Re: mrtg config question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2006-07-08 at 10:59 -0700, Al Sparks wrote:
> --- Don Russell <fedora@xxxxxxxxxxxxxxxxxxxxx> wrote:
> 
> > I just installed mrtg 2.13.2 on FC5 and noticed the sample config file 
> > in /etc/mrtg/mrtg.cfg
> > 
> > This file has LogDir defined as /var/lib/mrtg
> > 
> > I suppose it doesn't really matter... but is that an error/typo? 
> > Shouldn't logs be kept in /var/log/... ?
> > 
> > I was going to Bugzilla this, but thought I'd get some other opinions 
> > first. :-)
> > 
snip
> > Part 2: (The fun part) :-)
> > 
> > I created a new userid (mrtg) and created a little script to run 
> > cfgmaker and indexmaker, but now I don't know how to run mrtg so it can 
> > produce the graphs etc in /var/www/mrtg...
> > 
> > I suppose I could run mrtg as root... but I hate running stuff as root 
> > if not needed.
> > Or, how can I grant write permission so the mrtg user can write to 
> > /var/www/mrtg, but not other apache-owned files/directories?
> 
> This is the fun part!!!  Regarding the problem of access to files by 2
> userid's, the solution is groups.  Here's one way to do it.  You can
> create a 3rd userid, we'll call it httpdmrtg, and by default it will
> create a group by the same name.  You can "chown", or change ownership
> of /var/www to that user id and group, for example:
>    # chown -R httpmrtg:httpmrtg /var/www
> and you probably want write access to the files, so
>    # find /var/www -type f | xargs chmod 660 # takes care of files
> and for directories you want the executable bit set:
>    # find /var/www -type d | xargs chmod 770
> 
> You then want to place the "mrtg" and the "http" (actually by default,
> apache uses the userid "nobody") as members of the group "httpdmrtg":
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Not with a default Redhat or Fedora install.  Apache runs as
apache:apache on every install I have done for the past several years.

IIRC an install of apache from the upstream source, however, does run as
nobody:nobody.

>    # gpasswd -a mrtg httpdmrtg
>    # gpasswd -a http httpdmrtg
> 
> You can also edit the /etc/group file to do the same thing, but using
> the gpasswd command ensures that the shadow password/group files get
> modified as appropriate.
> 
> Also, there's more than one way to skin a cat.  You don't have to
> create a third userid / group.  When you create userid "mrtg", it will
> have it's own group, or "httpd" will also have its own group.  You can
> make one a member of the other, and change the files so it's
> identified with that group.
> 
> > 
> > Thanks,
> > Don
>     === Al
> 


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux