Main Inclusion Report for Monit

Requirements

1. Availability: http://archive.ubuntu.com/ubuntu/pool/universe/m/monit; available for all supported architectures.

2. Rationale:

   • Apart of the canonical-application-support spec.

3. Security:

   • CVE entries: Previous versions of monit had CVE but none are current.

   • Secunia history: ...

   • Monit has binaries running as root.
   • Monit dameon is run.
   • Due to the nature of the package, it accepts both incoming and outgoing network traffic. It runs its own web interface on port 2182.
   • It directly does not work on binary data.
   • No source code review performed.

4. Quality assurance:

   • By default the package does not out of the box since it is specific to the data that the user wants to manage.
   • No debconf questions asked.

   • Debian bugs: 427924

   • Maintenance in Debian is calm.

   • Upstream is frentic.

   • Upstream bug tracker:

   • No special hardware is required.
   • Monit doesnt have a testsuite.

5. Standards compliance:

   • FHS and Debian Policy compliant.

   • Packaging system (debhelper/cdbs/dbs) ? Patch system ? Any packaging oddities ?

6. Dependencies:

   • debhelper, byacc, flex, cdbs, libssl-dev, automake1.9, dpatch, libpam-dev
   • All are in main.

7. Maintenance:

8. Monit will not need alot of maintenance done by the Ubuntu Server Team.

Reviewers

MIR bug: https://launchpad.net/bugs/BUGNUMBER

The author of this report should put their name here; reviewers will add comments etc. too