-
Notifications
You must be signed in to change notification settings - Fork 0
Priming the System
Using the System_Watchdog is potentially dangerous, because it can execute external commands in a superuser context. If we use configurations that are catastrophically wrong then the whole system can be rendered unusable.
This means that wherever you use external commands you should first ensure that you have tested the command sufficiently to be sure that it does exactly what you want it to do and only then add it to the configuration of the System_Watchdog.
To make life easier the Syxstem_Watchdog provides a functionality that allows turning on the different levels of interaction with the system one step at a time.
The [general] section has one option Primed that can be set to different values to enable the different levels of interaction with the underlying system:
| Value | Description |
|---|---|
| unprimed | No command will be executed, there will be no interaction with the underlying operating system. |
| check | The check will be executed. Depending on the type of the configuration this might mean that an external command is executed. |
| repair | The repair command will be executed if needed. This might mean an external command is executed, depending on the configuration. |
| fully primed | All functionality is enabled, including the fallback action that in many cases does something drastic like rebooting the system. |
Whenever you want to add a new configuration, you set Primed to the value unprimed. This allows in the first step to ensure that the new configuration is correctly formed and can be read by the System_Watchdog.
The second step is to set Primed to the value check. This allows the System_Watchdog to actually execute the check that it uses to determine whether a service works as needed.
The third step is to set Primed to the value repair. This allows the System_Watchdog to not only execute the check but try to repair the service if needed.
The final step is to set Primed to the value fully primed. This turns on the full functionality and allows the System_Watchdog to also use the fallback action if the repair attempts were unsuccessful. Since this action normally contains a major event in the OS execution (e.g., a reboot), this should only be turned on when you are reasonably sure that everything works as intended.