instead.
> One of the design goals of the current strategy was to
> support a system wide configuration that could be overridden
> by a user specified file. /etc/argus.conf holds the default.
> This was suggested many years ago, since few people
> (or computers) remember to use "-F /etc/argus.conf" to get
> system default parameters.
> Would this help?
Agh. I can't believe I missed this thread. Since argus is normally run by
root, there's no point in having a system-wide configuration file. If
anything, overrides should exist by having configuration files placed in
the proper location (e.g., home directory). Anyway, I've placed the
new package at http://yotamr.dyndns.org/argus, which hopefully resolves
the problem. My deepest apologies for the blunder.
Regards, Yotam Rubin
> > -----Original Message-----
> > From: Chris Russel [mailto:russel at yorku.ca]
> > Sent: Friday, June 14, 2002 3:33 PM
> > To: Carter Bullard
> > Cc: argus-info at lists.andrew.cmu.edu
> > Subject: RE: argus command-line parameter handling
> > On Fri, 14 Jun 2002, Carter Bullard wrote:
> > > I think the problem is that the Argus project is
> > > going to provide maximum flexibility, rather than trying to
> > > keep the user from shooting themselves.
> > I completely agree with this philosophy and I don't think that's a
> > problem. I think this problem falls into the hidden/undocumented
> > behaviours category. Maybe my message will help with the
> > documentation
> > aspect.
> > My vote is to not load the default config unless no -F is
> > specified. This
> > is the behaviour the debian init script is expecting. BTW I
> > have filed a
> > bug with them since it is clearly wrong - allowing users to shoot
> > themselves is one thing, having the gun pointed at them by default is
> > another.
> > The simplest thing would be to not load a default config at
> > all and just
> > use hard-coded values unless overridden by -F's or equivalent
> > command-line
> > parameters. That would eliminate having to test for
> > duplicate interfaces
> > or duplicate config files (it's still possible but it would
> > be the users
> > doing). Obviously this breaks with some traditional usage.
> > --
> > Chris Russel | CNS Information Security
> > russel at yorku.ca | York University, Toronto, Canada
More information about the argus