Securing nagios

Shad L. Lords lists at lordsfam.net
Wed Aug 11 08:36:01 CEST 2004


>> Currently the spec build it so that nagios writes its pid to a file in
>> the /var/run directory.  This causes nagios to fail on some systems as
>> the nagios user doesn't have rights to write to that directory.  The
>> submitted patch fixes this by creating a directory /var/run/nagios and
>> grants ownership of this directory to nagios.  It then instructs
>> nagios to write the pid file to this directory.
>
> The pid file is only created if Nagios is started using the init
> script.  Wouldn't this normally be done by root (or the init
> process)?  If not, how would the user even have permissions to create
> the /var/run/nagios directory?  You need to be root to install any
> RPM packages.  I guess I'm not quite clear on why this is necessary.

This is correct that the PID file is only created when run from the init 
script.  The script is being run by root but the issue is that the daemon 
has dropped privs prior to writing the pid file.  Thus the need to create a 
subdirectory owned by nagios that it can write the PID file to.

-Shad 



-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285




More information about the Developers mailing list