Network Switch / Router configuration wizard broken in 5.5.7

[gzaloprgm]

Hi

I've found that the "Network Switch / Router" is broken in XI 5.5.7, because of this bugfix:

Fixed privilege escalation security vulnerability in MRTG graphing component by running as nagios user/group (thanks Daniel Sayk of Telekom Security) [TPS#13778] -JO

The problem is that the MRTG now runs as nagios:nagios (due to the --user=nagios --group=nagios flags added in the crontab entry). When adding traffic services using the wizard, the RRD files are generated by running MRTG as apache. This causes the RRDs owner and group to be apache, and further executions of MRTG will fail to update them, with an error similar to this one:

Code: Select all

ERROR: Cannot update /var/lib/mrtg/10.100.1.1_3.rrd with '1543412848:0:0' opening '/var/lib/mrtg/10.100.1.1_3.rrd': Permission denied

Thanks, Gonzalo

[scottwilkerson]

This is correct and is a bug that was created in this wizard release.

The following will fix the permissions

Code: Select all

chown apache:nagios /etc/mrtg -R
chmod 775 /etc/mrtg -R
chown apache:nagios /var/lib/mrtg -R
chmod 775 /var/lib/mrtg -R

The wizard is being patched and is currently being tested currently.

[scottwilkerson]

Attached is a new wizard with the fix for new wizard runs added