README -- alist software
($Id: README,v 1.3 2002/12/05 18:58:54 paul Exp $)
alist is a system of several programs working in concert to gather, store and display information about computer systems. Information about a system is gathered by running a client program on the machine. This information is then sent back to a server which processes the information and stores it in a database. This database of information is searchable and information about systems can be displayed via a web interface. The information flow looks like this:
+-------+ +-------+ |web |<--->|cgi |
|browser| |program|<--+
+-------+ +-------+ |
|
|
+---------------------+ |
|Database of host info|<--+
|information |<--+
+---------------------+ |
|
|
+-------+ |
|server |-----------------+ |program|<--+--+-+ +-------+ | | | +------+
| | +--|client|
| | +------+
| |
| | +------+
| +----|client|
| +------+
|
| +------+
+-------|client|
+------+
Look interesting? Then read the INSTALL file for instructions on how to setup the software. After you do that, try it out like this. Go into the client/ directory and type the command: $ ./alist -t
This will gather information about your system and print it to the screen like this.
General:Collected by:paul(500):0
General:Hostname:localhost.localdomain:0
General:IP Address:127.0.0.1:0
General:Last Update:Thu Mar 14 00\:05\:40 2002:0
Hardware:Controllers:ide0:0
Hardware:Media:ide0 cdrom TEAC CD-ROM CD-224E 0.00 MB:0
Hardware:Media:ide0 disk IBM-DJSA-220 38154.38 MB:0
...
You can run the server program by typing ./alistd in the directory where it resides. There is also an init type script alist-ctl that you can put in the appropriate place for your system to start the daemon when the system boots.
After you start the daemon program. Go into the client/ dir and run
[paul@fishwork alist-0.1]$ ./alistd -u
This starts the alistd server in "unsafe" mode; client IP addresses won't be checked against access list. Now run the client program like this
[paul@fishwork alist-0.1]$ cd client/
[paul@fishwork client]$ ./alist
Operating System = linux
get_devices....
swap_files....
[bunch of output lines cut here]
processors....
If you look at the server log file, you should see that the client program connected to the server and processed the incoming data.
[paul@fishwork client]$ cd ..
[paul@fishwork alist-0.1]$ cat alistd.log
alistd started at Thu May 2 15:50:29 2002 SERVER=fishwork PORT=6802
Connection made from 129.123.57.12
reading data from 129.123.57.12
Found host=fishwork.nr.usu.edu
/home/paul/alist-0.1/DATA/edu/usu/nr/fishwork opened for writing
If you have copied the CGI program to the cgi dir on your web server, you can point your browser at http://path/to/cgi/alist.cgi and view the data collected.
Paul Farrall (pfarrall@brains2bytes.com) May, 2002
Is this program secure?
The client alist program and the alistd daemon have both been written with Perl's 'Taint' mode turned on, so all command line arguments and all data read from a socket or file has been laundered to remove dubious things like backticks, pipes, etc.. The CGI program does not use taint mode, because it uses the File::Find module which has some problems with this. It has been written with the same care as the other programs though and all input data has been laundered. In particular, it will never display data from any files above the DATA_DIR/ directory. So don't set DATA_DIR=/!
The alistd daemon uses the clients IP address for access control. This is not the most secure thing in the world to do; think IP spoofing. So you might not want to put this system naked on the internet. It's no worse than running NIS/NFS or something like that though. I'll look into improving this in the future.
Paul Farrall (pfarrall@brains2bytes.com), 2002