cgi auth problems on Nagios
Hi, Anyone else having problems getting Nagios cgi scripts to run on Debian Unstable? I installed it months ago and had it running fine. But I just checked in on it for the first time in a week or two and now I can't get any of my host monitoring stuff to display. I get the message: "It appears as though you do not have permission to view information for any of the hosts you requested... If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI and check the authorization options in your CGI configuration file." No matter what I've tried, I can't get around this, whether I enable or disable authentication. Anyone know if the newest deb package for Nagios is broken? I currently have authentication turned on. It appears to be working fine, as I am requested to log in with the nagiosadmin account when first accessing the web site. But then, any link that accesses status.cgi (and some others) come back with the above message. I don't think its an apache issue. I created my own test.cgi and put it in the same directory as the nagios scripts and that works fine. I've checked and rechecked that I don't have any typos in the various cfg files that require a username to access certain nagios cgi's. Curiously, this debugger script works. It dumps to my console a properly formatted html page with all my host info in place. If I leave out the REMOTE_USER variable, then I get the auth error as before, so it appears that all the htpasswd stuff is properly in place. #!/bin/bash REQUEST_METHOD="GET" REMOTE_USER="nagiosadmin" export REQUEST_METHOD REMOTE_USER gdb status.cgi exit Any ideas? Nothing changed between when it was working and when it broke, except possibly a debian package upgrade. ii apache 1.3.31-3 ii nagios-mysql1.2-3.5 Thanks. John Hawley [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Cyrus Imap Sieve problems
Hi. Been experimenting with Cyrus Imap on Debian/unstable. Any tips on getting Sieve working? I'm using ldap to authenticate both Cyrus Imap and Postfix. All programs from deb packages. Incoming messages headers do have an X-Sieve line. [EMAIL PROTECTED]:docs$ sieveshell -a jhawley -u jhawley localhost connecting to localhost unable to connect to server at /usr/bin/sieveshell line 174. * Sieve is there listening: [EMAIL PROTECTED]:docs$ telnet localhost sieve Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.1.16-IPv6-Debian-2.1.16-6" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" "STARTTLS" OK .. but seems to be missing the authentication, ie most examples show the line: "SASL" "PLAIN" * this give any more clues? I think the cert messages are just warnings, right?: [EMAIL PROTECTED]:docs$ sivtest -t "" -a jhawley -u jhawley localhost S: "IMPLEMENTATION" "Cyrus timsieved v2.1.16-IPv6-Debian-2.1.16-6" S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" S: "STARTTLS" S: OK C: STARTTLS S: OK "Begin TLS negotiation now" verify error:num=18:self signed certificate verify error:num=7:certificate signature failure TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) C: CAPABILITY S: "IMPLEMENTATION" "Cyrus timsieved v2.1.16-IPv6-Debian-2.1.16-6" S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" S: OK Authentication failed. generic failure Security strength factor: 256 * /etc/imap.d: [EMAIL PROTECTED]:etc$ grep -v '#' imapd.conf | grep -v '^$' configdirectory: /var/lib/cyrus defaultpartition: default partition-default: /var/spool/cyrus/mail partition-news: /var/spool/cyrus/news newsspool: /var/spool/news altnamespace: