What is the guest user for?

Marc Powell marc at ena.com
Wed Aug 24 18:49:31 CEST 2005



> -----Original Message-----
> From: nagios-users-admin at lists.sourceforge.net [mailto:nagios-users-
> admin at lists.sourceforge.net] On Behalf Of km4hr at netscape.net
> Sent: Wednesday, August 24, 2005 10:44 AM
> To: nagios-users at lists.sourceforge.net
> Subject: [Nagios-users] What is the guest user for?
> 
> I assumed the purpose of the guest user was to provide all users
view-only

Nagios has no facility for a view-only interface. It can be emulated by
using .htaccess to limit access to cmd.cgi based on criteria supported
by mod_auth. I believe there may be other ways of accomplishing it in
the archives.

> access to the nagios web pages. But it looks like guest has to log in
and
> provide a password just like everybody else. If that's the case, then
what

If you've enabled .htaccess then yes, they'll have to log in unless you
provide some other or additional ALLOW FROM directive that doesn't
REQUIRE valid-user (IP or domain based for example).

> is guest for? What's special about it? Do I not have something set up

The default_user_name, in your case 'guest', as specified in cgi.cfg is
used whenever your web server doesn't provide or set the REMOTE_USER
variable (the username used to log in). This is normally only set when
basic authentication is enabled and the user has successfully logged in.
As indicated in the comments above the directive in cgi.cfg --

"# without authenticating.  You may want to use this to avoid basic
# authentication if you are not using a sercure(sic) server since basic
# authentication transmits passwords in the clear."

'basic authentication' == htaccess. So, if you didn't have htaccess
enabled, that would be the username that nagios used to determine what
hosts to show based on the same criteria as normal contacts _as well as_
any additional permissions you might grant it using the authorized_for_*
directives in cgi.cfg. If you were to add to your .htaccess something
like 'Allow from netscape.net', users with netscape.net in their reverse
dns hostname would be allowed in without authorization, therefore
REMOTE_USER wouldn't be set by your webserver and nagios would use your
specified default_user_name for that user.


> correctly?  Is there any way to allow everone to view the pages
without
> logging in?

Disable htaccess. Your default_user_name would then determine what
hosts/services they were able to see and manage.

--
Marc


-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list