Public and Admin Permissions
Jeff Falgout
JFalgout at co.jefferson.co.us
Mon Aug 12 17:10:17 CEST 2002
Yes, That's exactly what I am trying to accomplish.
I was trying to move the cmd.cgi file to a different directory, and I
was having problems.
I didn't consider auth on a single file.
Thanks for the Help
Jeff
>>> "Rusch, Daniel" <Daniel.Rusch at GlobalCrossing.com> 08/12/02 08:44AM
>>>
Yes, We have our site set up that way. Guests can view most things but
only
admins can change stuff.
I'm running apache so in httpd.conf:
ScriptAlias /nagios/cgi-bin/ /usr/local/nagios/sbin/
<Directory "/usr/local/nagios/sbin/">
<Files cmd.cgi>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/.htpasswd.users
require valid-user
</Files>
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
Alias /nagios/ /usr/local/nagios/share/
<Directory "/usr/local/nagios/share">
Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
I did this here instead of in an .htaccess file for two reasons:
1. The httpd.conf is loaded once, where as the .htaccess file is read
every
time access to the directory is requested.
2. It puts all the config stuff in one place
Next, to be able to actually view services etc on the Nagios site as a
guest, we need to add "guest" to the following (be careful where you
add
guest so that they can't make changes) in the cgi.cfg file in
/usr/local/nagios/etc :
default_user_name=guest
authorized_for_system_information=nagiosadmin,guest
authorized_for_configuration_information=nagiosadmin,guest
authorized_for_all_services=nagiosadmin,guest
authorized_for_all_hosts=nagiosadmin,guest
HTH
Dan
-----Original Message-----
From: Jeff Falgout [mailto:JFalgout at co.jefferson.co.us]
Sent: Friday, August 09, 2002 9:49 AM
To: nagios-users at lists.sourceforge.net
Subject: [Nagios-users] Public and Admin Permissions
I am trying to setup Nagios to allow all users on the network to view
the status of
hosts and services while restricting cgi's such as cmd.cgi to admins.
In other words,
prompt for a password when the user tries to execute restricted cgi's.
I want to
avoid having to force guest users to enter guest with a blank password
through basic
auth.
Has anyone else done this, or is this even possible?
Any ideas?
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
More information about the Users
mailing list