[Pkg-nagios-devel] Bug#296306: marked as done (nagios-pgsql: Documentation suggests loose database permissions for CGI scripts)
Debian Bug Tracking System
owner@bugs.debian.org
Thu, 03 Mar 2005 09:33:19 -0800
Your message dated Thu, 3 Mar 2005 12:22:53 -0500
with message-id <20050303172253.GA4304@seanius.net>
and subject line closing bugs
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at maintonly) by bugs.debian.org; 21 Feb 2005 16:48:41 +0000
>From marcus@better.se Mon Feb 21 08:48:41 2005
Return-path: <marcus@better.se>
Received: from mxfep01.bredband.com [195.54.107.70]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D3Gjg-0000YK-00; Mon, 21 Feb 2005 08:48:40 -0800
Received: from thales.home.better.se ([85.224.197.224] [85.224.197.224])
by mxfep01.bredband.com with ESMTP
id <20050221164809.BPF17717.mxfep01.bredband.com@thales.home.better.se>
for <maintonly@bugs.debian.org>; Mon, 21 Feb 2005 17:48:09 +0100
Received: from thales.home.better.se (localhost [127.0.0.1])
by thales.home.better.se (8.13.3/8.13.3/Debian-6) with ESMTP id j1LGm9ZZ018305
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
for <maintonly@bugs.debian.org>; Mon, 21 Feb 2005 17:48:09 +0100
Received: (from marcus@localhost)
by thales.home.better.se (8.13.3/8.13.3/Submit) id j1LGm9hq018302;
Mon, 21 Feb 2005 17:48:09 +0100
Date: Mon, 21 Feb 2005 17:48:09 +0100
From: Marcus Better <marcus@better.se>
Message-Id: <200502211648.j1LGm9hq018302@thales.home.better.se>
To: Debian Bug Tracking System <maintonly@bugs.debian.org>
Subject: nagios-pgsql: Documentation suggests loose database permissions for CGI scripts
X-Debbugs-CC: Marcus Better <marcus@better.se>
Delivered-To: maintonly@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: nagios-pgsql
Version: 2:1.3-cvs.20050116-1
Severity: minor
The configuration suggested by README.pgsql defines only one database
user "nagios" with full access to the database. Since some of the CGI
scripts need only SELECT permission to certain tables, it is better to
create another user nagios_cgi with the minimum permissions.
This can be accomplished by adding the following commands to
those in README.pgsql:
-------------------------------------
# createuser -A -D nagios_cgi
in psql:
ALTER USER nagios PASSWORD 'my-secret-cgi-password';
GRANT SELECT ON hostextinfo, programstatus, servicestatus, hoststatus, hostcomments, servicecomments, hostdowntime, servicedowntime TO nagios_cgi;
-------------------------------------
Then the user and password for nagios_cgi should be entered in
/etc/nagios/nagios.cgi.
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-thales
Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8)
Versions of packages nagios-pgsql depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libgd2-noxpm 2.0.33-1.1 GD Graphics Library version 2 (wit
ii libjpeg62 6b-9 The Independent JPEG Group's JPEG
ii libpng12-0 1.2.8rel-1 PNG library - runtime
ii libpq3 7.4.7-2 PostgreSQL C client library
ii nagios-common 2:1.3-cvs.20050116-1 A host/service/network monitoring
ii zlib1g 1:1.2.2-3 compression library - runtime
-- no debconf information
---------------------------------------
Received: (at 296306-close) by bugs.debian.org; 3 Mar 2005 17:23:25 +0000
>From seanius@seanius.net Thu Mar 03 09:23:25 2005
Return-path: <seanius@seanius.net>
Received: from dsl092-235-113.phl1.dsl.speakeasy.net (sativa.seanius.net) [66.92.235.113]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D6u2n-0003JM-00; Thu, 03 Mar 2005 09:23:25 -0800
Received: by sativa.seanius.net (Postfix, from userid 1000)
id D97D715829; Thu, 3 Mar 2005 12:22:53 -0500 (EST)
Date: Thu, 3 Mar 2005 12:22:53 -0500
From: sean finney <seanius@debian.org>
To: 296100-close@bugs.debian.org, 296562-close@bugs.debian.org,
296306-close@bugs.debian.org
Subject: closing bugs
Message-ID: <20050303172253.GA4304@seanius.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="BXVAT5kNtrzKuDFl"
Content-Disposition: inline
User-Agent: Mutt/1.5.5.1+cvs20040105i
Delivered-To: 296306-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 2
--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
these three bugs are fixed, but since we skipped a version with our
uploads, the changelogs never closed the bugs.
sean
--=20
--BXVAT5kNtrzKuDFl
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCJ0ftynjLPm522B0RAhhLAJoCz8td+ZJHcjEPv4R+QdxlZabO+QCfY02I
S1lygIh7uJvzzGcQGkeKtDs=
=LheA
-----END PGP SIGNATURE-----
--BXVAT5kNtrzKuDFl--