[rrd-developers] Accelerator Daemon
Florian Forster
rrdtool at nospam.verplant.org
Sun Jun 22 23:02:14 CEST 2008
Hi Tobi,
On Sun, Jun 22, 2008 at 10:37:39PM +0200, Tobias Oetiker wrote:
> You call it network protocol, do you envision a way for rrdtool
> components to be able to run remotely?
both, server and client, can use either UNIX domain sockets or ``real''
network sockets, so something like
$ rrdtool update --cache --daemon rrd.mydomain.com N:123
already works.
Likewise, you can start `RRDd' using
$ rrdd -l ::1 -l unix:/var/run/rrdd.sock -l 192.168.0.2
and it will bind to and listen at the (IPv6) loopback address,
the UNIX domain socket `/var/run/rrdd.sock' and the IPv4-address
`192.168.0.2'.
> Any thoughts on authentication?
No, for now it's the user's responsibility to keep her data secure. If
you don't trust the hosts on your subnet, or if you don't have packet
filters at your network's borders, you're free to use the UNIX socket
only.
Bad(ly implemented) security is worse than no security, in my opinion.
So I don't want to make people *feel* safe when they are not. When
everything else works, we can still add SSL support and ``make it
right''. In the meantime concerned admins will have to do without this
feature or install some sort of VPN..
Regards,
-octo
--
Florian octo Forster
Hacker in training
GnuPG: 0x91523C3D
http://verplant.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.oetiker.ch/pipermail/rrd-developers/attachments/20080622/fbc754a3/attachment.bin
More information about the rrd-developers
mailing list