April 2, 2009

Nagios - A Extensible Host and Service Monitoring

"7. Apache Security Preparation

Nagios has by default the authentication for the web interface activated.

That means after Nagios has been started and you try to access the web interface a login windows appears. Nagios has already a default user defined in the contacts.cfg (user: nagiosadmin) so we just have to create a apache password file where we store the password for it.

Do this with the following command and set the password to nagios:

# htpasswd2 -c /opt/nagios/etc/htpasswd.users nagiosadmin
Password: nagios

NOTE: LDAP can also be used for user authentication and requires just a view changes to the apache configuration. But the users still have to be defined in the contacts.cfg. LDAP is used just for verifying the password. I will cover this later.

NOTE: If you do not like to define every user in the contacts.cfg and security is not the case for you, you can modify the cgi.cfg and change all "authorized_for..." parameters to "authorized_for...=*". That will give all user that authenticate to the web server (or LDAP) all permissions even they do not exist in the contacts.cfg. After ny modification to the cgi.cfg restart Nagios.
8. Apache and Nagios Startup

So now all configurations are done and we can startup the applications.

During the Nagios installation an apache config file (nagios.conf) was placed in /etc/apache2/conf.d. So we first have to restart apache to activate that configuration.

# rcapache2 restart

After that we can start Nagios for the first time. In earlier version it was always a very good idea to do a configuration verify before restarting. Otherwise Nagios could be interrupted if there were errors in. In this new version now Nagios does this automatically when it is started or reloaded. If configuration errors were found the restart / reload operation is aborted and you get a information where the error is. Correct it and retry the operation.

As we use the default configuration and we made no mistakes Nagios should start up:

# /etc/init.d/nagios start

If you would like, add Nagios for automatic startup at system boot time:

# insserv nagios

9. Nagios Test

Now Nagios should be available at the following URL: http:///nagios

As you do have the authentication settings modified you should get an authentication window where you have to enter the user nagiosadmin with password nagios." novell.com

No comments:

Post a Comment