Apache suExec and /usr/local/nagios/etc permissions
Syed Ali
syed at nec-labs.com
Thu Feb 20 20:56:05 CET 2003
Hi,
I tried $USER2$ in services.cfg as follows:
check_snmp!.1.3.6.1.2.1.25.3.3.1.2.1!$USER2$!0:90!0:95
But that does not work, i.e., I get a SNMP problem - No data received
from host error.
Perhaps it has to do with special characters in the SNMP or string....
Thank you...
-----Original Message-----
From: Subhendu Ghosh [mailto:sghosh at sghosh.org]
Sent: Thursday, February 20, 2003 1:56 PM
To: nagios-users at lists.sourceforge.net
Subject: Re: [Nagios-users] Apache suExec and /usr/local/nagios/etc
permissions
Make sure apache and nagios have a common group membership and use group
permissions.
About SNMP community - if you have comon community strings across
devices,
create a $USERx$ macro in resource.cfg for the community. The CGIs do
not
read resource.cfg.
-sg
On Thu, 20 Feb 2003, Syed Ali wrote:
> Hello,
>
> I am running Apache 1.3.20 on RedHat 7.2.
> Apache runs under user 'apache'.
> Nagios is running under user 'nagios'.
>
> However, unless I do not give world readable permissions to
> /usr/local/nagios/etc I cannot access the web interface for Nagios.
> If I give world readable permission to /usr/local/nagios/etc, then
users
> on the system can view the SNMP RO community in the services.cfg or
> checkcommands.cfg file.
> So, how do I go about not allowing my users to be able to read the
> /usr/local/nagios/etc directory?
>
> I had disabled suExec on the httpd server for Cricket to run, but I am
> willing to give up cricket and enable suEexec.
> Reading the Apache suExec documentation, it looks like suExec works
with
> v2.0 of Apache and the virtual host directive, neither of which I am
> using.
> Also, it seems that suExec will work if you append the ~ but when I
set
> an alias as /~nagios /usr/local/nagios/share I get permission denied
> reading ~nagios/etc/htpasswd file.
> (Which means suExec is not working?)
>
>
> Paste from httpd.conf:
>
> ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin/
> <Directory "/usr/local/nagios/sbin/">
> AllowOverride AuthConfig
> Options ExecCGI
> Order allow,deny
> Allow from all
> </Directory>
> Alias /nagios/ /usr/local/nagios/share/
> <Directory "/usr/local/nagios/share/">
> AllowOverride AuthConfig
> Options None
> Order allow,deny
> Allow from all
> </Directory>
>
> I also tried:
>
> Alias /~nagios/ /usr/local/nagios/share/
> <Directory "/usr/local/nagios/share/">
> AllowOverride AuthConfig
> Options None
> Order allow,deny
> Allow from all
> </Directory>
>
> Thank you...
>
>
>
--
-------------------------------------------------------
This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
The most comprehensive and flexible code editor you can use.
Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial.
www.slickedit.com/sourceforge
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
-------------------------------------------------------
This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
The most comprehensive and flexible code editor you can use.
Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial.
www.slickedit.com/sourceforge
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list