Configure monit service

Hello,

I use monit on FreeBSD.
So far, so good but now I want to go in production so I have to drop the passwords in config file like :

allow monit:test


On Linux I would use :

allow @monit-users

Where monit-users is a system group and use pam for authentification.
But no pam.d/monit config file is provided with monit package.
All I get when I try to use groups is syntax error.
I tried different pam config but I dont know if my configs are wrong or I just cant use groups on Freebsd.
Does someone already solved this ?

PS : I tried also md5 and same syntax error :(
So I removed the package and tried with the port in case this were options not selected and there is no options for this port :(
 
You will have to create a PAM file yourself, it's not supplied:

https://mmonit.com/monit/documentation/monit.html#PAM
Code:
Sample PAM service for Monit on Mac OS X (store as "/etc/pam.d/monit" file):

  # monit: auth account password session
  auth       sufficient     pam_securityserver.so
  auth       sufficient     pam_unix.so
  auth       required       pam_deny.so
  account    required       pam_permit.so

Don't know it if actually works though, I've never used it this way. We just use a specific account for this, hardcoded both at the server and the client.
 
Yes it works.
Dunno how I missed that one ...
And md5 works also, just needs to install apache to get htpasswd command.
 
Back
Top