Securing Nagios Authorization

keysorsoze 2007-06-08 19:49:34 UTC #1

Hi!, I was wondering if I could secure Nagios users to viewing only specific aspects of the nagios web interface. Example only allowing users in the windows-admins group to view windows host and only allowing Unix admins view of Unix machines and nothing more. Could this be done?

Thanks

Gakk_Simian 2007-06-13 18:26:18 UTC #2

*** Noob reply. Please take with a grain of salt. ***

It appears to me a user will only see the items for which they have been included as a contact. That is if you haven't also added them to the 'authorized_' anything fields in cgi.cfg.

I'm ready for my beating, Mr. DeVille.

Aivan 2007-08-22 09:16:16 UTC #3

Hi, since I have the same requirement... did someone get a solution on this? Has someone got this to work?

Thanks
Ivan

balcv 2007-08-30 01:25:39 UTC #4

Yes this can be done and Aivan was on the right track.

You create a contact with the alias being the same as the users login to nagios.
Then in cgi.cfg add a line like this:

authorized_for_[host group]_hosts=[user/alias]

(eg authorized_for_WINDOWS_hosts=bob

This will then give the user/alias "bob" access to the hosts in host group "WINDOWS".

Cheers
Leigh