<Directory "/usr/local/nagios/sbin">
AllowOverride AuthConfig
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
AllowOverride AuthConfig
order allow,deny
allow from all
Options ExecCGI
</Directory>
Alias /nagios /usr/local/nagios/share
<Directory "/usr/local/nagios/share">
Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
AllowOverride AuthConfig
order allow,deny
allow from all
</Directory>
From: Justin Craig [mailto:[EMAIL PROTECTED]
Sent: 01 August 2006 16:22
To: Deborah Martin
Cc: Martin J. Green; Hari Sekhon; nagios-users@lists.sourceforge.net
Subject: Re: [Nagios-users] Externals Commands
okay so here is my output:
in my httpd.conf file I have:
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
<Directory "/usr/local/nagios/sbin">
Options ExecCGI
AllowOverride AuthConfig
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
Alias /nagios "/usr/local/nagios/share"
<Directory "/usr/local/nagios/share">
Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
#
Where is my problem for not being able to execute external commands or schedule downtime for a host?
On 8/1/06, Deborah Martin < [EMAIL PROTECTED]> wrote:actually you can use .htaccess or the httpd.conf file it doesn't matter. If you put in the httpd.conf you have to restart apache - not always convenient todo that. But using .htaccess means you don't have to do that and can simply add this file into the locations required with immediate effect.Also, htpasswd(2) does as you say come with apache but it has been known to be included with Nagios!-----Original Message-----
From: Martin J. Green [mailto:[EMAIL PROTECTED]]
Sent: 01 August 2006 15:36
To: Deborah Martin; Justin Craig
Cc: Hari Sekhon; nagios-users@lists.sourceforge.net
Subject: RE: [Nagios-users] Externals CommandsThe .htaccess is only required if you don't have root access to the server & thus can't add it to the main httpd.conf. If you have root access, its almost always better to add it there. In that case you would have no .htaccess file, it would all be in the server config.
M
From: Deborah Martin [mailto:[EMAIL PROTECTED]]
Sent: 01 August 2006 15:32
To: 'Justin Craig'
Cc: Hari Sekhon; Martin J. Green; nagios-users@lists.sourceforge.net
Subject: RE: [Nagios-users] Externals Commands
ok - somewhere in the nagios docs are the details with regard to setting up .htaccess but
I think there is a utility in the nagios install directory under bin called htpasswd or htpasswd2 and you run this util to generate a htpasswd.users file where
all the users that have web interface access are stored including nagiosadmin. I store mine in the etc install directory.
Then in my .htaccess file i have the following
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
require valid-user
This file resides in the sbin directory (which is also cgi-bin). Note though - change the AuthUserFile path to wherever you are storing the htpasswd.users file.
When i was getting the 'return from whence you came error', this was exactly my problem - i hadn't set up authorisation correctly and the above was how i fixed it.
hope this helps.
-----Original Message-----
From: Justin Craig [mailto:[EMAIL PROTECTED]]
Sent: 01 August 2006 15:07
To: Deborah Martin
Cc: Hari Sekhon; Martin J. Green; nagios-users@lists.sourceforge.netSubject: Re: [Nagios-users] Externals Commandsso obviously I RTFM or I wouldn't have got this far. One part that I did have questions of was the .htaccess creation, as the documentation I read only provided information for setting up users via htpasswd -c and changing your authorization functionality in the CGI's to 1.
So I did a find / -name *.htaccess* and that file doesn't exist. Sounds like I need one?
Sorry, there isn't anything in my /var/www/cgi-bin directory
Is there something missed here?
On 8/1/06, Deborah Martin < [EMAIL PROTECTED]> wrote:
can you forward the contents of the .htaccess file that resides in the cgi-bin directory ? and a listing of the rest of the directory including the permissions
-----Original Message-----
From: Justin Craig [mailto: [EMAIL PROTECTED]]
Sent: 01 August 2006 14:46
To: Deborah MartinCc: Hari Sekhon; Martin J. Green; nagios-users@lists.sourceforge.netSubject: Re: [Nagios-users] Externals Commandsi'm logged in as nagiosadmin and i have that username in all my cgi's. I have the sameissue, can't schedule downtime or issue external commands with the same error. I'm running nagios 2.4
On 8/1/06, Deborah Martin < [EMAIL PROTECTED] > wrote:
look at your /usr/local/nagios/sbin directory and check a) file permissions are correct and also whether your .htaccess authrization file is present.
This error is generally caused by not correctly using .htaccess and also not configuring apache properly - check your httpd.conf is correctly configured
-----Original Message-----
From: Hari Sekhon [mailto: [EMAIL PROTECTED]]
Sent: 01 August 2006 14:14
To: Martin J. Green
Cc: nagios-users@lists.sourceforge.net
Subject: Re: [Nagios-users] Externals CommandsMartin J. Green wrote:
I can't get external commands to work either (appears it can't write to the file for some reason), but its so low on my list of priorities I haven't gotten to it yet.
From: [EMAIL PROTECTED] [ mailto:[EMAIL PROTECTED]] On Behalf Of Hari Sekhon
Sent: 01 August 2006 13:48
To: nagios-users@lists.sourceforge.net
Subject: [Nagios-users] Externals CommandsI am having real difficulty getting external commands to work and don't full understand what's going wrong, despite having RTFMing several times.
As an example, I log in to the web interface as nagiosadmin via basic apache auth successfully as usual. I go to "comments" in the left hand pane and enter one for a host but when I click submit, I get the error:"Sorry, but you are not authorized to commit the specified command.
Read the section of the documentation that deals with authentication and authorization in the CGIs for more information.
Return from whence you came"
As far as I can tell, I have all the perms set right according to the docs:
cgi.cfg
use_authentication=1
authorized_for_system_information=nagiosadmin
authorized_for_configuration_information=nagiosadmin
authorized_for_system_commands=nagiosadmin
authorized_for_all_services=nagiosadmin
authorized_for_all_hosts=nagiosadmin
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin
nagios.cfg
command_file=/var/nagios/rw/nagios.cmd
check_external_commands=1
# NOTE: Setting this value to -1 causes Nagios to check the external
# command file as often as possible.
command_check_interval=-1
ll /var/nagios/ | grep rw/
drwxrws--- 2 nagios apache 4096 Aug 1 13:28 rw/
ll /var/nagios/rw/nagios.cmd
prw-rw---- 1 nagios apache 0 Aug 1 13:28 /var/nagios/rw/nagios.cmd|
The apache process is run by the apache user, a member of the apache group, so has full perms to the directory and the pipe file nagios.cmd. Nagios is run by nagios who is also a member of the apache group.
This all looks as it should be according to the docs as far as I can see.What am I missing?
Hari
I think quite a lot of people have trouble with this but a lot give up or are satisfied that the main bit is working and don't bother with this...
does anybody have this working and if so could you post your configs so I can see anything you have different to me?
are external commands generally broken or is there something missing in the docs/our configs/our brains?
I'm using Version 1.4.1
Hari************************************************************************ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorised distribution or copying is strictly prohibited. Whilst Kognitio Limited takes steps to prevent the transmission of viruses via e-mail, we can not guarantee that any email or attachment is free from computer viruses and you are strongly advised to undertake your own anti-virus precautions. Kognitio grants no warranties regarding performance, use or quality of any e-mail or attachment and undertakes no liability for loss or damage, howsoever caused. ***********************************************************************
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
--
- Justin
--
- Justin
--
- Justin
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null