Apache suExec and /usr/local/nagios/etc permissions

Subhendu Ghosh sghosh at sghosh.org
Thu Feb 20 19:55:53 CET 2003

Previous message: Apache suExec and /usr/local/nagios/etc permissions
Next message: Apache suExec and /usr/local/nagios/etc permissions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Make sure apache and nagios have a common group membership and use group 
permissions.

About SNMP community - if you have comon community strings across devices, 
create a $USERx$ macro in resource.cfg for the community.  The CGIs do not 
read resource.cfg.

-sg

On Thu, 20 Feb 2003, Syed Ali wrote:

> Hello,
> 
> I am running Apache 1.3.20 on RedHat 7.2.
> Apache runs under user 'apache'.
> Nagios is running under user 'nagios'.
> 
> However, unless I do not give world readable permissions to
> /usr/local/nagios/etc I cannot access the web interface for Nagios.
> If I give world readable permission to /usr/local/nagios/etc, then users
> on the system can view the SNMP RO community in the services.cfg or
> checkcommands.cfg file.
> So, how do I go about not allowing my users to be able to read the
> /usr/local/nagios/etc directory?
> 
> I had disabled suExec on the httpd server for Cricket to run, but I am
> willing to give up cricket and enable suEexec.
> Reading the Apache suExec documentation, it looks like suExec works with
> v2.0 of Apache and the virtual host directive, neither of which I am
> using.
> Also, it seems that suExec will work if you append the ~ but when I set
> an alias as /~nagios /usr/local/nagios/share I get permission denied
> reading ~nagios/etc/htpasswd file.
> (Which means suExec is not working?)
> 
> 
> Paste from httpd.conf:
> 
>   ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin/
>     <Directory "/usr/local/nagios/sbin/">
>         AllowOverride AuthConfig
>         Options ExecCGI
>         Order allow,deny
>         Allow from all
>     </Directory>
>     Alias /nagios/ /usr/local/nagios/share/
>     <Directory "/usr/local/nagios/share/">
>         AllowOverride AuthConfig
>         Options None
>         Order allow,deny
>         Allow from all
>     </Directory>
> 
> I also tried:
> 
>   Alias /~nagios/ /usr/local/nagios/share/
>     <Directory "/usr/local/nagios/share/">
>         AllowOverride AuthConfig
>         Options None
>         Order allow,deny
>         Allow from all
>     </Directory>
> 
> Thank you...
> 
> 
> 

-- 




-------------------------------------------------------
This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
The most comprehensive and flexible code editor you can use.
Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial.
www.slickedit.com/sourceforge
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Apache suExec and /usr/local/nagios/etc permissions
Next message: Apache suExec and /usr/local/nagios/etc permissions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list