This is a multi-part message in MIME format.
--------------000406050802050201060803
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
I downloaded 2.9 tonight and checked the Diff files against it. On my
system the files patched correctly and compiled without issue. The patch
was updated against 3.0.3 so I know it works there. I still need to fire
up the 2.9 instance to fully test this but give it a try and let me know.
Thanks,
Derrick
README for ReadOnly Patch.
# READONLY Patch for Nagios 3.0.3 Derrick Bennett Aug 4, 2008
This patch will provide for a new option in cgi.cfg
authorized_for_read_only=,
Any Nagios userid listed in the above cgi variable will be limited to
Read only CGI Access.
This will block any service or host commands normally shown on the
extinfo pages.
This will also block any service or host based comments from being shown
to read only users.
With this patch applied using:
in the cgi/ dir
patch -r cgiauth.c authorized_for_system_information=FALSE;
authinfo->authorized_for_system_commands=FALSE;
authinfo->authorized_for_configuration_information=FALSE;
+ authinfo->authorized_for_read_only=FALSE;
/* grab username from the environment... */
temp_ptr=getenv("REMOTE_USER");
@@ -153,6 +154,13 @@
authinfo->authorized_for_system_commands=TRUE;
}
}
+ else if(strstr(input,"authorized_for_read_only=")==input){
+ temp_ptr=strtok(input,"=");
+ while((temp_ptr=strtok(NULL,","))){
+ if(!strcmp(temp_ptr,authinfo->username) || !strcmp(temp_ptr,"*"))
+ authinfo->authorized_for_read_only=TRUE;
+ }
+ }
}
/* free memory and close the file */
@@ -241,6 +249,19 @@
return TRUE;
}
+/* check if current user is restricted to read only */
+int is_authorized_for_read_only(authdata *authinfo){
+
+ /* if we're not using authentication, fake it */
+ if(use_authentication==FALSE)
+ return FALSE;
+
+ /* if this user has not authenticated return error */
+ if(authinfo->authenticated==FALSE)
+ return FALSE;
+
+ return authinfo->authorized_for_read_only;
+ }
/* check if user is authorized to view information about a particular service */
int is_authorized_for_service(service *svc, authdata *authinfo){
--------------000406050802050201060803
Content-Type: text/plain;
name="cgiauth.h.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="cgiauth.h.diff"
--- cgiauth.h.orig Sat Nov 26 03:52:07 2005
+++ cgiauth.h Sat Apr 5 05:21:48 2008
@@ -41,6 +41,7 @@
int authorized_for_system_information;
int authorized_for_system_commands;
int authorized_for_configuration_information;
+ int authorized_for_read_only;
int authenticated;
}authdata;
@@ -64,6 +65,7 @@
int is_authorized_for_configuration_information(authdata *);
+int is_authorized_for_read_only(authdata *);
#ifdef __cplusplus
}
#endif
--------------000406050802050201060803
Content-Type: text/plain;
name="extinfo.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="extinfo.diff"
--- extinfo.c.orig Thu Jan 24 02:51:30 2008
+++ extinfo.c Sat Apr 5 05:20:12 2008
@@ -206,7 +206,7 @@
snprintf(temp_buffer,sizeof(temp_buffer)-1,"Host Information");
else if(display_type==DISPLAY_SERVICE_INFO)
snprintf(temp_buffer,sizeof(temp_buffer)-1,"Service Information");
- else
...[email truncated]...
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]