Date: Thu, 16 Oct 2008 23:58:44 +0200 From: Mel <fbsd.questions@rachie.is-a-geek.net> To: freebsd-questions@freebsd.org Subject: Re: FreeBSD and Nagios - permissions Message-ID: <200810162358.44308.fbsd.questions@rachie.is-a-geek.net> In-Reply-To: <48F7B3F3.70907@intersonic.se> References: <48F6EDF2.4070109@intersonic.se> <200810162231.50549.fbsd.questions@rachie.is-a-geek.net> <48F7B3F3.70907@intersonic.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 16 October 2008 23:36:51 Per olof Ljungmark wrote:
> Mel wrote:
> > On Thursday 16 October 2008 22:07:43 Per olof Ljungmark wrote:
> >> Per olof Ljungmark wrote:
> >>> Daniel Bye wrote:
> >>>> On Thu, Oct 16, 2008 at 12:05:01PM +0100, Daniel Bye wrote:
<snip>
> >>>> nagios ALL=(root) NOPASSWD: NAGIOS_CMNDS
> >
> > ^^^^
This means:
ALLOW nagios user from anywhere to run commands NAGIOS_CMNDS as user root
without a password.
> >> For the records, even this won't work because nagois needs access to
> >> /dev/xpt0 as well and once there sudo can't help.
> >>
> >> sudo -u nagios /sbin/camcontrol inquiry da0
> >> camcontrol: cam_lookup_pass: couldn't open /dev/xpt0
> >> cam_lookup_pass: Permission denied
The above sudo command, runs as nagios user, not as root.
> But... the command "/sbin/camcontrol inquiry da0" IS run as root through
> the setup in sudoers above,
See above. To test if it would work, you'd have to login as nagios then run
sudo /sbin/camcontrol inquiry da0.
--
Mel
Problem with today's modular software: they start with the modules
and never get to the software part.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200810162358.44308.fbsd.questions>