dont do this!!

Kenneth Ray kray1 at travelersla.com
Fri Dec 6 20:20:21 CET 2002


Though the below will get you up and running it will also leave you open to many vulnerabilities.
here is what you should try
first run the nagios -v
against your main configuration file, see if you return any errors.
second run nagios (configuration file)
no options
to see if you receive any command line errors when attempting to access the GUI.
third,
check your access logs when you attempt to access the GUI. Apache, as well as Netscape produce errors to inform you what the scoop is.

fourth,
make sure you have a default user with the same name as the install you installed with,
fourth. make sure your "allows" in your CGI have the user listed. (if you have the * allowing anyone access it should be the last entry, I have see it cause problems on my system when its somewhere other than the End of the
line, this is not documented but do it anyway k?)

with all of this done, try opening up the GUI in a window and you should see the user in the upper left corner of the CGI, if you do not.
login to the system running nagios and change to the subdirectory where your CGI's are held (make sure you are using the username you are running nagios as.)  type one of them in and set the appropriate variables to make it
display correctly,  ( you will understand what i mean once you type one of them in.) once you get a http formated text output, search the text for the key phrase "logged in" next to that information should be the actual user
that you are running it as. (by the way, Special thanks to Ethan, for keeping this function)

chmod 777 is not an answer, that means that anyone can WRITE to or change your files. Even non-authenticated users. IE: I could FTP from my web browser a corrupt file directly to your subdirectory(little finagling but it can be
done) without even supplying a valid user-name.
777 no!!!
no good
the key places to look here are the access logs, and the programs you run with the nagios user, most of the time these are the issues that cause the biggest problems.
I hope this helps.


>
>
> Message: 7
> Subject: RE: [Nagios-users] RE: Permissions Error
> Date: Fri, 6 Dec 2002 11:11:04 -0600
> From: "Robertson, Brown" <brown.robertson at maac.net>
> To: "Chris Fairbanks" <ChrisF at winterlink.net>,
>         "wrnash" <wrnash at wrnash.net>,
>         "Potter, G M (Greg)" <GPotter at MarathonOil.com>,
>         "Nagios-users (E-mail)" <nagios-users at lists.sourceforge.net>
> Cc: "Scott Ripley" <sripley at chiaro.com>
>
> Eureka guys. It's definitely a permission issue. Chmod your
> htpasswd.users file (/usr/local/nagios/ets/htpasswd.users  if that's
> where you put it) to 777. That should do the trick. There weren't
> sufficient permissions to access that file for the authentication
> information. I'm almost positive this was the cause, but in case it's
> not, I chmod'd all my nagios directories to 777, .htaccess files to 777,
> and htpasswd.users file to 777. Hope that helps. Brown.
>
> Special Thanks to Scott Ripley for his suggestion in trying this.=20
>
>

--
This message and any attachments are confidential to the ordinary user
of the e-mail address to which it was addressed and may also be
privileged. If you receive  this message in error please immediately
delete it and all copies of it from your system, destroy any hard copies
of it and notify the sender.  You must not, directly or indirectly, use,
disclose, distribute, print or copy any part of this message if you are
not the intended recipient. Internet communications cannot be guaranteed
to be secure or error-free as information could be intercepted,
corrupted, lost, arrive late or contain viruses or unauthorized
amendments.  The sender, therefore, does not accept liability for any
errors or omissions in the content of this message or any damage or
other consequences arising as a result of Internet transmission.
Opinions, conclusions and other information in this message that do not
relate to the official business of CITIGROUP shall be understood as
neither given nor endorsed by it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: kray1.vcf
Type: text/x-vcard
Size: 179 bytes
Desc: Card for Kenneth Ray
URL: <https://www.monitoring-lists.org/archive/users/attachments/20021206/5f782ccb/attachment.vcf>


More information about the Users mailing list