Nagios Support Forum

In my opinion, if you need a truly offline install then you should follow the instructions on http://repo.nagios.com/ and not use the pre-built VM, which was built in an online environment. Trying to use a pre-built VM to upgrade offline is not going to work the greatest, and is not something we have really officially tested/documented.

Perhaps it's something you should think about... the purpose of a VM is that the server is "ready", that shouldn't mean your current customers shouldn't benefit from that convenience.

We offer a solution for source installs, offline installs, and drop in place installations. I believe @ssax provided a decent solution in his post. A lot of environments that need to deny their server internet access will have repos available that can be accessed without touching the internet.

If you have any suggestions, please feel free to post them here, and we can forward the information on.

From a support perspective here is the issue. CentOS is a publicly maintained Operating System. If packages were corrupted or intentionally changed to facilitate the intentions of a malicious actor there is no recourse. For a large, high dollar, highly secure environment (3 letter gov and the like) this makes Nagios less desirable. By providing a VM and a path to upgrade between VM versions Nagios would benefit.

Use RHEL instead of CentOS if you must have a private, secure, no-Internet install. It's unfortunate, but it's the "Way of Things." You can then host a private RHEL repo for fixes that you get from your RHEL distribution channels.

Thanks Eric, that's completely accurate. The solution is to host your own offline repository if the ones that CentOS use cannot be trusted.