We ended up getting a new Challenger 3000 Liebert (Emerson Power) HVAC unit in our data center recently.  We typically monitor everything using the Nagios system for our servers and we were pleased to find that inside the Liebert toward the top was a component that they refer to as the “Unity” module.  After reading some online user guides I was able to bind an IP to it and start querying it via SNMP.  Hint: the default username and password to get in to the web interface were both “Liebert”.  After looking around for a bit, I realized there weren’t any stock commands in Nagios via the check_snmp plugin to handle this, so I added some of my own.  Using snmpwalk, I was able to determine which of the OIDs I was interested in and made some custom command definitions.

Here’s the command definitions:

##########################################
# ‘snmp_lbenv_humidity’ command definition – consider anything under 21 percent critical
define command {
command_name    snmp_lbenv_humidity
command_line    $USER1$/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o .1.3.6.1.4.1.476.1.42.3.9.20.1.20.1.2.1.5028 -l ‘\Return Humidity\’ -u ‘\%\’ -c @0:20.9 -w @21:35
}

# ‘snmp_lbenv_returnairtemp’ command definition – critical at 24 or more degrees Celcius
define command {
command_name    snmp_lbenv_returnairtemp
command_line    $USER1$/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o .1.3.6.1.4.1.476.1.42.3.9.20.1.20.1.2.1.4291 -w 23 -c 24 -l ‘\Return Air Temp\’ -u ‘\Celcius\’
}

# ‘snmp_lbenv_hvacstatus’ command definition
define command {
command_name    snmp_lbenv_hvacstatus
command_line    $USER1$/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o .1.3.6.1.4.1.476.1.42.3.9.20.1.20.1.2.1.4123 -l ‘\HVAC Status\’ -u ‘\Normal vs Abnormal\’ -s ‘”Normal Operation”‘
}

##########################################

I also set up nagiograph plugin in order to give me a quick historical overview of the changes in temperature and humidity.

HVAC

Pretty neat way to monitor the Liebert without having to set up anything additional!

I was stumped for a while trying to figure out how to provide a Git repo via HTTP(s) in order to allow a separate group of ldap authenticated users to have read-only access to each individual repos while another group in A/D has full read-write access.  Here’s what I finally came up and included in my apache’s conf file to make it work:

<Location /git/MyGitRepo>
Require ldap-group CN=MyGitRepoRO,OU=Git Security Groups,OU=Organizational Units,DC=ds,DC=dinkyuniversity,DC=edu
</Location>

<LocationMatch “^/git/MyGitRepo/git-receive-pack$”>
Require ldap-group CN=MyGitRepoRW,OU=Git Security Groups,OU=Organizational Units,DC=ds,DC=dinkyuniversity,DC=edu
</LocationMatch>

As you can see above, basically the trick I figured out was to limit access for the “git-receive-pack” command for a separate group of people needing the read-write access.  Users needing RW access must also exist in the RO group as well.