no unixhierarchysep: yes munge8bit: no lmtp_downcase_rcpt: yes admins: admin cyrus jhawley allowanonymouslogin: no popminpoll: 1 autocreatequota: 0 umask: 077 sendmail: /usr/sbin/sendmail sieveusehomedir: false sievedir: /var/spool/sieve hashimapspool: true allowplaintext: yes sasl_mech_list: PLAIN sasl_pwcheck_method: saslauthd sasl_auto_transition: no tls_cert_file: /etc/ssl/certs/ldap.cert tls_key_file: /etc/ssl/certs/ldap.key tls_ca_file: /etc/ssl/certs/ca.cert tls_ca_path: /etc/ssl/certs tls_session_timeout: 1440 tls_cipher_list: HIGH:MEDIUM:+SSLv2 tls_sieve_require_cert: false lmtpsocket: /var/run/cyrus/socket/lmtp idlesocket: /var/run/cyrus/socket/idle notifysocket: /var/run/cyrus/socket/notify [EMAIL PROTECTED]:etc$ cyradm -u cyrus localhost IMAP Password: localhost> localhost> version name : Cyrus IMAPD version: v2.1.16-IPv6-Debian-2.1.16-6 2004/02/26 22:56:56 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.24 environment: Cyrus SASL 2.1.15 Sleepycat Software: Berkeley DB 3.2.9: (June 16, 2003) Built w/OpenSSL 0.9.7c 30 Sep 2003 Running w/OpenSSL 0.9.7d 17 Mar 2004 CMU Sieve 2.2 DRAC TCP Wrappers UCD-SNMP 4.2.5 mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mailboxes.db = skiplist seen.db = skiplist subs.db = flat deliver.db = db3-nosync tls_sessions.db = db3-nosync localhost> [EMAIL PROTECTED]:etc# dpkg --list |grep cyrus ii cyrus21-admin2.1.16-6 Cyrus mail system (administration tool) ii cyrus21-clients 2.1.16-6 Cyrus mail system (test clients) ii cyrus21-common 2.1.16-6 Cyrus mail system (common files) ii cyrus21-doc 2.1.16-6 Cyrus mail system (documentation files) ii cyrus21-imapd2.1.16-6 Cyrus mail system (IMAP support) ii libcyrus-imap-perl21 2.1.16-6 Interface to Cyrus imap client imclient library [EMAIL PROTECTED]:etc# dpkg --list |grep ldap ii ldap-utils 2.1.29-2 OpenLDAP utilities ii libldap2 2.1.29-2 OpenLDAP libraries ii postfix-ldap 2.0.19-1 LDAP map support for Postfix [EMAIL PROTECTED]:etc# dpkg --list |grep postfix ii postfix 2.0.19-1 A high-performance mail transport agent ii postfix-ldap 2.0.19-1 LDAP map support for Postfix ii postfix-tls 2.0.19-1 TLS and SASL support for Postfix ** Thanks for any insight. -- John Hawley [EMAIL PROTECTED]
Cyrus Imap Sieve problems
Hi. Been experimenting with Cyrus Imap on Debian/unstable. Any tips on getting Sieve working? I'm using ldap to authenticate both Cyrus Imap and Postfix. All programs from deb packages. Incoming messages headers do have an X-Sieve line. [EMAIL PROTECTED]:docs$ sieveshell -a jhawley -u jhawley localhost connecting to localhost unable to connect to server at /usr/bin/sieveshell line 174. * Sieve is there listening: [EMAIL PROTECTED]:docs$ telnet localhost sieve Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.1.16-IPv6-Debian-2.1.16-6" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" "STARTTLS" OK .. but seems to be missing the authentication, ie most examples show the line: "SASL" "PLAIN" * this give any more clues? I think the cert messages are just warnings, right?: [EMAIL PROTECTED]:docs$ sivtest -t "" -a jhawley -u jhawley localhost S: "IMPLEMENTATION" "Cyrus timsieved v2.1.16-IPv6-Debian-2.1.16-6" S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" S: "STARTTLS" S: OK C: STARTTLS S: OK "Begin TLS negotiation now" verify error:num=18:self signed certificate verify error:num=7:certificate signature failure TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) C: CAPABILITY S: "IMPLEMENTATION" "Cyrus timsieved