Re: [Nagios-devel] another question

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
Guest

Re: [Nagios-devel] another question

Post by Guest »

Joe Pruett wrote:
>>My remembrance of the setup documentation is that you add your web
>>server user to the nagioscmd group, not run the web server with the gid
>>of nagioscmd. They're very different and firmly based on standard unix
>>permission methodology. Actually quoting from the doccos --
>>
>>"Next we're going to create a new group whose members include the user
>>the web server is running as and the user Nagios is running as. Let's
>>say we call this new group 'nagiocmd' (you can name it differently if
>>you wish). On RedHat Linux you can use the following command to add a
>>new group (other systems may differ):
>>
>>/usr/sbin/groupadd nagiocmd
>>
>>Next, add the web server user (nobody or apache, etc) and the Nagios
>>user (nagios) to the newly created group with the following commands:
>>
>>/usr/sbin/usermod -G nagiocmd nagios
>>/usr/sbin/usermod -G nagiocmd nobody"
>>
>> -- http://nagios.sourceforge.net/docs/2_0/commandfile.html --
>>
>>There is nothing that says run the web server as gid nagioscmd.
>
>
> if the web server isn't running with that gid in its effective list, it
> does no good. that is why you have to restart the server to pick up that
> new gid.
>
> i now see the comment at the top of the faq indicating that using cgiwrap
> is recommended for multi user machines. i'm still curious about nagios
> having its own auth mechanism to help with this problem (and others as
> well since .htaccess auth isn't the best method).
>

With single-site and SSL it's never been disputed as insecure. However,
I'm working on a PHP API (and a rough gui) which will indeed include
authentication mechanisms.

>
>
> -------------------------------------------------------
> The SF.Net email is sponsored by: Beat the post-holiday blues
> Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
> It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
> _______________________________________________
> Nagios-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/lis ... gios-devel
>

--
Andreas Ericsson [email protected]
OP5 AB www.op5.se
Lead Developer





This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]
Top
Locked

Return to “Open Source Nagios Projects”