Summary: | nagios-core-2.3.1 sets incorrect permissions on /etc/nagios for apache to read | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Richard Scott <gentoo.bugs> |
Component: | New packages | Assignee: | Gentoo Netmon project <netmon> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | eldad, gentoo.org, ramereth |
Priority: | High | ||
Version: | 2006.0 | ||
Hardware: | All | ||
OS: | Other | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 172480 |
Description
Richard Scott
2006-05-25 10:08:18 UTC
(In reply to comment #0) > This needs to either be updated to permissions of 0750 or better still, for > apache to be added to the nagios group. I don't see what's your problem here... <snip> enewgroup nagios if use noweb; then enewuser nagios -1 /bin/bash /dev/null nagios else enewuser nagios -1 /bin/bash /dev/null nagios,apache fi </snip> Hiya, The problme I can see is that the /etc/nagios directory and files are owned and readable *only* by the nagios user/group. Apache is not part of the nagios group and therefore can't read these files. The code you list adds the nagios user to the apache group and not apache to the nagios group which is what I believe we need. I have had to use the following to fix this on my system: # usermod -G nagios apache Thanks Richard. Please can we re-open this as a bug? To be honest, I don't see what's the apache business in there... It shouldn't be apache-readable by default, IMHO. (In reply to comment #4) > To be honest, I don't see what's the apache business in there... It shouldn't > be apache-readable by default, IMHO. > I take it then you've not used the web interface to nagios to view the current status? ;-) Apache executes some cgi scripts that read files in that directory. Apache has to be able to read the config files in /etc/nagios so it can tell you details about your current setup. If apache can't read that directory then you *always* get an error with the web interface. *** Bug 137261 has been marked as a duplicate of this bug. *** As far as i can see there is no need that the user nagios is in the group apache, but vice versa, user apache is member of the group nagios, is necessary to get a working web frontend. Added an info on how to get apache read-access to /etc/nagios in =net-analyzer/nagios-core-2.9. |