v2.1.16-IPv6-Debian-2.1.16-6" S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" S: OK Authentication failed. generic failure Security strength factor: 256 * /etc/imap.d: [EMAIL PROTECTED]:etc$ grep -v '#' imapd.conf | grep -v '^$' configdirectory: /var/lib/cyrus defaultpartition: default partition-default: /var/spool/cyrus/mail partition-news: /var/spool/cyrus/news newsspool: /var/spool/news altnamespace: no unixhierarchysep: yes munge8bit: no lmtp_downcase_rcpt: yes admins: admin cyrus jhawley allowanonymouslogin: no popminpoll: 1 autocreatequota: 0 umask: 077 sendmail: /usr/sbin/sendmail sieveusehomedir: false sievedir: /var/spool/sieve hashimapspool: true allowplaintext: yes sasl_mech_list: PLAIN sasl_pwcheck_method: saslauthd sasl_auto_transition: no tls_cert_file: /etc/ssl/certs/ldap.cert tls_key_file: /etc/ssl/certs/ldap.key tls_ca_file: /etc/ssl/certs/ca.cert tls_ca_path: /etc/ssl/certs tls_session_timeout: 1440 tls_cipher_list: HIGH:MEDIUM:+SSLv2 tls_sieve_require_cert: false lmtpsocket: /var/run/cyrus/socket/lmtp idlesocket: /var/run/cyrus/socket/idle notifysocket: /var/run/cyrus/socket/notify [EMAIL PROTECTED]:etc$ cyradm -u cyrus localhost IMAP Password: localhost> localhost> version name : Cyrus IMAPD version: v2.1.16-IPv6-Debian-2.1.16-6 2004/02/26 22:56:56 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.24 environment: Cyrus SASL 2.1.15 Sleepycat Software: Berkeley DB 3.2.9: (June 16, 2003) Built w/OpenSSL 0.9.7c 30 Sep 2003 Running w/OpenSSL 0.9.7d 17 Mar 2004 CMU Sieve 2.2 DRAC TCP Wrappers UCD-SNMP 4.2.5 mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mailboxes.db = skiplist seen.db = skiplist subs.db = flat deliver.db = db3-nosync tls_sessions.db = db3-nosync localhost> [EMAIL PROTECTED]:etc# dpkg --list |grep cyrus ii cyrus21-admin2.1.16-6 Cyrus mail system (administration tool) ii cyrus21-clients 2.1.16-6 Cyrus mail system (test clients) ii cyrus21-common 2.1.16-6 Cyrus mail system (common files) ii cyrus21-doc 2.1.16-6 Cyrus mail system (documentation files) ii cyrus21-imapd2.1.16-6 Cyrus mail system (IMAP support) ii libcyrus-imap-perl21 2.1.16-6 Interface to Cyrus imap client imclient library [EMAIL PROTECTED]:etc# dpkg --list |grep ldap ii ldap-utils 2.1.29-2 OpenLDAP utilities ii libldap2 2.1.29-2 OpenLDAP libraries ii postfix-ldap 2.0.19-1 LDAP map support for Postfix [EMAIL PROTECTED]:etc# dpkg --list |grep postfix ii postfix 2.0.19-1 A high-performance mail transport agent ii postfix-ldap 2.0.19-1 LDAP map support for Postfix ii postfix-tls 2.0.19-1 TLS and SASL support for Postfix ** Thanks for any insight. -- John Hawley [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
debian/cyclades .vs. cisco
Hi. I just priced out a Cisco to handle multiple T1's for our Internet access. $15K+, ack! Just wondering. Anyone have any experience using the Cyclades-PC300 boards? I've already converted the my network services from M$ to Debian/Linux and have nothing against converting our router from Ci$co if Linux can match the stability. -- John Hawley BGEA/ITS <=> Network Admin 612.335.1334 [EMAIL PROTECTED]
debian/cyclades .vs. cisco
Hi. I just priced out a Cisco to handle multiple T1's for our Internet access. $15K+, ack! Just wondering. Anyone have any experience using the Cyclades-PC300 boards? I've already converted the my network services from M$ to Debian/Linux and have nothing against converting our router from Ci$co if Linux can match the stability. -- John Hawley BGEA/ITS <=> Network Admin 612.335.1334 [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]