Modifying Cacti Benchmark Job Command and User Whitelist values

RTM provides a convenient method to periodically run Benchmark jobs inside your LSF Clusters. However, in order to protect against SQL injection of either the user, or the command, it provides two Whitelist files that must be owned by root and read only by others for the benchmark jobs to run successfully.

If you wish to incorporate real benchmark commands, or differing users, you will be required to update these whitelist files in order to run those commands. The gridbenchmark CLI command is responsible for running benchmark jobs on behalf of the users. It will validate the stored benchmark jobs in the database that are found within the benchmark command whitelist file. The users list is found within the benchmark user whitelist file.

These files can be found in <path_cacti>/plugins/benchmark/. They are called cmd-whitelist.txt and user-whitelist.txt. Their default values are:

Figure 1. Default values for cmd-whitelist.txt
Default values for cmd-whitelist.txt


Figure 2. Default values for user-whitelist.txt
Default values for user-whitelist.txt