NCPA Nagios Account
-
AMacintosh
- Posts: 59
- Joined: Mon Nov 07, 2011 12:26 pm
NCPA Nagios Account
I noticed that the NCPA agent runs as root when installed on RHEL. Is there a need for a nagios account and if so what is it's purpose?
Re: NCPA Nagios Account
I believe initially, ncpa was intended to be run as nagios (with elevated privileges), that's why you can still see in the the "/usr/local/ncpa/etc/ncpa.cfg":
I think, if you change these lines (for the listener & passive) to:
you could safely remove the nagios user and nagcmd group.
Note: I did this on my test box, and I am still able to monitor it just fine.
Code: Select all
uid = nagios
gid = nagcmdCode: Select all
uid = root
gid = rootNote: I did this on my test box, and I am still able to monitor it just fine.
Be sure to check out our Knowledgebase for helpful articles and solutions!
-
AMacintosh
- Posts: 59
- Joined: Mon Nov 07, 2011 12:26 pm
Re: NCPA Nagios Account
Would it be more secure to have the listener run as nagios rather than root?
-
slansing
- Posts: 7698
- Joined: Mon Apr 23, 2012 4:28 pm
- Location: Travelling through time and space...
Re: NCPA Nagios Account
Yes it would, putting application access on a more restricted account would be more secure. I'm not sure if it is intended to have it install as root, I'll have to check into that.