Running nagios as root

Marc Powell mpowell at ena.com
Wed Oct 1 20:43:11 CEST 2003

Previous message: Running nagios as root
Next message: Displaying full output (verbose) for a service.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Being owned by user and group nagios isn't sufficient. The programs must
be owned _and_ executed as the root user to be able to make the
appropriate ICMP requests. Note the addition of the sticky bit ('s') in
the permissions below and the ownership by root. The +rx permissions for
the 'other' group make the programs executable by nagios and the sticky
bit guarantees that that it is executed as the owner of the program, in
this case root.

--
Marc

> -----Original Message-----
> From: R. F. [mailto:visigoth at home.nl]
> Sent: Wednesday, October 01, 2003 1:36 PM
> To: Marc Powell
> 
> If it was only that easy. I was unable to do so. Fping and its
directory
> are owned by user and group nagios, yet still I get a 'Warning'
because
> it can't execute it. Same goes for Ping, I've already discussed it
with
> several people on this mailing list. As root, they all work.
> 
> -----Original Message-----
> From: Marc Powell [mailto:mpowell at ena.com]
> Sent: 01 October 2003 19:33
> To: R. F.; nagios-users at lists.sourceforge.net
> Subject: RE: [Nagios-users] Running nagios as root
> 
> That's actually a really bad idea. The simpler and better solution is
to
> make ping and fping executable by the nagios user --
> 
> [root at betelgeuse bes]# ls -al /bin/ping
> -rwsr-xr-x    1 root     root        35192 Apr 18  2002 /bin/ping
> [root at betelgeuse bes]# ls -l /usr/local/sbin/fping
> -rwsr-xr-x    1 root     root        83254 Nov 15  2002
> /usr/local/sbin/fping
> 
> chmod 4755 /bin/ping /usr/local/sbin/fping
> 
> --
> Marc
> 
> ________________________________________
> From: R. F. [mailto:visigoth at home.nl]
> Sent: Wednesday, October 01, 2003 11:56 AM
> To: nagios-users at lists.sourceforge.net
> 
> Hi, I've been messing with Nagios for a week now and I can't get it to
> access/execute /bin/ping or /usr/local/sbin/fping. So I was wondering,
> is it wise to run Nagios as root? Is there a way to do it safely? If
so,
> how, because it looks like the only option for me :(
> 
> Thanks.
> 



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Running nagios as root
Next message: Displaying full output (verbose) for a service.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list