Hi
Ok this is the config. The username is kbrett that I am interested in.
cgi.cfg has no reference to kbrett anywhere in it.
grep -l kbrett *
contactgroups.cfg
contacts.cfg
htpasswd.users
The only two files that have reference to this user are contacts.cfg and contactgroups.cfg as follows:
(I have removed certain details for security reasons, like email address)
contacts.cfg
define contact {
contact_name kbrett
alias Keith Brett
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,u,r
service_notification_commands html-email
host_notification_commands host-notify-by-email
email [email protected]}
contactgroups.cfg
define contactgroup{
contactgroup_name ess3rdline
alias ESS Unix Support
members kbrett
}
Also, the only other config is where the contact group ess3rdline exist as follows:
grep -l ess3rdline *
contactgroups.cfg
hosts.cfg
hosts.cfg
define host {
name host-generic-24-7
use generic-host
check_command check-host-alive
max_check_attempts 10
notification_interval 360
notification_period 24x7
notification_options d,u,r
contact_groups nagios,ess3rdline
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE!
}
The only occurences of the template “host-generic-24-7” exist on host definitions like the one below, and not in any services:
define host{
use host-generic-24-7 ; Name of host template to use
host_name altxs003
alias altxs003
address x.x.x.x}
So with the above config, this user can login and has access to all hosts and all services, meaning he can acknowledge any service problem.
Clearly, what I am trying to achieve is that he has access only to hosts.
Is there something I have missed ? Or if you have access to a particular host, do you automatically get access to all the services on that host ?