argus command-line parameter handling

Yotam Rubin yotamr at bezeqint.net
Mon Jun 17 11:13:37 EDT 2002


On Fri, Jun 14, 2002 at 04:36:03PM -0400, Carter Bullard wrote:
> Hey Chris,
>    How bout we do a better job with the user supplied
> parameters overriding default behavior?  If you specify
> an interface, we should use it (or its) instead.
> One of the design goals of the current strategy was to
> support a system wide configuration that could be overridden
> by a user specified file.  /etc/argus.conf holds the default.
> This was suggested many years ago, since few people
> (or computers) remember to use "-F /etc/argus.conf" to get
> system default parameters.
> 
>    Would this help?

Agh. I can't believe I missed this thread. Since argus is normally run by
root, there's no point in having a system-wide configuration file. If 
anything, overrides should exist by having configuration files placed in
the proper location (e.g., home directory). Anyway, I've placed the 
new package at http://yotamr.dyndns.org/argus, which hopefully resolves
the problem. My deepest apologies for the blunder.

	Regards, Yotam Rubin

> 
> Carter
> 
> 
> 
> 
> > -----Original Message-----
> > From: Chris Russel [mailto:russel at yorku.ca] 
> > Sent: Friday, June 14, 2002 3:33 PM
> > To: Carter Bullard
> > Cc: argus-info at lists.andrew.cmu.edu
> > Subject: RE: argus command-line parameter handling
> > 
> > 
> > On Fri, 14 Jun 2002, Carter Bullard wrote:
> > 
> > > I think the problem is that the Argus project is
> > > going to provide maximum flexibility, rather than trying to
> > > keep the user from shooting themselves.
> > 
> > I completely agree with this philosophy and I don't think that's a
> > problem.  I think this problem falls into the hidden/undocumented
> > behaviours category.  Maybe my message will help with the 
> > documentation
> > aspect.
> > 
> > My vote is to not load the default config unless no -F is 
> > specified. This
> > is the behaviour the debian init script is expecting. BTW I 
> > have filed a
> > bug with them since it is clearly wrong - allowing users to shoot
> > themselves is one thing, having the gun pointed at them by default is
> > another.
> > 
> > The simplest thing would be to not load a default config at 
> > all and just
> > use hard-coded values unless overridden by -F's or equivalent 
> > command-line
> > parameters.  That would eliminate having to test for 
> > duplicate interfaces
> > or duplicate config files (it's still possible but it would 
> > be the users
> > doing). Obviously this breaks with some traditional usage.
> > 
> > -- 
> > Chris Russel     | CNS Information Security
> > russel at yorku.ca  | York University, Toronto, Canada
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> 
> 



More information about the argus mailing list