Apache 1.3 + Nagios CGI = failure

Lukasz Szmit lukasz.szmit at ucd.ie
Fri Nov 4 16:13:51 CET 2005


On Fri, 2005-11-04 at 15:32 +0100, Andreas Ericsson wrote:
> Oh. And here I was thinking you'd checked that the webuser has
> regular 
> unix access to execute the cgi-files. Apparently you didn't, although 
> the log shouts it out loud and clear.
> 
> Hint; The permission denied can be from any of the directories above 
> where the files are stored. The apache user needs +x on every
> directory 
> along the way.

Well, all relevant directories under /usr have a+x, and that is enough
for Apache to get to /usr/nagios/sbin and execute the files.

I may have found the source of my problem.
The GRSecurity kernel patch option "Trusted Path Execution" seems to be
blocking Apache from executing the CGIs. I'm just recompiling the kernel
with TPE disabled and will check if that helps. I'll share with the
group once I have some results.

regards,
-- 
Lukasz Szmit | University College Dublin
Computing Services | +353-1-716-2651
http://www.ucd.ie/computing/aboutus.html



-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list