FreeBSD and Nagios - permissions
Per olof Ljungmark
peo at intersonic.se
Thu Oct 16 15:14:51 PDT 2008
Mel wrote:
> On Thursday 16 October 2008 23:36:51 Per olof Ljungmark wrote:
>> Mel wrote:
>>> On Thursday 16 October 2008 22:07:43 Per olof Ljungmark wrote:
>>>> Per olof Ljungmark wrote:
>>>>> Daniel Bye wrote:
>>>>>> On Thu, Oct 16, 2008 at 12:05:01PM +0100, Daniel Bye wrote:
>
> <snip>
>
>>>>>> nagios ALL=(root) NOPASSWD: NAGIOS_CMNDS
>>> ^^^^
> This means:
> ALLOW nagios user from anywhere to run commands NAGIOS_CMNDS as user root
> without a password.
>
>>>> For the records, even this won't work because nagois needs access to
>>>> /dev/xpt0 as well and once there sudo can't help.
>>>>
>>>> sudo -u nagios /sbin/camcontrol inquiry da0
>>>> camcontrol: cam_lookup_pass: couldn't open /dev/xpt0
>>>> cam_lookup_pass: Permission denied
>
> The above sudo command, runs as nagios user, not as root.
>
>> But... the command "/sbin/camcontrol inquiry da0" IS run as root through
>> the setup in sudoers above,
>
> See above. To test if it would work, you'd have to login as nagios then run
> sudo /sbin/camcontrol inquiry da0.
OK, I'm sure you're right, this was my first encounter with sudo. But,
nagios, running in parallel, reported identical results as the ones I
got from the command line. That is why I draw the conclusion that giving
nagios root access to NAGIOS_CMNDS was not enough and the reported error
(access to /dev/xpt0) was not part of any direct command.
Maybe this is wrong and I made a mistake but because this is *nix I'm
confident there are other less kludgy solutions to the problem.
--
per
More information about the freebsd-questions
mailing list