Authorization situation
Lori Adams
ladams at cloudmark.com
Wed Dec 21 18:51:23 CET 2005
I'm using nagios 1.2 on gentoo.
Apache authentication works great.
I've been reading the docs, and found some helpful information on
authorizations on this list. However, I am unable to exactly figure out
the right set of directives, to achieve what I'm looking for.
I have two users, A, and B. A is allowed access to everything. It can
view everything, and it can submit commands for all hosts and services.
B is only allowed access to some hosts and their services. I want B to
only be able to view some hosts and services, and *not* be able to
submit commands.
I'm able to allow A access to everything, and B access to some hosts.
But B is still able to issue commands
Configs so far with names changed to protect the innocent :-) These
configs all A access to everything and B access to some hosts, but still
able to issue commands. What is the combination of configs needed to
make it so B can only view some hosts and not issue commands and A can
still do everything.
cgi.cfg:
authorized_for_all_services=A
authorized_for_all_hosts=A
authorized_for_all_service_commands=A
authorized_for_all_host_commands=A
contactgroups.cfg
define contactgroup {
name all
members A,B
}
define contactgroup {
name A-only
members A
}
hostgroups.cfg
define hostgroup foo {
...
contactgroups all
. ...
}
define hostgroup bar {
...
contactgroups A-only
...
}
Thanks,
-Lori
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20051221/932ea766/attachment.html>
More information about the Users
mailing list