We have couple of scripts made for our environment (which is Oracle Virtulisation ) .

Each script is assigned a different task .
Some of the scripts are meant to run on centralized server for monitoring other Servers resource utilization such as CPU,Storage.

While some are meant to run on Server for getting server specific jobs.

Almost all scripts run using root credentials.

The script which takes output from other servers .
I have used ssh password less login using rsa keygen generated for root.

have below queries regarding the environment.
1)Will it be a good idea to make a rpm out of those scripts and maintain a version control.

2)How do i avoid root usage ?
As the environment is build on xen virtual technology and most commands only run using root.

3)Is there any other way of doing it?

You try creating a dedicated user acct eg sys_check and give it sudo access to only the cmds it really needs.
Also, check the stuff it's running in detail, does it REALLY need to run as root? eg many cmds can be run as non-root if you give full path eg /sbin/cmd...

1 members found this post helpful.

Thanks ,Waiting for rest of the questions to be answered.

#1)
It is always a good idea to use version control. Where I work we keep all of our scripts and system configurations in subversion. I don't see a need to build rpms out of your scripts unless the have explicit dependencies you wish to reference for them and you're not planning to have them installed on all machines through cobbler. If all machines have the same scripts then just let cobbler handle it and there's no need to go out of your way to create rpms for a few simple scripts.

#2)
chrism01 is doing it the same way I would suggest. sudo is very useful for those situations and I've done that before without much effort.

#3)
Our DB admins monitor their Oracle databases using Oracle Enterprise monitor manager. They don't seem to ever catch anything with it though. I run checks on it using Icinga and set up escalations so that it emails them when systems are warning or critical based on certain predefined conditions, which works well. Also we graph historical information on the system using munin. I integrated munin into Icinga so that it is relatively easy to view long term statistics on a machine when viewing real time alerts. I wrote a plugin for monitoring database connections to Oracle and will alert when a certain threshold has been met.

Those aren't the only monitoring utilities but they're good quality.

I get many permission denied errors as i have below line in the script.

How shall i add it in /etc/sudoer file so that i shall not be getting permission denied error?

Depends on what you want to do. If you don't care about the permission denied errors but still want to list out everything else then you can do just that and redirect stderr to null.

Or you could look up how to use the -prune option in the man page.

SAM

I do care about the errors and needs them to be searched .

I know the newly created user doesn't have permission to list them but is there any way to achieve it?

I'm not sure I understand your question any more. Are you asking how to circumvent permission limitations on directories for a user which has no permission? As far as I know the only user which can ignore that is root.

So to answer no, if the user doesn't have permission then they can't list the contents of the directory with find or any other tool.

*EDIT*: Ah I misunderstood. You could add them to an admin group or choose a group the user is already apart of.

/etc/sudoers
Then you could run your command like this:
I think that may be what you're looking for. I'm still a little vague on the details.

Is there any benefits adding the user to admin group?
I can use below to achieve the same.
/etc/sudoers

I wouldn't give him any more privs than the minimum reqd ..., so skip the admin group thing

The better way to do your job to check all your servers resource utilization such as CPU,Storage.is to run Nagios
and for your second problem see
https://www.linux.com/learn/tutorial...-configuration