You have followed all the steps so far, but when you log in to the Nagios web interface, you can't access all of the pages. Instead, you get this error: "It appears as though you do not have permission to view information you requested.… If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI and check the authorization options in your CGI configuration file." How do you fix this?
Uncomment these lines in /usr/local/nagios/etc/cgi.cfg, and make sure the correct Nagios user is named, which in this chapter is nagios:
authorized_for_all_services=nagios authorized_for_all_hosts=nagios authorized_for_system_commands=nagios authorized_for_configuration_information=nagios authorized_for_all_service_commands=nagios authorized_for_all_host_commands=nagios
Make sure this line is uncommented and set to 1:
use_authentication=1
This requires all CGI scripts to use authentication. Disabling this opens a great big security hole; for example, any random person on your LAN could write whatever they want to your command file.
Save the changes, and try again. Now, your nagios user should have full access to all pages on the Nagios web interface, including the ability to run commands.
At the end of the file, you can activate some sound alerts if you really really want to.
It is better to administer Nagios as an unprivileged user, rather than as the system's root user. You may add more authorized users in a comma-delimited list. These aren't very fine-grained access controls, but you do get a little bit of flexibility. Each Nagios user must be added to htpasswd.users; see the next recipe to learn how to do this.
This a complete sample cgi.cfg:
# example cgi.cfg that gives complete administrative # powers to 'nagios' user main_config_file=/usr/local/nagios/etc/nagios.cfg physical_html_path=/usr/local/nagios/share url_html_path=/nagios show_context_help=0 use_authentication=1 authorized_for_system_information=nagios authorized_for_configuration_information=nagios authorized_for_system_commands=nagios authorized_for_all_services=nagios authorized_for_all_hosts=nagios authorized_for_all_service_commands=nagios authorized_for_all_host_commands=nagios default_statusmap_layout=5 default_statuswrl_layout=4 ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ refresh_rate=90
Local documentation at "Configuring authorization for the CGIs" (http://localhost/nagios/docs/cgiauth.html) and "CGI Configuration File Options" (http://localhost/nagios/docs/configcgi.html)
Nagios.org: http://www.nagios.org