Nagios-新用户未获得启用权限

10

我遵循网络指南中的简单步骤:

a)通过命令将用户添加到Nagios htpasswd htpasswd.users username

b)在cgi.cfg文件中将此用户添加到以下行:

authorized_for_system_information=nagiosadmin, username
authorized_for_configuration_information=nagiosadmin, username
authorized_for_system_commands=nagiosadmin, username
authorized_for_all_services=nagiosadmin, username
authorized_for_all_hosts=nagiosadmin, username
authorized_for_all_service_commands=nagiosadmin, username
authorized_for_all_host_commands=nagiosadmin, username

c)重新启动nagios3服务,甚至重新启动apache2服务

但是当我尝试从nagios Web界面中列出任何内容时,它仍然给我以下烦人的消息:

It appears as though you do not have permission to view information for any of the services you requested...
If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI
and check the authorization options in your CGI configuration file.

请问哪里有问题?

nagios  users 
雅各布·特科夫斯基
source
1
仅出于娱乐性考虑,您可以将空格排除在外吗authorized_for,例如authorized_for_all_hosts=nagiosadmin,username。我怀疑这是问题所在,但是我所有可用的NAGIOS配置都没有空间。
MadHatter

Answers:

8

在“ 无权限查看配置”中查看 Nagios FAQ ,其中显示:

描述:如果单击“查看配置”,则会得到:“”“好像没有权限查看所请求的配置信息...如果您认为这是错误,请检查HTTP服务器身份验证要求用于访问此CGI并检查CGI配置文件中的授权选项。“”“

解决方案:您需要在cgi.cfg中设置“ authorized_for_configuration_information”

在我的EL6系统上,默认情况下,“ authorized_for_configuration_information”设置为“ nagiosadmin”。许多站点将其设置为authorized_for_configuration_information=*,从而解决了您的问题。

另外,请确保您正确使用了HTTP身份验证。参见http://nagios.sourceforge.net/docs/3_0/cgiauth.html

在CGI中启用身份验证/授权功能

接下来需要做的是确保将CGI配置为使用身份验证和授权功能来确定用户可以访问哪些信息和/或命令。这是通过将CGI配置文件中的use_authentication变量设置为非零值来完成的。例:

use_authentication = 1

斯蒂芬·拉西斯基(Stefan Lasiewski)
source
5

编辑/usr/local/nagios/etc/cgi.cfg

添加用户名,没有这样的空格

authorized_for_system_information=nagiosadmin,username,username2

保存文件并使用服务nagios restart重新启动nagios服务

侦探
source
谢谢你的提示。同样重要的是,逗号后不能留空格,这让我失望
德里克·奈特
2

  1. 在终端:

    sudo htpasswd -c /etc/nagios/htpasswd.users new_user
    # set password for user "new_user"

  2. 在终端:

    nano /usr/local/nagios/etc/cgi.cfg

    (在cgi.cfg文件中,查找此部分):

    # GLOBAL HOST/SERVICE VIEW ACCESS
# These two options are comma-delimited lists of all usernames that
# can view information for all hosts and services that are being
# monitored.  By default, users can only view information
# for hosts or services that they are contacts for (unless you
# you choose to not use authorization). You may use an asterisk (*)
# to authorize any user who has authenticated to the web server.

    (在该行的末尾,添加用户“ new_user”):

    authorized_for_all_services=nagiosadmin,new_user
authorized_for_all_hosts=nagiosadmin,new_user

    (保存并退出nano)

  3. 重新启动nagios服务:

    sudo systemctl restart nagios.service

现在,您可以使用“ new_user”访问网页并监视所有对象。

埃里克·罗德里格斯(Erick Rodriguez)
source
0

我也遇到了同样的问题,我解决了运行命令 

sudo htpasswd -b -c /usr/local/nagios/etc/htpasswd.users nagiosadmin nagiosadmin
米林德
source
0

确保在nagios文件夹中cgi.cfg中的行下面

authorized_for_all_services = nagiosadmin,noc授权_for_all_hosts = nagiosadmin,noc

TDS
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.