Page 1 of 1
NCPA Nagios Account
Posted: Wed Sep 03, 2014 2:30 pm
by AMacintosh
I noticed that the NCPA agent runs as root when installed on RHEL. Is there a need for a nagios account and if so what is it's purpose?
Re: NCPA Nagios Account
Posted: Wed Sep 03, 2014 4:55 pm
by lmiltchev
I believe initially, ncpa was intended to be run as nagios (with elevated privileges), that's why you can still see in the the "/usr/local/ncpa/etc/ncpa.cfg":
I think, if you change these lines (for the listener & passive) to:
you could safely remove the nagios user and nagcmd group.
Note: I did this on my test box, and I am still able to monitor it just fine.
Re: NCPA Nagios Account
Posted: Wed Sep 24, 2014 11:14 am
by AMacintosh
Would it be more secure to have the listener run as nagios rather than root?
Re: NCPA Nagios Account
Posted: Wed Sep 24, 2014 11:22 am
by slansing
Yes it would, putting application access on a more restricted account would be more secure. I'm not sure if it is intended to have it install as root, I'll have to check into that.