Go back further - to the beginning of the log - and see if there are messages about the user id switch. You may have to run ntop in console mode (i.e. w/o the daemon and syslog option) to see all the messages (some of the very early ones get written via fprintf() and may be in dmesg or lost).
The .db files which are opened before ntop sheds root privileges (i.e. anything before the libpcap pcap_open_live() call) are as root. Databases which are recreated (unlink + create) will have the then-current ownership, root. -----Burton -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin W. Gagel Sent: Tuesday, June 07, 2005 6:22 PM To: [email protected] Subject: RE: [Ntop] What am I doing wrong... > If the set user to the -u value fails, ntop tries a couple of commonly > available daemon names, nobody is one of those. > > If the /var/ntop/rrd/graphics directory doesn't allow user 'nobody' to > write to it, well, you will correctly see the error you are seeing. > > top or ps will show you what's running under what user id. > > I'm guessing there is a problem with the setup of your -u userid and > ntop is falling over to nobody. There should be messages in your log > at the very beginning of the run. > > Maybe you need to delete the -u userid and re-add it. > > -----Burton Thank you Burton, I tried that. No luck there. I removed the user ntop and then the group ntop. I added the group ntop and then the user ntop. Set the user ntop to a home dir of /var/ntop. I cd'd to /var and chmod -R ntop:ntop ntop to get everything at and below the ntop directory set to the ntop user and group. I see none of the directories have the execute permision so I chmod each dir to have execute. So they all have it now. I've edited the startup script to include the --user ntop and -P /var/ntop on the command line that starts ntop. I still get errors and at least one of the files is changed back to owner of root. The error has changed from RRD disabled to create and can't open errors of the RRD files. Here is ll of /var/ntop: -rw-r--r-- 1 root root 12865 Jun 7 16:04 addressQueue.db -rw-rw---- 1 ntop ntop 307449 Jun 7 16:04 dnsCache.db -rw-rw---- 1 ntop ntop 237568 Jun 7 15:57 fingerprint.db -rw-rw---- 1 ntop ntop 14304 Jun 7 16:04 LsWatch.db -rw-rw---- 1 ntop ntop 1110238 May 27 15:53 macPrefix.db -rw------- 1 ntop ntop 6 Jun 7 15:57 ntop.pid -rw-rw---- 1 ntop ntop 12509 Jun 7 13:32 ntop_pw.db -rw-rw---- 1 ntop ntop 13151 Jun 7 14:35 prefsCache.db drwxrwx--- 5 ntop ntop 4096 Jun 7 15:56 rrd (I guess I don't rw for the group or even the group ntop itself. Notice the addressQueue.db file above is now root owned) Here is the /etc/ntop.conf entries: --user ntop --db-file-path /var/ntop --use-syslog --local-subnets 142.27.69.0/24,142.27.68.0/24,142.27.67.0/24,142.27.66.0/24,142.27.65.0/24 ,142.27.64.0/24 --daemon (all commented lines removed, each line is a single line not wrapped) Here are snipets of the startup where errors show up (following will be an ll of a rrd directory): Jun 7 16:11:31 antispam ntop[11956]: **WARNING** RRD: rrd_create(/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/ipBytesSent .rrd) error: creating '/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/ipBytesSent.rrd': Permission denied Jun 7 16:11:31 antispam ntop[11956]: **WARNING** RRD: rrd_update(/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/ipBytesSent .rrd) error: opening '/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/ipBytesSent.rrd': Permission denied Jun 7 16:11:31 antispam ntop[11956]: **WARNING** RRD: rrd_create(/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/udpSentLoc. rrd) error: creating '/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/udpSentLoc.rrd': Permission denied Jun 7 16:11:31 antispam ntop[11956]: **WARNING** RRD: rrd_update(/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/udpSentLoc. rrd) error: opening '/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/udpSentLoc.rrd': Permission denied Jun 7 16:11:31 antispam ntop[11956]: **WARNING** RRD: rrd_create(/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/totContacte dSentPeers.rrd) error: creating '/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/totContactedSentPeers .rrd': Permission denied Jun 7 16:11:31 antispam ntop[11956]: **WARNING** RRD: rrd_update(/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/totContacte dSentPeers.rrd) error: opening '/var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6/totContactedSentPeers .rrd': Permission denied Here is the ll of the first directory thats in the list of errors above: [EMAIL PROTECTED] B6]# pwd /var/ntop/rrd/interfaces/eth0/hosts/00/E0/29/3E/02/B6 [EMAIL PROTECTED] B6]# ll total 400 -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 arp_rarpSent.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 arpReqPktsSent.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 bytesBroadcastSent.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 bytesSentLoc.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 bytesSent.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 ipBytesSent.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 pktBroadcastSent.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 pktSent.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 totContactedSentPeers.rrd -rw-rw---- 1 ntop ntop 35292 Jun 5 17:42 udpSentLoc.rrd ntop is running as user ntop (as indicated in this top output): PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 11956 ntop 16 0 129m 25m 2324 S 0.0 2.6 0:00.28 ntop I'm completely puzzled. ========================= Kevin W. Gagel Network Administrator Information Technology Services (250) 561-5848 local 448 ------------------------------------------------------------------- The College of New Caledonia, Visit us at http://www.cnc.bc.ca Virus scanning is done on all incoming and outgoing email. Anti-spam information for CNC can be found at http://avas.cnc.bc.ca ------------------------------------------------------------------- _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
