n00b trying to set up on freebsd
Kurt Buff
kurt.buff at gmail.com
Mon Jan 25 22:40:20 CET 2010
On Mon, Jan 25, 2010 at 13:08, Scott Lambert <lambert at lambertfam.org> wrote:
> On Mon, Jan 25, 2010 at 11:51:51AM -0800, Kurt Buff wrote:
>> On Fri, Jan 22, 2010 at 20:03, Scott Lambert <lambert at lambertfam.org> wrote:
>> > On Fri, Jan 22, 2010 at 04:19:58PM -0800, Kurt Buff wrote:
>> >> Forgot to mention: When I get the directory listing, there is no auth
>> >> taking place - I don't get asked for a username or password.
>> >
>> > You don't get asked for a password due to the Allow of your IP address.
>> >
>> > What does the directory list? Is there an index.something file?
>> >
>> > If so, you probably don't have the index.something listed in your
>> > DirectoryIndexes statement. You may need to install PHP and configure
>> > Apache to use it.
>>
>> Once more into the breach...
>>
>> I've got the php issue solved, so the site is showing up just fine.
>>
>> Using lynx on localhost, I get prompted for a login to nagios and get
>> to the home page and subsidiary pages just fine, but from FF on a
>> remote box I get no login prompt, and the home page just comes up, and
>> it shows as me being logged in as nagiosadmin for any of the pages I
>> then select. While this works, it's a bit insecure.
>>
>> I'd like to set it up so that 1) we get prompted for login and 2) only
>> logins from authorized subnets are allowed, though if I can only have
>> one, I'll take a login prompt. Below is the snippet of httpd.conf for
>> nagios. I was terribly unsuccessful trying to 'Deny from all' and then
>> specify, for instance, 'Allow from 192.168.24.0/24'.
>
> You don't have any access allow based on IP. That makes me think that
> you probably haven't exitted Firefox since you logged in as nagiosadmin
> while testing. With HTTP Basic Authentication, there is no "Log Out"
> there is only, "forget you know the password" for the web browser.
> Firefox remembers the username and password until you exit and launch it
> again.
>
> You may also need to check to see if Firefox has memorized the username
> and password in it's master authentication database. That will persist
> across restarts.
>
> --
> Scott Lambert KC5MLE Unix SysAdmin
> lambert at lambertfam.org
So, yes, restarting FF on my box does then cause the auth prompt.
However, if I change httpd.conf to the following, I still get the auth
prompt, but then get denied for anything but the home page - I've also
verified with IE, which I don't much use any more. And, just for
completeness, the nagios installation is at 192.168.8.20/24
----------end httpd.conf snippet----------
ScriptAlias /nagios/cgi-bin /usr/local/www/nagios/cgi-bin/
Alias /nagios /usr/local/www/nagios/
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
<Directory "/usr/local/www/nagios">
Options None
AllowOverride None
Order deny,allow
# Allow from all
Deny from all
Allow from 127.0.0.1
Allow from 192.168.8.0/24
Allow from 192.168.24.0/24
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/etc/nagios/htpasswd.users
Require valid-user
php_flag engine on
php_admin_value open_basedir /usr/local/www/nagios/:/var/spool/nagios/
</Directory>
<Directory "/usr/local/www/nagios/cgi-bin">
Options ExecCGI
AllowOverride None
Order allow,deny
# Allow from all
Deny from all
Allow from 127.0.0.1
Allow from 192.168.8.0/24
Allow from 192.168.24.0/24
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/etc/nagios/htpasswd.users
Require valid-user
</Directory>
----------end httpd.conf snippet----------
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list