Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

perfdata world writeable

https://support.nagios.com/forum/viewtopic.php?t=22254

Page 1 of 1

perfdata world writeable

Posted: Thu Nov 28, 2013 9:25 am
by iivanyi
Hello,

It seems that nagios is creating world-writable xml files in the perfdata directory. Is there a way to set umask on the offending process to prevent this?

-rw-rw-rw- 1 nagios nagios 5362 Nov 22 13:50 /usr/local/nagios/share/perfdata/.pnp-internal/runtime.xml
-rw-rw-rw- 1 nagios nagios 5601 Nov 22 13:49 /usr/local/nagios/share/perfdata/xxxxxx/CPU_Stats.xml
-rw-rw-rw- 1 nagios nagios 3499 Nov 22 13:46 /usr/local/nagios/share/perfdata/xxxxxx/Load.xml

Regards

Re: perfdata world writeable

Posted: Sat Nov 30, 2013 10:49 am
by sreinhardt
Yes you should be able to alter both the xml and rrds to be only world readable without issue. If I recall correctly, the path permissions should disallow anyone outside of nagios:nagios or nagios:nagcmd to actually access those files though. The XML files may change back as they are written to again, however the rrd files will stay the same. This most likely is a setting within npcd that I can dig around and see about altering.

XML permission changes:

Code: Select all

for XML in $(find /usr/local/nagios/share/perfdata/ -name '*.xml'); do
    chmod 664 $XML
done
RRD permission changes:

Code: Select all

for RRD in $(find /usr/local/nagios/share/perfdata/ -name '*.rrd'); do
    chmod 774 $RRD
done
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited