Nagios Solutions for using problems

Modify a service times error through the Web interface for example, a service is temporarily scheduled for its execution time, or if it is not warned, there are settings on the Web page. However, there are often error messages as follows:

Could not open command file '/usr/local/nagios/var/rw/nagios.cmd ' for update! The permissions on the external command file and/or directory is incorrect. Read the FAQs on what to setup proper permissions. An error occurred while attempting to commit your command for processing.

This section has the following content in Nagios.cfg

# EXTERNAL Command file# This is the FILE, Nagios checks for EXTERNAL command requests.# It is also where the command CGI would write commands that's submitted# by users, so it must being writeable by the user that the Web server# is running  As (usually ' nobody '). Permissions should be set at the# directory level instead of the file, as the file was deleted every# time its contents is processed. The central meaning of this passage is that Apache's running users have permission to write to the file. Permissions should be set on the directory, because each time the contents of the file is processed, the file is deleted. Command_file=/usr/local/nagios/var/rw/nagios.cmd

First, take a look at your process, Apache process, what the user is running, typically nobody

#ps-ef | grep http
Root   27252   1 0 Feb26?     ; 00:00:01/usr/local/apache/bin/httpd-k start
Nobody   12587 27252 0 15:23?     00:00:00/usr/local/apa Che/bin/httpd-k start
Nobody   12588 27252 0 15:23?     00:00:00/usr/local/apache/bin/httpd-k start< Br>nobody   12589 27252 1 15:23?     00:00:01/usr/local/apache/bin/httpd-k start
Nobody   12590 27252 1 15:23?     00:00:01 /usr/local/apache/bin/httpd-k start
Nobody   12591 27252 0 15:23?     00:00:00/usr/local/apache/bin/h Ttpd-k start
Nobody   12618 27252 0 15:23?     00:00:00/usr/local/apache/bin/httpd-k start

Note , this refers to the normal user, not the starting process that root runs.

Then what to do, if the user of the Nagios process you are running is Nagios and the group is Nagios, then:

usermod-g Nagios nobody
chmod g+s/path/to/ NAGIOSDIR/VAR/RW

Note that cgi.cfg inside the set is not much to say.

and then restart Apache so you can run it.

For Apache's startup user, it is defined in httpd.conf:

User * * *

Group * * *

The default setting is nobody and nogroup, which does not have a file on the system and ensures that the server itself and the CGI process it initiates do not have permission to change the file system. In some cases, for example, in order to run CGI and UNIX interaction, you also need to let the server to access the files on the server, if you still use nobody and nogroup, then the system will appear nobody files, which is detrimental to system security, Because other programs also perform certain operations with the permissions of nobody and nogroup, it is possible to access files owned by these nobody, causing security problems. In general, set up a specific user and group for the Web service, and change the user and group settings here.

Nagios Solutions for using problems