Is there any way to disable the “Enable Active Checks on this (host|service)” in the GUI without disabling all host or service commands for a authorized user?
As I understand the cgi authorization…
Any user that can authenticate to the cgi’s and are listed in the authorized_for_all_hosts and authorized_for_all_services, either implicitly or *'d in, can view current status of a host/service. They will not be able to issue host or service commands unless they are a contact for the host or service.
It’s expected that if they are a contact they will need to do things like acknowledge a problem.
check the cgi.cfg docs for more
There does not appear to be a way to selectively authorize certain commands (“disable” specific commands).
I came up with this solution on 2.9 but have not tested it on any other version.
This solution specifically removes the “Enable Active checks…” commands for passive hosts and services in the web interface. It is really helpful if all of your checks ae passive.
You will want to be familure with C code and how nagios is using the cgis to render the webpages before you do this.
cd to your nagios source directory
mv cgi cgi.original.branders
in cgi/excinfo.c commented out lines that contain “Enable active”
(make sure to use c code comments.)
cp /usr/local/nagios/sbin/extinfo.cgi /usr/local/nagios/sbin/extinfo.cgi.orig
cp cgi/extinfo.cgi /usr/local/nagios/sbin/
make sure permissions are correct still.
chown nagios.nagios /usr/local/nagios/sbin/extinfo.*
chmod 775 /usr/local/nagios/sbin/extinfo.*
restart nagios and check your results
you should have a couple of copies of the extinfo.cgi if you do not like the results.