[Pkg-nagios-devel] Bug#296306: marked as done (nagios-pgsql: Documentation suggests loose database permissions for CGI scripts)

Debian Bug Tracking System owner@bugs.debian.org
Thu, 03 Mar 2005 09:33:19 -0800


Your message dated Thu, 3 Mar 2005 12:22:53 -0500
with message-id <20050303172253.GA4304@seanius.net>
and subject line closing bugs
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at maintonly) by bugs.debian.org; 21 Feb 2005 16:48:41 +0000
>From marcus@better.se Mon Feb 21 08:48:41 2005
Return-path: <marcus@better.se>
Received: from mxfep01.bredband.com [195.54.107.70] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1D3Gjg-0000YK-00; Mon, 21 Feb 2005 08:48:40 -0800
Received: from thales.home.better.se ([85.224.197.224] [85.224.197.224])
          by mxfep01.bredband.com with ESMTP
          id <20050221164809.BPF17717.mxfep01.bredband.com@thales.home.better.se>
          for <maintonly@bugs.debian.org>; Mon, 21 Feb 2005 17:48:09 +0100
Received: from thales.home.better.se (localhost [127.0.0.1])
	by thales.home.better.se (8.13.3/8.13.3/Debian-6) with ESMTP id j1LGm9ZZ018305
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
	for <maintonly@bugs.debian.org>; Mon, 21 Feb 2005 17:48:09 +0100
Received: (from marcus@localhost)
	by thales.home.better.se (8.13.3/8.13.3/Submit) id j1LGm9hq018302;
	Mon, 21 Feb 2005 17:48:09 +0100
Date: Mon, 21 Feb 2005 17:48:09 +0100
From: Marcus Better <marcus@better.se>
Message-Id: <200502211648.j1LGm9hq018302@thales.home.better.se>
To: Debian Bug Tracking System <maintonly@bugs.debian.org>
Subject: nagios-pgsql: Documentation suggests loose database permissions for CGI scripts
X-Debbugs-CC: Marcus Better <marcus@better.se>
Delivered-To: maintonly@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
	X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: nagios-pgsql
Version: 2:1.3-cvs.20050116-1
Severity: minor

The configuration suggested by README.pgsql defines only one database
user "nagios" with full access to the database. Since some of the CGI
scripts need only SELECT permission to certain tables, it is better to
create another user nagios_cgi with the minimum permissions.

This can be accomplished by adding the following commands to
those in README.pgsql:

-------------------------------------
# createuser -A -D nagios_cgi

in psql:

ALTER USER nagios PASSWORD 'my-secret-cgi-password';

GRANT SELECT ON hostextinfo, programstatus, servicestatus, hoststatus, hostcomments, servicecomments, hostdowntime, servicedowntime TO nagios_cgi;
-------------------------------------

Then the user and password for nagios_cgi should be entered in
/etc/nagios/nagios.cgi.

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-thales
Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8)

Versions of packages nagios-pgsql depends on:
ii  libc6               2.3.2.ds1-20         GNU C Library: Shared libraries an
ii  libgd2-noxpm        2.0.33-1.1           GD Graphics Library version 2 (wit
ii  libjpeg62           6b-9                 The Independent JPEG Group's JPEG 
ii  libpng12-0          1.2.8rel-1           PNG library - runtime
ii  libpq3              7.4.7-2              PostgreSQL C client library
ii  nagios-common       2:1.3-cvs.20050116-1 A host/service/network monitoring 
ii  zlib1g              1:1.2.2-3            compression library - runtime

-- no debconf information

---------------------------------------
Received: (at 296306-close) by bugs.debian.org; 3 Mar 2005 17:23:25 +0000
>From seanius@seanius.net Thu Mar 03 09:23:25 2005
Return-path: <seanius@seanius.net>
Received: from dsl092-235-113.phl1.dsl.speakeasy.net (sativa.seanius.net) [66.92.235.113] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1D6u2n-0003JM-00; Thu, 03 Mar 2005 09:23:25 -0800
Received: by sativa.seanius.net (Postfix, from userid 1000)
	id D97D715829; Thu,  3 Mar 2005 12:22:53 -0500 (EST)
Date: Thu, 3 Mar 2005 12:22:53 -0500
From: sean finney <seanius@debian.org>
To: 296100-close@bugs.debian.org, 296562-close@bugs.debian.org,
	296306-close@bugs.debian.org
Subject: closing bugs
Message-ID: <20050303172253.GA4304@seanius.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="BXVAT5kNtrzKuDFl"
Content-Disposition: inline
User-Agent: Mutt/1.5.5.1+cvs20040105i
Delivered-To: 296306-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no 
	version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 
X-CrossAssassin-Score: 2


--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

these three bugs are fixed, but since we skipped a version with our
uploads, the changelogs never closed the bugs.


	sean

--=20

--BXVAT5kNtrzKuDFl
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCJ0ftynjLPm522B0RAhhLAJoCz8td+ZJHcjEPv4R+QdxlZabO+QCfY02I
S1lygIh7uJvzzGcQGkeKtDs=
=LheA
-----END PGP SIGNATURE-----

--BXVAT5kNtrzKuDFl--