weird permissions problem

Karl DeBisschop karl at debisschop.net
Mon Jan 19 14:07:53 CET 2004
Previous message: weird permissions problem
Next message: weird permissions problem
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 2004-01-19 at 07:04, Greg Vickers wrote:
> I would have thought that the web server wouldn't need to read the Nagios 
> config files??? I mean that's what I would have thought.

Think further. Since the web interface can display group info, service
cammand definitions, etc, the web interface must be able to read them.

> So if (under Debian) I add www-data to the nagios group, I won't need o+r 
> on my Nagios config files. (But if Apache is hijacked, it could be used to 
> read all the Nagios config files, right?)

IIRC, all file except user.cfg, which is specifically set up to allow
you to put sensitive user data without causing the web display to fail.

> G
> 
> At 09:13 PM 19/01/2004, Fredrik Wänglund wrote:
> >If the WEB-server is not run by the user 'vickersg', then it's the 
> >expected behaviour.
> >
> >The files must be readable by the user (or group) that runs the WEB-server.
> >
> >
> >/FredrikW
> >
> >
> >
> >Greg Vickers wrote:
> >
> >>Hi all,
> >>I'm running Nagios 1.1 under Debian and I have observed this strange problem:
> >>If any of my config files are permissions o-r, I get 'not authorized' for 
> >>any host/service in Nagios.
> >>Here is a sample of a config file:
> >>vickersg at host:/etc/nagios/objects/hostgroups/blah/blah/blah$ ll
> >>total 4
> >>-rw-rw-r--    1 vickersg nagios        164 Jan 19 20:50 servers.hostgroup.cfg
> >>If I 'chmod o-r servers.hostgroup.cfg' then the web page won't show me 
> >>any information at all.
> >>Has anyone else seen this problem or am I just thinking strangely?
> >>
> >>=================================
> >>Greg Vickers
> >>Computer Systems Officer
> >>Student Support and Systems,
> >>Teaching and Learning Support Systems,
> >>Queensland University of Technology,
> >>Kelvin Grove Campus,
> >>Brisbane,
> >>Australia
> >>CRICOS No 00213J
> >>Ph: 07 3864 8276 Fax: 07 3864 5425
> >>Mob: 0416 001 674 SD: #66147
> >>
> >>-------------------------------------------------------
> >>The SF.Net email is sponsored by EclipseCon 2004
> >>Premiere Conference on Open Tools Development and Integration
> >>See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
> >>http://www.eclipsecon.org/osdn
> >>_______________________________________________
> >>Nagios-users mailing list
> >>Nagios-users at lists.sourceforge.net
> >>https://lists.sourceforge.net/lists/listinfo/nagios-users
> >>::: Please include Nagios version, plugin version (-v) and OS when 
> >>reporting any issue. ::: Messages without supporting info will risk being 
> >>sent to /dev/null
> >
> 
> =================================
> Greg Vickers
> Computer Systems Officer
> Student Support and Systems,
> Teaching and Learning Support Systems,
> Queensland University of Technology,
> Kelvin Grove Campus,
> Brisbane,
> Australia
> 
> CRICOS No 00213J
> 
> Ph: 07 3864 8276 Fax: 07 3864 5425
> Mob: 0416 001 674 SD: #66147 
> 
> 
> 
> -------------------------------------------------------
> The SF.Net email is sponsored by EclipseCon 2004
> Premiere Conference on Open Tools Development and Integration
> See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
> http://www.eclipsecon.org/osdn
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
> ::: Messages without supporting info will risk being sent to /dev/null



-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: weird permissions problem
Next message: weird permissions problem
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list