SURVIVOR: Fix Module Specification

Specification

  1. Fix modules must be reentrant for a given service or a given host (default locking enforced on a fix module is for service@host) or must document that additional locking (service level or host level) is required.

  2. Fix modules must not change their process group by any means, including via setsid(), setpgid(), setpgrp(), or any similar function.

  3. Fix modules must be written in a scripting language such as perl to make changes easier and more transparent. Compiled modules are not permitted.

  4. Each module must place its source code in a directory underneath survivor/src/modules/fix/ with the following conventions:
    1. The name of the directory must be fix/modulename/.

    2. A Makefile.in must be present, with directives for clean, veryclean, all, install, and install-remote.

      The install should, except in exceptional circumstances, install the module into @prefix@/mod/fix, owned by @INST_USER@ and @INST_GROUP@, mode 555.

      The install-remote directive should be the same as install.

    3. Documentation describing the module should be in doc/fm-modulename.html

  5. Fix modules do not accept any command line arguments, but instead receive their required data via a SurvivorFixData element provided in an XML document on stdin.

    The optional ModuleOption elements should conform to the Module XML Argument Specification.

  6. Fix modules should not accept arguments that can result in arbitrary command being executed or arbitrary files being modified. Instead, out of band communication (eg: via a configuration file or preexisting information) should be used.

  7. Fix modules must not permit any filehandles to remain attached to parent processes in any process the module backgrounds (daemonizes). All filehandles inherited by child processes, including stdin, stdout, or stderr, must be closed or redirected to /dev/null before the fix module exits.

  8. Fix modules must generate output on stdout consisting of an XML document consisting of a SurvivorFixResult element. The elements defined are

    • ReturnCode
      The numeric return code (as defined in include/survivor.H). Possible values include
      • MODEXEC_OK: Fix successfully executed.
      • MODEXEC_PROBLEM: An error occurred during the execution of the fix.
      • MODEXEC_MISCONFIG: The module is misconfigured and is unable to execute the fix.
      but ReturnCode may be a value of 20 through 1000 to transmit custom return information.

    • Comment
      The Comment may be an empty string, or it may provide a human readable explanation of the return or scalar values. The comment may be reformatted or truncated.

  9. Fix modules must exit with the returnvalue used above.


$Date: 2006/11/20 00:05:55 $
$Revision: 0.6 $
keywords