Hey Support team,
We are currently evaluating Nagios within our company, but encounter certain issues with the way Nagios XI is designed. Within our company, we rely on configuration management systems for all sorts of things such as user management etc.
The problem we are facing is, that we cannot give the nagios / apache users the execution permission to run certain commands with "sudo", due to the wide use of the generic account "apache". The passwd, group and sudoers file are regularly overwritten by our CFM, so that we cannot make exceptions for certain hosts. Our security team has therefore recommended, to create a specific service account for nagios and apache, that can then be used to run nagios.
However, I cannot find any documentation or instructions on how to use alternative users to run Nagios XI.
Is there any way, that we can install Nagios (maybe some hidden parameter) and change the default users "nagios, apache" to something different like "abcnagios, abcapache"?
It would be a shame, if such a simple thing would prevent us from using Nagios in our enterprise.
Systemspecs:
CentOS 6.6 Final
Nagios XI version 2.7
Update:
I just found this older thread... very unfortunate, any changes here by any chance?
http://support.nagios.com/forum/viewtop ... er#p101929
Thanks
David
Running Nagios using different user accounts
-
jdalrymple
- Skynet Drone
- Posts: 2620
- Joined: Wed Feb 11, 2015 1:56 pm
Re: Running Nagios using different user accounts
I hate to be the bearer of bad news, but an install where Nagios processes are running as non-standard users is no more supported today than it was a year ago. Your best option would be to speak with sales about the potential of custom development work done, that would be the only way we could get you a supported configuration in short order. Even then I can't promise the developers would be willing to take it on - they have to be able to leave us something that is easy to support down the road. If they can't do that for us they won't be making the changes.
You can also put in a feature request at tracker.nagios.com, however I wouldn't expect it to turn up in the next release, I think they're all feature requested out for now.
You can also put in a feature request at tracker.nagios.com, however I wouldn't expect it to turn up in the next release, I think they're all feature requested out for now.