[NTLUG:Discuss] Nagios Authentication

Dennis Rice dennis at dearroz.com
Sun Jun 10 23:14:21 CDT 2007 

I am attempting to get Nagios to operate, for the sake of learning how 
and documenting for my book.  Having authentication problems.

Followed the documentation as provided by the nagios.org site. Provided 
the installation and now working through the web page authentication.  I 
have created a set of users and assigned them to the group nagcmd, 
created the /usr/local/nagios/etc/htpasswd.users file with the 
authorized users and their password.  Created the file .htaccess with a 
pointer to the htpasswd.users file, and located it in both the 
/var/www/cgi-bin and /var/www/html/nagios directories (please correct me 
on these file locations if I mis-read the directions).  The attributes 
of the htpasswd.users file to be 640 root nagcmd.

When attempting to log onto the web page, I get the login window 
requesting username and password.  On entering, it fails.

Accepting my interpretation of the documentation (trying to simply ?) 
and put it into the book.  Can anyone provide an idea where I have gone 
wrong.

The following is an extract for enabling the web authentication, if I 
understand correctly.
-----------
1.
The following lines must be added to the system httpd.conf file.  They 
may be added at the end.
ScriptAlias   /ngios/cgi-bin   "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
    Options ExecCGI
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all
#  Order deny,allow
#  Deny from all
#  Allow from 127.0.0.1
    AuthName "Nagios Access – By Invitation Only"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
    Options None
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all
#  Order deny,allow
#  Deny from all
#  Allow from 127.0.0.1
    AuthName "Nagios Access – By Invitation Only"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>

2.
Create the directory /var/www/html/nagios (mkdir /var/www/html/nagios).

3.
Create a file named .htaccess in the root CGI directory 
(/var/www/cgi-bin), it may optionally also be placed in the nagios root 
(/var/www/html/nagios) directory, with the following contents:
AuthName “Nagios Access”
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
require valid-user

4.
Modify the group name of the /usr/local/nagios/etc/httpasswd.users file. 
  Change it to nagcmd (chgrp nagcmd htpasswd.users).

5.
Create valid web users that are allowed to access to the CGI scripts. 
The Apache htpasswd command is used.  Issue the command htpasswd   –c 
/usr/local/nagios/etc/htpasswd.user   nagiosadmin.  Add additional users 
that require access, such as apache and nagios, but this time leave off 
the “–c”, as the first time it created the file.  While entering the 
username, it will ask for a password, for now, enter the password of 
“nagios” (that may be modified later if desired).

-------------
Appreciate insight as to what I am doing wrong or forgetting.

Dennis

More information about the Discuss mailing list